- name: Generate certificates prior to converging
  hosts: localhost
  become: true
  become_user: root
  roles:
    - role: ../../roles/wazuh/wazuh-indexer
      vars:
        generate_certs: true
        perform_installation: false
        instances:
          node1:
            name: wazuh-es01       # Important: must be equal to indexer_node_name.
            ip: "127.0.0.1"   # When unzipping, the node will search for its node name folder to get the cert.
            role: indexer
          node3:
            name: wazuh-mgr01
            ip: "127.0.0.1"
            role: wazuh
          node5:
            name: wazuh-dash01
            ip: "127.0.0.1"
            role: dashboard
  pre_tasks:
    - name: overview of cert configuration
      debug:
        var: wazuh_endpoint_list

- name: Converge
  hosts: localhost
  become: true
  become_user: root
  roles:
    # 1. Check packages
    - role: ../../roles/wazuh/check-packages
      become: no
      delegate_to: localhost
      run_once: true
    # 2. Wazuh indexer
    - role: ../../roles/wazuh/wazuh-indexer
      vars:
        indexer_node_name: "wazuh-es01"
        single_node: true
    # 3. Managers
    - role: ../../roles/wazuh/ansible-wazuh-manager
    - role: ../../roles/wazuh/ansible-filebeat-oss
      vars:
        filebeat_node_name: "wazuh-mgr01"
        filebeat_output_indexer_hosts:
        - "localhost:9200"
    # 4. Wazuh dashboard
    - role: ../../roles/wazuh/wazuh-dashboard
      vars:
        dashboard_node_name: "wazuh-dash01"
  vars:
    instances:
      node1:
        name: wazuh-es01       # Important: must be equal to indexer_node_name.
        ip: "127.0.0.1"  # When unzipping, the node will search for its node name folder to get the cert.
        role: indexer
      node3:
        name: wazuh-mgr01
        ip: "127.0.0.1"
        role: wazuh
      node5:
        name: wazuh-dash01
        ip: "127.0.0.1"
        role: dashboard