Use the authd service only when the agent is not registered.

ansible-wazuh-agent/defaults/main.yml

@@ -1,7 +1,8 @@
 ---
-wazuh_manager_ip: 127.0.0.1
+wazuh_manager_ip: null
+wazuh_authd_port: 1515
 wazuh_profile: null
-wazuh_manager_proto: udp
+wazuh_manager_proto: tcp
 wazuh_register_client: false
 wazuh_notify_time: null
 wazuh_time_reconnect: null

ansible-wazuh-agent/tasks/main.yml

@@ -10,20 +10,29 @@
   tags:
     - init
 
-- name: "Register agent"
+- name: Check if client.keys exists
-  shell: /var/ossec/bin/agent-auth -m {{ wazuh_manager_ip }} -p {{ wazuh_authd_port }}
+  stat: path=/var/ossec/etc/client.keys
-  register: agent_auth_output
+  register: check_keys
-  when: wazuh_register_client == true
   tags:
     - config
 
-- name: "Verify agent registration"
+- name: Register agent
+  shell: /var/ossec/bin/agent-auth -m {{ wazuh_manager_ip }} -p {{ wazuh_authd_port }}
+  register: agent_auth_output
+  when:
+    - wazuh_register_client == true
+    - check_keys.stat.size == 0
+    - wazuh_manager_ip is not none
+  tags:
+    - config
+
+- name: Verify agent registration
   shell: echo {{ agent_auth_output }} | grep "Valid key created"
   when: wazuh_register_client == true
   tags:
     - config
 
-- name: "Installing agent configuration (ossec.conf)"
+- name: Installing agent configuration (ossec.conf)
   template: src=var-ossec-etc-ossec-agent.conf.j2
             dest=/var/ossec/etc/ossec.conf
             owner=root

ansible-wazuh-agent/templates/var-ossec-etc-ossec-agent.conf.j2

@@ -7,7 +7,11 @@
 
 <ossec_config>
   <client>
+    {% if wazuh_manager_ip is not none %}
     <server-ip>{{ wazuh_manager_ip }}</server-ip>
+    {% else %}
+    <server-ip>SERVER-IP</server-ip>
+    {% endif %}
     {% if wazuh_profile is not none %}
     <config-profile>{{ wazuh_profile }}</config-profile>
     {% endif %}