diff --git a/playbooks/wazuh-kibana.yml b/playbooks/wazuh-kibana.yml index 200f4891..09fe054f 100644 --- a/playbooks/wazuh-kibana.yml +++ b/playbooks/wazuh-kibana.yml @@ -3,4 +3,5 @@ roles: - role: ../roles/elastic-stack/ansible-kibana elasticsearch_network_host: - + vars: + ansible_shell_allow_world_readable_temp: true diff --git a/playbooks/wazuh-odfe-production-ready.yml b/playbooks/wazuh-odfe-production-ready.yml index b6cba365..75cc30e9 100644 --- a/playbooks/wazuh-odfe-production-ready.yml +++ b/playbooks/wazuh-odfe-production-ready.yml @@ -186,3 +186,4 @@ node6: name: node-6 ip: "{{ hostvars.kibana.private_ip }}" + ansible_shell_allow_world_readable_temp: true diff --git a/playbooks/wazuh-odfe-single.yml b/playbooks/wazuh-odfe-single.yml index ce98cfaf..d3543aa4 100644 --- a/playbooks/wazuh-odfe-single.yml +++ b/playbooks/wazuh-odfe-single.yml @@ -18,4 +18,5 @@ instances: node1: name: node-1 # Important: must be equal to elasticsearch_node_name. - ip: \ No newline at end of file + ip: + ansible_shell_allow_world_readable_temp: true \ No newline at end of file diff --git a/playbooks/wazuh-opendistro-kibana.yml b/playbooks/wazuh-opendistro-kibana.yml index fa3600c1..8d195ad5 100644 --- a/playbooks/wazuh-opendistro-kibana.yml +++ b/playbooks/wazuh-opendistro-kibana.yml @@ -2,3 +2,5 @@ - hosts: es1 roles: - role: ../roles/opendistro/opendistro-kibana + vars: + ansible_shell_allow_world_readable_temp: true diff --git a/roles/opendistro/opendistro-elasticsearch/defaults/main.yml b/roles/opendistro/opendistro-elasticsearch/defaults/main.yml index b86dd656..232f3a20 100644 --- a/roles/opendistro/opendistro-elasticsearch/defaults/main.yml +++ b/roles/opendistro/opendistro-elasticsearch/defaults/main.yml @@ -32,6 +32,12 @@ package_repos: opendistro: baseurl: 'https://packages.wazuh.com/4.x/yum/' gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' + apt: + opendistro: + baseurl: 'deb https://packages.wazuh.com/4.x/apt/ stable main' + gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' + openjdk: + baseurl: 'deb http://deb.debian.org/debian stretch-backports main' opendistro_sec_plugin_conf_path: /usr/share/elasticsearch/plugins/opendistro_security/securityconfig opendistro_sec_plugin_tools_path: /usr/share/elasticsearch/plugins/opendistro_security/tools diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml b/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml new file mode 100644 index 00000000..41011ddc --- /dev/null +++ b/roles/opendistro/opendistro-elasticsearch/tasks/Debian.yml @@ -0,0 +1,43 @@ + +--- + +#- name: Install OpenDistro dependencies +# apt: +# name: [ +# 'unzip', 'wget', 'curl', +# 'apt-transport-https', software-properties-common +# ] +# state: present + +- name: Add openjdk repository + apt_repository: + repo: "{{ package_repos.apt.openjdk.baseurl }}" + state: present + update_cache: yes + +- name: Install openjdk-11-jdk + apt: + name: openjdk-11-jdk + state: present + environment: + JAVA_HOME: /usr + +- name: Add Opendistro repository + block: + - name: Add apt repository signing key + apt_key: + url: "{{ package_repos.apt.opendistro.gpg }}" + state: present + + - name: Add Opendistro repository + apt_repository: + repo: "{{ package_repos.apt.opendistro.baseurl }}" + state: present + update_cache: yes + +- name: Install OpenDistro + apt: + name: opendistroforelasticsearch={{ opendistro_version }}-1 + state: present + register: install + tags: install \ No newline at end of file diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml index 08105af1..ee2482f6 100644 --- a/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml +++ b/roles/opendistro/opendistro-elasticsearch/tasks/RedHat.yml @@ -39,5 +39,12 @@ - wget - unzip + - name: Install OpenDistro + package: + name: opendistroforelasticsearch-{{ opendistro_version }} + state: present + register: install + tags: install + tags: - install diff --git a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml index b7c962ed..e3b9aceb 100644 --- a/roles/opendistro/opendistro-elasticsearch/tasks/main.yml +++ b/roles/opendistro/opendistro-elasticsearch/tasks/main.yml @@ -8,18 +8,13 @@ - import_tasks: RedHat.yml when: ansible_os_family == 'RedHat' - - name: Install OpenDistro - package: - name: opendistroforelasticsearch-{{ opendistro_version }} - state: present - register: install - tags: install + - import_tasks: Debian.yml + when: ansible_os_family == 'Debian' - name: Remove elasticsearch configuration file file: path: "{{ opendistro_conf_path }}/elasticsearch.yml" state: absent - when: install.changed tags: install - name: Copy Configuration File @@ -30,13 +25,12 @@ group: elasticsearch mode: 0640 marker: "## {mark} Opendistro general settings ##" - when: install.changed tags: install - include_tasks: security_actions.yml tags: - security - when: install.changed + - name: Configure OpenDistro Elasticsearch JVM memmory. template: diff --git a/roles/opendistro/opendistro-kibana/defaults/main.yml b/roles/opendistro/opendistro-kibana/defaults/main.yml index dbf4ab73..dffa0fc1 100644 --- a/roles/opendistro/opendistro-kibana/defaults/main.yml +++ b/roles/opendistro/opendistro-kibana/defaults/main.yml @@ -21,7 +21,10 @@ package_repos: opendistro: baseurl: 'https://packages.wazuh.com/4.x/yum/' gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' - + apt: + opendistro: + baseurl: 'deb https://packages.wazuh.com/4.x/apt/ stable main' + gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH' # API credentials wazuh_api_credentials: @@ -38,7 +41,7 @@ kibana_telemetry_optin: "false" kibana_telemetry_enabled: "false" opendistro_admin_password: changeme -opendistro_kibana_user: admin +opendistro_kibana_user: changeme opendistro_kibana_password: changeme local_certs_path: "{{ playbook_dir }}/opendistro/certificates" diff --git a/roles/opendistro/opendistro-kibana/tasks/Debian.yml b/roles/opendistro/opendistro-kibana/tasks/Debian.yml new file mode 100644 index 00000000..140b2582 --- /dev/null +++ b/roles/opendistro/opendistro-kibana/tasks/Debian.yml @@ -0,0 +1,23 @@ +--- +- block: + + - include_vars: debian.yml + - name: Add apt repository signing key + apt_key: + url: "{{ package_repos.apt.opendistro.gpg }}" + state: present + + - name: Debian systems | Add OpenDistro repo + apt_repository: + repo: "{{ package_repos.apt.opendistro.baseurl }}" + state: present + update_cache: yes + + - name: Install Kibana + apt: + name: "opendistroforelasticsearch-kibana={{ kibana_opendistro_version }}" + state: present + register: install + + tags: + - install \ No newline at end of file diff --git a/roles/opendistro/opendistro-kibana/tasks/RedHat.yml b/roles/opendistro/opendistro-kibana/tasks/RedHat.yml index 70b5b70a..4407e165 100644 --- a/roles/opendistro/opendistro-kibana/tasks/RedHat.yml +++ b/roles/opendistro/opendistro-kibana/tasks/RedHat.yml @@ -10,5 +10,11 @@ gpgkey: "{{ package_repos.yum.opendistro.gpg }}" gpgcheck: true + - name: Install Kibana + package: + name: "opendistroforelasticsearch-kibana-{{ kibana_opendistro_version }}" + state: present + register: install + tags: - install diff --git a/roles/opendistro/opendistro-kibana/tasks/main.yml b/roles/opendistro/opendistro-kibana/tasks/main.yml index 41980054..8a169664 100755 --- a/roles/opendistro/opendistro-kibana/tasks/main.yml +++ b/roles/opendistro/opendistro-kibana/tasks/main.yml @@ -11,12 +11,8 @@ - import_tasks: RedHat.yml when: ansible_os_family == 'RedHat' -- name: Install Kibana - package: - name: "opendistroforelasticsearch-kibana-{{ kibana_opendistro_version }}" - state: present - register: install - tags: install +- import_tasks: Debian.yml + when: ansible_os_family == 'Debian' - name: Remove Kibana configuration file file: diff --git a/roles/opendistro/opendistro-kibana/vars/debian.yml b/roles/opendistro/opendistro-kibana/vars/debian.yml new file mode 100644 index 00000000..14c7aa99 --- /dev/null +++ b/roles/opendistro/opendistro-kibana/vars/debian.yml @@ -0,0 +1,3 @@ +--- + +kibana_opendistro_version: 1.12.0 \ No newline at end of file diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml index 9d76fc7f..db734fe1 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml @@ -97,6 +97,12 @@ tags: - config +- name: Install dependencies to build from sources + apt: + name: ['make', 'gcc', 'automake', 'autoconf', 'libtool', 'tar', 'libssl-dev', 'g++'] + state: present + when: wazuh_manager_sources_installation.enabled + - name: Debian/Ubuntu | Install wazuh-manager apt: name: diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml index ebbf08c9..d7a4c8d3 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/RedHat.yml @@ -92,6 +92,12 @@ when: - ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA" +- name: Install dependencies