afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

When statement at block level

Browse Source
This commit is contained in:
Manuel J. Bernal 2020-05-08 15:56:00 +02:00
parent 8fd6849275
commit 9152d07ac1
1 changed files with 1 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
roles/opendistro/opendistro-elasticsearch/tasks/SecurityActions.yml
View File

@ -9,7 +9,6 @@
- "{{ opendistro_conf_path }}/kirk-key.pem" - "{{ opendistro_conf_path }}/kirk-key.pem"
- "{{ opendistro_conf_path }}/esnode.pem" - "{{ opendistro_conf_path }}/esnode.pem"
- "{{ opendistro_conf_path }}/esnode-key.pem" - "{{ opendistro_conf_path }}/esnode-key.pem"
when: install.changed
- name: Copy the node & admin certificates to Elasticsearch cluster - name: Copy the node & admin certificates to Elasticsearch cluster
copy: copy:
@ -26,7 +25,6 @@
- "{{ inventory_hostname }}_elasticsearch_config_snippet.yml" - "{{ inventory_hostname }}_elasticsearch_config_snippet.yml"
- admin.key - admin.key
- admin.pem - admin.pem
when: install.changed
- name: Copy the opendistro security configuration file to cluster - name: Copy the opendistro security configuration file to cluster
blockinfile: blockinfile:
@ -34,7 +32,6 @@
dest: "{{ opendistro_conf_path }}/elasticsearch.yml" dest: "{{ opendistro_conf_path }}/elasticsearch.yml"
insertafter: EOF insertafter: EOF
marker: "## {mark} Opendistro Security Node & Admin certificates configuration ##" marker: "## {mark} Opendistro Security Node & Admin certificates configuration ##"
when: install.changed
- name: Prepare the opendistro security configuration file - name: Prepare the opendistro security configuration file
replace: replace:
@ -42,13 +39,11 @@
regexp: 'searchguard' regexp: 'searchguard'
replace: 'opendistro_security' replace: 'opendistro_security'
tags: local tags: local
when: install.changed
- name: Restart elasticsearch with security configuration - name: Restart elasticsearch with security configuration
systemd: systemd:
name: elasticsearch name: elasticsearch
state: restarted state: restarted
when: install.changed
- name: Copy the opendistro security internal users template - name: Copy the opendistro security internal users template
template: template:
@ -56,21 +51,18 @@
dest: "{{ opendistro_sec_plugin_conf_path }}/internal_users.yml" dest: "{{ opendistro_sec_plugin_conf_path }}/internal_users.yml"
mode: 0644 mode: 0644
run_once: true run_once: true
when: install.changed
- name: Set the Admin user password - name: Set the Admin user password
shell: > shell: >
sed -i 's,{{ opendistro_admin_password }},'$(sh {{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ opendistro_admin_password }} | tail -1)',' sed -i 's,{{ opendistro_admin_password }},'$(sh {{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ opendistro_admin_password }} | tail -1)','
{{ opendistro_sec_plugin_conf_path }}/internal_users.yml {{ opendistro_sec_plugin_conf_path }}/internal_users.yml
run_once: true run_once: true
when: install.changed
- name: Set the kibanaserver user pasword - name: Set the kibanaserver user pasword
shell: > shell: >
sed -i 's,{{ opendistro_kibana_password }},'$(sh {{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ opendistro_kibana_password }} | tail -1)',' sed -i 's,{{ opendistro_kibana_password }},'$(sh {{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ opendistro_kibana_password }} | tail -1)','
{{ opendistro_sec_plugin_conf_path }}/internal_users.yml {{ opendistro_sec_plugin_conf_path }}/internal_users.yml
run_once: true run_once: true
when: install.changed
- name: Initialize the opendistro security index in elasticsearch - name: Initialize the opendistro security index in elasticsearch
command: > command: >
@ -82,7 +74,7 @@
-nhnv -icl -nhnv -icl
-h {{ hostvars[inventory_hostname]['ip'] }} -h {{ hostvars[inventory_hostname]['ip'] }}
run_once: true run_once: true
when: install.changed
tags: tags:
- production_ready - production_ready
when: install.changed