Skip to content

Commit

Permalink
Allow to override any template or file
Browse files Browse the repository at this point in the history
  • Loading branch information
jonhattan committed Oct 17, 2024
1 parent 002afc2 commit b9f619e
Show file tree
Hide file tree
Showing 14 changed files with 51 additions and 27 deletions.
4 changes: 3 additions & 1 deletion roles/wazuh/ansible-filebeat-oss/defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,4 +26,6 @@ filebeatrepo:
apt: "deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages.wazuh.com/5.x/apt/ stable main"
yum: 'https://packages.wazuh.com/5.x/yum/'
gpg: 'https://packages.wazuh.com/key/GPG-KEY-WAZUH'
path: '/tmp/WAZUH-GPG-KEY'
path: '/tmp/WAZUH-GPG-KEY'

filebeat_config_template: 'filebeat.yml.j2'
2 changes: 1 addition & 1 deletion roles/wazuh/ansible-filebeat-oss/tasks/config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
- block:
- name: Copy Filebeat configuration.
template:
src: filebeat.yml.j2
src: "{{ filebeat_config_template }}"
dest: "/etc/filebeat/filebeat.yml"
owner: root
group: root
Expand Down
4 changes: 4 additions & 0 deletions roles/wazuh/ansible-wazuh-agent/defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -374,3 +374,7 @@ wazuh_agent_config_defaults:

labels: '{{ wazuh_agent_labels }}'
enrollment: '{{ wazuh_agent_enrollment }}'

wazuh_agent_ossec_configuration_template: 'var-ossec-etc-ossec-agent.conf.j2'
wazuh_agent_ossec_local_internal_options_template: 'var-ossec-etc-local-internal-options.conf.j2'
wazuh_agent_ossec_authdpass_template: 'authd_pass.j2'
6 changes: 3 additions & 3 deletions roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml
Original file line number Diff line number Diff line change
Expand Up @@ -219,7 +219,7 @@

- name: Linux | Installing agent configuration (ossec.conf)
template:
src: var-ossec-etc-ossec-agent.conf.j2
src: "{{ wazuh_agent_ossec_configuration_template }}"
dest: "{{ wazuh_dir }}/etc/ossec.conf"
owner: root
group: wazuh
Expand All @@ -231,7 +231,7 @@

- name: Linux | Installing local_internal_options.conf
template:
src: var-ossec-etc-local-internal-options.conf.j2
src: "{{ wazuh_agent_ossec_local_internal_options_template }}"
dest: "{{ wazuh_dir }}/etc/local_internal_options.conf"
owner: root
group: wazuh
Expand All @@ -243,7 +243,7 @@

- name: Create auto-enrollment password file
template:
src: authd_pass.j2
src: "{{ wazuh_agent_ossec_authdpass_template }}"
dest: "{{ wazuh_dir }}/etc/authd.pass"
owner: wazuh
group: wazuh
Expand Down
4 changes: 2 additions & 2 deletions roles/wazuh/ansible-wazuh-agent/tasks/Windows.yml
Original file line number Diff line number Diff line change
Expand Up @@ -89,15 +89,15 @@

- name: Windows | Installing agent configuration (ossec.conf)
template: # noqa 208
src: var-ossec-etc-ossec-agent.conf.j2
src: "{{ wazuh_agent_ossec_configuration_template }}"
dest: "{{ wazuh_agent_win_path }}ossec.conf"
notify: Windows | Restart Wazuh Agent
tags:
- config

- name: Windows | Installing local_internal_options.conf
template:
src: var-ossec-etc-local-internal-options.conf.j2
src: "{{ wazuh_agent_ossec_local_internal_options_template }}"
dest: "{{ wazuh_agent_win_path }}local_internal_options.conf"
notify: Windows | Restart Wazuh Agent
tags:
Expand Down
8 changes: 4 additions & 4 deletions roles/wazuh/ansible-wazuh-agent/tasks/macOS.yml
Original file line number Diff line number Diff line change
Expand Up @@ -189,7 +189,7 @@

- name: macOS | Installing agent configuration (ossec.conf)
template:
src: var-ossec-etc-ossec-agent.conf.j2
src: "{{ wazuh_agent_ossec_configuration_template }}"
dest: "{{ wazuh_macos_config.install_dir }}/etc/ossec.conf"
owner: root
group: wazuh
Expand All @@ -201,7 +201,7 @@

