102 lines
2.9 KiB
YAML
102 lines
2.9 KiB
YAML
---
|
|
- import_tasks: "RedHat.yml"
|
|
when: ansible_os_family == "RedHat"
|
|
|
|
- import_tasks: "Debian.yml"
|
|
when: ansible_os_family == "Debian"
|
|
|
|
- name: Linux | Install wazuh-agent
|
|
package: name=wazuh-agent state=latest
|
|
tags:
|
|
- init
|
|
|
|
- name: Retrieving authd Credentials
|
|
include_vars: authd_pass.yml
|
|
tags:
|
|
- config
|
|
|
|
- name: Copy CA, SSL key and cert for authd
|
|
copy:
|
|
src: "{{ item }}"
|
|
dest: "/var/ossec/etc/{{ item | basename }}"
|
|
mode: 0644
|
|
with_items:
|
|
- "{{ wazuh_agent_authd.ssl_agent_ca }}"
|
|
- "{{ wazuh_agent_authd.ssl_agent_cert }}"
|
|
- "{{ wazuh_agent_authd.ssl_agent_key }}"
|
|
tags:
|
|
- config
|
|
when:
|
|
- wazuh_agent_authd.ssl_agent_ca is not none
|
|
- wazuh_agent_authd.enable == true
|
|
|
|
- name: Linux | Check if client.keys exists
|
|
stat: path=/var/ossec/etc/client.keys
|
|
register: check_keys
|
|
tags:
|
|
- config
|
|
|
|
- name: Linux | Register agent
|
|
shell: >
|
|
/var/ossec/bin/agent-auth
|
|
-m {{ wazuh_managers.0.address }}
|
|
-p {{ wazuh_agent_authd.port }}
|
|
{% if authd_pass is defined %}-P {{ authd_pass }}{% endif %}
|
|
{% if wazuh_agent_authd.ssl_agent_ca is not none %}
|
|
-v "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_ca | basename }}"
|
|
-x "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_cert | basename }}"
|
|
-k "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_key | basename }}"
|
|
{% endif %}
|
|
{% if wazuh_agent_authd.ssl_auto_negotiate == 'yes' %}-a{% endif %}
|
|
register: agent_auth_output
|
|
when:
|
|
- wazuh_agent_authd.enable == true
|
|
- check_keys.stat.size == 0
|
|
- wazuh_managers.0.address is not none
|
|
tags:
|
|
- config
|
|
|
|
- name: Linux | Verify agent registration
|
|
shell: echo {{ agent_auth_output }} | grep "Valid key created"
|
|
when:
|
|
- wazuh_agent_authd.enable == true
|
|
- check_keys.stat.size == 0
|
|
- wazuh_managers.0.address is not none
|
|
tags:
|
|
- config
|
|
|
|
- name: Linux | Vuls integration deploy (runs in background, can take a while)
|
|
command: /var/ossec/wodles/vuls/deploy_vuls.sh {{ ansible_distribution|lower }} {{ ansible_distribution_major_version|int }}
|
|
args:
|
|
creates: /var/ossec/wodles/vuls/config.toml
|
|
async: 3600
|
|
poll: 0
|
|
when:
|
|
- wazuh_agent_config.vuls.disable != 'yes'
|
|
- ansible_distribution == 'Redhat' or ansible_distribution == 'CentOS' or ansible_distribution == 'Ubuntu' or ansible_distribution == 'Debian' or ansible_distribution == 'Oracle'
|
|
tags:
|
|
- init
|
|
|
|
- name: Linux | Installing agent configuration (ossec.conf)
|
|
template: src=var-ossec-etc-ossec-agent.conf.j2
|
|
dest=/var/ossec/etc/ossec.conf
|
|
owner=root
|
|
group=ossec
|
|
mode=0644
|
|
notify: restart wazuh-agent
|
|
tags:
|
|
- init
|
|
- config
|
|
|
|
- name: Linux | Ensure Wazuh Agent service is started and enabled
|
|
service:
|
|
name: wazuh-agent
|
|
enabled: yes
|
|
state: started
|
|
|
|
- import_tasks: "RMRedHat.yml"
|
|
when: ansible_os_family == "RedHat"
|
|
|
|
- import_tasks: "RMDebian.yml"
|
|
when: ansible_os_family == "Debian"
|