Merge pull request #389 from wazuh/feature-384-nodes-addresses
Adding explicit registration address variable for wazuh-agent role
This commit is contained in:
Manuel J. Bernal
GitHub
commit
ba8a255de6
@ -37,6 +37,7 @@ The following is an example of how this role can be used:
|
|||||||
api_proto: 'http'
|
api_proto: 'http'
|
||||||
api_user: 'ansible'
|
api_user: 'ansible'
|
||||||
wazuh_agent_authd:
|
wazuh_agent_authd:
|
||||||
|
registration_address: 127.0.0.1
|
||||||
enable: true
|
enable: true
|
||||||
port: 1515
|
port: 1515
|
||||||
ssl_agent_ca: null
|
ssl_agent_ca: null
|
||||||
|
|||||||
@ -43,6 +43,7 @@ wazuh_profile_centos: 'centos, centos7, centos7.6'
|
|||||||
wazuh_profile_ubuntu: 'ubuntu, ubuntu18, ubuntu18.04'
|
wazuh_profile_ubuntu: 'ubuntu, ubuntu18, ubuntu18.04'
|
||||||
wazuh_auto_restart: 'yes'
|
wazuh_auto_restart: 'yes'
|
||||||
wazuh_agent_authd:
|
wazuh_agent_authd:
|
||||||
|
registration_address: 127.0.0.1
|
||||||
enable: false
|
enable: false
|
||||||
port: 1515
|
port: 1515
|
||||||
agent_name: null
|
agent_name: null
|
||||||
|
|||||||
@ -68,7 +68,7 @@
|
|||||||
{% if wazuh_agent_authd.agent_name is defined and wazuh_agent_authd.agent_name != None %}
|
{% if wazuh_agent_authd.agent_name is defined and wazuh_agent_authd.agent_name != None %}
|
||||||
-A {{ wazuh_agent_authd.agent_name }}
|
-A {{ wazuh_agent_authd.agent_name }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
-m {{ wazuh_managers.0.address }}
|
-m {{ wazuh_agent_authd.registration_address }}
|
||||||
-p {{ wazuh_agent_authd.port }}
|
-p {{ wazuh_agent_authd.port }}
|
||||||
{% if wazuh_agent_nat %} -I "any" {% endif %}
|
{% if wazuh_agent_nat %} -I "any" {% endif %}
|
||||||
{% if authd_pass is defined %} -P {{ authd_pass }} {% endif %}
|
{% if authd_pass is defined %} -P {{ authd_pass }} {% endif %}
|
||||||
@ -88,13 +88,13 @@
|
|||||||
agent_name: "{% if single_agent_name is defined %}{{ single_agent_name }}{% else %}{{ ansible_hostname }}{% endif %}"
|
agent_name: "{% if single_agent_name is defined %}{{ single_agent_name }}{% else %}{{ ansible_hostname }}{% endif %}"
|
||||||
when:
|
when:
|
||||||
- not check_keys.stat.exists or check_keys.stat.size == 0
|
- not check_keys.stat.exists or check_keys.stat.size == 0
|
||||||
- wazuh_managers.0.address is not none
|
- wazuh_agent_authd.registration_address is not none
|
||||||
|
|
||||||
- name: Linux | Verify agent registration
|
- name: Linux | Verify agent registration
|
||||||
shell: echo {{ agent_auth_output }} | grep "Valid key created"
|
shell: echo {{ agent_auth_output }} | grep "Valid key created"
|
||||||
when:
|
when:
|
||||||
- not check_keys.stat.exists or check_keys.stat.size == 0
|
- not check_keys.stat.exists or check_keys.stat.size == 0
|
||||||
- wazuh_managers.0.address is not none
|
- wazuh_agent_authd.registration_address is not none
|
||||||
|
|
||||||
when: wazuh_agent_authd.enable
|
when: wazuh_agent_authd.enable
|
||||||
tags:
|
tags:
|
||||||
@ -109,7 +109,7 @@
|
|||||||
|
|
||||||
- name: Linux | Create the agent key via rest-API
|
- name: Linux | Create the agent key via rest-API
|
||||||
uri:
|
uri:
|
||||||
url: "{{ wazuh_managers.0.api_proto }}://{{ wazuh_managers.0.address }}:{{ wazuh_managers.0.api_port }}/agents/"
|
url: "{{ wazuh_managers.0.api_proto }}://{{ wazuh_agent_authd.registration_address }}:{{ wazuh_managers.0.api_port }}/agents/"
|
||||||
validate_certs: false
|
validate_certs: false
|
||||||
method: POST
|
method: POST
|
||||||
body: '{"name":"{{ agent_name }}"}'
