Indexer variables update

2022-02-02 13:17:37 -03:00 · 2022-02-02 13:17:37 -03:00 · 93d6bdb32a
commit 93d6bdb32a
parent 9bd3e0f4e7
15 changed files with 121 additions and 121 deletions
--- a/roles/opensearch/wazuh-dashboard/defaults/main.yml
+++ b/roles/opensearch/wazuh-dashboard/defaults/main.yml
@ -44,10 +44,10 @@ kibana_newsfeed_enabled: "false"
 kibana_telemetry_optin: "false"
 kibana_telemetry_enabled: "false"

-opendistro_admin_password: changeme
+indexer_admin_password: changeme
 opendistro_kibana_user: kibanaserver
-opendistro_kibana_password: changeme
-local_certs_path: "{{ playbook_dir }}/opendistro/certificates"
+dashboard_password: changeme
+local_certs_path: "{{ playbook_dir }}/indexer/certificates"

 # Nodejs
 nodejs:
--- a/roles/opensearch/wazuh-dashboard/tasks/Debian.yml
+++ b/roles/opensearch/wazuh-dashboard/tasks/Debian.yml
@ -5,13 +5,13 @@
  - name: Add apt repository signing key
 ## 732 will not be needed. The wazuh repo should be added
    apt_key:
-      url: "{{ package_repos.apt.opendistro.gpg }}"
+      url: "{{ package_repos.apt.indexer.gpg }}"
      state: present

  - name: Debian systems | Add OpenDistro repo
 ## 732 will not be needed. The wazuh repo should be added
    apt_repository:
-      repo: "{{ package_repos.apt.opendistro.baseurl }}"
+      repo: "{{ package_repos.apt.indexer.baseurl }}"
      state: present
      update_cache: yes

--- a/roles/opensearch/wazuh-dashboard/tasks/RedHat.yml
+++ b/roles/opensearch/wazuh-dashboard/tasks/RedHat.yml
@ -6,8 +6,8 @@
      file: opendistro
      name: opendistro_repo
      description: Opendistro yum repository
-      baseurl: "{{ package_repos.yum.opendistro.baseurl }}"
-      gpgkey: "{{ package_repos.yum.opendistro.gpg }}"
+      baseurl: "{{ package_repos.yum.indexer.baseurl }}"
+      gpgkey: "{{ package_repos.yum.indexer.gpg }}"
      gpgcheck: true

  - name: Install Wazuh-Dashboard
--- a/roles/opensearch/wazuh-dashboard/tasks/main.yml
+++ b/roles/opensearch/wazuh-dashboard/tasks/main.yml
@ -80,7 +80,7 @@
 #    - skip_ansible_lint

 - name: Wait for Elasticsearch port
-  wait_for: host={{ elasticsearch_network_host }} port={{ elasticsearch_http_port }}
+  wait_for: host={{ indexer_network_host }} port={{ elasticsearch_http_port }}

 - name: Select correct API protocol
  set_fact:
@ -88,10 +88,10 @@

 - name: Attempting to delete legacy Wazuh index if exists
  uri:
-    url: "{{ elastic_api_protocol }}://{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}/.wazuh"
+    url: "{{ elastic_api_protocol }}://{{ indexer_network_host }}:{{ elasticsearch_http_port }}/.wazuh"
    method: DELETE
    user: "admin"
-    password: "{{ opendistro_admin_password }}"
+    password: "{{ indexer_admin_password }}"
    validate_certs: no
    status_code: 200, 404

--- a/roles/opensearch/wazuh-dashboard/templates/opendistro_kibana.yml.j2
+++ b/roles/opensearch/wazuh-dashboard/templates/opendistro_kibana.yml.j2
@ -11,9 +11,9 @@ server.host: {{ kibana_server_host }}

 {% if kibana_opendistro_security %}

-elasticsearch.hosts: "https://{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}"
+elasticsearch.hosts: "https://{{ indexer_network_host }}:{{ elasticsearch_http_port }}"
 elasticsearch.username: {{ opendistro_kibana_user }}
-elasticsearch.password: {{ opendistro_kibana_password }}
+elasticsearch.password: {{ dashboard_password }}
 server.ssl.enabled: true
 server.ssl.certificate: "/usr/share/kibana/{{ kibana_node_name }}_http.pem"
 server.ssl.key: "/usr/share/kibana/{{ kibana_node_name }}_http.key"
@ -21,7 +21,7 @@ elasticsearch.ssl.certificateAuthorities: ["/usr/share/kibana/root-ca.pem"]
 elasticsearch.ssl.verificationMode: full

