80 lines
2.3 KiB
YAML
80 lines
2.3 KiB
YAML
---
|
|
- name: Check if certificates already exists
|
|
stat:
|
|
path: "{{ local_certs_path }}"
|
|
register: certificates_folder
|
|
delegate_to: localhost
|
|
become: no
|
|
tags:
|
|
- generate-certs
|
|
|
|
|
|
- block:
|
|
|
|
- name: Local action | Create local temporary directory for certificates generation
|
|
file:
|
|
path: "{{ local_certs_path }}"
|
|
mode: 0755
|
|
state: directory
|
|
|
|
- name: Local action | Check that the generation tool exists
|
|
stat:
|
|
path: "{{ local_certs_path }}/wazuh-certs-tool.sh"
|
|
register: tool_package
|
|
when: ansible_os_family != 'Darwin'
|
|
|
|
- name: Local action | Download certificates generation tool
|
|
get_url:
|
|
url: "{{ certs_gen_tool_url }}"
|
|
dest: "{{ local_certs_path }}/wazuh-certs-tool.sh"
|
|
when: not tool_package.stat.exists and ansible_os_family != 'Darwin'
|
|
|
|
- name: Local action | Prepare the certificates generation template file
|
|
template:
|
|
src: "templates/config.yml.j2"
|
|
dest: "{{ local_certs_path }}/config.yml"
|
|
mode: 0644
|
|
register: tlsconfig_template
|
|
|
|
- name: Local action | Generate the node & admin certificates in local
|
|
command: >-
|
|
bash {{ local_certs_path }}/wazuh-certs-tool.sh -A
|
|
when: ansible_os_family != 'Darwin'
|
|
|
|
- name: Local action | Check for Docker installation on macOS
|
|
command: docker --version
|
|
register: docker_check
|
|
when: ansible_os_family == 'Darwin'
|
|
ignore_errors: yes
|
|
|
|
- name: Local action | Fail if Docker is not installed
|
|
fail:
|
|
msg: "Docker is not installed on this host."
|
|
when: (docker_check.rc | default(1)) != 0 and ansible_os_family == 'Darwin'
|
|
|
|
- name: Local action | Run Docker container on macOS
|
|
community.docker.docker_container:
|
|
name: wazuh-cert-tool
|
|
image: "wazuh-certs-tool"
|
|
state: started
|
|
auto_remove: true
|
|
volumes:
|
|
- "{{ local_certs_path }}/config.yml:/config/certs.yml"
|
|
- "{{ local_certs_path }}/wazuh-certificates/:/certificates/"
|
|
when: ansible_os_family == 'Darwin'
|
|
|
|
- name: Local action | Remove Docker image after execution
|
|
community.docker.docker_image:
|
|
name: "wazuh-certs-tool"
|
|
state: absent
|
|
force_absent: yes
|
|
when: ansible_os_family == 'Darwin'
|
|
|
|
run_once: true
|
|
delegate_to: localhost
|
|
become: no
|
|
tags:
|
|
- generate-certs
|
|
when:
|
|
- not certificates_folder.stat.exists
|