afmarulanda/wazuh-ansible-4.8.1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,734 Commits 1 Branch 0 Tags 3.5 MiB
3562feecb3
Commit Graph

1036 Commits

Author SHA1 Message Date
singuliere
0440e5dce9
randomly generated passwords must obey some constraints 
The password constraints of security.py require at least one digit,
one lower case, one upper case and one special character.

https://github.com/wazuh/wazuh/blob/master/framework/wazuh/security.py#L22

Fixes: https://github.com/wazuh/wazuh-ansible/issues/518
 2020-12-11 13:26:20 +01:00
neonmei
b084e33bd6
release: update wazuh-agent windows installer md5 2020-11-30 14:00:58 -03:00
neonmei
4547cde8f8
release: update wazuh-agent url for windows installer 2020-11-30 14:00:47 -03:00
neonmei
ea12701d6b
release: bump Wazuh version across roles to 4.0.3 2020-11-30 12:58:32 -03:00
neonmei
559be15986
role/agent: update default for variable wazuh_api_reachable_from_agent 2020-11-26 19:33:59 -03:00
neonmei
22bc08e190
roles/wazuh-agent: change all delegate_to REST conditionals to be uniform 2020-11-26 16:35:41 -03:00
neonmei
4d2e493cef
roles/wazuh-agent: fix erroneous usage of ansible_host instead of inventory_hostname 2020-11-26 16:34:25 -03:00
neonmei
333816831a
release: bump Wazuh version to 4.0.2 2020-11-23 17:17:04 -03:00
neonmei
30cc6875d6
Merge branch 'master' into feature-role-agent-registration 2020-11-23 14:42:57 -03:00
zenidd
ec831975bb roles/wazuh-agent: remove default agent_name 2020-11-23 17:44:59 +01:00
neonmei
58167dbd1f
roles/wazuh-agent: add message explaining when auto-enrollment registration path is fired or not 2020-11-23 12:18:56 -03:00
neonmei
f7ed5f1f7f
roles/agent: update ossec.conf template to check against explicit yes instead of length 2020-11-23 11:43:59 -03:00
neonmei
5170c206e0
roles/agent: use auto-enrollment by default 2020-11-23 11:41:45 -03:00
neonmei
35c9df9c7e
roles/agent: add comments on role defaults and group registration related tasks 2020-11-23 11:41:17 -03:00
neonmei
7e445c7f55
roles/agent: add wazuh_agent_api_validate to optionally skip agent registry validation task 2020-11-23 11:39:27 -03:00
neonmei
1df3ef8699
roles/agent: for registration rename check_keys->client_keys_file for more clarity, update conditionals length checks to explicit "yes" check 2020-11-23 11:38:07 -03:00
neonmei
a28837a74d
roles/agent: in rest registration method, update manage_agents task 2020-11-23 11:32:01 -03:00
neonmei
a4c4b6cd32
roles/agent: refresh agent validation in rest registration method 2020-11-23 11:29:34 -03:00
neonmei
d4092bf686
roles/agent: update agent registry task with token, nolog and remove when, as it is checked on every task, shuld be applied to block 2020-11-23 11:28:37 -03:00
neonmei
535add6f4c
roles/agent: add nolog variable for registration tasks with credentials output 2020-11-23 11:26:39 -03:00
neonmei
5f6973d8d2
roles/agent: add task for fetching jwt token 2020-11-23 11:25:31 -03:00
neonmei
332ee7ae8b
roles/agent: add task for determining which wazuh_managers to use through register: yes instead of just grabbing the first one on the list, otherwise fallback to first in the list 2020-11-23 11:24:43 -03:00
zenidd
ee1124b7dd Merge master changes 2020-11-23 14:28:59 +01:00
neonmei
1dfe0fdb67
roles/wazuh-agent: fix duplicate variable 2020-11-20 16:16:54 -03:00