 {% else %}
-elasticsearch.hosts: "http://{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}"
+elasticsearch.hosts: "http://{{ indexer_network_host }}:{{ elasticsearch_http_port }}"
 {% endif %}

 elasticsearch.requestHeadersWhitelist: ["securitytenant","Authorization"]
--- a/roles/opensearch/wazuh-indexer/defaults/main.yml
+++ b/roles/opensearch/wazuh-indexer/defaults/main.yml
@ -1,24 +1,24 @@
 ---
 # Cluster Settings
-opendistro_version: 4.3.0
+indexer_version: 4.3.0

 single_node: false
-elasticsearch_node_name: node-1
-opendistro_cluster_name: wazuh
-elasticsearch_network_host: '0.0.0.0'
+indexer_node_name: node-1
+indexer_cluster_name: wazuh
+indexer_network_host: '0.0.0.0'

-elasticsearch_node_master: true
-elasticsearch_node_data: true
-elasticsearch_node_ingest: true
-elasticsearch_start_timeout: 90
+indexer_node_master: true
+indexer_node_data: true
+indexer_node_ingest: true
+indexer_start_timeout: 90

-elasticsearch_lower_disk_requirements: false
-elasticsearch_cluster_nodes:
-  - 127.0.0.1
-elasticsearch_discovery_nodes:
+#elasticsearch_lower_disk_requirements: false
+indexer_cluster_nodes:
  - 127.0.0.1
+#elasticsearch_discovery_nodes:
+#  - 127.0.0.1

-local_certs_path: "{{ playbook_dir }}/opendistro/certificates"
+local_certs_path: "{{ playbook_dir }}/indexer/certificates"
 ##check if it is the correct directory

 # Minimum master nodes in cluster, 2 for 3 nodes elasticsearch cluster
@ -31,33 +31,33 @@ domain_name: wazuh.com
 # The OpenDistro package repository
 package_repos:
  yum:
-    opendistro:
+    indexer:
      #baseurl: 'https://packages.wazuh.com/4.x/yum/'
      baseurl: 'https://packages-dev.wazuh.com/pre-release/yum/'
      #gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
      gpg: 'https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH'
  apt:
-    opendistro:
+    indexer:
      #baseurl: 'deb https://packages.wazuh.com/4.x/apt/ stable main'
      baseurl: 'deb https://packages-dev.wazuh.com/pre-release/apt/ unstable main'
      #gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
      gpg: 'https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH'
-    openjdk:
-      baseurl: 'deb http://deb.debian.org/debian stretch-backports main'
+#    openjdk:
+#      baseurl: 'deb http://deb.debian.org/debian stretch-backports main'
      
-opendistro_sec_plugin_conf_path: /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig
-opendistro_sec_plugin_tools_path: /usr/share/wazuh-indexer/plugins/opensearch-security/tools
-opendistro_conf_path: /etc/wazuh-indexer/
-opendistro_index_path: /var/lib/wazuh-indexer/
+indexer_sec_plugin_conf_path: /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig
+indexer_sec_plugin_tools_path: /usr/share/wazuh-indexer/plugins/opensearch-security/tools
+indexer_conf_path: /etc/wazuh-indexer/
+indexer_index_path: /var/lib/wazuh-indexer/

 # Security password
-opendistro_custom_user: ""
-opendistro_custom_user_role: "admin"
+indexer_custom_user: ""
+indexer_custom_user_role: "admin"

 # Set JVM memory limits
-opendistro_jvm_xms: null
+indexer_jvm_xms: null

-opendistro_http_port: 9700
+indexer_http_port: 9700
 ## 732 this port changes to 9700

 certs_gen_tool_version: 4.3
@ -67,11 +67,11 @@ certs_gen_tool_version: 4.3
 certs_gen_tool_url: "https://packages-dev.wazuh.com/resources/{{ certs_gen_tool_version }}/install_functions/opendistro/wazuh-cert-tool.sh"
 ## 732 will no longer be needed. /usr/share/wazuh-indexer/plugins/opensearch-security/tools/wazuh-cert-tool.sh comes with the package.

