9a3f715dd5
- Change include by import_tasks in the playbooks. - Change version from Elastic Stack to 5.6.3
90 lines
2.3 KiB
YAML
90 lines
2.3 KiB
YAML
---
|
|
- import_tasks: "RedHat.yml"
|
|
when: ansible_os_family == "RedHat"
|
|
|
|
- import_tasks: "Debian.yml"
|
|
when: ansible_os_family == "Debian"
|
|
|
|
- name: Linux | Install wazuh-agent
|
|
package: name=wazuh-agent state=latest
|
|
tags:
|
|
- init
|
|
|
|
- name: Retrieving authd Credentials
|
|
include_vars: authd_pass.yml
|
|
tags:
|
|
- config
|
|
|
|
- name: Copy CA, SSL key and cert for authd
|
|
copy:
|
|
src: "{{ item }}"
|
|
dest: "/var/ossec/etc/{{ item | basename }}"
|
|
mode: 0644
|
|
with_items:
|
|
- "{{ wazuh_agent_authd.ssl_agent_ca }}"
|
|
- "{{ wazuh_agent_authd.ssl_agent_cert }}"
|
|
- "{{ wazuh_agent_authd.ssl_agent_key }}"
|
|
tags:
|
|
- config
|
|
when:
|
|
- wazuh_agent_authd.ssl_agent_ca is not none
|
|
- wazuh_agent_authd.enable == true
|
|
|
|
- name: Linux | Check if client.keys exists
|
|
stat: path=/var/ossec/etc/client.keys
|
|
register: check_keys
|
|
tags:
|
|
- config
|
|
|
|
- name: Linux | Register agent
|
|
shell: >
|
|
/var/ossec/bin/agent-auth
|
|
-m {{ wazuh_manager_ip }}
|
|
-p {{ wazuh_agent_authd.port }}
|
|
{% if authd_pass is defined %}-P {{ authd_pass }}{% endif %}
|
|
{% if wazuh_agent_authd.ssl_agent_ca is not none %}
|
|
-v "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_ca | basename }}"
|
|
-x "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_cert | basename }}"
|
|
-k "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_key | basename }}"
|
|
{% endif %}
|
|
{% if wazuh_agent_authd.ssl_auto_negotiate == 'yes' %}-a{% endif %}
|
|
register: agent_auth_output
|
|
when:
|
|
- wazuh_agent_authd.enable == true
|
|
- check_keys.stat.size == 0
|
|
- wazuh_manager_ip is not none
|
|
tags:
|
|
- config
|
|
|
|
- name: Linux | Verify agent registration
|
|
shell: echo {{ agent_auth_output }} | grep "Valid key created"
|
|
when:
|
|
- wazuh_agent_authd.enable == true
|
|
- check_keys.stat.size == 0
|
|
- wazuh_manager_ip is not none
|
|
tags:
|
|
- config
|
|
|
|
- name: Linux | Installing agent configuration (ossec.conf)
|
|
template: src=var-ossec-etc-ossec-agent.conf.j2
|
|
dest=/var/ossec/etc/ossec.conf
|
|
owner=root
|
|
group=ossec
|
|
mode=0644
|
|
notify: restart wazuh-agent
|
|
tags:
|
|
- init
|
|
- config
|
|
|
|
- name: Linux | Ensure Wazuh Agent service is started and enabled
|
|
service:
|
|
name: wazuh-agent
|
|
enabled: yes
|
|
state: started
|
|
|
|
- import_tasks: "RMRedHat.yml"
|
|
when: ansible_os_family == "RedHat"
|
|
|
|
- import_tasks: "RMDebian.yml"
|
|
when: ansible_os_family == "Debian"
|