to build from sources + yum: + name: ['make', 'gcc', 'automake', 'autoconf', 'libtool', 'tar', 'openssl-devel', 'gcc-c++'] + state: present + when: wazuh_manager_sources_installation.enabled + - name: CentOS/RedHat/Amazon | Install wazuh-manager package: name: "wazuh-manager-{{ wazuh_manager_version }}" diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/install_cmake.yml b/roles/wazuh/ansible-wazuh-manager/tasks/install_cmake.yml new file mode 100644 index 00000000..9940c700 --- /dev/null +++ b/roles/wazuh/ansible-wazuh-manager/tasks/install_cmake.yml @@ -0,0 +1,40 @@ +--- + +# Vars +# cmake_download_url: http://packages.wazuh.com/utils/cmake/cmake-3.18.3.tar.gz +# cmake_version: 3.18.3 +# + - name: Include CMake install vars + include_vars: install_cmake.yml + + - name: Download CMake sources + get_url: + url: "{{ cmake_download_url }}" + dest: "/tmp/cmake-{{ cmake_version }}.tar.gz" + register: cmake_download + + - name: Unpack CMake + unarchive: + copy: no + dest: /tmp/ + src: "{{ cmake_download.dest }}" + when: cmake_download.changed + register: cmake_unpack + + - name: Configure CMake + command: "./bootstrap" + args: + chdir: "/tmp/cmake-{{ cmake_version }}" + when: cmake_unpack.changed + register: cmake_configure + + - name: Install CMake + shell: make && make install + args: + chdir: "/tmp/cmake-{{ cmake_version }}" + when: cmake_configure.changed + + - name: Delete installation files + file: + state: absent + path: "/tmp/cmake-{{ cmake_version }}" \ No newline at end of file diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml index c382bc0e..74818bc5 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/installation_from_sources.yml @@ -2,8 +2,8 @@ # Wazuh Manager - name: Check if Wazuh Manager is already installed stat: - path: "{{ wazuh_dir }}/bin/ossec-control" - register: wazuh_ossec_control + path: "{{ wazuh_dir }}/bin/wazuh-control" + register: wazuh_control_path - name: Installing Wazuh Manager from sources block: @@ -18,6 +18,9 @@ - tar state: present + - name: Install CMake + include_tasks: install_cmake.yml + - name: Removing old files file: path: "/tmp/{{ wazuh_manager_sources_installation.branch }}.tar.gz" @@ -102,6 +105,8 @@ changed_when: installation_result == 0 args: chdir: "/tmp/wazuh-{{ wazuh_manager_sources_installation.branch }}" + environment: + PATH: /usr/local/bin:{{ ansible_env.PATH }} - name: Cleanup downloaded files file: @@ -114,7 +119,7 @@ state: absent when: - - not wazuh_ossec_control.stat.exists + - not wazuh_control_path.stat.exists - wazuh_manager_sources_installation.enabled tags: - manager diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml index 159f875d..61409a40 100644 --- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml +++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml @@ -141,19 +141,6 @@ when: - shared_agent_config is defined -- name: Installing the api.yaml (api configuration) - template: src=api.yaml.j2 - dest="{{ wazuh_dir }}/api/configuration/api.yaml" - owner=root - group=ossec - mode=0640 - notify: restart wazuh-manager - when: - - wazuh_manager_config.cluster.node_type == "master" - tags: - - init - - config - - name: Installing the local_internal_options.conf template: src=var-ossec-etc-local-internal-options.conf.j2 dest="{{ wazuh_dir }}/etc/local_internal_options.conf" @@ -197,7 +184,7 @@ - config - name: Enable client-syslog - command: "{{ wazuh_dir }}/bin/ossec-control enable client-syslog" + command: "{{ wazuh_dir }}/bin/wazuh-control enable client-syslog" notify: restart wazuh-manager when: - csyslog_enabled.stdout == '0' or "skipped" in csyslog_enabled.stdout @@ -219,7 +206,7 @@ - config - name: Enable ossec-agentlessd - command: "{{ wazuh_dir }}/bin/ossec-control enable agentless" + command: "{{ wazuh_dir }}/bin/wazuh-control enable agentless" notify: restart wazuh-manager when: - agentlessd_enabled.stdout == '0' or "skipped" in agentlessd_enabled.stdout diff --git a/roles/wazuh/ansible-wazuh-manager/vars/install_cmake.yml b/roles/wazuh/ansible-wazuh-manager/vars/install_cmake.yml new file mode 100644 index 00000000..cda00c6e --- /dev/null +++ b/roles/wazuh/ansible-wazuh-manager/vars/install_cmake.yml @@ -0,0 +1,4 @@ +# Install cmake vars + +cmake_version: 3.18.3 +cmake_download_url: "http://packages.wazuh.com/utils/cmake/cmake-{{ cmake_version }}.tar.gz" \ No newline at end of file