-opendistro_admin_password: changeme
-opendistro_kibana_password: changeme
+indexer_admin_password: changeme
+dashboard_password: changeme

 # Deployment settings
 generate_certs: true
 perform_installation: true

-opendistro_nolog_sensible: true
+indexer_nolog_sensible: true
--- a/roles/opensearch/wazuh-indexer/meta/main.yml
+++ b/roles/opensearch/wazuh-indexer/meta/main.yml
@ -1,7 +1,7 @@
 ---
 galaxy_info:
  author: Wazuh
-  description: Installing and maintaining Opendistro server.
+  description: Installing and maintaining Opensearch server.
  company: wazuh.com
  license: license (GPLv3)
  min_ansible_version: 2.0
--- a/roles/opensearch/wazuh-indexer/tasks/Debian.yml
+++ b/roles/opensearch/wazuh-indexer/tasks/Debian.yml
@ -42,12 +42,12 @@
  ## 732 the wazuh repo should be added instead
    - name: Add apt repository signing key
      apt_key:
-        url: "{{ package_repos.apt.opendistro.gpg }}"
+        url: "{{ package_repos.apt.indexer.gpg }}"
        state: present

    - name: Add Opendistro repository
      apt_repository:
-        repo: "{{ package_repos.apt.opendistro.baseurl }}"
+        repo: "{{ package_repos.apt.indexer.baseurl }}"
        state: present
        filename: 'wazuh-opendistro'
        update_cache: yes
@ -55,7 +55,7 @@
 - name: Install Wazuh-Indexer
 ## the indexer package should be installed instead
  apt:
-    name: wazuh-indexer={{ opendistro_version }}-1
+    name: wazuh-indexer={{ indexer_version }}-1
    state: present
  register: install
  tags: install 
--- a/roles/opensearch/wazuh-indexer/tasks/RedHat.yml
+++ b/roles/opensearch/wazuh-indexer/tasks/RedHat.yml
@ -7,8 +7,8 @@
      file: opendistro
      name: opendistro_repo
      description: Opendistro yum repository
-      baseurl: "{{ package_repos.yum.opendistro.baseurl }}"
-      gpgkey: "{{ package_repos.yum.opendistro.gpg }}"
+      baseurl: "{{ package_repos.yum.indexer.baseurl }}"
+      gpgkey: "{{ package_repos.yum.indexer.gpg }}"
      gpgcheck: true
    changed_when: false

@ -45,7 +45,7 @@
  - name: Install Wazuh-Indexer
  ## 732 the package name should be updated
    package:
-      name: wazuh-indexer-{{ opendistro_version }}
+      name: wazuh-indexer-{{ indexer_version }}
      state: present
    register: install
    tags: install
--- a/roles/opensearch/wazuh-indexer/tasks/main.yml
+++ b/roles/opensearch/wazuh-indexer/tasks/main.yml
@ -24,18 +24,18 @@
 #        - '"not found" not in remove_elasticsearch_performance_analyzer.stderr'
 #      changed_when: "remove_elasticsearch_performance_analyzer.rc == 0"

-    - name: Remove elasticsearch configuration file
+    - name: Remove Opensearch configuration file
  ## 732 will not be needed
      file:
-        path: "{{ opendistro_conf_path }}/opensearch.yml"
+        path: "{{ indexer_conf_path }}/opensearch.yml"
        state: absent
      tags: install

-    - name: Copy Configuration File
+    - name: Copy Opensearch Configuration File
  ## 732 will not be needed
      template:
        src: "templates/opensearch.yml.j2"
-        dest: "{{ opendistro_conf_path }}/opensearch.yml"
+        dest: "{{ indexer_conf_path }}/opensearch.yml"
        owner: root
        group: wazuh-indexer
        mode: 0640
@ -47,11 +47,11 @@
        - security


