diff --git a/roles/debian/wazuh/defaults/main.yml b/roles/debian/wazuh/defaults/main.yml index 9ea1646b1..4ea2fafc0 100644 --- a/roles/debian/wazuh/defaults/main.yml +++ b/roles/debian/wazuh/defaults/main.yml @@ -1,7 +1,6 @@ --- -_wazuh_path: "" - wazuh: + path: wazuh #roles_directory: "/path/to/roles" # defaults to /home/controller/.ansible/roles/wazuh-ansible branch: "v4.7.2" # wazuh-ansible git branch to checkout - not to be confused with wazuh_version! # Agent variables, installed locally by default diff --git a/roles/debian/wazuh/tasks/install.yml b/roles/debian/wazuh/tasks/install.yml deleted file mode 100644 index 5d76e3bf5..000000000 --- a/roles/debian/wazuh/tasks/install.yml +++ /dev/null @@ -1,112 +0,0 @@ -- name: Import elastic-stack. - ansible.builtin.import_role: - name: "contrib/{{ _wazuh_path }}/roles/elastic-stack/ansible-kibana" - -- name: Import opendistro. - ansible.builtin.import_role: - name: "contrib/{{ _wazuh_path }}/roles/opendistro/opendistro-kibana" - -- name: Generate certificates. - ansible.builtin.import_role: - name: wazuh-ansible/roles/wazuh/wazuh-indexer - delegate_to: localhost - vars: - indexer_node_master: "{{ wazuh.indexer.indexer_node_master }}" - instances: "{{ wazuh.indexer.indexer_primary }}" - perform_installation: false - tags: - - generate-certs - -- name: Install Wazuh indexer. - ansible.builtin.import_role: - name: wazuh-ansible/roles/wazuh/wazuh-indexer - vars: - single_node: "{{ wazuh.indexer.single_node }}" - domain_name: "{{ wazuh.indexer.domain_name }}" - indexer_cluster_name: "{{ wazuh.indexer.indexer_cluster_name }}" - indexer_node_name: "{{ wazuh.indexer.indexer_node_name }}" - minimum_master_nodes: "{{ wazuh.indexer.minimum_master_nodes }}" - indexer_node_master: "{{ wazuh.indexer.indexer_node_master }}" - indexer_node_data: "{{ wazuh.indexer.indexer_node_data }}" - indexer_node_ingest: "{{ wazuh.indexer.indexer_node_ingest }}" - indexer_start_timeout: "{{ wazuh.indexer.indexer_start_timeout }}" - indexer_network_host: "{{ wazuh.indexer.indexer_network_host }}" - indexer_cluster_nodes: "{{ wazuh.indexer.indexer_cluster_nodes }}" - indexer_discovery_nodes: "{{ wazuh.indexer.indexer_discovery_nodes }}" - indexer_http_port: "{{ wazuh.indexer.indexer_http_port }}" - indexer_api_protocol: "{{ wazuh.indexer.indexer_api_protocol }}" - indexer_custom_user: "{{ wazuh.indexer.indexer_custom_user }}" - indexer_custom_user_role: "{{ wazuh.indexer.indexer_custom_user_role }}" - indexer_admin_password: "{{ wazuh.indexer.indexer_admin_password }}" - dashboard_password: "{{ wazuh.dashboard.dashboard_password }}" - instances: "{{ wazuh.indexer.indexer_instances }}" - perform_installation: true - tags: - - install - when: wazuh.indexer.install - -- name: Install Wazuh Manager. - ansible.builtin.import_role: - name: wazuh-ansible/roles/wazuh/ansible-wazuh-manager - vars: - wazuh_manager_mailto: "{{ wazuh.manager.wazuh_manager_mailto }}" - wazuh_manager_email_smtp_server: "{{ wazuh.manager.wazuh_manager_email_smtp_server }}" - wazuh_manager_email_from: "{{ wazuh.manager.wazuh_manager_email_from }}" - wazuh_manager_email_maxperhour: "{{ wazuh.manager.wazuh_manager_email_maxperhour }}" - wazuh_manager_email_queue_size: "{{ wazuh.manager.wazuh_manager_email_queue_size }}" - wazuh_manager_email_log_source: "{{ wazuh.manager.wazuh_manager_email_log_source }}" - wazuh_manager_log_level: "{{ wazuh.manager.wazuh_manager_log_level }}" - wazuh_manager_email_level: "{{ wazuh.manager.wazuh_manager_email_level }}" - wazuh_manager_extra_emails: "{{ wazuh.manager.wazuh_manager_extra_emails }}" - wazuh_manager_reports: "{{ wazuh.manager.wazuh_manager_reports }}" - wazuh_manager_api: "{{ wazuh.manager.wazuh_manager_api }}" - agent_groups: "{{ wazuh.manager.agent_groups }}" - when: wazuh.manager.install - -- name: Install Filebeat. - ansible.builtin.import_role: - name: wazuh-ansible/roles/wazuh/ansible-filebeat-oss - vars: - filebeat_version: "{{ wazuh.filebeat.filebeat_version }}" - filebeat_node_name: "{{ wazuh.filebeat.filebeat_node_name }}" - filebeat_output_indexer_hosts: "{{ wazuh.filebeat.filebeat_output_indexer_hosts }}" - filebeat_module_package_url: "{{ wazuh.filebeat.filebeat_module_package_url }}" - filebeat_module_package_name: "{{ wazuh.filebeat.filebeat_module_package_name }}" - indexer_security_user: "{{ wazuh.filebeat.indexer_security_user | default('admin') }}" - indexer_security_password: "{{ wazuh.indexer.indexer_admin_password }}" - when: wazuh.filebeat.install - -- name: Install Wazuh dashboard. - ansible.builtin.import_role: - name: wazuh-ansible/roles/wazuh/wazuh-dashboard - vars: - dashboard_node_name: "{{ wazuh.dashboard.dashboard_node_name }}" - dashboard_server_host: "{{ wazuh.dashboard.dashboard_server_host }}" - dashboard_server_port: "{{ wazuh.dashboard.dashboard_server_port }}" - dashboard_server_name: "{{ wazuh.dashboard.dashboard_server_name }}" - wazuh_api_credentials: "{{ wazuh.dashboard.wazuh_api_credentials }}" - dashboard_security: "{{ wazuh.dashboard.dashboard_security }}" - dashboard_user: "{{ wazuh.dashboard.dashboard_user }}" - dashboard_password: "{{ wazuh.dashboard.dashboard_password }}" - indexer_admin_password: "{{ wazuh.indexer.indexer_admin_password }}" - indexer_http_port: "{{ wazuh.indexer.indexer_http_port }}" - indexer_api_protocol: "{{ wazuh.indexer.indexer_api_protocol }}" - ansible_shell_allow_world_readable_temp: true - when: wazuh.dashboard.install - -- name: Install Wazuh agent. - ansible.builtin.import_role: - name: wazuh-ansible/roles/wazuh/ansible-wazuh-agent - vars: - wazuh_managers: "{{ wazuh.agent.managers }}" - wazuh_agent_enrollment: - enabled: "{{ wazuh.agent.wazuh_agent_enrollment.enabled }}" - agent_name: "{{ wazuh.agent.wazuh_agent_enrollment.agent_name }}" - groups: "{{ wazuh.agent.wazuh_agent_enrollment.groups }}" - agent_address: "{{ wazuh.agent.wazuh_agent_enrollment.agent_address }}" - ssl_ciphers: "{{ wazuh.agent.wazuh_agent_enrollment.ssl_ciphers }}" - wazuh_custom_packages_installation_agent_enabled: false - ansible_shell_allow_world_readable_temp: true - wazuh_agent_sources_installation: - enabled: true - when: wazuh.agent.install and not wazuh_agent_sources_installation.enabled \ No newline at end of file diff --git a/roles/debian/wazuh/tasks/main.yml b/roles/debian/wazuh/tasks/main.yml index 0b3c881d0..1b081b56a 100644 --- a/roles/debian/wazuh/tasks/main.yml +++ b/roles/debian/wazuh/tasks/main.yml @@ -1,23 +1,112 @@ ---- -# Assumes you have run the