Indexer and dashboard variables names updated

2022-02-07 17:01:52 -03:00 · 2022-02-07 17:01:52 -03:00 · a5441ddc8a
commit a5441ddc8a
parent d67ae78712
21 changed files with 50 additions and 48 deletions
--- a/README.md
+++ b/README.md
@ -180,7 +180,7 @@ The hereunder example playbook uses the `wazuh-ansible` role to provision a prod
              nodes:
                  - "{{ hostvars.manager.private_ip }}"
              hidden: 'no'
-        filebeat_output_elasticsearch_hosts:
+        filebeat_output_indexer_hosts:
                - "{{ hostvars.es1.private_ip }}"
                - "{{ hostvars.es2.private_ip }}"
                - "{{ hostvars.es3.private_ip }}"
@ -209,7 +209,7 @@ The hereunder example playbook uses the `wazuh-ansible` role to provision a prod
              nodes:
                  - "{{ hostvars.manager.private_ip }}"
              hidden: 'no'
-        filebeat_output_elasticsearch_hosts:
+        filebeat_output_indexer_hosts:
                - "{{ hostvars.es1.private_ip }}"
                - "{{ hostvars.es2.private_ip }}"
                - "{{ hostvars.es3.private_ip }}"
@ -319,7 +319,7 @@ The hereunder example playbook uses the `wazuh-ansible` role to provision a sing
        elasticsearch_node_master: true
        elasticsearch_network_host: <your server host>
        filebeat_node_name: node-1
-        filebeat_output_elasticsearch_hosts: <your server host>
+        filebeat_output_indexer_hosts: <your server host>
        ansible_ssh_user: vagrant
        ansible_ssh_private_key_file: /path/to/ssh/key.pem
        ansible_ssh_extra_args: '-o StrictHostKeyChecking=no'
--- a/playbooks/wazuh-manager-oss.yml
+++ b/playbooks/wazuh-manager-oss.yml
@ -3,7 +3,7 @@
  roles:
    - role: ../roles/wazuh/ansible-wazuh-manager
    - role: ../roles/wazuh/ansible-filebeat-oss
-      filebeat_output_elasticsearch_hosts:
+      filebeat_output_indexer_hosts:
      - "<elastic-node-1>:9200"
      - "<elastic-node-2>:9200"
      - "<elastic-node-2>:9200"
--- a/playbooks/wazuh-odfe-production-ready.yml
+++ b/playbooks/wazuh-odfe-production-ready.yml
@ -2,7 +2,7 @@
 # Certificates generation
    - hosts: es1
      roles:
-        - role: ../roles/opendistro/opendistro-elasticsearch
+        - role: ../roles/opensearch/wazuh-indexer
          elasticsearch_network_host: "{{ private_ip }}"
          elasticsearch_cluster_nodes:
            - "{{ hostvars.es1.private_ip }}"
@ -43,7 +43,7 @@
    - hosts: odfe_cluster
      strategy: free
      roles:
-        - role: ../roles/opendistro/opendistro-elasticsearch
+        - role: ../roles/opensearch/wazuh-indexer
          elasticsearch_network_host: "{{ private_ip }}"
      become: yes
      become_user: root
@ -105,7 +105,7 @@
        wazuh_api_users:
          - username: custom-user
            password: .S3cur3Pa55w0rd*-
-        filebeat_output_elasticsearch_hosts:
+        filebeat_output_indexer_hosts:
                - "{{ hostvars.es1.private_ip }}"
                - "{{ hostvars.es2.private_ip }}"
                - "{{ hostvars.es3.private_ip }}"
@ -134,7 +134,7 @@
              nodes:
                  - "{{ hostvars.manager.private_ip }}"
              hidden: 'no'
-        filebeat_output_elasticsearch_hosts:
+        filebeat_output_indexer_hosts:
                - "{{ hostvars.es1.private_ip }}"
                - "{{ hostvars.es2.private_ip }}"
                - "{{ hostvars.es3.private_ip }}"
@ -142,8 +142,8 @@
  #ODFE+Kibana node
    - hosts: kibana
      roles:
-        - role: "../roles/opendistro/opendistro-elasticsearch"
-        - role: "../roles/opendistro/opendistro-kibana"
+        - role: "../roles/opensearch/wazuh-indexer"
+        - role: "../roles/opensearch/wazuh-dashboard"
      become: yes
      become_user: root
      vars:
--- a/playbooks/wazuh-odfe-single.yml
+++ b/playbooks/wazuh-odfe-single.yml
@ -4,17 +4,17 @@
    become: yes
    become_user: root
    roles:
-      - role: ../roles/opendistro/opendistro-elasticsearch
+      - role: ../roles/opensearch/wazuh-indexer
      - role: ../roles/wazuh/ansible-wazuh-manager
      - role: ../roles/wazuh/ansible-filebeat-oss
-      - role: ../roles/opendistro/opendistro-kibana
+      - role: ../roles/opensearch/wazuh-dashboard
    vars:
      single_node: true
      minimum_master_nodes: 1
      elasticsearch_node_master: true
      elasticsearch_network_host: 127.0.0.1
      filebeat_node_name: node-1
-      filebeat_output_elasticsearch_hosts: 127.0.0.1
+      filebeat_output_indexer_hosts: 127.0.0.1
      instances:
        node1:
          name: node-1       # Important: must be equal to elasticsearch_node_name.
--- a/playbooks/wazuh-opendistro-kibana.yml
+++ b/playbooks/wazuh-opendistro-kibana.yml
@ -1,6 +1,6 @@
 ---
 - hosts: es1
  roles:
-    - role: ../roles/opendistro/opendistro-kibana
+    - role: ../roles/opensearch/wazuh-dashboard
  vars:
    ansible_shell_allow_world_readable_temp: true
--- a/playbooks/wazuh-opendistro.yml
+++ b/playbooks/wazuh-opendistro.yml
@ -1,7 +1,7 @@
 ---
 - hosts: es_cluster
  roles:
-    - role: ../roles/opendistro/opendistro-elasticsearch
+    - role: ../roles/opensearch/wazuh-indexer