-    - name: Configure OpenDistro Elasticsearch JVM memmory.
+    - name: Configure Wazuh-Indexer JVM memmory.
  ## 732 will not be needed and if it is needed the path should be updated.
      template:
        src: "templates/jvm.options.j2"
-        dest: "{{ opendistro_conf_path }}/jvm.options"
+        dest: "{{ indexer_conf_path }}/jvm.options"
        owner: root
        group: wazuh-indexer
        mode: 0644
@ -63,7 +63,7 @@
  ## 732 will not be needed
      template:
        src: "templates/disabledlog4j.options.j2"
-        dest: "{{ opendistro_conf_path }}/jvm.options.d/disabledlog4j.options"
+        dest: "{{ indexer_conf_path }}/jvm.options.d/disabledlog4j.options"
        owner: root
        group: wazuh-indexer
        mode: 2750
@ -71,17 +71,17 @@
      notify: restart wazuh-indexer
      tags: install

-    - name: Ensure extra time for Elasticsearch to start on reboots
+    - name: Ensure extra time for Wazuh-Indexer to start on reboots
      lineinfile:
        path: /usr/lib/systemd/system/wazuh-indexer.service
        regexp: '^TimeoutStartSec='
-        line: "TimeoutStartSec={{ elasticsearch_start_timeout }}"
+        line: "TimeoutStartSec={{ indexer_start_timeout }}"
      become: yes
      tags: configure

    - name: Index files to remove
      find:
-        paths: "{{ opendistro_index_path }}"
+        paths: "{{ indexer_index_path }}"
        patterns: "*"
      register: files_to_delete

@ -98,19 +98,19 @@
        enabled: true
        state: started

-    - name: Wait for Elasticsearch API
+    - name: Wait for Wazuh-Indexer API
      uri:
-        url: "https://{{ inventory_hostname if not single_node else elasticsearch_network_host }}:{{ opendistro_http_port }}/_cat/health/"
+        url: "https://{{ inventory_hostname if not single_node else indexer_network_host }}:{{ indexer_http_port }}/_cat/health/"
        user: "admin" # Default OpenDistro user is always "admin"
-        password: "{{ opendistro_admin_password }}"
+        password: "{{ indexer_admin_password }}"
        validate_certs: no
        status_code: 200,401
        return_content: yes
        timeout: 4
      register: _result
      until:
-        - _result.json is defined
-        - _result.json.status == "green" or ( _result.json.status == "yellow" and single_node )
+        - _result is defined
+        - '"green" in _result.content or ( "yellow" in _result.content and single_node )'
      retries: 24
      delay: 5
      tags: debug
@ -119,17 +119,17 @@

    - name: Wait for Elasticsearch API (Private IP)
      uri:
-        url: "https://{{ hostvars[inventory_hostname]['private_ip'] if not single_node else elasticsearch_network_host }}:{{ opendistro_http_port }}/_cat/health/"
+        url: "https://{{ hostvars[inventory_hostname]['private_ip'] if not single_node else indexer_network_host }}:{{ indexer_http_port }}/_cat/health/"
        user: "admin" # Default OpenDistro user is always "admin"
-        password: "{{ opendistro_admin_password }}"
+        password: "{{ indexer_admin_password }}"
        validate_certs: no
        status_code: 200,401
        return_content: yes
        timeout: 4
      register: _result
      until:
-        - _result.json is defined
-        - _result.json.status == "green" or ( _result.json.status == "yellow" and single_node )
+        - _result is defined
+        - '"green" in _result.content or ( "yellow" in _result.content and single_node )'
      retries: 24
      delay: 5
      tags: debug
--- a/roles/opensearch/wazuh-indexer/tasks/security_actions.yml
+++ b/roles/opensearch/wazuh-indexer/tasks/security_actions.yml
@ -4,20 +4,20 @@
 #    path: "{{ item }}"
 #    state: absent
 #  with_items:
-#    - "{{ opendistro_conf_path }}/kirk.pem"
-#    - "{{ opendistro_conf_path }}/kirk-key.pem"
-#    - "{{ opendistro_conf_path }}/esnode.pem"
-#    - "{{ opendistro_conf_path }}/esnode-key.pem"
+#    - "{{ indexer_conf_path }}/kirk.pem"
+#    - "{{ indexer_conf_path }}/kirk-key.pem"
+#    - "{{ indexer_conf_path }}/esnode.pem"
+#    - "{{ indexer_conf_path }}/esnode-key.pem"