- name: macOS | Installing local_internal_options.conf
template:
src: var-ossec-etc-local-internal-options.conf.j2
src: "{{ wazuh_agent_ossec_local_internal_options_template }}"
dest: "{{ wazuh_macos_config.install_dir }}/etc/local_internal_options.conf"
owner: root
group: wazuh
Expand All @@ -213,7 +213,7 @@

- name: Create auto-enrollment password file
template:
src: authd_pass.j2
src: "{{ wazuh_agent_ossec_authdpass_template }}"
dest: "{{ wazuh_macos_config.install_dir }}/etc/authd.pass"
owner: wazuh
group: wazuh
Expand All @@ -228,4 +228,4 @@
- name: macOS | Delete downloaded Wazuh agent installer file
file:
path: "{{ wazuh_macos_config.download_dir }}{{ wazuh_macos_package_name }}"
state: absent
state: absent
10 changes: 10 additions & 0 deletions roles/wazuh/ansible-wazuh-manager/defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -464,3 +464,13 @@ wazuh_manager_config_defaults:
# format: 'eventchannel'
# - location: 'System'
# format: 'eventlog'

wazuh_manager_ossec_local_rules_template: 'var-ossec-rules-local_rules.xml.j2'
wazuh_manager_ossec_local_decoder_template: 'var-ossec-rules-local_decoder.xml.j2'
wazuh_manager_ossec_shared_agent_template: 'var-ossec-etc-shared-agent.conf.j2'
wazuh_manager_ossec_local_internal_options_template: 'var-ossec-etc-local-internal-options.conf.j2'
wazuh_manager_ossec_server_template: 'var-ossec-etc-ossec-server.conf.j2'
wazuh_manager_ossec_authdpass_template: 'authd_pass.j2'
wazuh_manager_adminjson_template: 'admin.json.j2'
wazuh_manager_agentless_template: 'agentless.j2'
wazuh_manager_create_user_script_file: 'create_user.py'
18 changes: 9 additions & 9 deletions roles/wazuh/ansible-wazuh-manager/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -133,7 +133,7 @@
- config

- name: Installing the local_rules.xml (default local_rules.xml)
template: src=var-ossec-rules-local_rules.xml.j2
template: src="{{ wazuh_manager_ossec_local_rules_template }}"
dest="{{ wazuh_dir }}/etc/rules/local_rules.xml"
owner=wazuh
group=wazuh
Expand All @@ -157,7 +157,7 @@
- rules

- name: Installing the local_decoder.xml
template: src=var-ossec-rules-local_decoder.xml.j2
template: src="{{ wazuh_manager_ossec_local_decoder_template }}"
dest="{{ wazuh_dir }}/etc/decoders/local_decoder.xml"
owner=wazuh
group=wazuh
Expand All @@ -182,7 +182,7 @@

- name: Configure the shared-agent.conf
template:
src: var-ossec-etc-shared-agent.conf.j2
src: "{{ wazuh_manager_ossec_shared_agent_template }}"
dest: "{{ wazuh_dir }}/etc/shared/default/agent.conf"
owner: wazuh
group: wazuh
Expand All @@ -196,7 +196,7 @@
- shared_agent_config is defined

- name: Installing the local_internal_options.conf
template: src=var-ossec-etc-local-internal-options.conf.j2
template: src="{{ wazuh_manager_ossec_local_internal_options_template }}"
dest="{{ wazuh_dir }}/etc/local_internal_options.conf"
owner=root
group=wazuh
Expand Down Expand Up @@ -279,7 +279,7 @@

- name: Configure ossec.conf
template:
src: var-ossec-etc-ossec-server.conf.j2
src: "{{ wazuh_manager_ossec_server_template }}"
dest: "{{ wazuh_dir }}/etc/ossec.conf"
owner: root
group: wazuh
Expand All @@ -291,7 +291,7 @@

- name: Ossec-authd password
template:
src: authd_pass.j2
src: "{{ wazuh_manager_ossec_authdpass_template }}"
dest: "{{ wazuh_dir }}/etc/authd.pass"
owner: wazuh
group: wazuh
Expand All @@ -308,15 +308,15 @@
block:
- name: Copy create_user script
copy:
src: create_user.py
src: "{{ wazuh_manager_create_user_script_file }}"
dest: "{{ wazuh_dir }}/framework/scripts/create_user.py"
owner: root
group: wazuh
mode: 0644

