65 lines
1.9 KiB
YAML
65 lines
1.9 KiB
YAML
- name: Generate certificates prior to converging
|
|
hosts: localhost
|
|
become: true
|
|
become_user: root
|
|
roles:
|
|
- role: ../../roles/wazuh/wazuh-indexer
|
|
vars:
|
|
generate_certs: true
|
|
perform_installation: false
|
|
instances:
|
|
node1:
|
|
name: wazuh-es01 # Important: must be equal to indexer_node_name.
|
|
ip: "127.0.0.1" # When unzipping, the node will search for its node name folder to get the cert.
|
|
role: indexer
|
|
node3:
|
|
name: wazuh-mgr01
|
|
ip: "127.0.0.1"
|
|
role: wazuh
|
|
node_type: master
|
|
node5:
|
|
name: wazuh-dash01
|
|
ip: "127.0.0.1"
|
|
role: dashboard
|
|
pre_tasks:
|
|
- name: overview of cert configuration
|
|
debug:
|
|
var: wazuh_endpoint_list
|
|
|
|
- name: Converge
|
|
hosts: localhost
|
|
become: true
|
|
become_user: root
|
|
roles:
|
|
# 1. Check packages
|
|
- role: ../../roles/wazuh/check-packages
|
|
become: no
|
|
delegate_to: localhost
|
|
run_once: true
|
|
# 2. Wazuh indexer
|
|
- role: ../../roles/wazuh/wazuh-indexer
|
|
# 3. Managers
|
|
- role: ../../roles/wazuh/ansible-wazuh-manager
|
|
- role: ../../roles/wazuh/ansible-filebeat-oss
|
|
# 4. Wazuh dashboard
|
|
- role: ../../roles/wazuh/wazuh-dashboard
|
|
# 5. Agents:
|
|
# - role: ../../roles/wazuh/ansible-wazuh-agent
|
|
# vars:
|
|
# wazuh_managers: '{{ wazuh_managers_list }}'
|
|
# when: inventory_hostname in groups['agents']
|
|
vars:
|
|
instances:
|
|
node1:
|
|
name: wazuh-es01 # Important: must be equal to indexer_node_name.
|
|
ip: "127.0.0.1" # When unzipping, the node will search for its node name folder to get the cert.
|
|
role: indexer
|
|
node3:
|
|
name: wazuh-mgr01
|
|
ip: "127.0.0.1"
|
|
role: wazuh
|
|
node_type: master
|
|
node5:
|
|
name: wazuh-dash01
|
|
ip: "127.0.0.1"
|
|
role: dashboard |