neonmei
874e8a08d0
Merge branch 'feature-role-wazuh-manager-vars' 2020-11-20 14:55:44 -03:00
neonmei
b4d2b564b7
roles/wazuh-agent: update api credentials to wazuh:wazuh 2020-11-20 13:40:17 -03:00
neonmei
7fc29b720f
roles/wazuh-agent: remove async from install task and introduce a lock timeout configurable by wazuh_agent_yum_lock_timeout 2020-11-20 12:37:20 -03:00
neonmei
7dc67986d4
roles/wazuh-agent: change package module to yum, as platform is already checked on when 2020-11-20 12:29:08 -03:00
zenidd
ff78ce7d76 roles/wazuh-agent: Fix authd registration verify task. Use authd pass only if size > 0 2020-11-20 14:08:25 +01:00
zenidd
ed7b24ff96 roles/wazuh-agent: set enrollment to enabled by default 2020-11-20 12:36:50 +01:00
zenidd
0426d956ed Merge master branch 2020-11-16 16:23:17 +01:00
neonmei
b2f9bc9901
roles/elastic-stack: update jvm.options template per upstream elasticsearch updates 2020-11-13 14:01:01 -03:00
zenidd
64cc04f5b0 Merge master changes 2020-11-13 16:55:47 +01:00
Manuel J. Bernal
9b516f1f73
Merge pull request #485 from wazuh/feature-agent-unnest 
Feature agent default vars depth reduction
 2020-11-13 16:29:24 +01:00
Manuel J. Bernal
19e2578682
Merge pull request #487 from wazuh/feature-lint-remove-unused 
Feature lint remove unused variables
 2020-11-13 16:28:52 +01:00
neonmei
f902bd5269
roles/wazuh-agent: update comment at role defaults 2020-11-13 12:07:26 -03:00
zenidd
dac3ddc1fb wazuh-ansible: bump versions, update README 2020-11-13 10:57:20 +01:00
neonmei
8b26658374
roles/wazuh-agent: expand task declaration for clarity 2020-11-12 14:39:17 -03:00
neonmei
1dfd613f0d
roles/wazuh-agent: uncomment api_pass 2020-11-12 14:35:23 -03:00
neonmei
0bbdf231f2
roles/wazuh-agent: remove "is defined" conditionals, as authd_pass is now part of roles default, now check is only against length 2020-11-12 14:34:57 -03:00
neonmei
bab8279f73
roles/wazuh-agent: remove include_vars tasks 2020-11-12 14:29:01 -03:00
neonmei
92ebe86ef6
roles/wazuh-agent: move api_pass and authd_pass from role vars to defaults, lowering precedence required to override them 2020-11-12 14:24:14 -03:00
neonmei
88873a1759
roles/opendistro-kibana: add missing noqa for rules 208 and 503 false positive I forgot to push 2020-11-12 13:18:50 -03:00
neonmei
8e827552a7
roles/opendistro-kibana: add missing noqa for rule 503 false positive 2020-11-12 13:16:20 -03:00
neonmei
1e03700188
Merge branch 'feature-lint-roles-etc' 2020-11-12 13:07:45 -03:00
neonmei
f35ffeed76
Merge branch 'feature-lint-role-wazuh-manager' 2020-11-12 13:07:35 -03:00
neonmei
4156a75395
Merge branch 'feature-lint-role-wazuh-agent' 2020-11-12 13:07:25 -03:00
neonmei
b2723f69e3
Merge branch 'feature-lint-role-opendistro' 2020-11-12 13:07:15 -03:00
neonmei
ac796d2fdc
Merge branch 'feature-lint-role-filebeat-oss' 2020-11-12 13:07:04 -03:00
neonmei
a0f32789c4
roles/kibana: add noqa to task, as we only intend to ensure owner/group and keep mode 2020-11-12 12:01:25 -03:00
neonmei
6f5f1106b3
roles/wazuh-agent: add missing mode for file task 2020-11-12 11:42:19 -03:00
neonmei
7634f8cf9b
roles/wazuh-agent: add noqa 208 exception for Windows template task 2020-11-12 11:42:15 -03:00
neonmei
55d3039519
roles/wazuh-agent: change comparison to literal bool 2020-11-12 11:42:11 -03:00
