afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Adding new registration_adress ansible var

Browse Source
This commit is contained in:
Zenidd 2020-03-23 12:47:58 +01:00
parent 1939cc51d7
commit b67a5e5e97
4 changed files with 13 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
roles/wazuh/ansible-wazuh-agent/README.md
View File

@ -37,6 +37,7 @@ The following is an example of how this role can be used:
api_proto: 'http' api_proto: 'http'
api_user: 'ansible' api_user: 'ansible'
wazuh_agent_authd: wazuh_agent_authd:
registration_address: 127.0.0.1
enable: true enable: true
port: 1515 port: 1515
ssl_agent_ca: null ssl_agent_ca: null

1
roles/wazuh/ansible-wazuh-agent/defaults/main.yml
View File

@ -43,6 +43,7 @@ wazuh_profile_centos: 'centos, centos7, centos7.6'
wazuh_profile_ubuntu: 'ubuntu, ubuntu18, ubuntu18.04' wazuh_profile_ubuntu: 'ubuntu, ubuntu18, ubuntu18.04'
wazuh_auto_restart: 'yes' wazuh_auto_restart: 'yes'
wazuh_agent_authd: wazuh_agent_authd:
registration_address: 127.0.0.1
enable: false enable: false
port: 1515 port: 1515
agent_name: null agent_name: null

16
roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
View File

@ -68,7 +68,7 @@
{% if wazuh_agent_authd.agent_name is defined and wazuh_agent_authd.agent_name != None %} {% if wazuh_agent_authd.agent_name is defined and wazuh_agent_authd.agent_name != None %}
-A {{ wazuh_agent_authd.agent_name }} -A {{ wazuh_agent_authd.agent_name }}
{% endif %} {% endif %}
-m {{ wazuh_managers.0.address }} -m {{ wazuh_agent_authd.registration_address }}
-p {{ wazuh_agent_authd.port }} -p {{ wazuh_agent_authd.port }}
{% if wazuh_agent_nat %} -I "any" {% endif %} {% if wazuh_agent_nat %} -I "any" {% endif %}
{% if authd_pass is defined %} -P {{ authd_pass }} {% endif %} {% if authd_pass is defined %} -P {{ authd_pass }} {% endif %}
@ -88,13 +88,13 @@
agent_name: "{% if single_agent_name is defined %}{{ single_agent_name }}{% else %}{{ ansible_hostname }}{% endif %}" agent_name: "{% if single_agent_name is defined %}{{ single_agent_name }}{% else %}{{ ansible_hostname }}{% endif %}"
when: when:
- not check_keys.stat.exists or check_keys.stat.size == 0 - not check_keys.stat.exists or check_keys.stat.size == 0
- wazuh_managers.0.address is not none - wazuh_agent_authd.registration_address is not none
- name: Linux | Verify agent registration - name: Linux | Verify agent registration
shell: echo {{ agent_auth_output }} | grep "Valid key created" shell: echo {{ agent_auth_output }} | grep "Valid key created"
when: when:
- not check_keys.stat.exists or check_keys.stat.size == 0 - not check_keys.stat.exists or check_keys.stat.size == 0
- wazuh_managers.0.address is not none - wazuh_agent_authd.registration_address is not none
when: wazuh_agent_authd.enable when: wazuh_agent_authd.enable
tags: tags:
@ -109,7 +109,7 @@
- name: Linux | Create the agent key via rest-API - name: Linux | Create the agent key via rest-API
uri: uri:
url: "{{ wazuh_managers.0.api_proto }}://{{ wazuh_managers.0.address }}:{{ wazuh_managers.0.api_port }}/agents/" url: "{{ wazuh_managers.0.api_proto }}://{{ wazuh_agent_authd.registration_address }}:{{ wazuh_managers.0.api_port }}/agents/"
validate_certs: false validate_certs: false
method: POST method: POST
body: '{"name":"{{ agent_name }}"}' body: '{"name":"{{ agent_name }}"}'
@ -126,13 +126,13 @@
agent_name: "{% if single_agent_name is defined %}{{ single_agent_name }}{% else %}{{ inventory_hostname }}{% endif %}" agent_name: "{% if single_agent_name is defined %}{{ single_agent_name }}{% else %}{{ inventory_hostname }}{% endif %}"
when: when:
- not check_keys.stat.exists or check_keys.stat.size == 0 - not check_keys.stat.exists or check_keys.stat.size == 0
- wazuh_managers.0.address is not none - wazuh_agent_authd.registration_address is not none
become: false become: false
ignore_errors: true ignore_errors: true
- name: Linux | Retieve new agent data via rest-API - name: Linux | Retieve new agent data via rest-API
uri: uri:
url: "{{ wazuh_managers.0.api_proto }}://{{ wazuh_managers.0.address }}:{{ wazuh_managers.0.api_port }}/agents/{{ newagent_api.json.data.id }}" url: "{{ wazuh_managers.0.api_proto }}://{{ wazuh_agent_authd.registration_address }}:{{ wazuh_managers.0.api_port }}/agents/{{ newagent_api.json.data.id }}"
validate_certs: false validate_certs: false
method: GET method: GET
return_content: true return_content: true
@ -140,7 +140,7 @@
password: "{{ api_pass }}" password: "{{ api_pass }}"
when: when:
- not check_keys.stat.exists or check_keys.stat.size == 0 - not check_keys.stat.exists or check_keys.stat.size == 0
- wazuh_managers.0.address is not none - wazuh_agent_authd.registration_address is not none
- newagent_api.json.error == 0 - newagent_api.json.error == 0
register: newagentdata_api register: newagentdata_api
delegate_to: localhost delegate_to: localhost
@ -158,7 +158,7 @@
register: manage_agents_output register: manage_agents_output
when: when:
- not check_keys.stat.exists or check_keys.stat.size == 0 - not check_keys.stat.exists or check_keys.stat.size == 0
- wazuh_managers.0.address is not none - wazuh_agent_authd.registration_address is not none
- newagent_api.changed - newagent_api.changed
notify: restart wazuh-agent notify: restart wazuh-agent

4
roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
View File

@ -61,7 +61,7 @@
- name: Windows | Register agent - name: Windows | Register agent
win_shell: > win_shell: >
{{ wazuh_agent_win_auth_path }} {{ wazuh_agent_win_auth_path }}
-m {{ wazuh_managers.0.address }} -m {{ wazuh_agent_authd.registration_address }}
-p {{ wazuh_agent_authd.port }} -p {{ wazuh_agent_authd.port }}
{% if wazuh_agent_authd.agent_name is defined %}-A {{ wazuh_agent_authd.agent_name }} {% endif %} {% if wazuh_agent_authd.agent_name is defined %}-A {{ wazuh_agent_authd.agent_name }} {% endif %}
{% if authd_pass is defined %} -P {{ authd_pass }}{% endif %} {% if authd_pass is defined %} -P {{ authd_pass }}{% endif %}
@ -70,7 +70,7 @@
when: when:
- wazuh_agent_authd.enable - wazuh_agent_authd.enable
- not check_windows_key.stat.exists or check_windows_key.stat.size == 0 - not check_windows_key.stat.exists or check_windows_key.stat.size == 0
- wazuh_managers.0.address is not none - wazuh_agent_authd.registration_address is not none
tags: tags:
- config - config