 - name: Configure IP (Private address)
  set_fact:
-    target_address: "{{ hostvars[inventory_hostname]['private_ip'] if not single_node else elasticsearch_network_host }}"
+    target_address: "{{ hostvars[inventory_hostname]['private_ip'] if not single_node else indexer_network_host }}"
  when:
    - hostvars[inventory_hostname]['private_ip'] is defined

 - name: Configure IP (Public address)
  set_fact:
-    target_address: "{{ inventory_hostname if not single_node else elasticsearch_network_host }}"
+    target_address: "{{ inventory_hostname if not single_node else indexer_network_host }}"
  when:
    - hostvars[inventory_hostname]['private_ip'] is not defined

@ -25,32 +25,32 @@
 - name: Copy the node & admin certificates to Elasticsearch cluster
  copy:
    src: "{{ local_certs_path }}/certs/{{ item }}"
-    dest: "{{ opendistro_conf_path }}/certs/"
+    dest: "{{ indexer_conf_path }}/certs/"
    mode: 0644
  become: yes
  with_items:
    - root-ca.pem
    - root-ca.key
-    - "{{ elasticsearch_node_name }}-key.pem"
-    - "{{ elasticsearch_node_name }}.pem"
-    #- "{{ elasticsearch_node_name }}_http.key"
-    #- "{{ elasticsearch_node_name }}_http.pem"
-    #- "{{ elasticsearch_node_name }}_elasticsearch_config_snippet.yml"
+    - "{{ indexer_node_name }}-key.pem"
+    - "{{ indexer_node_name }}.pem"
+    #- "{{ indexer_node_name }}_http.key"
+    #- "{{ indexer_node_name }}_http.pem"
+    #- "{{ indexer_node_name }}_elasticsearch_config_snippet.yml"
    - admin-key.pem
    - admin.pem

 #- name: Copy the OpenDistro security configuration file to cluster
 #  blockinfile:
 #    block: "{{ lookup('file', snippet_path ) }}"
-#    dest: "{{ opendistro_conf_path }}/elasticsearch.yml"
+#    dest: "{{ indexer_conf_path }}/elasticsearch.yml"
 #    insertafter: EOF
 #    marker: "## {mark} Opendistro Security Node & Admin certificates configuration ##"
 #  vars:
-#    snippet_path: '{{ local_certs_path }}/certs/{{ elasticsearch_node_name }}_elasticsearch_config_snippet.yml'
+#    snippet_path: '{{ local_certs_path }}/certs/{{ indexer_node_name }}_elasticsearch_config_snippet.yml'

 #- name: Prepare the OpenDistro security configuration file
 #  replace:
-#    path: "{{ opendistro_conf_path }}/elasticsearch.yml"
+#    path: "{{ indexer_conf_path }}/elasticsearch.yml"
 #    regexp: 'searchguard'
 #    replace: 'opendistro_security'
 #  tags: local
@ -63,35 +63,35 @@
 - name: Copy the OpenDistro security internal users template
  template:
    src: "templates/internal_users.yml.j2"
-    dest: "{{ opendistro_sec_plugin_conf_path }}/internal_users.yml"
+    dest: "{{ indexer_sec_plugin_conf_path }}/internal_users.yml"
    mode: 0644
  run_once: true

 - name: Hashing the custom admin password
-  command: "{{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ opendistro_admin_password }}" # noqa 301
-  register: opendistro_admin_password_hashed
-  no_log: '{{ opendistro_nolog_sensible | bool }}'
+  command: "{{ indexer_sec_plugin_tools_path }}/hash.sh -p {{ indexer_admin_password }}" # noqa 301
+  register: indexer_admin_password_hashed
+  no_log: '{{ indexer_nolog_sensible | bool }}'
  run_once: true

 - name: Set the Admin user password
  replace:
-    path: "{{ opendistro_sec_plugin_conf_path }}/internal_users.yml"
+    path: "{{ indexer_sec_plugin_conf_path }}/internal_users.yml"
    regexp: '(?<=admin:\n  hash: )(.*)(?=)'
    replace: "{{ odfe_password_hash | quote }}"
  vars:
-    odfe_password_hash: "{{ opendistro_admin_password_hashed.stdout_lines | last }}"
+    odfe_password_hash: "{{ indexer_admin_password_hashed.stdout_lines | last }}"
  run_once: true

