diff --git a/roles/opensearch/wazuh-dashboard/defaults/main.yml b/roles/opensearch/wazuh-dashboard/defaults/main.yml index dc93c18c..d405b61e 100644 --- a/roles/opensearch/wazuh-dashboard/defaults/main.yml +++ b/roles/opensearch/wazuh-dashboard/defaults/main.yml @@ -44,10 +44,10 @@ kibana_newsfeed_enabled: "false" kibana_telemetry_optin: "false" kibana_telemetry_enabled: "false" -opendistro_admin_password: changeme +indexer_admin_password: changeme opendistro_kibana_user: kibanaserver -opendistro_kibana_password: changeme -local_certs_path: "{{ playbook_dir }}/opendistro/certificates" +dashboard_password: changeme +local_certs_path: "{{ playbook_dir }}/indexer/certificates" # Nodejs nodejs: diff --git a/roles/opensearch/wazuh-dashboard/tasks/Debian.yml b/roles/opensearch/wazuh-dashboard/tasks/Debian.yml index c40799ca..557e785c 100644 --- a/roles/opensearch/wazuh-dashboard/tasks/Debian.yml +++ b/roles/opensearch/wazuh-dashboard/tasks/Debian.yml @@ -5,13 +5,13 @@ - name: Add apt repository signing key ## 732 will not be needed. The wazuh repo should be added apt_key: - url: "{{ package_repos.apt.opendistro.gpg }}" + url: "{{ package_repos.apt.indexer.gpg }}" state: present - name: Debian systems | Add OpenDistro repo ## 732 will not be needed. The wazuh repo should be added apt_repository: - repo: "{{ package_repos.apt.opendistro.baseurl }}" + repo: "{{ package_repos.apt.indexer.baseurl }}" state: present update_cache: yes diff --git a/roles/opensearch/wazuh-dashboard/tasks/RedHat.yml b/roles/opensearch/wazuh-dashboard/tasks/RedHat.yml index 280baa66..514dbb85 100644 --- a/roles/opensearch/wazuh-dashboard/tasks/RedHat.yml +++ b/roles/opensearch/wazuh-dashboard/tasks/RedHat.yml @@ -6,8 +6,8 @@ file: opendistro name: opendistro_repo description: Opendistro yum repository - baseurl: "{{ package_repos.yum.opendistro.baseurl }}" - gpgkey: "{{ package_repos.yum.opendistro.gpg }}" + baseurl: "{{ package_repos.yum.indexer.baseurl }}" + gpgkey: "{{ package_repos.yum.indexer.gpg }}" gpgcheck: true - name: Install Wazuh-Dashboard diff --git a/roles/opensearch/wazuh-dashboard/tasks/main.yml b/roles/opensearch/wazuh-dashboard/tasks/main.yml index 10bd2e65..514944ad 100755 --- a/roles/opensearch/wazuh-dashboard/tasks/main.yml +++ b/roles/opensearch/wazuh-dashboard/tasks/main.yml @@ -80,7 +80,7 @@ # - skip_ansible_lint - name: Wait for Elasticsearch port - wait_for: host={{ elasticsearch_network_host }} port={{ elasticsearch_http_port }} + wait_for: host={{ indexer_network_host }} port={{ elasticsearch_http_port }} - name: Select correct API protocol set_fact: @@ -88,10 +88,10 @@ - name: Attempting to delete legacy Wazuh index if exists uri: - url: "{{ elastic_api_protocol }}://{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}/.wazuh" + url: "{{ elastic_api_protocol }}://{{ indexer_network_host }}:{{ elasticsearch_http_port }}/.wazuh" method: DELETE user: "admin" - password: "{{ opendistro_admin_password }}" + password: "{{ indexer_admin_password }}" validate_certs: no status_code: 200, 404 diff --git a/roles/opensearch/wazuh-dashboard/templates/opendistro_kibana.yml.j2 b/roles/opensearch/wazuh-dashboard/templates/opendistro_kibana.yml.j2 index 9280daca..95461cd4 100644 --- a/roles/opensearch/wazuh-dashboard/templates/opendistro_kibana.yml.j2 +++ b/roles/opensearch/wazuh-dashboard/templates/opendistro_kibana.yml.j2 @@ -11,9 +11,9 @@ server.host: {{ kibana_server_host }} {% if kibana_opendistro_security %} -elasticsearch.hosts: "https://{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}" +elasticsearch.hosts: "https://{{ indexer_network_host }}:{{ elasticsearch_http_port }}" elasticsearch.username: {{ opendistro_kibana_user }} -elasticsearch.password: {{ opendistro_kibana_password }} +elasticsearch.password: {{ dashboard_password }} server.ssl.enabled: true server.ssl.certificate: "/usr/share/kibana/{{ kibana_node_name }}_http.pem" server.ssl.key: "/usr/share/kibana/{{ kibana_node_name }}_http.key" @@ -21,7 +21,7 @@ elasticsearch.ssl.certificateAuthorities: ["/usr/share/kibana/root-ca.pem"] elasticsearch.ssl.verificationMode: full {% else %} -elasticsearch.hosts: "http://{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}" +elasticsearch.hosts: "http://{{ indexer_network_host }}:{{ elasticsearch_http_port }}" {% endif %} elasticsearch.requestHeadersWhitelist: ["securitytenant","Authorization"] diff --git a/roles/opensearch/wazuh-indexer/defaults/main.yml b/roles/opensearch/wazuh-indexer/defaults/main.yml index 18b86c5f..182721c6 100644 --- a/roles/opensearch/wazuh-indexer/defaults/main.yml +++ b/roles/opensearch/wazuh-indexer/defaults/main.yml @@ -1,24 +1,24 @@ --- # Cluster Settings -opendistro_version: 4.3.0 +indexer_version: 4.3.0 single_node: false -elasticsearch_node_name: node-1 -opendistro_cluster_name: wazuh -elasticsearch_network_host: '0.0.0.0' +indexer_node_name: node-1 +indexer_cluster_name: wazuh +indexer_network_host: '0.0.0.0' -elasticsearch_node_master: true -elasticsearch_node_data: true -elasticsearch_node_ingest: true -elasticsearch_start_timeout: 90 +indexer_node_master: true +indexer_node_data: true +indexer_node_ingest: true +indexer_start_timeout: 90 -elasticsearch_lower_disk_requirements: false -elasticsearch_cluster_nodes: - - 127.0.0.1 -elasticsearch_discovery_nodes: +#elasticsearch_lower_disk_requirements: false +indexer_cluster_nodes: - 127.0.0.1 +#elasticsearch_discovery_nodes: +# - 127.0.0.1 -local_certs_path: "{{ playbook_dir }}/opendistro/certificates" +local_certs_path: "{{ playbook_dir }}/indexer/certificates" ##check if it is the correct directory # Minimum master nodes in cluster, 2 for 3 nodes elasticsearch cluster @@ -31,33 +31,33 @@ domain_name: wazuh.com # The OpenDistro package repository package_repos: yum: - opendistro: + indexer: #baseurl: 'https://packages.wazuh.com/4.x/yum/' baseurl: 'https://packages-dev.wazuh.com/pre-release/yum/' #gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' gpg: 'https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH' apt: - opendistro: + indexer: #baseurl: 'deb https://packages.wazuh.com/4.x/apt/ stable main' baseurl: 'deb https://packages-dev.wazuh.com/pre-release/apt/ unstable main' #gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' gpg: 'https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH' - openjdk: - baseurl: 'deb http://deb.debian.org/debian stretch-backports main' +# openjdk: +# baseurl: 'deb http://deb.debian.org/debian stretch-backports main' -opendistro_sec_plugin_conf_path: /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig -opendistro_sec_plugin_tools_path: /usr/share/wazuh-indexer/plugins/opensearch-security/tools -opendistro_conf_path: /etc/wazuh-indexer/ -opendistro_index_path: /var/lib/wazuh-indexer/ +indexer_sec_plugin_conf_path: /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig +indexer_sec_plugin_tools_path: /usr/share/wazuh-indexer/plugins/opensearch-security/tools +indexer_conf_path: /etc/wazuh-indexer/ +indexer_index_path: /var/lib/wazuh-indexer/ # Security password -opendistro_custom_user: "" -opendistro_custom_user_role: "admin" +indexer_custom_user: "" +indexer_custom_user_role: "admin" # Set JVM memory limits -opendistro_jvm_xms: null +indexer_jvm_xms: null -opendistro_http_port: 9700 +indexer_http_port: 9700 ## 732 this port changes to 9700 certs_gen_tool_version: 4.3 @@ -67,11 +67,11 @@ certs_gen_tool_version: 4.3 certs_gen_tool_url: "https://packages-dev.wazuh.com/resources/{{ certs_gen_tool_version }}/install_functions/opendistro/wazuh-cert-tool.sh" ## 732 will no longer be needed. /usr/share/wazuh-indexer/plugins/opensearch-security/tools/wazuh-cert-tool.sh comes with the package. -opendistro_admin_password: changeme -opendistro_kibana_password: changeme +indexer_admin_password: changeme +dashboard_password: changeme # Deployment settings generate_certs: true perform_installation: true -opendistro_nolog_sensible: true +indexer_nolog_sensible: true diff --git a/roles/opensearch/wazuh-indexer/meta/main.yml b/roles/opensearch/wazuh-indexer/meta/main.yml index e09933c7..eed34479 100644 --- a/roles/opensearch/wazuh-indexer/meta/main.yml +++ b/roles/opensearch/wazuh-indexer/meta/main.yml @@ -1,7 +1,7 @@ --- galaxy_info: author: Wazuh - description: Installing and maintaining Opendistro server. + description: Installing and maintaining Opensearch server. company: wazuh.com license: license (GPLv3) min_ansible_version: 2.0 diff --git a/roles/opensearch/wazuh-indexer/tasks/Debian.yml b/roles/opensearch/wazuh-indexer/tasks/Debian.yml index d81b7de6..1036cf97 100644 --- a/roles/opensearch/wazuh-indexer/tasks/Debian.yml +++ b/roles/opensearch/wazuh-indexer/tasks/Debian.yml @@ -42,12 +42,12 @@ ## 732 the wazuh repo should be added instead - name: Add apt repository signing key apt_key: - url: "{{ package_repos.apt.opendistro.gpg }}" + url: "{{ package_repos.apt.indexer.gpg }}" state: present - name: Add Opendistro repository apt_repository: - repo: "{{ package_repos.apt.opendistro.baseurl }}" + repo: "{{ package_repos.apt.indexer.baseurl }}" state: present filename: 'wazuh-opendistro' update_cache: yes @@ -55,7 +55,7 @@ - name: Install Wazuh-Indexer ## the indexer package should be installed instead apt: - name: wazuh-indexer={{ opendistro_version }}-1 + name: wazuh-indexer={{ indexer_version }}-1 state: present register: install tags: install \ No newline at end of file diff --git a/roles/opensearch/wazuh-indexer/tasks/RedHat.yml b/roles/opensearch/wazuh-indexer/tasks/RedHat.yml index 97d2487f..f292156c 100644 --- a/roles/opensearch/wazuh-indexer/tasks/RedHat.yml +++ b/roles/opensearch/wazuh-indexer/tasks/RedHat.yml @@ -7,8 +7,8 @@ file: opendistro name: opendistro_repo description: Opendistro yum repository - baseurl: "{{ package_repos.yum.opendistro.baseurl }}" - gpgkey: "{{ package_repos.yum.opendistro.gpg }}" + baseurl: "{{ package_repos.yum.indexer.baseurl }}" + gpgkey: "{{ package_repos.yum.indexer.gpg }}" gpgcheck: true changed_when: false @@ -45,7 +45,7 @@ - name: Install Wazuh-Indexer ## 732 the package name should be updated package: - name: wazuh-indexer-{{ opendistro_version }} + name: wazuh-indexer-{{ indexer_version }} state: present register: install tags: install diff --git a/roles/opensearch/wazuh-indexer/tasks/main.yml b/roles/opensearch/wazuh-indexer/tasks/main.yml index ba6b8657..ddf17a49 100644 --- a/roles/opensearch/wazuh-indexer/tasks/main.yml +++ b/roles/opensearch/wazuh-indexer/tasks/main.yml @@ -24,18 +24,18 @@ # - '"not found" not in remove_elasticsearch_performance_analyzer.stderr' # changed_when: "remove_elasticsearch_performance_analyzer.rc == 0" - - name: Remove elasticsearch configuration file + - name: Remove Opensearch configuration file ## 732 will not be needed file: - path: "{{ opendistro_conf_path }}/opensearch.yml" + path: "{{ indexer_conf_path }}/opensearch.yml" state: absent tags: install - - name: Copy Configuration File + - name: Copy Opensearch Configuration File ## 732 will not be needed template: src: "templates/opensearch.yml.j2" - dest: "{{ opendistro_conf_path }}/opensearch.yml" + dest: "{{ indexer_conf_path }}/opensearch.yml" owner: root group: wazuh-indexer mode: 0640 @@ -47,11 +47,11 @@ - security - - name: Configure OpenDistro Elasticsearch JVM memmory. + - name: Configure Wazuh-Indexer JVM memmory. ## 732 will not be needed and if it is needed the path should be updated. template: src: "templates/jvm.options.j2" - dest: "{{ opendistro_conf_path }}/jvm.options" + dest: "{{ indexer_conf_path }}/jvm.options" owner: root group: wazuh-indexer mode: 0644 @@ -63,7 +63,7 @@ ## 732 will not be needed template: src: "templates/disabledlog4j.options.j2" - dest: "{{ opendistro_conf_path }}/jvm.options.d/disabledlog4j.options" + dest: "{{ indexer_conf_path }}/jvm.options.d/disabledlog4j.options" owner: root group: wazuh-indexer mode: 2750 @@ -71,17 +71,17 @@ notify: restart wazuh-indexer tags: install - - name: Ensure extra time for Elasticsearch to start on reboots + - name: Ensure extra time for Wazuh-Indexer to start on reboots lineinfile: path: /usr/lib/systemd/system/wazuh-indexer.service regexp: '^TimeoutStartSec=' - line: "TimeoutStartSec={{ elasticsearch_start_timeout }}" + line: "TimeoutStartSec={{ indexer_start_timeout }}" become: yes tags: configure - name: Index files to remove find: - paths: "{{ opendistro_index_path }}" + paths: "{{ indexer_index_path }}" patterns: "*" register: files_to_delete @@ -98,19 +98,19 @@ enabled: true state: started - - name: Wait for Elasticsearch API + - name: Wait for Wazuh-Indexer API uri: - url: "https://{{ inventory_hostname if not single_node else elasticsearch_network_host }}:{{ opendistro_http_port }}/_cat/health/" + url: "https://{{ inventory_hostname if not single_node else indexer_network_host }}:{{ indexer_http_port }}/_cat/health/" user: "admin" # Default OpenDistro user is always "admin" - password: "{{ opendistro_admin_password }}" + password: "{{ indexer_admin_password }}" validate_certs: no status_code: 200,401 return_content: yes timeout: 4 register: _result until: - - _result.json is defined - - _result.json.status == "green" or ( _result.json.status == "yellow" and single_node ) + - _result is defined + - '"green" in _result.content or ( "yellow" in _result.content and single_node )' retries: 24 delay: 5 tags: debug @@ -119,17 +119,17 @@ - name: Wait for Elasticsearch API (Private IP) uri: - url: "https://{{ hostvars[inventory_hostname]['private_ip'] if not single_node else elasticsearch_network_host }}:{{ opendistro_http_port }}/_cat/health/" + url: "https://{{ hostvars[inventory_hostname]['private_ip'] if not single_node else indexer_network_host }}:{{ indexer_http_port }}/_cat/health/" user: "admin" # Default OpenDistro user is always "admin" - password: "{{ opendistro_admin_password }}" + password: "{{ indexer_admin_password }}" validate_certs: no status_code: 200,401 return_content: yes timeout: 4 register: _result until: - - _result.json is defined - - _result.json.status == "green" or ( _result.json.status == "yellow" and single_node ) + - _result is defined + - '"green" in _result.content or ( "yellow" in _result.content and single_node )' retries: 24 delay: 5 tags: debug diff --git a/roles/opensearch/wazuh-indexer/tasks/security_actions.yml b/roles/opensearch/wazuh-indexer/tasks/security_actions.yml index 98473b4f..cdf9a151 100644 --- a/roles/opensearch/wazuh-indexer/tasks/security_actions.yml +++ b/roles/opensearch/wazuh-indexer/tasks/security_actions.yml @@ -4,20 +4,20 @@ # path: "{{ item }}" # state: absent # with_items: -# - "{{ opendistro_conf_path }}/kirk.pem" -# - "{{ opendistro_conf_path }}/kirk-key.pem" -# - "{{ opendistro_conf_path }}/esnode.pem" -# - "{{ opendistro_conf_path }}/esnode-key.pem" +# - "{{ indexer_conf_path }}/kirk.pem" +# - "{{ indexer_conf_path }}/kirk-key.pem" +# - "{{ indexer_conf_path }}/esnode.pem" +# - "{{ indexer_conf_path }}/esnode-key.pem" - name: Configure IP (Private address) set_fact: - target_address: "{{ hostvars[inventory_hostname]['private_ip'] if not single_node else elasticsearch_network_host }}" + target_address: "{{ hostvars[inventory_hostname]['private_ip'] if not single_node else indexer_network_host }}" when: - hostvars[inventory_hostname]['private_ip'] is defined - name: Configure IP (Public address) set_fact: - target_address: "{{ inventory_hostname if not single_node else elasticsearch_network_host }}" + target_address: "{{ inventory_hostname if not single_node else indexer_network_host }}" when: - hostvars[inventory_hostname]['private_ip'] is not defined @@ -25,32 +25,32 @@ - name: Copy the node & admin certificates to Elasticsearch cluster copy: src: "{{ local_certs_path }}/certs/{{ item }}" - dest: "{{ opendistro_conf_path }}/certs/" + dest: "{{ indexer_conf_path }}/certs/" mode: 0644 become: yes with_items: - root-ca.pem - root-ca.key - - "{{ elasticsearch_node_name }}-key.pem" - - "{{ elasticsearch_node_name }}.pem" - #- "{{ elasticsearch_node_name }}_http.key" - #- "{{ elasticsearch_node_name }}_http.pem" - #- "{{ elasticsearch_node_name }}_elasticsearch_config_snippet.yml" + - "{{ indexer_node_name }}-key.pem" + - "{{ indexer_node_name }}.pem" + #- "{{ indexer_node_name }}_http.key" + #- "{{ indexer_node_name }}_http.pem" + #- "{{ indexer_node_name }}_elasticsearch_config_snippet.yml" - admin-key.pem - admin.pem #- name: Copy the OpenDistro security configuration file to cluster # blockinfile: # block: "{{ lookup('file', snippet_path ) }}" -# dest: "{{ opendistro_conf_path }}/elasticsearch.yml" +# dest: "{{ indexer_conf_path }}/elasticsearch.yml" # insertafter: EOF # marker: "## {mark} Opendistro Security Node & Admin certificates configuration ##" # vars: -# snippet_path: '{{ local_certs_path }}/certs/{{ elasticsearch_node_name }}_elasticsearch_config_snippet.yml' +# snippet_path: '{{ local_certs_path }}/certs/{{ indexer_node_name }}_elasticsearch_config_snippet.yml' #- name: Prepare the OpenDistro security configuration file # replace: -# path: "{{ opendistro_conf_path }}/elasticsearch.yml" +# path: "{{ indexer_conf_path }}/elasticsearch.yml" # regexp: 'searchguard' # replace: 'opendistro_security' # tags: local @@ -63,35 +63,35 @@ - name: Copy the OpenDistro security internal users template template: src: "templates/internal_users.yml.j2" - dest: "{{ opendistro_sec_plugin_conf_path }}/internal_users.yml" + dest: "{{ indexer_sec_plugin_conf_path }}/internal_users.yml" mode: 0644 run_once: true - name: Hashing the custom admin password - command: "{{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ opendistro_admin_password }}" # noqa 301 - register: opendistro_admin_password_hashed - no_log: '{{ opendistro_nolog_sensible | bool }}' + command: "{{ indexer_sec_plugin_tools_path }}/hash.sh -p {{ indexer_admin_password }}" # noqa 301 + register: indexer_admin_password_hashed + no_log: '{{ indexer_nolog_sensible | bool }}' run_once: true - name: Set the Admin user password replace: - path: "{{ opendistro_sec_plugin_conf_path }}/internal_users.yml" + path: "{{ indexer_sec_plugin_conf_path }}/internal_users.yml" regexp: '(?<=admin:\n hash: )(.*)(?