--- - name: Stopping early, trying to compile Wazuh Kibana Plugin on Debian 10 is not possible fail: msg: "It's not possible to compile the Wazuh Kibana plugin on Debian 10 due to: https://github.com/wazuh/wazuh-kibana-app/issues/1924" when: - build_from_sources - ansible_distribution == "Debian" - ansible_distribution_major_version == "10" - import_tasks: RedHat.yml when: ansible_os_family == 'RedHat' - import_tasks: Debian.yml when: ansible_os_family == 'Debian' - name: Reload systemd systemd: daemon_reload: true ignore_errors: true when: - not (ansible_distribution == "Amazon" and ansible_distribution_version == "(Karoo)") - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<')) - not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<')) - not (ansible_os_family == "RedHat" and ansible_distribution_version is version('7', '<')) - name: Copying node's certificate from master copy: src: "{{ item }}" dest: "{{ node_certs_destination }}/" with_items: - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.key" - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.crt" - "{{ master_certs_path }}/ca/ca.crt" tags: xpack-security when: - kibana_xpack_security - generate_CA - name: Copying node's certificate from master (Custom CA) copy: src: "{{ item }}" dest: "{{ node_certs_destination }}/" mode: '0664' with_items: - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.key" - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.crt" - "{{ master_certs_path }}/ca/{{ ca_cert_name }}" when: - kibana_xpack_security - not generate_CA tags: xpack-security - name: Ensuring certificates folder owner file: path: "{{ node_certs_destination }}/" state: directory recurse: yes owner: kibana group: kibana when: - kibana_xpack_security tags: xpack-security - name: Kibana script additional configuration for node replace: path: /usr/share/kibana/bin/kibana regexp: 'NODE_OPTIONS=\"--no-warnings --max-http-header-size=65536 \$\{NODE_OPTIONS\}\" NODE_ENV=production exec \"\$\{NODE}\" \"\$\{DIR\}/src/cli\" \$\{@\}' replace: 'NODE_OPTIONS="--no-warnings {{kibana_script_node_options}} --max-http-header-size=65536 ${NODE_OPTIONS}" NODE_ENV=production exec "${NODE}" "${DIR}/src/cli" ${@}' when: kibana_script_node_options is defined - name: Ensuring certificates folder owner file: path: "{{ node_certs_destination }}/" mode: '0770' recurse: yes when: - kibana_xpack_security notify: restart kibana tags: xpack-security - name: Kibana configuration template: src: kibana.yml.j2 dest: /etc/kibana/kibana.yml owner: root group: root mode: '0664' notify: restart kibana tags: configure - name: Checking Wazuh-APP version shell: >- grep -c -E 'version.*{{ elastic_stack_version }}' /usr/share/kibana/plugins/wazuh/package.json args: executable: /bin/bash removes: /usr/share/kibana/plugins/wazuh/package.json register: wazuh_app_verify changed_when: false failed_when: - wazuh_app_verify.rc != 0 - wazuh_app_verify.rc != 1 - name: Removing old Wazuh-APP command: /usr/share/kibana/bin/kibana-plugin --allow-root remove wazuh when: wazuh_app_verify.rc == 1 tags: install - name: Removing bundles file: path: /usr/share/kibana/optimize/bundles state: absent when: wazuh_app_verify.rc == 1 tags: install - name: Explicitly starting Kibana to generate "wazuh-" service: name: kibana state: started - name: Build and Install Wazuh Kibana Plugin from sources import_tasks: build_wazuh_plugin.yml when: - build_from_sources is defined - build_from_sources - name: Install Wazuh Plugin (can take a while) shell: 'NODE_OPTIONS="{{node_options}}" /usr/share/kibana/bin/kibana-plugin install {{ wazuh_app_url }}-{{ wazuh_version }}_{{ elastic_stack_version }}.zip' args: executable: /bin/bash creates: /usr/share/kibana/plugins/wazuh/package.json chdir: /usr/share/kibana become: yes become_user: kibana notify: restart kibana tags: - install - skip_ansible_lint when: - not build_from_sources - name: Kibana optimization (can take a while) shell: 'NODE_OPTIONS="{{node_options}}" /usr/share/kibana/bin/kibana --optimize --allow-root' args: executable: /bin/bash become: yes become_user: kibana - name: Wait for Elasticsearch port wait_for: host={{ elasticsearch_network_host }} port={{ elasticsearch_http_port }} - name: Select correct API protocol set_fact: elastic_api_protocol: "{% if kibana_xpack_security %}https{% else %}http{% endif %}" - name: Attempting to delete legacy Wazuh index if exists uri: url: "{{ elastic_api_protocol }}://{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}/.wazuh" method: DELETE user: "{{ elasticsearch_xpack_security_user }}" password: "{{ elasticsearch_xpack_security_password }}" validate_certs: no status_code: 200, 404 - name: Configure Wazuh Kibana Plugin template: src: wazuh.yml.j2 dest: /usr/share/kibana/plugins/wazuh/wazuh.yml owner: kibana group: root mode: 0644 - name: Reload systemd configuration systemd: daemon_reload: true - name: Ensure Kibana is started and enabled service: name: kibana enabled: true state: started - import_tasks: RMRedHat.yml when: ansible_os_family == 'RedHat' - import_tasks: RMDebian.yml when: ansible_os_family == 'Debian'