neonmei
8be12f0c5a
roles/filebeat-oss: remove extra file permissions task 2020-11-12 11:33:09 -03:00
neonmei
68b8c6b5a0
roles/filebeat-oss: add missing file mode and ownership for security_actions tasks 2020-11-12 11:32:49 -03:00
neonmei
87e9c8fc23
roles/wazuh-manager: add missing mode and ownership to file module 2020-11-12 11:26:57 -03:00
neonmei
17e4e687a4
roles/elasticsearch: add linting exception to lineinfile module to avoid changing permissions of global /etc/security/limits.conf 2020-11-12 11:21:50 -03:00
neonmei
bc9b5b5849
roles/elasticsearch: add missing mode and ownership to lineinfile module 2020-11-12 11:21:49 -03:00
neonmei
bc27023861
roles/elasticsearch: expand task, add missing mode and ownership to file module 2020-11-12 11:21:49 -03:00
neonmei
84744fe8ab
roles/elasticsearch: add missing mode and ownership to template module at tasks/xpack_security.yml 2020-11-12 11:21:24 -03:00
neonmei
878c55a180
roles/opendistro-elasticsearch: add new variable opendistro_nolog_sensible to role defaults 2020-11-12 11:07:07 -03:00
neonmei
8fdfecc06f
roles/opendistro-elasticsearch: add missing mode for file module 2020-11-12 11:05:47 -03:00
neonmei
c0d48e3ad4
roles/opendistro-elasticsearch: remove use of command module with sed and change it to replace module. Also add a nolog to the tasks guarded by opendistro_nolog_sensible to avoid outputting non-hashed passwords in deploy log 2020-11-12 11:04:32 -03:00
neonmei
15f15170f3
roles/opendistro-elasticsearch: remove nested jinja pattern and move it to a task-local variable for clarity 2020-11-12 11:00:36 -03:00
neonmei
36e235c877
roles/filebeat: remove unused variable filebeat_ssl_dir 2020-11-10 15:53:43 -03:00
neonmei
f5f80aa588
roles/opendistro-elasticsearch: remove unused variable es_nodes 2020-11-10 15:53:21 -03:00
neonmei
e466b3c35e
roles/kibana: remove unused variables node_certs_generator and node_certs_source 2020-11-10 15:52:58 -03:00
neonmei
1511649944
roles/elasticsearch: remove unused variable elasticsearch_xpack_security_user 2020-11-10 15:52:29 -03:00
neonmei
1d93181625
roles/filebeat: remove unused variables node_certs_generator and node_certs_source 2020-11-10 15:25:41 -03:00
neonmei
04e242e207
roles/filebeat-oss: remove unused variables filebeat_security_user and filebeat_security_password 2020-11-10 15:24:52 -03:00
neonmei
200efb981c
roles/opendistro-kibana: remove unused variable elasticsearch_nodes 2020-11-10 15:24:11 -03:00
neonmei
b928bc81fe
roles/opendistro-elasticsearch: remove unused variable elasticrepo 2020-11-10 15:23:39 -03:00
neonmei
eb5e74bb02
roles/filebeat: remove unused variables 2020-11-10 15:06:42 -03:00
neonmei
e90ddb73e6
roles/filebeat-oss: remove unused variables 2020-11-10 15:05:38 -03:00
neonmei
fad82ba7d1
roles/opendistro-kibana: remove unused variables 2020-11-10 15:04:31 -03:00
neonmei
aa04ebad90
roles/opendistro-elasticsearch: remove unused variables 2020-11-10 15:04:21 -03:00
neonmei
80593c464b
Merge branch 'feature-filebeat-oss-package-fix' 2020-11-10 14:41:39 -03:00
zenidd
0866c54e2b roles/filebeat-oss: minor fix 2020-11-10 18:36:26 +01:00
zenidd
ed8bccb3a4 roles/filebeat-oss: use apt/yum module instead of package 2020-11-10 18:30:13 +01:00
zenidd
52a809158a roles/filebeat-oss: allow installing fixed filebeat version 2020-11-10 17:03:12 +01:00