- name: Create admin.json
template:
src: templates/admin.json.j2
src: "{{ wazuh_manager_adminjson_template }}"
dest: "{{ wazuh_dir }}/api/configuration/admin.json"
owner: wazuh
group: wazuh
Expand Down Expand Up @@ -344,7 +344,7 @@

- name: Agentless Hosts & Passwd
template:
src: agentless.j2
src: "{{ wazuh_manager_agentless_template }}"
dest: "{{ wazuh_dir }}/agentless/.passlist_tmp"
owner: root
group: root
Expand Down
3 changes: 3 additions & 0 deletions roles/wazuh/wazuh-dashboard/defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -29,3 +29,6 @@ indexer_admin_password: changeme
dashboard_user: kibanaserver
dashboard_password: changeme
local_certs_path: "{{ playbook_dir }}/indexer/certificates"

wazuh_dashboard_configuration_template: 'opensearch_dashboards.yml.j2'
wazuh_dashboard_wazuh_plugin_template: 'wazuh.yml.j2'
4 changes: 2 additions & 2 deletions roles/wazuh/wazuh-dashboard/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@

- name: Copy Configuration File
template:
src: "templates/opensearch_dashboards.yml.j2"
src: "{{ wazuh_dashboard_configuration_template }}"
dest: "{{ dashboard_conf_path }}/opensearch_dashboards.yml"
group: wazuh-dashboard
owner: wazuh-dashboard
Expand Down Expand Up @@ -75,7 +75,7 @@

- name: Configure Wazuh Dashboard Plugin
template:
src: wazuh.yml.j2
src: "{{ wazuh_dashboard_wazuh_plugin_template }}"
dest: /usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
owner: wazuh-dashboard
group: wazuh-dashboard
Expand Down
5 changes: 5 additions & 0 deletions roles/wazuh/wazuh-indexer/defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -51,3 +51,8 @@ indexer_nolog_sensible: true

# Docker image for certificates generation on macOS
wazuh_certs_tool_docker: "wazuh/wazuh-cert-tool:{{ indexer_version }}"

wazuh_indexer_internal_users_template: 'internal_users.yml.j2'
wazuh_indexer_jvm_options_template: 'jvm.options.j2'
wazuh_indexer_opensearch_config_template: 'opensearch.yml.j2'
wazuh_indexer_certificates_generation_template: 'config.yml.j2'
2 changes: 1 addition & 1 deletion roles/wazuh/wazuh-indexer/tasks/local_actions.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@

- name: Local action | Prepare the certificates generation template file
template:
src: "templates/config.yml.j2"
src: "{{ wazuh_indexer_certificates_generation_template }}"
dest: "{{ local_certs_path }}/config.yml"
mode: 0644
register: tlsconfig_template
Expand Down
6 changes: 3 additions & 3 deletions roles/wazuh/wazuh-indexer/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@

- name: Copy Opensearch Configuration File
template:
src: "templates/opensearch.yml.j2"
src: "{{ wazuh_indexer_opensearch_config_template }}"
dest: "{{ indexer_conf_path }}/opensearch.yml"
owner: root
group: wazuh-indexer
Expand All @@ -54,9 +54,9 @@
- security


- name: Configure Wazuh indexer JVM memmory.
- name: Configure Wazuh indexer JVM memory.
template:
src: "templates/jvm.options.j2"
src: "{{ wazuh_indexer_jvm_options_template }}"
dest: "{{ indexer_conf_path }}/jvm.options"
owner: root
group: wazuh-indexer
Expand Down
2 changes: 1 addition & 1 deletion roles/wazuh/wazuh-indexer/tasks/security_actions.yml
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@

- name: Copy the Opensearch security internal users template
template:
src: "templates/internal_users.yml.j2"
src: "{{ wazuh_indexer_internal_users_template }}"
dest: "{{ indexer_sec_plugin_conf_path }}/internal_users.yml"
mode: 0644
run_once: true
Expand Down

0 comments on commit b9f619e

Please sign in to comment.