  vars:
    instances:           # A certificate will be generated for every node using the name as CN.
--- a/roles/opensearch/wazuh-dashboard/defaults/main.yml
+++ b/roles/opensearch/wazuh-dashboard/defaults/main.yml
@ -49,7 +49,7 @@ dashboard_security: true
 #kibana_telemetry_enabled: "false"

 indexer_admin_password: changeme
-dashboard_user: dashboardserver
+dashboard_user: kibanaserver
 dashboard_password: changeme
 local_certs_path: "{{ playbook_dir }}/indexer/certificates"

--- a/roles/opensearch/wazuh-dashboard/tasks/Debian.yml
+++ b/roles/opensearch/wazuh-dashboard/tasks/Debian.yml
@ -7,7 +7,7 @@
      url: "{{ package_repos.apt.dashboard.gpg }}"
      state: present

-  - name: Debian systems | Add OpenDistro repo
+  - name: Debian systems | Add Wazuh-Dashboard repo
    apt_repository:
      repo: "{{ package_repos.apt.dashboard.baseurl }}"
      state: present
--- a/roles/opensearch/wazuh-indexer/defaults/main.yml
+++ b/roles/opensearch/wazuh-indexer/defaults/main.yml
@ -15,8 +15,8 @@ indexer_start_timeout: 90
 #elasticsearch_lower_disk_requirements: false
 indexer_cluster_nodes:
  - 127.0.0.1
-#elasticsearch_discovery_nodes:
-#  - 127.0.0.1
+indexer_discovery_nodes:
+  - 127.0.0.1

 local_certs_path: "{{ playbook_dir }}/indexer/certificates"
 ##check if it is the correct directory
--- a/roles/opensearch/wazuh-indexer/tasks/Debian.yml
+++ b/roles/opensearch/wazuh-indexer/tasks/Debian.yml
@ -45,11 +45,11 @@
        url: "{{ package_repos.apt.indexer.gpg }}"
        state: present

-    - name: Add Opendistro repository
+    - name: Add Indexer repository
      apt_repository:
        repo: "{{ package_repos.apt.indexer.baseurl }}"
        state: present
-        filename: 'wazuh-opendistro'
+        filename: 'wazuh-indexer'
        update_cache: yes

 - name: Install Wazuh-Indexer
--- a/roles/opensearch/wazuh-indexer/tasks/RMRedHat.yml
+++ b/roles/opensearch/wazuh-indexer/tasks/RMRedHat.yml
@ -1,7 +1,7 @@
 ---
- name: RedHat/CentOS/Fedora | Remove Elasticsearch repository (and clean up left-over metadata)
+- name: RedHat/CentOS/Fedora | Remove Wazuh-Indexer repository (and clean up left-over metadata)
  ## 732 will not be needed and if it is needed the wazuh repo should be removed.
  yum_repository:
-    name: opendistro_repo
+    name: wazuh_repo
    state: absent
  changed_when: false
--- a/roles/opensearch/wazuh-indexer/tasks/RedHat.yml
+++ b/roles/opensearch/wazuh-indexer/tasks/RedHat.yml
@ -46,7 +46,7 @@
    when:
      - ansible_distribution == 'Amazon'

-  - name: RedHat/CentOS/Fedora | Install OpenDistro dependencies
+  - name: RedHat/CentOS/Fedora | Install Indexer dependencies
    yum:
      name: "{{ packages }}"
    vars:
--- a/roles/opensearch/wazuh-indexer/tasks/main.yml
+++ b/roles/opensearch/wazuh-indexer/tasks/main.yml
@ -91,7 +91,7 @@
        state: absent
      with_items: "{{ files_to_delete.files }}"

