Wazuh dashboard role created

roles/opensearch/wazuh-dashboard/defaults/main.yml

@@ -1,34 +1,38 @@
 ---
 
-# Kibana configuration
+# Dashboard configuration
-elasticsearch_http_port: 9200
+indexer_http_port: 9700
-elastic_api_protocol: https
+indexer_api_protocol: https
-kibana_conf_path: /etc/kibana
+dashboard_conf_path: /etc/wazuh-dashboard/
 ## 732 check the path
-kibana_node_name: node-1
+dashboard_node_name: node-1
-kibana_server_host: "0.0.0.0"
+dashboard_server_host: "0.0.0.0"
-kibana_server_port: "5601"
+dashboard_server_port: "5601"
-kibana_server_name: "kibana"
+dashboard_server_name: "dashboard"
-kibana_max_payload_bytes: 1048576
+#kibana_max_payload_bytes: 1048576
-elastic_stack_version: 4.3.0
+#elastic_stack_version: 4.3.0
 ## 732 check if it is the right version
 wazuh_version: 4.3.0
-wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana
+#wazuh_app_url: https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana
 ## 732 check if it is needed.
 
 # The OpenDistro package repository
-kibana_opendistro_version: 4.3.0-1 # Version includes the - for RedHat family compatibility, replace with = for Debian hosts
+dashboard_version: "4.3.0" # Version includes the - for RedHat family compatibility, replace with = for Debian hosts
 ## 732 check if it is the right version
 
 package_repos:
   yum:
-    opendistro:
+    dashboard:
-      baseurl: 'https://packages.wazuh.com/4.x/yum/'
+      #baseurl: 'https://packages.wazuh.com/4.x/yum/'
-      gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
+      baseurl: 'https://packages-dev.wazuh.com/pre-release/yum/'
+      #gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
+      gpg: 'https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH'
   apt:
-    opendistro:
+    dashboard:
-      baseurl: 'deb https://packages.wazuh.com/4.x/apt/ stable main'
+      #baseurl: 'deb https://packages.wazuh.com/4.x/apt/ stable main'
-      gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
+      baseurl: 'deb https://packages-dev.wazuh.com/pre-release/apt/ unstable main'
+      #gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
+      gpg: 'https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH'
 
 # API credentials
 wazuh_api_credentials:
@@ -39,13 +43,13 @@ wazuh_api_credentials:
     password: "wazuh"
 
 # opendistro Security
-kibana_opendistro_security: true
+dashboard_security: true
-kibana_newsfeed_enabled: "false"
+#kibana_newsfeed_enabled: "false"
-kibana_telemetry_optin: "false"
+#kibana_telemetry_optin: "false"
-kibana_telemetry_enabled: "false"
+#kibana_telemetry_enabled: "false"
 
 indexer_admin_password: changeme
-opendistro_kibana_user: kibanaserver
+dashboard_user: dashboardserver
 dashboard_password: changeme
 local_certs_path: "{{ playbook_dir }}/indexer/certificates"
 
@@ -58,7 +62,7 @@ nodejs:
 
 # Build from sources
 build_from_sources: false
-wazuh_plugin_branch: 4.1-7.10
+#wazuh_plugin_branch: 4.1-7.10
 ## 732 check if it is the right version and if it is needed
 
 #Nodejs NODE_OPTIONS

roles/opensearch/wazuh-dashboard/tasks/Debian.yml

@@ -3,22 +3,19 @@
 
   - include_vars: debian.yml 
   - name: Add apt repository signing key
-## 732 will not be needed. The wazuh repo should be added
     apt_key:
-      url: "{{ package_repos.apt.indexer.gpg }}"
+      url: "{{ package_repos.apt.dashboard.gpg }}"
       state: present
 
   - name: Debian systems | Add OpenDistro repo
-## 732 will not be needed. The wazuh repo should be added
     apt_repository:
-      repo: "{{ package_repos.apt.indexer.baseurl }}"
+      repo: "{{ package_repos.apt.dashboard.baseurl }}"
       state: present
       update_cache: yes
 
   - name: Install Wazuh-Dashboard
-## 732 package name and task name should be updated.
     apt:
-      name: "wazuh-dashboard={{ kibana_opendistro_version }}"
+      name: "wazuh-dashboard={{ dashboard_version }}-1"
       state: present
     register: install
 

roles/opensearch/wazuh-dashboard/tasks/RMRedHat.yml

@@ -1,6 +1,6 @@
 ---
-- name: Remove Elasticsearch repository (and clean up left-over metadata)
+- name: Remove Wazuh-Dashboard repository (and clean up left-over metadata)
   yum_repository:
-    name: opendistro_repo
+    name: wazuh_repo
     state: absent
   changed_when: false

roles/opensearch/wazuh-dashboard/tasks/RedHat.yml

@@ -1,18 +1,18 @@
 ---
 - block:
 
