Merge pull request #348 from joschneid/master

some adjustments for systems without (direct) internet connection

roles/elastic-stack/ansible-elasticsearch/defaults/main.yml

@@ -7,6 +7,12 @@ elasticsearch_jvm_xms: null
 elastic_stack_version: 7.5.2
 elasticsearch_lower_disk_requirements: false
 
+elasticrepo:
+  apt: 'https://artifacts.elastic.co/packages/7.x/apt'
+  yum: 'https://artifacts.elastic.co/packages/7.x/yum'
+  gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch'
+  key_id: '46095ACC8548582C1A2699A9D27D666CD88E42B4'
+
 # Cluster Settings
 single_node: true
 elasticsearch_cluster_name: wazuh

roles/elastic-stack/ansible-elasticsearch/tasks/Debian.yml

@@ -30,13 +30,13 @@
 
 - name: Debian/Ubuntu | Add Elasticsearch GPG key.
   apt_key:
-    url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch"
+    url: "{{ elasticrepo.gpg }}"
+    id: "{{ elasticrepo.key_id }}"
     state: present
 
-
 - name: Debian/Ubuntu | Install Elastic repo
   apt_repository:
-    repo: 'deb https://artifacts.elastic.co/packages/7.x/apt stable main'
+    repo: "deb {{ elasticrepo.apt }} stable main"
     state: present
     filename: 'elastic_repo_7'
     update_cache: true

roles/elastic-stack/ansible-elasticsearch/tasks/RMDebian.yml

@@ -1,6 +1,6 @@
 ---
 - name: Debian/Ubuntu | Removing Elasticsearch repository
   apt_repository:
-    repo: deb https://artifacts.elastic.co/packages/7.x/apt stable main
+    repo: "deb {{ elasticrepo.apt }} stable main"
     state: absent
   changed_when: false

roles/elastic-stack/ansible-elasticsearch/tasks/RMRedHat.yml

@@ -1,6 +1,6 @@
 ---
 - name: RedHat/CentOS/Fedora | Remove Elasticsearch repository (and clean up left-over metadata)
   yum_repository:
-    name: elastic_repo
+    name: elastic_repo_7
     state: absent
   changed_when: false

roles/elastic-stack/ansible-elasticsearch/tasks/RedHat.yml

@@ -4,8 +4,8 @@
   yum_repository:
     name: elastic_repo_7
     description: Elastic repository for 7.x packages
-    baseurl: https://artifacts.elastic.co/packages/7.x/yum
-    gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch
+    baseurl: "{{ elasticrepo.yum }}"
+    gpgkey: "{{ elasticrepo.gpg }}"
     gpgcheck: true
   changed_when: false
 

roles/elastic-stack/ansible-kibana/defaults/main.yml

@@ -9,6 +9,12 @@ elastic_stack_version: 7.5.2
 wazuh_version: 3.11.3
 wazuh_app_url: https://packages.wazuh.com/wazuhapp/wazuhapp
 
+elasticrepo:
+  apt: 'https://artifacts.elastic.co/packages/7.x/apt'
+  yum: 'https://artifacts.elastic.co/packages/7.x/yum'
+  gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch'
+  key_id: '46095ACC8548582C1A2699A9D27D666CD88E42B4'
+
 # API credentials
 wazuh_api_credentials:
   - id: "default"

roles/elastic-stack/ansible-kibana/tasks/Debian.yml

@@ -10,12 +10,13 @@
 
 - name: Debian/Ubuntu | Add Elasticsearch GPG key
   apt_key:
-    url: "https://artifacts.elastic.co/GPG-KEY-elasticsearch"
+    url: "{{ elasticrepo.gpg }}"
+    id: "{{ elasticrepo.key_id }}"
     state: present
 
 - name: Debian/Ubuntu | Install Elastic repo
   apt_repository:
-    repo: 'deb https://artifacts.elastic.co/packages/7.x/apt stable main'
+    repo: "deb {{ elasticrepo.apt }} stable main"
     state: present
     filename: 'elastic_repo_7'
     update_cache: true

roles/elastic-stack/ansible-kibana/tasks/RMDebian.yml

@@ -1,6 +1,6 @@
 ---
 - name: Debian/Ubuntu | Removing Elasticsearch repository
   apt_repository:
-    repo: deb https://artifacts.elastic.co/packages/7.x/apt stable main
+    repo: "deb {{ elasticrepo.apt }} stable main"
     state: absent
   changed_when: false

roles/elastic-stack/ansible-kibana/tasks/RMRedHat.yml

@@ -1,6 +1,6 @@
 ---
 - name: Remove Elasticsearch repository (and clean up left-over metadata)
   yum_repository:
-    name: elastic_repo
+    name: elastic_repo_7
     state: absent
   changed_when: false

roles/elastic-stack/ansible-kibana/tasks/RedHat.yml

@@ -3,8 +3,8 @@
   yum_repository:
     name: elastic_repo_7
     description: Elastic repository for 7.x packages
-    baseurl: https://artifacts.elastic.co/packages/7.x/yum
-    gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch
+    baseurl: "{{ elasticrepo.yum }}"
+    gpgkey: "{{ elasticrepo.gpg }}"
     gpgcheck: true
   changed_when: false
 

roles/wazuh/ansible-filebeat/defaults/main.yml

@@ -28,6 +28,7 @@ filebeat_ssl_certificate_file: ""
 filebeat_ssl_key_file: ""
 filebeat_ssl_insecure: "false"
 