 # this can also be achieved with password_hash, but it requires dependencies on the controller
 - name: Hash the kibanaserver role/user pasword
-  command: "{{ opendistro_sec_plugin_tools_path }}/hash.sh -p {{ opendistro_kibana_password }}" # noqa 301
+  command: "{{ indexer_sec_plugin_tools_path }}/hash.sh -p {{ dashboard_password }}" # noqa 301
  register: opendistro_kibanaserver_password_hashed
-  no_log: '{{ opendistro_nolog_sensible | bool }}'
+  no_log: '{{ indexer_nolog_sensible | bool }}'
  run_once: true

 - name: Set the kibanaserver user password
  replace:
-    path: "{{ opendistro_sec_plugin_conf_path }}/internal_users.yml"
+    path: "{{ indexer_sec_plugin_conf_path }}/internal_users.yml"
    regexp: '(?<=kibanaserver:\n  hash: )(.*)(?=)'
    replace: "{{ odfe_password_hash | quote }}"
  vars:
@ -100,28 +100,28 @@

 - name: Initialize the OpenDistro security index in elasticsearch
  command: >
-    sudo -u wazuh-indexer OPENSEARCH_PATH_CONF=/etc/wazuh-indexer
+    sudo -u wazuh-indexer OPENSEARCH_PATH_CONF={{ indexer_conf_path }}
    JAVA_HOME=/usr/share/wazuh-indexer/jdk
-    {{ opendistro_sec_plugin_tools_path }}/securityadmin.sh
-    -cd {{ opendistro_sec_plugin_tools_path }}/
-    -icl -p 9800 -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig
-    -cacert {{ opendistro_conf_path }}/certs/root-ca.pem
-    -cert {{ opendistro_conf_path }}/certs/admin.pem
-    -key {{ opendistro_conf_path }}/certs/admin-key.pem
+    {{ indexer_sec_plugin_tools_path }}/securityadmin.sh
+    -cd {{ indexer_sec_plugin_conf_path }}/
+    -icl -p 9800 -cd {{ indexer_sec_plugin_conf_path }}/
    -nhnv
+    -cacert {{ indexer_conf_path }}/certs/root-ca.pem
+    -cert {{ indexer_conf_path }}/certs/admin.pem
+    -key {{ indexer_conf_path }}/certs/admin-key.pem
    -h {{ target_address }}
  run_once: true # noqa 301

 - name: Create custom user
  uri:
-    url: "https://{{ target_address }}:{{ opendistro_http_port }}/_plugins/_security/api/internalusers/{{ opendistro_custom_user }}"
+    url: "https://{{ target_address }}:{{ indexer_http_port }}/_plugins/_security/api/internalusers/{{ indexer_custom_user }}"
    method: PUT
    user: "admin" # Default OpenDistro user is always "admin"
-    password: "{{ opendistro_admin_password }}"
+    password: "{{ indexer_admin_password }}"
    body: |
      {
-        "password": "{{ opendistro_admin_password }}",
-        "backend_roles": ["{{ opendistro_custom_user_role }}"]
+        "password": "{{ indexer_admin_password }}",
+        "backend_roles": ["{{ indexer_custom_user_role }}"]
      }
    body_format: json
    validate_certs: no
@ -129,6 +129,6 @@
    return_content: yes
    timeout: 4
  when:
-    - opendistro_custom_user is defined and opendistro_custom_user
+    - indexer_custom_user is defined and indexer_custom_user


--- a/roles/opensearch/wazuh-indexer/templates/elasticsearch.yml.j2
+++ b/roles/opensearch/wazuh-indexer/templates/elasticsearch.yml.j2
@ -4,7 +4,7 @@ path.data: /var/lib/elasticsearch
 path.logs: /var/log/elasticsearch
 network.host: {{ elasticsearch_network_host }}

-node.master: {{ elasticsearch_node_master|lower }}
+node.master: {{ indexer_node_master|lower }}

 {% if single_node == true %}
 discovery.type: single-node
@ -20,11 +20,11 @@ discovery.seed_hosts:
 {% endfor %}
 {% endif %}

-{% if elasticsearch_node_data|lower == 'false' %}
+{% if indexer_node_data|lower == 'false' %}
 node.data: false
 {% endif %}

