146 lines
5.4 KiB
YAML
146 lines
5.4 KiB
YAML
---
|
|
- name: RedHat/CentOS | Install Nodejs repo
|
|
yum_repository:
|
|
name: NodeJS
|
|
description: NodeJS-$releasever
|
|
baseurl: https://rpm.nodesource.com/pub_6.x/el/{{ ansible_distribution_major_version }}/x86_64
|
|
gpgkey: https://rpm.nodesource.com/pub/el/NODESOURCE-GPG-SIGNING-KEY-EL
|
|
gpgcheck: true
|
|
changed_when: false
|
|
when:
|
|
- ansible_distribution_major_version|int > 5
|
|
|
|
- name: Fedora | Install Nodejs repo
|
|
yum_repository:
|
|
name: NodeJS
|
|
description: NodeJS-$releasever
|
|
baseurl: https://rpm.nodesource.com/pub_6.x/fc/$releasever/x86_64
|
|
gpgkey: https://rpm.nodesource.com/pub/el/NODESOURCE-GPG-SIGNING-KEY-EL
|
|
gpgcheck: true
|
|
when: ansible_distribution == 'Fedora'
|
|
|
|
- name: AmazonLinux | Get Nodejs
|
|
shell: |
|
|
set -o pipefail
|
|
curl --silent --location https://rpm.nodesource.com/setup_8.x | bash -
|
|
args:
|
|
warn: false
|
|
executable: /bin/bash
|
|
when:
|
|
- ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
|
|
|
|
- name: AmazonLinux | Install Nodejs repo
|
|
yum:
|
|
name: nodejs
|
|
state: present
|
|
register: wazuh_manager_amz_node_packages_installed
|
|
until: wazuh_manager_amz_node_packages_installed is succeeded
|
|
when:
|
|
- ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
|
|
|
|
- name: RedHat/CentOS/Fedora | Install Wazuh repo
|
|
yum_repository:
|
|
name: wazuh_repo
|
|
description: Wazuh repository
|
|
baseurl: https://packages.wazuh.com/3.x/yum/
|
|
gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH
|
|
gpgcheck: true
|
|
changed_when: false
|
|
when:
|
|
- (ansible_distribution_major_version|int > 5) or (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
|
|
|
|
- name: RedHat/CentOS 5 | Install Wazuh repo
|
|
yum_repository:
|
|
name: wazuh_repo
|
|
description: Wazuh repository
|
|
baseurl: https://packages.wazuh.com/3.x/yum/5/
|
|
gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH
|
|
gpgcheck: true
|
|
when:
|
|
- ansible_distribution_major_version|int == 5
|
|
|
|
- name: RedHat/CentOS/Fedora | Install openscap
|
|
package: name={{ item }} state=present
|
|
with_items:
|
|
- openscap-scanner
|
|
- openssl
|
|
register: wazuh_manager_openscp_packages_installed
|
|
until: wazuh_manager_openscp_packages_installed is succeeded
|
|
tags:
|
|
- init
|
|
when: not (ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA")
|
|
|
|
- name: CentOS 6 | Install Software Collections (SCL) Repository
|
|
package: name=centos-release-scl state=present
|
|
register: wazuh_manager_scl_packages_installed
|
|
until: wazuh_manager_scl_packages_installed is succeeded
|
|
when:
|
|
- ansible_distribution == 'CentOS' and ansible_distribution_major_version == '6'
|
|
- wazuh_manager_config.cluster.disable != 'yes'
|
|
|
|
- name: RedHat 6 | Enabling Red Hat Software Collections (RHSCL)
|
|
command: yum-config-manager --enable {{ item }}
|
|
with_items:
|
|
- rhui-REGION-rhel-server-rhscl
|
|
- rhel-server-rhscl-6-rpms
|
|
when:
|
|
- ansible_distribution == 'RedHat' and ansible_distribution_major_version == '6'
|
|
- wazuh_manager_config.cluster.disable != 'yes'
|
|
|
|
- name: CentOS/RedHat 6 | Install Python 2.7
|
|
package: name=python27 state=present
|
|
register: wazuh_manager_python_package_installed
|
|
until: wazuh_manager_python_package_installed is succeeded
|
|
when:
|
|
- ( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version == '6'
|
|
- wazuh_manager_config.cluster.disable != 'yes'
|
|
|
|
- name: CentOS/RedHat 6 | Install python-cryptography module
|
|
pip: name=cryptography state=present
|
|
register: wazuh_manager_cryptography_package_installed
|
|
until: wazuh_manager_cryptography_package_installed is succeeded
|
|
environment:
|
|
PATH: "/opt/rh/python27/root/usr/bin:{{ ansible_env.PATH }}"
|
|
LD_LIBRARY_PATH: "/opt/rh/python27/root/usr/lib64:/opt/rh/python27/root/usr/lib"
|
|
when:
|
|
- ( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat' ) and ansible_distribution_major_version == '6'
|
|
- wazuh_manager_config.cluster.disable != 'yes'
|
|
|
|
- name: RedHat/CentOS/Fedora | Install python-cryptography module
|
|
package: name=python-cryptography state=present
|
|
register: wazuh_manager_cryptography_package_installed
|
|
until: wazuh_manager_cryptography_package_installed is succeeded
|
|
when:
|
|
- not (( ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat') and ansible_distribution_major_version == '6' )
|
|
- wazuh_manager_config.cluster.disable != 'yes'
|
|
|
|
- name: RedHat/CentOS/Fedora | Install OpenJDK 1.8
|
|
yum: name=java-1.8.0-openjdk state=present
|
|
when:
|
|
- wazuh_manager_config.cis_cat.disable == 'no'
|
|
- wazuh_manager_config.cis_cat.install_java == 'yes'
|
|
tags:
|
|
- init
|
|
|
|
- name: Set Distribution CIS filename for RHEL5/CentOS-5
|
|
set_fact:
|
|
cis_distribution_filename: cis_rhel5_linux_rcl.txt
|
|
when: ansible_os_family == "RedHat" and ansible_distribution_major_version == '5'
|
|
|
|
- name: Set Distribution CIS filename for RHEL6/CentOS-6
|
|
set_fact:
|
|
cis_distribution_filename: cis_rhel6_linux_rcl.txt
|
|
when: ansible_os_family == "RedHat" and ansible_distribution_major_version == '6'
|
|
|
|
- name: Set Distribution CIS filename for RHEL7/CentOS-7
|
|
set_fact:
|
|
cis_distribution_filename: cis_rhel7_linux_rcl.txt
|
|
when:
|
|
- ansible_os_family == "RedHat" and ansible_distribution_major_version == '7'
|
|
|
|
- name: Set Distribution CIS filename for RHEL7/CentOS-7 (Amazon)
|
|
set_fact:
|
|
cis_distribution_filename: cis_rhel7_linux_rcl.txt
|
|
when:
|
|
- ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
|