diff --git a/default_vars/Default.yaml b/default_vars/Default.yaml new file mode 100644 index 0000000..7b753af --- /dev/null +++ b/default_vars/Default.yaml @@ -0,0 +1,2 @@ +--- +MANAGERIP: 10.10.0.220 diff --git a/updater.ansible.yaml b/updater.ansible.yaml new file mode 100644 index 0000000..3837385 --- /dev/null +++ b/updater.ansible.yaml @@ -0,0 +1,28 @@ +--- +- name: Play that adds ssh keys to servers + hosts: all + become: true + tasks: + - name: enable repo - RHEL + ansible.builtin.shell: | + sed -i "s/^enabled=0/enabled=1/" /etc/yum.repos.d/wazuh.repo + when: ansible_os_family == "RedHat" + + - name: enable repo - DEB/Ubuntu + ansible.builtin.shell: | + sed -i "s/^#deb/deb/" /etc/apt/sources.list.d/wazuh.list + apt-get update + when: ansible_os_family == "Debian" + + - name: update wazuh-agent - RHEL + ansible.builtin.yum: + name: wazuh-agent + state: latest + when: ansible_os_family == "RedHat" + + + - name: update wazuh-agent + ansible.builtin.apt: + name: wazuh-agent + state: latest + when: ansible_os_family == "Debian" \ No newline at end of file diff --git a/wazuhagent.ansible.yaml b/wazuhagent.ansible.yaml new file mode 100644 index 0000000..ea3ba23 --- /dev/null +++ b/wazuhagent.ansible.yaml @@ -0,0 +1,108 @@ +--- +- name: Play that adds ssh keys to servers + hosts: all + become: true + pre_tasks: + - name: Load variables + ansible.builtin.include_vars: '{{ item }}' + with_first_found: + - "default_vars/default.yaml" + tasks: + - name: add agents + block: + - name: Repo and install RHEL + block: + - name: Add Wazuh Repo - RHEL + ansible.builtin.yum_repository: + name: EL-\$releasever - Wazuh + state: present + gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH + baseurl: https://packages.wazuh.com/4.x/yum/ + + - name: Install Wazuh agent and register to manager - RHEL + ansible.builtin.yum: + name: wazuh=agent + state: present + environment: WAZUH_MANAGER="{{ MANAGERIP }}" + + - name: disable repo unless needed - RHEL + ansible.builtin.shell: | + sed -i "s/^enabled=1/enabled=0/" /etc/yum.repos.d/wazuh.repo + when: ansible_os_family == "RedHat" + + - name: One way to avoid apt_key once it is removed from your distro + block: + - name: Wazuh |no apt key + ansible.builtin.get_url: + url: https://packages.wazuh.com/key/GPG-KEY-WAZUH + dest: /usr/share/keyrings/wazuh.gpg + + - name: Wazuh | apt source + ansible.builtin.apt_repository: + repo: "deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages.wazuh.com/4.x/apt/ stable main" + state: present + + - name: Wuzah install + ansible.builtin.apt: + name: wazuh-agent + state: present + update_cache: true + environment: WAZUH_MANAGER="{{ MANAGERIP }}" + + - name: disable repo until needed - Debian + ansible.builtin.shell: | + sed -i "s/^deb/#deb/" /etc/apt/sources.list.d/wazuh.list + apt-get update + + when: ansible_os_family == "Debian" + + - name: start and enable + ansible.builtin.systemd_service: + state: started + enabled: true + daemon_reload: true + name: wazuh-agent + + + + + rescue: + - name: Add failed hosts to failed_host inventory + ansible.builtin.add_host: + name: "{{ inventory_hostname }}" + groups: failed_hosts + delegate_to: localhost + become: false + + - name: List number of failed hosts + ansible.builtin.debug: # noqa: run-once[task] + var: "{{ groups['failed_hosts'] | length }}" + run_once: true + delegate_to: localhost + become: false + + - name: List failed hosts - via hostgroup + ansible.builtin.debug: # noqa: run-once[task] + var: groups['failed_hosts'] + run_once: true + delegate_to: localhost + become: false + + - name: List failed hosts - direct + ansible.builtin.debug: + var: ansible_hostname + delegate_to: localhost + become: false + + - name: Include debugging output sick + ansible.builtin.include_tasks: debug.yaml + +- name: Handle failed hosts + hosts: failed_hosts + tasks: + - name: Display debug info for failed hosts + ansible.builtin.debug: + var: ansible_hostname + delegate_to: localhost + become: false +