-{% if elasticsearch_node_ingest|lower == 'false' %}
+{% if indexer_node_ingest|lower == 'false' %}
 node.ingest: false
 {% endif %}

--- a/roles/opensearch/wazuh-indexer/templates/internal_users.yml.j2
+++ b/roles/opensearch/wazuh-indexer/templates/internal_users.yml.j2
@ -9,13 +9,13 @@ _meta:
 # Define your internal users here

 admin:
-  hash: "{{ opendistro_admin_password }}"
+  hash: "{{ indexer_admin_password }}"
  reserved: true
  backend_roles:
  - "admin"
  description: "admin user"

 kibanaserver:
-  hash: "{{ opendistro_kibana_password }}"
+  hash: "{{ dashboard_password }}"
  reserved: true
  description: "kibanaserver user"
--- a/roles/opensearch/wazuh-indexer/templates/jvm.options.j2
+++ b/roles/opensearch/wazuh-indexer/templates/jvm.options.j2
@ -19,11 +19,11 @@
 # Xms represents the initial size of total heap space
 # Xmx represents the maximum size of total heap space

-{% if opendistro_jvm_xms is not none %}
-{% if opendistro_jvm_xms < 32000 %}
-Xms{{ opendistro_jvm_xms }}m
+{% if indexer_jvm_xms is not none %}
+{% if indexer_jvm_xms < 32000 %}
+-Xms{{ indexer_jvm_xms }}m

-Xmx{{ opendistro_jvm_xms }}m
+-Xmx{{ indexer_jvm_xms }}m
 {% else %}
 -Xms32000m

--- a/roles/opensearch/wazuh-indexer/templates/opensearch.yml.j2
+++ b/roles/opensearch/wazuh-indexer/templates/opensearch.yml.j2
@ -1,14 +1,14 @@
-network.host: {{ elasticsearch_network_host }}
-node.name: {{ elasticsearch_node_name }}
+network.host: {{ indexer_network_host }}
+node.name: {{ indexer_node_name }}
 {% if single_node == true %}
 discovery.type: single-node
 {% else %}
 cluster.initial_master_nodes:
-{% for item in elasticsearch_cluster_nodes %}
+{% for item in indexer_cluster_nodes %}
  - {{ item }}
 {% endfor %}
 {% endif %}
-cluster.name: {{ opendistro_cluster_name }}
+cluster.name: {{ indexer_cluster_name }}

 http.port: 9700-9799
 transport.tcp.port: 9800-9899
@ -24,11 +24,11 @@ path.logs: /var/log/wazuh-indexer
 #                                                                             #
 ###############################################################################

-plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/{{ elasticsearch_node_name }}.pem
-plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/{{ elasticsearch_node_name }}-key.pem
+plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/{{ indexer_node_name }}.pem
+plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/{{ indexer_node_name }}-key.pem
 plugins.security.ssl.http.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem
-plugins.security.ssl.transport.pemcert_filepath: /etc/wazuh-indexer/certs/{{ elasticsearch_node_name }}.pem
-plugins.security.ssl.transport.pemkey_filepath: /etc/wazuh-indexer/certs/{{ elasticsearch_node_name }}-key.pem
+plugins.security.ssl.transport.pemcert_filepath: /etc/wazuh-indexer/certs/{{ indexer_node_name }}.pem
+plugins.security.ssl.transport.pemkey_filepath: /etc/wazuh-indexer/certs/{{ indexer_node_name }}-key.pem
 plugins.security.ssl.transport.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem
 plugins.security.ssl.http.enabled: true
 plugins.security.ssl.transport.enforce_hostname_verification: false
@ -40,7 +40,7 @@ plugins.security.authcz.admin_dn:
 plugins.security.check_snapshot_restore_write_privileges: true
 plugins.security.enable_snapshot_restore_privilege: true
 plugins.security.nodes_dn:
- "CN={{ elasticsearch_node_name }},OU=Docu,O=Wazuh,L=California,C=US"
+- "CN={{ indexer_node_name }},OU=Docu,O=Wazuh,L=California,C=US"
 plugins.security.restapi.roles_enabled:
 - "all_access"
 - "security_rest_api_access"