|
body: '{"name":"{{ agent_name }}"}'
|
||||||
@ -126,13 +126,13 @@
|
|||||||
agent_name: "{% if single_agent_name is defined %}{{ single_agent_name }}{% else %}{{ inventory_hostname }}{% endif %}"
|
agent_name: "{% if single_agent_name is defined %}{{ single_agent_name }}{% else %}{{ inventory_hostname }}{% endif %}"
|
||||||
when:
|
when:
|
||||||
- not check_keys.stat.exists or check_keys.stat.size == 0
|
- not check_keys.stat.exists or check_keys.stat.size == 0
|
||||||
- wazuh_managers.0.address is not none
|
- wazuh_agent_authd.registration_address is not none
|
||||||
become: false
|
become: false
|
||||||
ignore_errors: true
|
ignore_errors: true
|
||||||
|
|
||||||
- name: Linux | Retieve new agent data via rest-API
|
- name: Linux | Retieve new agent data via rest-API
|
||||||
uri:
|
uri:
|
||||||
url: "{{ wazuh_managers.0.api_proto }}://{{ wazuh_managers.0.address }}:{{ wazuh_managers.0.api_port }}/agents/{{ newagent_api.json.data.id }}"
|
url: "{{ wazuh_managers.0.api_proto }}://{{ wazuh_agent_authd.registration_address }}:{{ wazuh_managers.0.api_port }}/agents/{{ newagent_api.json.data.id }}"
|
||||||
validate_certs: false
|
validate_certs: false
|
||||||
method: GET
|
method: GET
|
||||||
return_content: true
|
return_content: true
|
||||||
@ -140,7 +140,7 @@
|
|||||||
password: "{{ api_pass }}"
|
password: "{{ api_pass }}"
|
||||||
when:
|
when:
|
||||||
- not check_keys.stat.exists or check_keys.stat.size == 0
|
- not check_keys.stat.exists or check_keys.stat.size == 0
|
||||||
- wazuh_managers.0.address is not none
|
- wazuh_agent_authd.registration_address is not none
|
||||||
- newagent_api.json.error == 0
|
- newagent_api.json.error == 0
|
||||||
register: newagentdata_api
|
register: newagentdata_api
|
||||||
delegate_to: localhost
|
delegate_to: localhost
|
||||||
@ -158,7 +158,7 @@
|
|||||||
register: manage_agents_output
|
register: manage_agents_output
|
||||||
when:
|
when:
|
||||||
- not check_keys.stat.exists or check_keys.stat.size == 0
|
- not check_keys.stat.exists or check_keys.stat.size == 0
|
||||||
- wazuh_managers.0.address is not none
|
- wazuh_agent_authd.registration_address is not none
|
||||||
- newagent_api.changed
|
- newagent_api.changed
|
||||||
notify: restart wazuh-agent
|
notify: restart wazuh-agent
|
||||||
|
|
||||||
|
|||||||
@ -61,7 +61,7 @@
|
|||||||
- name: Windows | Register agent
|
- name: Windows | Register agent
|
||||||
win_shell: >
|
win_shell: >
|
||||||
{{ wazuh_agent_win_auth_path }}
|
{{ wazuh_agent_win_auth_path }}
|
||||||
-m {{ wazuh_managers.0.address }}
|
-m {{ wazuh_agent_authd.registration_address }}
|
||||||
-p {{ wazuh_agent_authd.port }}
|
-p {{ wazuh_agent_authd.port }}
|
||||||
{% if wazuh_agent_authd.agent_name is defined %}-A {{ wazuh_agent_authd.agent_name }} {% endif %}
|
{% if wazuh_agent_authd.agent_name is defined %}-A {{ wazuh_agent_authd.agent_name }} {% endif %}
|
||||||
{% if authd_pass is defined %} -P {{ authd_pass }}{% endif %}
|
{% if authd_pass is defined %} -P {{ authd_pass }}{% endif %}
|
||||||
@ -70,7 +70,7 @@
|
|||||||
when:
|
when:
|
||||||
- wazuh_agent_authd.enable
|
- wazuh_agent_authd.enable
|
||||||
- not check_windows_key.stat.exists or check_windows_key.stat.size == 0
|
- not check_windows_key.stat.exists or check_windows_key.stat.size == 0
|
||||||
- wazuh_managers.0.address is not none
|
- wazuh_agent_authd.registration_address is not none
|
||||||
tags:
|
tags:
|
||||||
- config
|
- config
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user