diff --git a/CHANGELOG.md b/CHANGELOG.md old mode 100644 new mode 100755 index ad13d3d3..b434ff63 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,12 @@ # Change Log All notable changes to this project will be documented in this file. +## [v3.xx.x_x.x.x] + +## Changed + +- Make Wazuh repositories installation flexible [@jm404](https://github.com/jm404) [#288](https://github.com/wazuh/wazuh-ansible/pull/288) + ## [v3.10.2_7.3.2] ### Added diff --git a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml index 87f8534c..d7155415 100644 --- a/roles/wazuh/ansible-wazuh-agent/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-agent/defaults/main.yml @@ -31,6 +31,10 @@ wazuh_winagent_config: repo: https://packages.wazuh.com/3.x/windows/ md5: 71650780904cbfc2e45eae4298adb7a3 wazuh_agent_config: + repo: + apt: 'https://packages.wazuh.com/3.x/apt/ stable main' + yum: 'https://packages.wazuh.com/3.x/yum/' + gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' active_response: ar_disabled: 'no' ca_store: '/var/ossec/etc/wpk_root.pem' diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml index 48e45685..e2629069 100644 --- a/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml +++ b/roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml @@ -22,13 +22,14 @@ - ansible_distribution_major_version | int == 14 - name: Debian/Ubuntu | Installing Wazuh repository key - apt_key: url=https://packages.wazuh.com/key/GPG-KEY-WAZUH + apt_key: + url: "{{ wazuh_agent_config.repo.gpg }}" when: - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14) - name: Debian/Ubuntu | Add Wazuh repositories apt_repository: - repo: 'deb https://packages.wazuh.com/3.x/apt/ stable main' + repo: "deb {{ wazuh_agent_config.repo.apt }}" state: present update_cache: true diff --git a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml index 33382e28..7bfcc611 100644 --- a/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml +++ b/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml @@ -1,37 +1,28 @@ --- -- name: RedHat/CentOS/Fedora | Install Wazuh repo - yum_repository: - name: wazuh_repo - description: Wazuh repository - baseurl: https://packages.wazuh.com/3.x/yum/ - gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH - gpgcheck: true - changed_when: false - when: - - ansible_distribution_major_version|int > 5 - - name: RedHat/CentOS 5 | Install Wazuh repo yum_repository: name: wazuh_repo description: Wazuh repository - baseurl: https://packages.wazuh.com/3.x/yum/5/ - gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH-5 + baseurl: "{{ wazuh_agent_config.repo.yum }}5/" + gpgkey: "{{ wazuh_agent_config.repo.gpg }}-5" gpgcheck: true changed_when: false when: - - ansible_distribution_major_version|int == 5 + - (ansible_facts['os_family']|lower == 'redhat') + - (ansible_distribution_major_version|int <= 5) + register: repo_v5_installed -- name: AmazonLinux | Install Wazuh repo +- name: RedHat/CentOS/Fedora | Install Wazuh repo yum_repository: name: wazuh_repo description: Wazuh repository - baseurl: https://packages.wazuh.com/3.x/yum/ - gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH + baseurl: "{{ wazuh_agent_config.repo.yum }}" + gpgkey: "{{ wazuh_agent_config.repo.gpg }}" gpgcheck: true changed_when: false when: - - ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA" - + - repo_v5_installed.skipped + - name: RedHat/CentOS/Fedora | download Oracle Java RPM get_url: url: https://download.oracle.com/otn-pub/java/jdk/8u202-b08/1961070e4c9b4e26a04e7f5a083f551e/jre-8u202-linux-x64.rpm diff --git a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml index f45e95b0..1482a533 100644 --- a/roles/wazuh/ansible-wazuh-manager/defaults/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/defaults/main.yml @@ -5,6 +5,10 @@ wazuh_manager_fqdn: "wazuh-server" wazuh_manager_package_state: latest wazuh_manager_config: + repo: + apt: 'https://packages.wazuh.com/3.x/apt/ stable main' + yum: 'https://packages.wazuh.com/3.x/yum/' + gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' json_output: 'yes' alerts_log: 'yes' logall: 'no' diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml index 9e9a94d7..8bf97217 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml @@ -24,13 +24,14 @@ - ansible_distribution_major_version | int == 14 - name: Debian/Ubuntu | Installing Wazuh repository key - apt_key: url=https://packages.wazuh.com/key/GPG-KEY-WAZUH + apt_key: + url: "{{ wazuh_manager_config.repo.gpg }}" when: - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14) - name: Debian/Ubuntu | Add Wazuh repositories apt_repository: - repo: 'deb https://packages.wazuh.com/3.x/apt/ stable main' + repo: "deb {{ wazuh_manager_config.repo.apt }}" state: present update_cache: true changed_when: false @@ -49,7 +50,8 @@ - ansible_distribution_major_version | int == 14 - name: Debian/Ubuntu | Installing NodeJS repository key - apt_key: url=https://deb.nodesource.com/gpgkey/nodesource.gpg.key + apt_key: + url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key when: - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14) diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml index 7540e142..09b2c0a4 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml @@ -38,26 +38,29 @@ when: - ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA" -- name: RedHat/CentOS/Fedora | Install Wazuh repo - yum_repository: - name: wazuh_repo - description: Wazuh repository - baseurl: https://packages.wazuh.com/3.x/yum/ - gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH - gpgcheck: true - changed_when: false - when: - - (ansible_distribution_major_version|int > 5) or (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA") - - name: RedHat/CentOS 5 | Install Wazuh repo yum_repository: name: wazuh_repo description: Wazuh repository - baseurl: https://packages.wazuh.com/3.x/yum/5/ - gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH + baseurl: "{{ wazuh_manager_config.repo.yum }}5/" + gpgkey: "{{ wazuh_manager_config.repo.gpg }}-5" gpgcheck: true + changed_when: false when: - - ansible_distribution_major_version|int == 5 + - (ansible_facts['os_family']|lower == 'redhat') + - (ansible_distribution_major_version|int <= 5) + register: repo_v5_manager_installed + +- name: RedHat/CentOS/Fedora | Install Wazuh repo + yum_repository: + name: wazuh_repo + description: Wazuh repository + baseurl: "{{ wazuh_manager_config.repo.yum }}" + gpgkey: "{{ wazuh_manager_config.repo.gpg }}" + gpgcheck: true + changed_when: false + when: + - repo_v5_manager_installed.skipped - name: RedHat/CentOS/Fedora | Install openscap package: name={{ item }} state=present