neonmei
2a5da5f78d
roles/agent: add support for overlaying like role-distributed ansible.cfg setting for hash_behaviour 2020-11-10 10:48:12 -03:00
neonmei
53fbc82931
roles/agent: reduce depth of wazuh_agent_config by extracting internal dicts to outside variables 2020-11-10 10:45:43 -03:00
zenidd
0afaba51fc Fix repository removal task condition 2020-11-10 13:05:05 +01:00
neonmei
75f1669ca8
Merge branch 'feature-es-cluster-check-fix' 2020-11-09 15:26:24 -03:00
zenidd
af948dff01 Fix ES API test task until statement. Fix block indentation 2020-11-09 19:08:33 +01:00
Manuel J. Bernal
fe67ea2d51
Merge pull request #482 from wazuh/feature-manager-remove-nodejs 
Remove unnecesary nodejs dependency
 2020-11-09 18:14:43 +01:00
Manuel J. Bernal
c462ac72bd
Merge pull request #478 from wazuh/feature-opendistro-runonce 
Improve handling of run_once at opendistro-elasticsearch role
 2020-11-09 18:13:49 +01:00
neonmei
0f6ea26123
roles/wazuh_manager: merge uninstall tasks in a single file 2020-11-09 14:04:55 -03:00
neonmei
d44532482a
roles/wazuh_manager: remove nodejs as wazuh-api was migrated to python 
For more information, see: https://github.com/wazuh/wazuh/releases/tag/v4.0.0
 2020-11-09 13:58:23 -03:00
zenidd
d23feddede Refactor test conditions 2020-11-09 17:57:12 +01:00
neonmei
a1f4a16fd9
roles/wazuh_manager: add support for role-distributed ansible.cfg setting for hash_behaviour 2020-11-09 13:03:54 -03:00
zenidd
bda7de57ec Elastic API check fix 2020-11-09 16:29:43 +01:00
neonmei
3b5d8651a6
roles/wazuh_manager: reduce depth of wazuh_manager_config by extracting contents into external dictionaries 2020-11-09 11:42:01 -03:00
dc2486b339
roles/opendistro: switch from import_tasks to include_tasks, move block tag and conditional from security_actions.yml to main.yml 2020-11-06 14:21:19 -03:00
manuasir
e8ad26a3ca Removed deprecated option 2020-11-03 19:18:10 +01:00
Manuel Gutierrez
a77be1f959
Add custom API user support 2020-10-27 15:02:27 +01:00
Manuel Gutierrez
912d669281
Use standard module format 2020-10-27 15:01:28 +01:00
Manuel Gutierrez
f4b6fa098f
Specify API password requirements on defaults 2020-10-27 15:00:53 +01:00
Manuel Gutierrez
13cda56e94
Use playbook_dir for relative paths 2020-10-26 19:33:25 +01:00
zenidd
a9f96ff495 Merge branch 'master' into feature-adapt-major-version 2020-10-23 17:30:57 +02:00
Manuel J. Bernal
fec24b4f6d
Merge pull request #467 from wazuh/odfe-1101 
Bump ODFE roles to 1.10.1
 2020-10-23 17:30:00 +02:00
zenidd
f1dba34f50 Updating default index pattern 2020-10-23 17:09:03 +02:00
zenidd
9cac95729b Set empty authd pass 2020-10-23 14:04:18 +02:00
zenidd
2f33aa20c5 New major version fixes 2020-10-23 13:21:32 +02:00
zenidd
dee32f7b79 update wazuh agent repos 2020-10-23 12:37:32 +02:00
zenidd
cab1f1d520 update wazuh repos 2020-10-23 12:36:07 +02:00
zenidd
ac7b80d54e Replace APP URL 2020-10-23 11:36:07 +02:00
zenidd
319261d29f Filebeat module version update 2020-10-23 10:42:46 +02:00
zenidd
09408c3b8c Update windows package md5sum 2020-10-23 10:35:15 +02:00
zenidd
8e784694bb Restoring defaulf configuration 2020-10-20 17:52:38 +02:00
zenidd
583f38f19c Merge master changes 2020-10-20 17:44:26 +02:00
zenidd
5ad76a1e36 Bump versions 2020-10-20 17:40:28 +02:00
zenidd