=)' replace: "{{ odfe_password_hash | quote }}" vars: - odfe_password_hash: "{{ opendistro_admin_password_hashed.stdout_lines | last }}" + odfe_password_hash: "{{ indexer_admin_password_hashed.stdout_lines | last }}" run_once: true # this can also be achieved with password_hash, but it requires dependencies on the controller - name: Hash the kibanaserver role/user pasword - command: "{{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ opendistro_kibana_password }}" # noqa 301 + command: "{{ indexer_sec_plugin_tools_path }}/hash.sh -p {{ dashboard_password }}" # noqa 301 register: opendistro_kibanaserver_password_hashed - no_log: '{{ opendistro_nolog_sensible | bool }}' + no_log: '{{ indexer_nolog_sensible | bool }}' run_once: true - name: Set the kibanaserver user password replace: - path: "{{ opendistro_sec_plugin_conf_path }}/internal_users.yml" + path: "{{ indexer_sec_plugin_conf_path }}/internal_users.yml" regexp: '(?<=kibanaserver:\n hash: )(.*)(?=)' replace: "{{ odfe_password_hash | quote }}" vars: @@ -100,28 +100,28 @@ - name: Initialize the OpenDistro security index in elasticsearch command: > - sudo -u wazuh-indexer OPENSEARCH_PATH_CONF=/etc/wazuh-indexer + sudo -u wazuh-indexer OPENSEARCH_PATH_CONF={{ indexer_conf_path }} JAVA_HOME=/usr/share/wazuh-indexer/jdk - {{ opendistro_sec_plugin_tools_path }}/securityadmin.sh - -cd {{ opendistro_sec_plugin_tools_path }}/ - -icl -p 9800 -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig - -cacert {{ opendistro_conf_path }}/certs/root-ca.pem - -cert {{ opendistro_conf_path }}/certs/admin.pem - -key {{ opendistro_conf_path }}/certs/admin-key.pem + {{ indexer_sec_plugin_tools_path }}/securityadmin.sh + -cd {{ indexer_sec_plugin_conf_path }}/ + -icl -p 9800 -cd {{ indexer_sec_plugin_conf_path }}/ -nhnv + -cacert {{ indexer_conf_path }}/certs/root-ca.pem + -cert {{ indexer_conf_path }}/certs/admin.pem + -key {{ indexer_conf_path }}/certs/admin-key.pem -h {{ target_address }} run_once: true # noqa 301 - name: Create custom user uri: - url: "https://{{ target_address }}:{{ opendistro_http_port }}/_plugins/_security/api/internalusers/{{ opendistro_custom_user }}" + url: "https://{{ target_address }}:{{ indexer_http_port }}/_plugins/_security/api/internalusers/{{ indexer_custom_user }}" method: PUT user: "admin" # Default OpenDistro user is always "admin" - password: "{{ opendistro_admin_password }}" + password: "{{ indexer_admin_password }}" body: | { - "password": "{{ opendistro_admin_password }}", - "backend_roles": ["{{ opendistro_custom_user_role }}"] + "password": "{{ indexer_admin_password }}", + "backend_roles": ["{{ indexer_custom_user_role }}"] } body_format: json validate_certs: no @@ -129,6 +129,6 @@ return_content: yes timeout: 4 when: - - opendistro_custom_user is defined and opendistro_custom_user + - indexer_custom_user is defined and indexer_custom_user diff --git a/roles/opensearch/wazuh-indexer/templates/elasticsearch.yml.j2 b/roles/opensearch/wazuh-indexer/templates/elasticsearch.yml.j2 index 96e585e2..ae40f4b5 100644 --- a/roles/opensearch/wazuh-indexer/templates/elasticsearch.yml.j2 +++ b/roles/opensearch/wazuh-indexer/templates/elasticsearch.yml.j2 @@ -4,7 +4,7 @@ path.data: /var/lib/elasticsearch path.logs: /var/log/elasticsearch network.host: {{ elasticsearch_network_host }} -node.master: {{ elasticsearch_node_master|lower }} +node.master: {{ indexer_node_master|lower }} {% if single_node == true %} discovery.type: single-node @@ -20,11 +20,11 @@ discovery.seed_hosts: {% endfor %} {% endif %} -{% if elasticsearch_node_data|lower == 'false' %} +{% if indexer_node_data|lower == 'false' %} node.data: false {% endif %} -{% if elasticsearch_node_ingest|lower == 'false' %} +{% if indexer_node_ingest|lower == 'false' %} node.ingest: false {% endif %} diff --git a/roles/opensearch/wazuh-indexer/templates/internal_users.yml.j2 b/roles/opensearch/wazuh-indexer/templates/internal_users.yml.j2 index 471a5c28..e00ebe01 