Updated this PR with the new changes of indexer-ism-init script

roles/wazuh/vars/repo.yml

@@ -16,8 +16,3 @@ certs_gen_tool_version: 4.8
 
 # Url of certificates generator tool
 certs_gen_tool_url: "https://packages.wazuh.com/{{ certs_gen_tool_version }}/wazuh-certs-tool.sh"
-
-rollover_alias_tool_version: 4.8
-
-# Url of certificates generator tool
-rollover_alias_url: "https://packages.wazuh.com/{{ rollover_alias_tool_version }}/indexerRolloverInit.sh"

roles/wazuh/vars/repo_pre-release.yml

@@ -16,8 +16,3 @@ certs_gen_tool_version: 4.8
 
 # Url of certificates generator tool
 certs_gen_tool_url: "https://packages-dev.wazuh.com/{{ certs_gen_tool_version }}/wazuh-certs-tool.sh"
-
-rollover_alias_tool_version: 4.8
-
-# Url of certificates generator tool
-rollover_alias_url: "https://packages-dev.wazuh.com/{{ rollover_alias_tool_version }}/indexerRolloverInit.sh"

roles/wazuh/vars/repo_staging.yml

@@ -15,8 +15,3 @@ certs_gen_tool_version: 4.8
 
 # Url of certificates generator tool
 certs_gen_tool_url: "https://packages-dev.wazuh.com/{{ certs_gen_tool_version }}/wazuh-certs-tool.sh"
-
-rollover_alias_tool_version: 4.8
-
-# Url of certificates generator tool
-rollover_alias_url: "https://packages-dev.wazuh.com/{{ rollover_alias_tool_version }}/indexerRolloverInit.sh"

roles/wazuh/wazuh-indexer/defaults/main.yml

@@ -28,6 +28,7 @@ domain_name: wazuh.com
 
 indexer_sec_plugin_conf_path: /etc/wazuh-indexer/opensearch-security
 indexer_sec_plugin_tools_path: /usr/share/wazuh-indexer/plugins/opensearch-security/tools
+indexer_bin_path: /usr/share/wazuh-indexer/bin
 indexer_conf_path: /etc/wazuh-indexer
 indexer_index_path: /var/lib/wazuh-indexer/
 

roles/wazuh/wazuh-indexer/tasks/security_actions.yml

@@ -52,7 +52,7 @@
       {{ indexer_sec_plugin_tools_path }}/hash.sh -p '{{ indexer_admin_password }}'
     register: indexer_admin_password_hashed
     no_log: '{{ indexer_nolog_sensible | bool }}'
-  
+
   - name: Set the Admin user password
     replace:
       path: "{{ indexer_sec_plugin_conf_path }}/internal_users.yml"
@@ -60,7 +60,7 @@
       replace: "{{ indexer_password_hash | quote }}"
     vars:
       indexer_password_hash: "{{ indexer_admin_password_hashed.stdout_lines | last }}"
-  
+
   # this can also be achieved with password_hash, but it requires dependencies on the controller
   - name: Hash the kibanaserver role/user pasword
     shell: |
@@ -68,7 +68,7 @@
       {{ indexer_sec_plugin_tools_path }}/hash.sh -p '{{ dashboard_password }}'
     register: indexer_kibanaserver_password_hashed
     no_log: '{{ indexer_nolog_sensible | bool }}'
-  
+
   - name: Set the kibanaserver user password
     replace:
       path: "{{ indexer_sec_plugin_conf_path }}/internal_users.yml"
@@ -76,7 +76,7 @@
       replace: "{{ indexer_password_hash | quote }}"
     vars:
       indexer_password_hash: "{{ indexer_kibanaserver_password_hashed.stdout_lines | last }}"
-  
+
   - name: Initialize the Opensearch security index in Wazuh indexer
     command: >
       sudo -u wazuh-indexer OPENSEARCH_PATH_CONF={{ indexer_conf_path }}
@@ -94,18 +94,11 @@
     register: result
     until: result.rc == 0
 
-  - name: Download Rollover alias script
-    get_url:
-      url: "{{ rollover_alias_url }}"
-      dest: "{{ indexer_conf_path }}/indexerRolloverAlias.sh"
-      mode: 744
-
   - name: Initialize Rollover alias
     command: >
-      {{ indexer_conf_path }}/indexerRolloverAlias.sh
+      {{ indexer_bin_path }}/indexer-ism-init.sh
-    environment:
+      -p {{ indexer_admin_password }}
-      INDEXER_PASSWORD: "{{ indexer_admin_password }}"
+      -i {{ target_address }}
-      INDEXER_HOSTNAME: "{{ target_address }}"
     become: yes
     become_user: root