ce_provision role on your controller and it has already installed the Wazuh roles -- name: Select items with URL https://github.com/wazuh/wazuh-ansible.git - ansible.builtin.set_fact: - _wazuh_items: "{{ ce_provision.contrib_roles | selectattr('repo', 'equalto', 'https://github.com/wazuh/wazuh-ansible.git') | list }}" +- name: Import elastic-stack. + ansible.builtin.import_role: + name: "contrib/{{ wazuh.path }}/roles/elastic-stack/ansible-kibana" -- name: Debug print _wazuh_items - ansible.builtin.debug: - msg: "{{ _wazuh_items }}" +- name: Import opendistro. + ansible.builtin.import_role: + name: "contrib/{{ wazuh.path }}/roles/opendistro/opendistro-kibana" -- name: Set wazuh path based on matching repo - ansible.builtin.set_fact: - _wazuh_path: "{{ _wazuh_items | map(attribute='directory') | first }}" - when: _wazuh_items | length > 0 +- name: Generate certificates. + ansible.builtin.import_role: + name: "contrib/{{ wazuh.path }}/roles/wazuh/wazuh-indexer" + delegate_to: localhost + vars: + indexer_node_master: "{{ wazuh.indexer.indexer_node_master }}" + instances: "{{ wazuh.indexer.indexer_primary }}" + perform_installation: false + tags: + - generate-certs -- name: Debug _wazuh_path before including install.yml - ansible.builtin.debug: - msg: "The value of _wazuh_path is: '{{ _wazuh_path | default('Not set') }}'" +- name: Install Wazuh indexer. + ansible.builtin.import_role: + name: "contrib/{{ wazuh.path }}/roles/wazuh/wazuh-indexer" + vars: + single_node: "{{ wazuh.indexer.single_node }}" + domain_name: "{{ wazuh.indexer.domain_name }}" + indexer_cluster_name: "{{ wazuh.indexer.indexer_cluster_name }}" + indexer_node_name: "{{ wazuh.indexer.indexer_node_name }}" + minimum_master_nodes: "{{ wazuh.indexer.minimum_master_nodes }}" + indexer_node_master: "{{ wazuh.indexer.indexer_node_master }}" + indexer_node_data: "{{ wazuh.indexer.indexer_node_data }}" + indexer_node_ingest: "{{ wazuh.indexer.indexer_node_ingest }}" + indexer_start_timeout: "{{ wazuh.indexer.indexer_start_timeout }}" + indexer_network_host: "{{ wazuh.indexer.indexer_network_host }}" + indexer_cluster_nodes: "{{ wazuh.indexer.indexer_cluster_nodes }}" + indexer_discovery_nodes: "{{ wazuh.indexer.indexer_discovery_nodes }}" + indexer_http_port: "{{ wazuh.indexer.indexer_http_port }}" + indexer_api_protocol: "{{ wazuh.indexer.indexer_api_protocol }}" + indexer_custom_user: "{{ wazuh.indexer.indexer_custom_user }}" + indexer_custom_user_role: "{{ wazuh.indexer.indexer_custom_user_role }}" + indexer_admin_password: "{{ wazuh.indexer.indexer_admin_password }}" + dashboard_password: "{{ wazuh.dashboard.dashboard_password }}" + instances: "{{ wazuh.indexer.indexer_instances }}" + perform_installation: true + tags: + - install + when: wazuh.indexer.install -- name: Include task to install based on selected items - ansible.builtin.import_tasks: - file: install.yml - when: _wazuh_items | length > 0 \ No newline at end of file +- name: Install Wazuh Manager. + ansible.builtin.import_role: + name: "contrib/{{ wazuh.path }}/roles/wazuh/ansible-wazuh-manager" + vars: + wazuh_manager_mailto: "{{ wazuh.manager.wazuh_manager_mailto }}" + wazuh_manager_email_smtp_server: "{{ wazuh.manager.wazuh_manager_email_smtp_server }}" + wazuh_manager_email_from: "{{ wazuh.manager.wazuh_manager_email_from }}" + wazuh_manager_email_maxperhour: "{{ wazuh.manager.wazuh_manager_email_maxperhour }}" + wazuh_manager_email_queue_size: "{{ wazuh.manager.wazuh_manager_email_queue_size }}" + wazuh_manager_email_log_source: "{{ wazuh.manager.wazuh_manager_email_log_source }}" + wazuh_manager_log_level: "{{ wazuh.manager.wazuh_manager_log_level }}" + wazuh_manager_email_level: "{{ wazuh.manager.wazuh_manager_email_level }}" + wazuh_manager_extra_emails: "{{ wazuh.manager.wazuh_manager_extra_emails }}" + wazuh_manager_reports: "{{ wazuh.manager.wazuh_manager_reports }}" + wazuh_manager_api: "{{ wazuh.manager.wazuh_manager_api }}" + agent_groups: "{{ wazuh.manager.agent_groups }}" + when: wazuh.manager.install + +- name: Install Filebeat. + ansible.builtin.import_role: + name: "contrib/{{ wazuh.path }}/roles/wazuh/ansible-filebeat-oss" + vars: + filebeat_version: "{{ wazuh.filebeat.filebeat_version }}" + filebeat_node_name: "{{ wazuh.filebeat.filebeat_node_name }}" + filebeat_output_indexer_hosts: "{{ wazuh.filebeat.filebeat_output_indexer_hosts }}" + filebeat_module_package_url: "{{ wazuh.filebeat.filebeat_module_package_url }}" + filebeat_module_package_name: "{{ wazuh.filebeat.filebeat_module_package_name }}" + indexer_security_user: "{{ wazuh.filebeat.indexer_security_user | default('admin') }}" + indexer_security_password: "{{ wazuh.indexer.indexer_admin_password }}" + when: wazuh.filebeat.install + +- name: Install Wazuh dashboard. + ansible.builtin.import_role: + name: "contrib/{{ wazuh.path }}/roles/wazuh/wazuh-dashboard" + vars: + dashboard_node_name: "{{ wazuh.dashboard.dashboard_node_name }}" + dashboard_server_host: "{{ wazuh.dashboard.dashboard_server_host }}" + dashboard_server_port: "{{ wazuh.dashboard.dashboard_server_port }}" + dashboard_server_name: "{{ wazuh.dashboard.dashboard_server_name }}" + wazuh_api_credentials: "{{ wazuh.dashboard.wazuh_api_credentials }}" + dashboard_security: "{{ wazuh.dashboard.dashboard_security }}" + dashboard_user: "{{ wazuh.dashboard.dashboard_user }}" + dashboard_password: "{{ wazuh.dashboard.dashboard_password }}" + indexer_admin_password: "{{ wazuh.indexer.indexer_admin_password }}" + indexer_http_port: "{{ wazuh.indexer.indexer_http_port }}" + indexer_api_protocol: "{{ wazuh.indexer.indexer_api_protocol }}" + ansible_shell_allow_world_readable_temp: true + when: wazuh.dashboard.install + +- name: Install Wazuh agent. + ansible.builtin.import_role: + name: "contrib/{{ wazuh.path }}/roles/wazuh/ansible-wazuh-agent" + vars: + wazuh_managers: "{{ wazuh.agent.managers }}" + wazuh_agent_enrollment: + enabled: "{{ wazuh.agent.wazuh_agent_enrollment.enabled }}" + agent_name: "{{ wazuh.agent.wazuh_agent_enrollment.agent_name }}" + groups: "{{ wazuh.agent.wazuh_agent_enrollment.groups }}" + agent_address: "{{ wazuh.agent.wazuh_agent_enrollment.agent_address }}" + ssl_ciphers: "{{ wazuh.agent.wazuh_agent_enrollment.ssl_ciphers }}" + wazuh_custom_packages_installation_agent_enabled: false + ansible_shell_allow_world_readable_temp: true + wazuh_agent_sources_installation: + enabled: true + when: wazuh.agent.install and not wazuh_agent_sources_installation.enabled \ No newline at end of file