100644 --- a/roles/opensearch/wazuh-indexer/templates/internal_users.yml.j2 +++ b/roles/opensearch/wazuh-indexer/templates/internal_users.yml.j2 @@ -9,13 +9,13 @@ _meta: # Define your internal users here admin: - hash: "{{ opendistro_admin_password }}" + hash: "{{ indexer_admin_password }}" reserved: true backend_roles: - "admin" description: "admin user" kibanaserver: - hash: "{{ opendistro_kibana_password }}" + hash: "{{ dashboard_password }}" reserved: true description: "kibanaserver user" diff --git a/roles/opensearch/wazuh-indexer/templates/jvm.options.j2 b/roles/opensearch/wazuh-indexer/templates/jvm.options.j2 index 53922429..1d3de5b7 100644 --- a/roles/opensearch/wazuh-indexer/templates/jvm.options.j2 +++ b/roles/opensearch/wazuh-indexer/templates/jvm.options.j2 @@ -19,11 +19,11 @@ # Xms represents the initial size of total heap space # Xmx represents the maximum size of total heap space -{% if opendistro_jvm_xms is not none %} -{% if opendistro_jvm_xms < 32000 %} --Xms{{ opendistro_jvm_xms }}m +{% if indexer_jvm_xms is not none %} +{% if indexer_jvm_xms < 32000 %} +-Xms{{ indexer_jvm_xms }}m --Xmx{{ opendistro_jvm_xms }}m +-Xmx{{ indexer_jvm_xms }}m {% else %} -Xms32000m diff --git a/roles/opensearch/wazuh-indexer/templates/opensearch.yml.j2 b/roles/opensearch/wazuh-indexer/templates/opensearch.yml.j2 index 411cb24a..bb3d8cab 100644 --- a/roles/opensearch/wazuh-indexer/templates/opensearch.yml.j2 +++ b/roles/opensearch/wazuh-indexer/templates/opensearch.yml.j2 @@ -1,14 +1,14 @@ -network.host: {{ elasticsearch_network_host }} -node.name: {{ elasticsearch_node_name }} +network.host: {{ indexer_network_host }} +node.name: {{ indexer_node_name }} {% if single_node == true %} discovery.type: single-node {% else %} cluster.initial_master_nodes: -{% for item in elasticsearch_cluster_nodes %} +{% for item in indexer_cluster_nodes %} - {{ item }} {% endfor %} {% endif %} -cluster.name: {{ opendistro_cluster_name }} +cluster.name: {{ indexer_cluster_name }} http.port: 9700-9799 transport.tcp.port: 9800-9899 @@ -24,11 +24,11 @@ path.logs: /var/log/wazuh-indexer # # ############################################################################### -plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/{{ elasticsearch_node_name }}.pem -plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/{{ elasticsearch_node_name }}-key.pem +plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/{{ indexer_node_name }}.pem +plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/{{ indexer_node_name }}-key.pem plugins.security.ssl.http.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem -plugins.security.ssl.transport.pemcert_filepath: /etc/wazuh-indexer/certs/{{ elasticsearch_node_name }}.pem -plugins.security.ssl.transport.pemkey_filepath: /etc/wazuh-indexer/certs/{{ elasticsearch_node_name }}-key.pem +plugins.security.ssl.transport.pemcert_filepath: /etc/wazuh-indexer/certs/{{ indexer_node_name }}.pem +plugins.security.ssl.transport.pemkey_filepath: /etc/wazuh-indexer/certs/{{ indexer_node_name }}-key.pem plugins.security.ssl.transport.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem plugins.security.ssl.http.enabled: true plugins.security.ssl.transport.enforce_hostname_verification: false @@ -40,7 +40,7 @@ plugins.security.authcz.admin_dn: plugins.security.check_snapshot_restore_write_privileges: true plugins.security.enable_snapshot_restore_privilege: true plugins.security.nodes_dn: -- "CN={{ elasticsearch_node_name }},OU=Docu,O=Wazuh,L=California,C=US" +- "CN={{ indexer_node_name }},OU=Docu,O=Wazuh,L=California,C=US" plugins.security.restapi.roles_enabled: - "all_access" - "security_rest_api_access"