wazuh-ansible-4.8.1/roles/wazuh/ansible-wazuh-agent/tasks/RedHat.yml

---
- name: RedHat/CentOS 5 | Install Wazuh repo
  yum_repository:
    name: wazuh_repo
    description: Wazuh repository
    baseurl: "{{ wazuh_agent_config.repo.yum }}5/"
    gpgkey: "{{ wazuh_agent_config.repo.gpg }}-5"
    gpgcheck: true
  changed_when: false
  when:
    - (ansible_facts['os_family']|lower == 'redhat') and (ansible_distribution|lower != 'amazon')
    - (ansible_distribution_major_version|int <= 5)
    - not wazuh_sources_installation.enabled
  register: repo_v5_installed

- name: RedHat/CentOS/Fedora | Install Wazuh repo
  yum_repository:
    name: wazuh_repo
    description: Wazuh repository
    baseurl: "{{ wazuh_agent_config.repo.yum }}"
    gpgkey: "{{ wazuh_agent_config.repo.gpg }}"
    gpgcheck: true
  changed_when: false
  when:
    - repo_v5_installed is skipped
    - not wazuh_sources_installation.enabled

- name: RedHat/CentOS/Fedora | download Oracle Java RPM
  get_url:
    url: https://download.oracle.com/otn-pub/java/jdk/8u202-b08/1961070e4c9b4e26a04e7f5a083f551e/jre-8u202-linux-x64.rpm
    dest: /tmp/jre-8-linux-x64.rpm
    headers: 'Cookie:oraclelicense=accept-securebackup-cookie'
  register: oracle_java_task_rpm_download
  until: oracle_java_task_rpm_download is succeeded
  when:
    - wazuh_agent_config.cis_cat.disable == 'no'
    - wazuh_agent_config.cis_cat.install_java == 'yes'
  tags:
    - init

- name: RedHat/CentOS/Fedora | Install Oracle Java RPM
  package: name=/tmp/jre-8-linux-x64.rpm state=present
  register: wazuh_agent_java_package_install
  until: wazuh_agent_java_package_install is succeeded
  when:
    - wazuh_agent_config.cis_cat.disable == 'no'
    - wazuh_agent_config.cis_cat.install_java == 'yes'
    - oracle_java_task_rpm_download is defined
  tags:
    - init

- name: Set Distribution CIS filename for RHEL5
  set_fact:
    cis_distribution_filename: cis_rhel5_linux_rcl.txt
  when: ansible_os_family == "RedHat" and ansible_distribution_major_version == "5"

- name: Set Distribution CIS filename for RHEL6
  set_fact:
    cis_distribution_filename: cis_rhel6_linux_rcl.txt
  when: ansible_os_family == "RedHat" and ansible_distribution_major_version == "6"

- name: Set Distribution CIS filename for RHEL7
  set_fact:
    cis_distribution_filename: cis_rhel7_linux_rcl.txt
  when:
    - ansible_os_family == "RedHat"
    - ansible_distribution_major_version == "7"

- name: Set Distribution CIS filename for RHEL7 (Amazon)
  set_fact:
    cis_distribution_filename: cis_rhel7_linux_rcl.txt
  when:
    - ansible_distribution == "Amazon"
    - ansible_distribution_major_version == "NA"

- name: RedHat/CentOS/RedHat | Install openscap
  package: name=openscap-scanner state=present
  register: wazuh_agent_openscap_package_install
  until: wazuh_agent_openscap_package_install is succeeded
  when: wazuh_agent_config.openscap.disable == 'no'
  tags:
    - init