99 lines
2.8 KiB
YAML
Executable File
99 lines
2.8 KiB
YAML
Executable File
---
|
|
- name: Get latest wazuh release
|
|
shell: "curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\\1/'| cut -c 2-"
|
|
register: wazuh_latest_release
|
|
|
|
- include_vars: ../../vars/repo.yml
|
|
when: "{{ wazuh_latest_release.stdout is version(dashboard_version, operator='ge') }}"
|
|
|
|
- include_vars: ../../vars/repo_dev.yml
|
|
when: "{{ wazuh_latest_release.stdout is version(dashboard_version, operator='lt') }}"
|
|
|
|
- import_tasks: RedHat.yml
|
|
when: ansible_os_family == 'RedHat'
|
|
|
|
- import_tasks: Debian.yml
|
|
when: ansible_os_family == 'Debian'
|
|
|
|
- name: Remove Dashboard configuration file
|
|
file:
|
|
# noqa 503
|
|
path: "{{ dashboard_conf_path }}/opensearch_dashboards.yml"
|
|
state: absent
|
|
tags: install
|
|
|
|
- import_tasks: security_actions.yml
|
|
|
|
- name: Copy Configuration File
|
|
template:
|
|
src: "templates/opensearch_dashboards.yml.j2"
|
|
dest: "{{ dashboard_conf_path }}/opensearch_dashboards.yml"
|
|
group: wazuh-dashboard
|
|
owner: wazuh-dashboard
|
|
mode: 0640
|
|
force: yes
|
|
notify: restart wazuh-dashboard
|
|
tags:
|
|
- install
|
|
- configure
|
|
|
|
- name: Ensuring Wazuh dashboard directory owner
|
|
file:
|
|
# noqa 208
|
|
path: "/usr/share/wazuh-dashboard"
|
|
state: directory
|
|
owner: wazuh-dashboard
|
|
group: wazuh-dashboard
|
|
recurse: yes
|
|
|
|
- name: Wait for Wazuh-Indexer port
|
|
wait_for: host={{ indexer_network_host }} port={{ indexer_http_port }}
|
|
|
|
- name: Select correct API protocol
|
|
set_fact:
|
|
indexer_api_protocol: "{% if dashboard_security is defined and dashboard_security %}https{% else %}http{% endif %}"
|
|
|
|
- name: Attempting to delete legacy Wazuh index if exists
|
|
uri:
|
|
url: "{{ indexer_api_protocol }}://{{ indexer_network_host }}:{{ indexer_http_port }}/.wazuh"
|
|
method: DELETE
|
|
user: "admin"
|
|
password: "{{ indexer_admin_password }}"
|
|
validate_certs: no
|
|
status_code: 200, 404
|
|
|
|
- name: Create Wazuh Plugin config directory
|
|
file:
|
|
path: /usr/share/wazuh-dashboard/data/wazuh/config/
|
|
state: directory
|
|
recurse: yes
|
|
owner: wazuh-dashboard
|
|
group: wazuh-dashboard
|
|
mode: 0751
|
|
changed_when: False
|
|
|
|
- name: Configure Wazuh Dashboard Plugin
|
|
template:
|
|
src: wazuh.yml.j2
|
|
dest: /usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
|
|
owner: wazuh-dashboard
|
|
group: wazuh-dashboard
|
|
mode: 0751
|
|
changed_when: False
|
|
|
|
- name: Configure opensearch.password in opensearch_dashboards.keystore
|
|
shell: >-
|
|
echo {{ dashboard_password }} | /usr/share/wazuh-dashboard/bin/opensearch-dashboards-keystore --allow-root add -f --stdin opensearch.password
|
|
args:
|
|
executable: /bin/bash
|
|
become: yes
|
|
|
|
- name: Ensure Wazuh dashboard started and enabled
|
|
service:
|
|
name: wazuh-dashboard
|
|
enabled: true
|
|
state: started
|
|
|
|
- import_tasks: RMRedHat.yml
|
|
when: ansible_os_family == 'RedHat'
|