dbd9b1a52a Update wazuh agent MD5 2020-10-19 14:15:35 +02:00
zenidd
0201da6f0f Bump versions 2020-10-15 18:48:18 +02:00
zenidd
1e6e389ff4 Add single node option to ODFE configuration template 2020-10-15 18:48:05 +02:00
zenidd
6de730bf97 Avoid checking for green status on single node 2020-10-15 18:47:31 +02:00
zenidd
672470344a Update certs generation tool URL. Bump versions. Set variables to correct value 2020-10-15 18:46:55 +02:00
zenidd
671b7333fa Ensure recursive /usr/share/kibana permissions before installing WUI 2020-10-08 17:14:35 +02:00
Manuel J. Bernal
6a6fb15654 Remove vuls block from Linux tasks 2020-10-07 17:03:28 +02:00
Manuel J. Bernal
575fcc966a Remove vuls integration 2020-10-07 16:59:46 +02:00
Manuel Gutierrez
48dda652b2
Update year 2020-10-02 13:13:00 +02:00
Manuel Gutierrez
6abf51a5f0
Bump opendistro roles to 1.10.1 2020-10-01 16:26:08 +02:00
zenidd
46b073d7dd adding latest WUI package 2020-10-01 15:59:00 +02:00
zenidd
73764f5db2 Adding latests wazuh packages 2020-10-01 15:52:53 +02:00
zenidd
12708cf9bc Bump opendistro and wazuh versions 2020-10-01 15:44:53 +02:00
manuasir
cb615b1bcf Merge branch '3.13' 2020-09-21 18:46:01 +02:00
manuasir
1d025d520d Merge branch 'master' into feature-github-actions 2020-09-21 04:48:41 +02:00
zenidd
707aad76ad Bump to Wazuh version v3.13.2 2020-09-18 15:06:21 +02:00
Manuel J. Bernal
8adceb5833 Fixed authorization_pass_path XML option 2020-09-02 00:08:43 +02:00
Manuel J. Bernal
33d4aaedf1 Fixed unreadable token 2020-09-01 23:10:42 +02:00
Manuel J. Bernal
54443102f7 WIP: auto-enrollment implementation 2020-09-01 22:55:53 +02:00
Manuel J. Bernal
b117407c16 Fix unreadable token 2020-09-01 17:23:49 +02:00
zenidd
1bc990769b Merge branch 'feature-adapt-major-version' of github.com:wazuh/wazuh-ansible into feature-adapt-major-version 2020-09-01 17:02:14 +02:00
zenidd
4f68e701f0 Regen the install from sources fil 2020-09-01 17:01:28 +02:00
manuasir
27e913619c Merge remote-tracking branch 'origin/feature-github-actions' into feature-adapt-major-version 2020-09-01 15:36:40 +02:00
Manuel J. Bernal
bc7e1fbb8a Added autoenrollment feature to agent ossec.conf template 2020-09-01 15:31:35 +02:00
zenidd
f2e7a75b09 Using latest SearchGuard tool. Fixing Wazuh API credentials template 2020-08-26 14:05:38 +02:00
zenidd
af88cc4de8 Allow redhat sources install 2020-08-26 13:04:03 +02:00
zenidd
62ecf0325a Enabling sources install 2020-08-26 13:00:19 +02:00
zenidd
1f32a2663b remove tasks 2020-08-26 12:53:11 +02:00
zenidd
2deb53272a Adaptation to Wazuh 4.0 and fixes 2020-08-25 16:02:06 +02:00
zenidd
255d262b62 removing unnecessary old api files 2020-08-24 16:15:02 +02:00
zenidd
1117de8d5f Create new API config template file 2020-08-21 16:17:07 +02:00
Manuel Gutierrez
87ad1cdfaf
Basic auth on kibana role 2020-08-14 17:02:11 +02:00
Manuel Gutierrez
f092dc34f5
Force basic auth 2020-08-14 16:34:44 +02:00
Manuel J. Bernal
45a14c128c WIP: Adapting to v4.0 2020-08-12 19:45:46 +02:00
manuasir
f2a527b574 Removed restart systemd tasks 2020-07-29 23:55:41 +02:00
manuasir
ca88611678 Changed manager installation task in Debian family 2020-07-28 16:49:04 +02:00
Manuel Gutierrez
f870da4415
Check if variable is not null 2020-07-27 13:27:09 +02:00
Manuel Gutierrez
a9c4709581
Fix defaults typo 2020-07-27 13:26:36 +02:00