|
9 | 9 | - generate-certs |
10 | 10 | # Single node |
11 | 11 | - hosts: wazuh-manager |
12 | | - become: yes |
13 | 12 | become_user: root |
14 | 13 | roles: |
15 | 14 | - role: "{{ playbook_dir }}/roles/wazuh-ansible/wazuh-ansible/roles/wazuh/wazuh-indexer" |
|
23 | 22 | path: "{{ local_custom_sca_policies_path }}" |
24 | 23 | register: custom_sca_policies_folder |
25 | 24 | delegate_to: localhost |
26 | | - become: no |
27 | 25 |
|
28 | 26 | - name: Gather list of custom SCA policies |
29 | 27 | find: |
|
34 | 32 | when: custom_sca_policies_folder.stat.exists |
35 | 33 |
|
36 | 34 | - name: Copy custom SCA policy files to Wazuh manager |
| 35 | + become: yes |
37 | 36 | copy: |
38 | 37 | # Note the trailing slash to copy directory contents |
39 | 38 | src: "{{ local_custom_sca_policies_path }}/" |
|
43 | 42 | when: custom_sca_policies.files | length > 0 |
44 | 43 |
|
45 | 44 | - name: Add custom policy definition(s) to the shared Agent config |
| 45 | + becomd: yes |
46 | 46 | blockinfile: |
47 | 47 | path: "/var/ossec/etc/shared/default/agent.conf" |
48 | 48 | state: present |
|
65 | 65 | - Restart wazuh |
66 | 66 |
|
67 | 67 | - name: Set http/s_proxy vars in ossec-init.conf for vulnerability detector |
| 68 | + become: yes |
68 | 69 | blockinfile: |
69 | 70 | path: "/var/ossec/etc/ossec.conf" |
70 | 71 | state: present |
|
83 | 84 | path: "{{ local_custom_certs_path }}" |
84 | 85 | register: custom_certificates_folder |
85 | 86 | delegate_to: localhost |
86 | | - become: no |
87 | 87 |
|
88 | 88 | - name: Copy the node & admin certificates to Wazuh dashboard |
| 89 | + become: yes |
89 | 90 | copy: |
90 | 91 | src: "{{ local_custom_certs_path }}/{{ item }}" |
91 | 92 | dest: /etc/wazuh-dashboard/certs/ |
|
100 | 101 | - Restart wazuh-dashboard |
101 | 102 |
|
102 | 103 | - name: Perform health check against filebeat |
| 104 | + become: yes |
103 | 105 | command: filebeat test output |
104 | 106 | changed_when: false |
105 | | - become: true |
106 | 107 | retries: 2 |
107 | 108 |
|
108 | 109 | handlers: |
|
117 | 118 | state: restarted |
118 | 119 |
|
119 | 120 | - hosts: wazuh-agent |
120 | | - become: yes |
121 | 121 | become_user: root |
122 | 122 | tasks: |
123 | 123 | - name: Check if custom SCA policies directory exists |
124 | 124 | stat: |
125 | 125 | path: "{{ local_custom_sca_policies_path }}" |
126 | 126 | register: custom_sca_policies_folder |
127 | 127 | delegate_to: localhost |
128 | | - become: no |
129 | 128 |
|
130 | 129 | - name: Gather list of custom SCA policies |
131 | 130 | find: |
|
136 | 135 | when: custom_sca_policies_folder.stat.exists |
137 | 136 |
|
138 | 137 | - name: Allow Wazuh agents to execute commands in SCA policies sent from the Wazuh manager |
| 138 | + become: yes |
139 | 139 | blockinfile: |
140 | 140 | path: "/var/ossec/etc/local_internal_options.conf" |
141 | 141 | state: present |
142 | 142 | owner: wazuh |
143 | 143 | group: wazuh |
144 | | - block: | |
145 | | - sca.remote_commands=1 |
| 144 | + block: sca.remote_commands=1 |
146 | 145 | when: custom_sca_policies.files | length > 0 |
147 | 146 | notify: |
148 | 147 | - Restart wazuh-agent |
|
0 commit comments