-  - name: RedHat/CentOS/Fedora | Add OpenDistro repo
+  - name: RedHat/CentOS/Fedora | Add Wazuh-Dashboard repo
     yum_repository:
-      file: opendistro
+      file: wazuh
-      name: opendistro_repo
+      name: wazuh_repo
-      description: Opendistro yum repository
+      description: Wazuh yum repository
-      baseurl: "{{ package_repos.yum.indexer.baseurl }}"
+      baseurl: "{{ package_repos.yum.dashboard.baseurl }}"
-      gpgkey: "{{ package_repos.yum.indexer.gpg }}"
+      gpgkey: "{{ package_repos.yum.dashboard.gpg }}"
       gpgcheck: true
 
   - name: Install Wazuh-Dashboard
     package:
-      name: "wazuh-dashboard-{{ kibana_opendistro_version }}"
+      name: "wazuh-dashboard-{{ dashboard_version }}"
       state: present
     register: install
     

roles/opensearch/wazuh-dashboard/tasks/main.yml

@@ -1,8 +1,8 @@
 ---
 
-- name: Stopping early, trying to compile Wazuh Kibana Plugin on Debian 10 is not possible
+- name: Stopping early, trying to compile Wazuh Dashboard Plugin on Debian 10 is not possible
   fail:
-    msg: "It's not possible to compile the Wazuh Kibana plugin on Debian 10 due to: https://github.com/wazuh/wazuh-kibana-app/issues/1924"
+    msg: "It's not possible to compile the Wazuh Dashboard plugin on Debian 10 due to: https://github.com/wazuh/wazuh-kibana-app/issues/1924"
   when:
     - build_from_sources
     - ansible_distribution == "Debian"
@@ -14,36 +14,35 @@
 - import_tasks: Debian.yml
   when: ansible_os_family == 'Debian'
 
-- name: Remove Kibana configuration file
+- name: Remove Dashboard configuration file
   file:
     # noqa 503
-    path: "{{ kibana_conf_path }}/kibana.yml"
+    path: "{{ dashboard_conf_path }}/dashboard.yml"
     state: absent
   tags: install
 
 - import_tasks: security_actions.yml
 
 - name: Copy Configuration File
-  blockinfile:
+  template:
-    block: "{{ lookup('template', 'opendistro_kibana.yml.j2') }}"
+    src: "templates/dashboard.yml.j2"
-    dest: "{{ kibana_conf_path }}/kibana.yml"
+    dest: "{{ dashboard_conf_path }}/dashboard.yml"
-    create: true
+    group: wazuh-dashboard
-    group: kibana
+    owner: wazuh-dashboard
-    owner: kibana
     mode: 0640
-    marker: "## {mark} Kibana general settings ##"
+    force: yes
   notify: restart wazuh-dashboard
   tags:
     - install
     - configure
 
-- name: Ensuring Kibana directory owner
+- name: Ensuring Wazuh-Dashboard directory owner
   file:
     # noqa 208
-    path: "/usr/share/kibana"
+    path: "/usr/share/wazuh-dashboard"
     state: directory
-    owner: kibana
+    owner: wazuh-dashboard
-    group: kibana
+    group: wazuh-dashboard
     recurse: yes
 
 #- name: Build and Install Wazuh Kibana Plugin from sources
@@ -70,7 +69,7 @@
 #    - not build_from_sources
 
 #- name: Kibana optimization (can take a while)
-#  shell: /usr/share/kibana/node/bin/node {{ node_options }} /usr/share/kibana/src/cli/cli.js --optimize -c {{ kibana_conf_path }}/kibana.yml
+#  shell: /usr/share/kibana/node/bin/node {{ node_options }} /usr/share/kibana/src/cli/cli.js --optimize -c {{ dashboard_conf_path }}/kibana.yml
 #  args:
 #    executable: /bin/bash
 #  become: yes
@@ -79,44 +78,44 @@
 #  tags:
 #    - skip_ansible_lint
 
-- name: Wait for Elasticsearch port
+- name: Wait for Wazuh-Indexer port
-  wait_for: host={{ indexer_network_host }} port={{ elasticsearch_http_port }}
+  wait_for: host={{ indexer_network_host }} port={{ indexer_http_port }}
 
 - name: Select correct API protocol
   set_fact:
-    elastic_api_protocol: "{% if kibana_opendistro_security is defined and kibana_opendistro_security %}https{% else %}http{% endif %}"
+    indexer_api_protocol: "{% if dashboard_security is defined and dashboard_security %}https{% else %}http{% endif %}"
 
 - name: Attempting to delete legacy Wazuh index if exists
   uri:
-    url: "{{ elastic_api_protocol }}://{{ indexer_network_host }}:{{ elasticsearch_http_port }}/.wazuh"
+    url: "{{ indexer_api_protocol }}://{{ indexer_network_host }}:{{ indexer_http_port }}/.wazuh"
     method: DELETE
     user: "admin"
     password: "{{ indexer_admin_password }}"
     validate_certs: no
     status_code: 200, 404
 
-- name: Create wazuh plugin config directory
+- name: Create Wazuh Plugin config directory
   file:
-    path: /usr/share/kibana/data/wazuh/config/
+    path: /usr/share/wazuh-dashboard/data/wazuh/config/
     state: directory
     recurse: yes
-    owner: kibana
+    owner: wazuh-dashboard
-    group: kibana
+    group: wazuh-dashboard
     mode: 0751
   changed_when: False
 
