wazuh-ansible-4.8.1/roles/elastic-stack/ansible-kibana/tasks/main.yml

---

- name: Stopping early, trying to compile Wazuh Kibana Plugin on Debian 10 is not possible
  fail:
    msg: "It's not possible to compile the Wazuh Kibana plugin on Debian 10 due to: https://github.com/wazuh/wazuh-kibana-app/issues/1924"
  when:
    - build_from_sources
    - ansible_distribution == "Debian"
    - ansible_distribution_major_version == "10"

- import_tasks: RedHat.yml
  when: ansible_os_family == 'RedHat'

- import_tasks: Debian.yml
  when: ansible_os_family == 'Debian'

- name: Reload systemd
  systemd:
    daemon_reload: true
  ignore_errors: true
  when:
    - not (ansible_distribution == "Amazon" and ansible_distribution_version == "(Karoo)")
    - not (ansible_distribution == "Ubuntu" and ansible_distribution_version is version('15.04', '<'))
    - not (ansible_distribution == "Debian" and ansible_distribution_version is version('8', '<'))
    - not (ansible_os_family == "RedHat" and ansible_distribution_version is version('7', '<'))

- name: Copying node's certificate from master
  copy:
    src: "{{ item }}"
    dest: "{{ node_certs_destination }}/"
    owner: root
    group: kibana
    mode: 0440
  with_items:
    - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.key"
    - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.crt"
    - "{{ master_certs_path }}/ca/ca.crt"
  tags: xpack-security
  when:
    - kibana_xpack_security
    - generate_CA

- name: Copying node's certificate from master (Custom CA)
  copy:
    src: "{{ item }}"
    dest: "{{ node_certs_destination }}/"
    owner: root
    group: kibana
    mode: 0440
  with_items:
    - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.key"
    - "{{ master_certs_path }}/{{ kibana_node_name }}/{{ kibana_node_name }}.crt"
    - "{{ master_certs_path }}/ca/{{ ca_cert_name }}"
  when:
    - kibana_xpack_security
    - not generate_CA
  tags: xpack-security

- name: Ensuring certificates folder owner and permissions
  file:
    path: "{{ node_certs_destination }}/"
    state: directory
    recurse: no
    owner: kibana
    group: kibana
    mode: 0770
  when:
    - kibana_xpack_security
  notify: restart kibana
  tags: xpack-security

- name: Kibana configuration
  template:
    src: kibana.yml.j2
    dest: /etc/kibana/kibana.yml
    owner: root
    group: root
    mode: 0644
  notify: restart kibana
  tags: configure

- name: Checking Wazuh-APP version
  shell: >-
    grep -c -E 'version.*{{ elastic_stack_version }}' /usr/share/kibana/plugins/wazuh/package.json    
  args:
    executable: /bin/bash
    removes: /usr/share/kibana/plugins/wazuh/package.json
  register: wazuh_app_verify
  changed_when: false
  failed_when:
    - wazuh_app_verify.rc != 0
    - wazuh_app_verify.rc != 1

- name: Removing old Wazuh-APP
  command: /usr/share/kibana/bin/kibana-plugin --allow-root remove wazuh
  when: wazuh_app_verify.rc == 1
  tags: install

- name: Removing bundles
  file:
    path: /usr/share/kibana/optimize/bundles
    state: absent
  when: wazuh_app_verify.rc == 1
  tags: install

- name: Explicitly starting Kibana to generate "wazuh-"
  service:
    name: kibana
    state: started

- name: Build and Install Wazuh Kibana Plugin from sources
  import_tasks: build_wazuh_plugin.yml
  when:
    - build_from_sources is defined
    - build_from_sources

- name: Install Wazuh Plugin (can take a while)
  shell: >-
    NODE_OPTIONS="{{ node_options }}" /usr/share/kibana/bin/kibana-plugin install
    {{ wazuh_app_url }}-{{ wazuh_version }}_{{ elastic_stack_version }}.zip    
  args:
    executable: /bin/bash
    creates: /usr/share/kibana/plugins/wazuh/package.json
    chdir: /usr/share/kibana
  become: yes
  become_user: kibana
  notify: restart kibana
  tags:
    - install
    - skip_ansible_lint
  when:
    - not build_from_sources

- name: Kibana optimization (can take a while)
  shell: /usr/share/kibana/node/bin/node {{ node_options }} /usr/share/kibana/src/cli --optimize
  args:
    executable: /bin/bash
  become: yes
  become_user: kibana
  changed_when: false
  tags:
    - skip_ansible_lint

- name: Wait for Elasticsearch port
  wait_for: host={{ elasticsearch_network_host }} port={{ elasticsearch_http_port }}

- name: Select correct API protocol
  set_fact:
    elastic_api_protocol: "{% if kibana_xpack_security %}https{% else %}http{% endif %}"

- name: Attempting to delete legacy Wazuh index if exists
  uri:
    url: "{{ elastic_api_protocol }}://{{ elasticsearch_network_host }}:{{ elasticsearch_http_port }}/.wazuh"
    method: DELETE
    user: "{{ elasticsearch_xpack_security_user }}"
    password: "{{ elasticsearch_xpack_security_password }}"
    validate_certs: no
    status_code: 200, 404

- name: Create wazuh plugin config directory
  file:
    path: /usr/share/kibana/optimize/wazuh/config/
    state: directory
    recurse: yes
    owner: kibana
    group: kibana
    mode: 0751
  changed_when: False

- name: Configure Wazuh Kibana Plugin
  template:
    src: wazuh.yml.j2
    dest: /usr/share/kibana/optimize/wazuh/config/wazuh.yml
    owner: kibana
    group: kibana
    mode: 0751
  changed_when: False

- name: Reload systemd configuration
  systemd:
    daemon_reload: true

- name: Ensure Kibana is started and enabled
  service:
    name: kibana
    enabled: true
    state: started

- import_tasks: RMRedHat.yml
  when: ansible_os_family == 'RedHat'

- import_tasks: RMDebian.yml
  when: ansible_os_family == 'Debian'