+filebeat_module_package_url: https://packages.wazuh.com/3.x/filebeat
 filebeat_module_package_name: wazuh-filebeat-0.1.tar.gz
 filebeat_module_package_path: /tmp/
 filebeat_module_destination: /usr/share/filebeat/module
@@ -49,4 +50,8 @@ master_certs_path: /es_certs
 generate_CA: true
 ca_cert_name: ""
 
-
+elasticrepo:
+  apt: 'https://artifacts.elastic.co/packages/7.x/apt'
+  yum: 'https://artifacts.elastic.co/packages/7.x/yum'
+  gpg: 'https://artifacts.elastic.co/GPG-KEY-elasticsearch'
+  key_id: '46095ACC8548582C1A2699A9D27D666CD88E42B4'

roles/wazuh/ansible-filebeat/tasks/Debian.yml

@@ -10,12 +10,13 @@
 
 - name: Debian/Ubuntu | Add Elasticsearch apt key.
   apt_key:
-    url: https://artifacts.elastic.co/GPG-KEY-elasticsearch
+    url: "{{ elasticrepo.gpg }}"
+    id: "{{ elasticrepo.key_id }}"
     state: present
 
 - name: Debian/Ubuntu | Add Filebeat repository.
   apt_repository:
-    repo: 'deb https://artifacts.elastic.co/packages/7.x/apt stable main'
+    repo: "deb {{ elasticrepo.apt }} stable main"
     state: present
     update_cache: true
   changed_when: false

roles/wazuh/ansible-filebeat/tasks/RMDebian.yml

@@ -1,6 +1,6 @@
 ---
 - name: Debian/Ubuntu | Remove Filebeat repository (and clean up left-over metadata)
   apt_repository:
-    repo: deb https://artifacts.elastic.co/packages/7.x/apt stable main
+    repo: "deb {{ elasticrepo.apt }} stable main"
     state: absent
   changed_when: false

roles/wazuh/ansible-filebeat/tasks/RMRedHat.yml

@@ -1,6 +1,6 @@
 ---
 - name: RedHat/CentOS/Fedora | Remove Filebeat repository (and clean up left-over metadata)
   yum_repository:
-    name: elastic_repo
+    name: elastic_repo_7
     state: absent
   changed_when: false

roles/wazuh/ansible-filebeat/tasks/RedHat.yml

@@ -1,9 +1,9 @@
 ---
 - name: RedHat/CentOS/Fedora/Amazon Linux | Install Filebeats repo
   yum_repository:
-    name: elastic_repo
-    description: Elastic repository for 6.x packages
-    baseurl: https://artifacts.elastic.co/packages/7.x/yum
-    gpgkey: https://artifacts.elastic.co/GPG-KEY-elasticsearch
+    name: elastic_repo_7
+    description: Elastic repository for 7.x packages
+    baseurl: "{{ elasticrepo.yum }}"
+    gpgkey: "{{ elasticrepo.gpg }}"
     gpgcheck: true
   changed_when: false

roles/wazuh/ansible-filebeat/tasks/main.yml

@@ -70,7 +70,7 @@
 
 - name: Download Filebeat module package
   get_url:
-    url: https://packages.wazuh.com/3.x/filebeat/{{ filebeat_module_package_name }}
+    url: "{{ filebeat_module_package_url }}/{{ filebeat_module_package_name }}"
     dest: "{{ filebeat_module_package_path }}"
   when: not filebeat_module_folder.stat.exists
 

roles/wazuh/ansible-wazuh-agent/defaults/main.yml

@@ -60,6 +60,7 @@ wazuh_agent_config:
     apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
     yum: 'https://packages.wazuh.com/3.x/yum/'
     gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
+    key_id: '0DCFCA5547B19D2A6099506096B3EE5F29111145'
   active_response:
     ar_disabled: 'no'
     ca_store: '/var/ossec/etc/wpk_root.pem'

roles/wazuh/ansible-wazuh-agent/tasks/Debian.yml

@@ -25,6 +25,7 @@
 - name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key:
     url: "{{ wazuh_agent_config.repo.gpg }}"
+    id: "{{ wazuh_agent_config.repo.key_id }}"
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
     - not wazuh_agent_sources_installation.enabled

roles/wazuh/ansible-wazuh-manager/defaults/main.yml

@@ -52,6 +52,7 @@ wazuh_manager_config:
     apt: 'deb https://packages.wazuh.com/3.x/apt/ stable main'
     yum: 'https://packages.wazuh.com/3.x/yum/'
     gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
+    key_id: '0DCFCA5547B19D2A6099506096B3EE5F29111145'
   json_output: 'yes'
   alerts_log: 'yes'
   logall: 'no'

roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml

@@ -28,6 +28,7 @@
 - name: Debian/Ubuntu | Installing Wazuh repository key
   apt_key:
     url: "{{ wazuh_manager_config.repo.gpg }}"
+    id: "{{ wazuh_manager_config.repo.key_id }}"
   when:
     - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version | int == 14)
     - not wazuh_manager_sources_installation.enabled or not wazuh_api_sources_installation.enabled