-- name: Configure Wazuh Kibana Plugin
+- name: Configure Wazuh Dashboard Plugin
   template:
     src: wazuh.yml.j2
-    dest: /usr/share/kibana/data/wazuh/config/wazuh.yml
+    dest: /usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
-    owner: kibana
+    owner: wazuh-dashboard
-    group: kibana
+    group: wazuh-dashboard
     mode: 0751
   changed_when: False
 
-- name: Ensure Kibana started and enabled
+- name: Ensure Wazuh-Dashboard started and enabled
   service:
-    name: kibana
+    name: wazuh-dashboard
     enabled: true
     state: started
 

roles/opensearch/wazuh-dashboard/tasks/security_actions.yml

@@ -1,13 +1,13 @@
 - block:
 
-  - name: Copy the certificates from local to the Kibana instance
+  - name: Copy the certificates from local to the Wazuh-Dashboard instance
     copy:
       src: "{{ local_certs_path }}/certs/{{ item }}"
-      dest: /usr/share/kibana
+      dest: /etc/wazuh-dashboard/certs/
       mode: 0644
     with_items:
       - "root-ca.pem"
-      - "{{ kibana_node_name }}_http.key"
+      - "{{ dashboard_node_name }}-key.pem"
-      - "{{ kibana_node_name }}_http.pem"
+      - "{{ dashboard_node_name }}.pem"
   tags:
   - security

roles/opensearch/wazuh-dashboard/templates/dashboard.yml.j2

@@ -0,0 +1,15 @@
+server.host: {{ dashboard_server_host }}
+server.port: {{ dashboard_server_port }}
+opensearch.hosts: "https://{{ indexer_network_host }}:{{ indexer_http_port }}"
+opensearch.ssl.verificationMode: certificate
+opensearch.username: {{ dashboard_user }}
+opensearch.password: {{ dashboard_password }}
+opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"]
+opensearch_security.multitenancy.enabled: true
+opensearch_security.readonly_mode.roles: ["kibana_read_only"]
+server.ssl.enabled: true
+server.ssl.key: "/etc/wazuh-dashboard/certs/{{ dashboard_node_name }}-key.pem"
+server.ssl.certificate: "/etc/wazuh-dashboard/certs/{{ dashboard_node_name }}.pem"
+opensearch.ssl.certificateAuthorities: ["/etc/wazuh-dashboard/certs/root-ca.pem"]
+logging.dest: "/var/log/wazuh-dashboard/wazuh-dashboard.log"
+uiSettings.overrides.defaultRoute: /app/wazuh?security_tenant=global

roles/opensearch/wazuh-dashboard/templates/opendistro_kibana.yml.j2

@@ -1,17 +1,17 @@
 # {{ ansible_managed }}
 # Description:
 # Default Kibana configuration for Open Distro.
-server.port: {{ kibana_server_port }}
+server.port: {{ dashboard_server_port }}
 
 #server.basePath: ""
 server.maxPayloadBytes: {{ kibana_max_payload_bytes }}
-server.name: {{ kibana_server_name }}
+server.name: {{ dashboard_server_name }}
 server.host: {{ kibana_server_host }}
 
 
 {% if kibana_opendistro_security %}
 
-elasticsearch.hosts: "https://{{ indexer_network_host }}:{{ elasticsearch_http_port }}"
+elasticsearch.hosts: "https://{{ indexer_network_host }}:{{ indexer_http_port }}"
 elasticsearch.username: {{ opendistro_kibana_user }}
 elasticsearch.password: {{ dashboard_password }}
 server.ssl.enabled: true
@@ -21,7 +21,7 @@ elasticsearch.ssl.certificateAuthorities: ["/usr/share/kibana/root-ca.pem"]
 elasticsearch.ssl.verificationMode: full
 
 {% else %}
-elasticsearch.hosts: "http://{{ indexer_network_host }}:{{ elasticsearch_http_port }}"
+elasticsearch.hosts: "http://{{ indexer_network_host }}:{{ indexer_http_port }}"
 {% endif %}
 
 elasticsearch.requestHeadersWhitelist: ["securitytenant","Authorization"]

roles/opensearch/wazuh-dashboard/vars/debian.yml

@@ -1,3 +1,3 @@
 ---
 
-kibana_opendistro_version: 4.3.0
+dashboard_version: 4.3.0

roles/opensearch/wazuh-indexer/tasks/RedHat.yml

@@ -4,9 +4,9 @@
   - name: RedHat/CentOS/Fedora | Add Wazuh-Indexer repo
    ## 732 wazuh repo should be added instead.
     yum_repository:
-      file: opendistro
+      file: wazuh
-      name: opendistro_repo
+      name: wazuh_repo
-      description: Opendistro yum repository
+      description: Wazuh yum repository
       baseurl: "{{ package_repos.yum.indexer.baseurl }}"
       gpgkey: "{{ package_repos.yum.indexer.gpg }}"
       gpgcheck: true