-    - name: Ensure Elasticsearch started and enabled
+    - name: Ensure Wazuh-Indexer started and enabled
  ## 732 the service name should be updated
      service:
        name: wazuh-indexer
@ -101,7 +101,7 @@
    - name: Wait for Wazuh-Indexer API
      uri:
        url: "https://{{ inventory_hostname if not single_node else indexer_network_host }}:{{ indexer_http_port }}/_cat/health/"
-        user: "admin" # Default OpenDistro user is always "admin"
+        user: "admin" # Default Indexer user is always "admin"
        password: "{{ indexer_admin_password }}"
        validate_certs: no
        status_code: 200,401
@ -117,10 +117,10 @@
      when:
        - hostvars[inventory_hostname]['private_ip'] is not defined or not hostvars[inventory_hostname]['private_ip']

-    - name: Wait for Elasticsearch API (Private IP)
+    - name: Wait for Wazuh-Indexer API (Private IP)
      uri:
        url: "https://{{ hostvars[inventory_hostname]['private_ip'] if not single_node else indexer_network_host }}:{{ indexer_http_port }}/_cat/health/"
-        user: "admin" # Default OpenDistro user is always "admin"
+        user: "admin" # Default Indexer user is always "admin"
        password: "{{ indexer_admin_password }}"
        validate_certs: no
        status_code: 200,401
--- a/roles/opensearch/wazuh-indexer/tasks/security_actions.yml
+++ b/roles/opensearch/wazuh-indexer/tasks/security_actions.yml
@ -22,7 +22,7 @@
    - hostvars[inventory_hostname]['private_ip'] is not defined


- name: Copy the node & admin certificates to Elasticsearch cluster
+- name: Copy the node & admin certificates to Wazuh-Indexer cluster
  copy:
    src: "{{ local_certs_path }}/certs/{{ item }}"
    dest: "{{ indexer_conf_path }}/certs/"
@ -55,12 +55,12 @@
 #    replace: 'opendistro_security'
 #  tags: local

- name: Restart elasticsearch with security configuration
+- name: Restart Wazuh-Indexer with security configuration
  systemd:
    name: wazuh-indexer
    state: restarted

- name: Copy the OpenDistro security internal users template
+- name: Copy the Opensearch security internal users template
  template:
    src: "templates/internal_users.yml.j2"
    dest: "{{ indexer_sec_plugin_conf_path }}/internal_users.yml"
@ -77,15 +77,15 @@
  replace:
    path: "{{ indexer_sec_plugin_conf_path }}/internal_users.yml"
    regexp: '(?<=admin:\n  hash: )(.*)(?=)'
-    replace: "{{ odfe_password_hash | quote }}"
+    replace: "{{ indexer_password_hash | quote }}"
  vars:
-    odfe_password_hash: "{{ indexer_admin_password_hashed.stdout_lines | last }}"
+    indexer_password_hash: "{{ indexer_admin_password_hashed.stdout_lines | last }}"
  run_once: true

 # this can also be achieved with password_hash, but it requires dependencies on the controller
 - name: Hash the kibanaserver role/user pasword
  command: "{{ indexer_sec_plugin_tools_path }}/hash.sh -p {{ dashboard_password }}" # noqa 301
-  register: opendistro_kibanaserver_password_hashed
+  register: indexer_kibanaserver_password_hashed
  no_log: '{{ indexer_nolog_sensible | bool }}'
  run_once: true

@ -93,12 +93,12 @@
  replace:
    path: "{{ indexer_sec_plugin_conf_path }}/internal_users.yml"
    regexp: '(?<=kibanaserver:\n  hash: )(.*)(?=)'
-    replace: "{{ odfe_password_hash | quote }}"
+    replace: "{{ indexer_password_hash | quote }}"
  vars:
-    odfe_password_hash: "{{ opendistro_kibanaserver_password_hashed.stdout_lines | last }}"
+    indexer_password_hash: "{{ indexer_kibanaserver_password_hashed.stdout_lines | last }}"
  run_once: true

- name: Initialize the OpenDistro security index in elasticsearch
+- name: Initialize the Opensearch security index in Wazuh-Indexer
  command: >
    sudo -u wazuh-indexer OPENSEARCH_PATH_CONF={{ indexer_conf_path }}
    JAVA_HOME=/usr/share/wazuh-indexer/jdk
@ -116,7 +116,7 @@
  uri:
    url: "https://{{ target_address }}:{{ indexer_http_port }}/_plugins/_security/api/internalusers/{{ indexer_custom_user }}"
    method: PUT
-    user: "admin" # Default OpenDistro user is always "admin"
+    user: "admin" # Default Indexer user is always "admin"
    password: "{{ indexer_admin_password }}"
    body: |
      {
--- a/roles/opensearch/wazuh-indexer/templates/config.yml.j2
+++ b/roles/opensearch/wazuh-indexer/templates/config.yml.j2
@ -1,6 +1,7 @@
 nodes:
  # Elasticsearch server nodes
  elasticsearch:
+## 732 this will change to indexer:
 {% for (key,value) in instances.items() %}
 {% if (value.role is defined and value.role == 'indexer') %}
    name: {{ value.name }}
@ -25,6 +26,7 @@ nodes:

  # Kibana node
  kibana:
+## 732 this will change to dashboards:
 {% for (key,value) in instances.items() %}
 {% if (value.role is defined and value.role == 'dashboard') %}
    name: {{ value.name }}
--- a/roles/opensearch/wazuh-indexer/templates/opensearch.yml.j2
+++ b/roles/opensearch/wazuh-indexer/templates/opensearch.yml.j2
@ -9,7 +9,7 @@ cluster.initial_master_nodes:
 {% endfor %}

 discovery.seed_hosts:
-{% for item in elasticsearch_discovery_nodes %}
+{% for item in indexer_discovery_nodes %}
  - {{ item }}
 {% endfor %}
 {% endif %}
--- a/roles/wazuh/ansible-filebeat-oss/README.md
+++ b/roles/wazuh/ansible-filebeat-oss/README.md
@ -19,7 +19,7 @@ Role Variables
 Available variables are listed below, along with default values (see `defaults/main.yml`):

 ```
-  filebeat_output_elasticsearch_hosts:
+  filebeat_output_indexer_hosts:
    - "localhost:9200"

 ```
--- a/roles/wazuh/ansible-filebeat-oss/defaults/main.yml
+++ b/roles/wazuh/ansible-filebeat-oss/defaults/main.yml
@ -3,7 +3,7 @@ filebeat_version: 7.10.2

 wazuh_template_branch: v4.2.5

-filebeat_output_elasticsearch_hosts:
+filebeat_output_indexer_hosts:
  - "localhost:9700"

 #filebeat_module_package_url: https://packages.wazuh.com/4.x/filebeat
@ -18,7 +18,7 @@ indexer_security_password: changeme
 filebeat_security: true
 filebeat_ssl_dir: /etc/pki/filebeat

-# Local path to store the generated certificates (OpenDistro security plugin)
+# Local path to store the generated certificates (Opensearch security plugin)
 local_certs_path: ./indexer/certificates

 filebeatrepo:
--- a/roles/wazuh/ansible-filebeat-oss/tasks/RMRedHat.yml
+++ b/roles/wazuh/ansible-filebeat-oss/tasks/RMRedHat.yml
@ -1,6 +1,6 @@
 ---
 - name: RedHat/CentOS/Fedora | Remove Filebeat repository (and clean up left-over metadata)
  yum_repository:
-    name: elastic_oss-repo_7
+    name: wazuh_repo
    state: absent
  changed_when: false
--- a/roles/wazuh/ansible-filebeat-oss/tasks/RedHat.yml
+++ b/roles/wazuh/ansible-filebeat-oss/tasks/RedHat.yml
@ -1,8 +1,8 @@
 ---
 - name: RedHat/CentOS/Fedora/Amazon Linux | Install Filebeats repo
  yum_repository:
-    name: elastic_oss-repo_7
-    description: Elastic repository for 7.x packages
+    name: wazuh_repo
+    description: Wazuh Repo
    baseurl: "{{ filebeatrepo.yum }}"
    gpgkey: "{{ filebeatrepo.gpg }}"
    gpgcheck: true
--- a/roles/wazuh/ansible-filebeat-oss/templates/filebeat.yml.j2
+++ b/roles/wazuh/ansible-filebeat-oss/templates/filebeat.yml.j2
@ -14,9 +14,9 @@ setup.template.json.name: 'wazuh'
 setup.template.overwrite: true
 setup.ilm.enabled: false

-# Send events directly to Elasticsearch
+# Send events directly to Opensearch
 output.elasticsearch:
-  hosts: {{ filebeat_output_elasticsearch_hosts | to_json }}
+  hosts: {{ filebeat_output_indexer_hosts | to_json }}

 {% if filebeat_security %}
  username: {{ indexer_security_user }}
@ -28,5 +28,5 @@ output.elasticsearch:
  ssl.key: "{{ filebeat_ssl_dir }}/{{ filebeat_node_name }}-key.pem"
 {% endif %}

-# Optional. Send events to Logstash instead of Elasticsearch
+# Optional. Send events to Logstash instead of Opensearch
 #output.logstash.hosts: ["YOUR_LOGSTASH_SERVER_IP:5000"]