mirror of
https://github.com/Expand-sys/wazuh-agent
synced 2025-12-13 12:32:22 +11:00
106 lines
3.5 KiB
YAML
106 lines
3.5 KiB
YAML
---
|
|
- name: Play that installs and attaches wazuh agents to wazuh manager
|
|
hosts: all
|
|
become: true
|
|
tasks:
|
|
- name: add agents
|
|
block:
|
|
- name: Repo and install RHEL
|
|
block:
|
|
- name: import gpgkey - RHEL
|
|
ansible.builtin.rpm_key:
|
|
key: https://packages.wazuh.com/key/GPG-KEY-WAZUH
|
|
state: present
|
|
|
|
- name: Add Wazuh Repo - RHEL
|
|
ansible.builtin.yum_repository:
|
|
name: EL-Wazuh
|
|
state: present
|
|
description: wazuh open source security platform
|
|
gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH
|
|
baseurl: https://packages.wazuh.com/4.x/yum/
|
|
|
|
- name: Install Wazuh agent and register to manager - RHEL
|
|
ansible.builtin.yum:
|
|
name: wazuh-agent
|
|
state: present
|
|
environment:
|
|
WAZUH_MANAGER: '{{ manager_ip }}'
|
|
|
|
- name: disable repo unless needed - RHEL
|
|
ansible.builtin.shell: |
|
|
sed -i "s/^enabled=1/enabled=0/" /etc/yum.repos.d/EL-Wazuh.repo
|
|
when: ansible_os_family == "RedHat"
|
|
|
|
- name: One way to avoid apt_key once it is removed from your distro
|
|
block:
|
|
- name: Wazuh |no apt key
|
|
ansible.builtin.get_url:
|
|
url: https://packages.wazuh.com/key/GPG-KEY-WAZUH
|
|
dest: /usr/share/keyrings/wazuh.gpg
|
|
mode: 644
|
|
|
|
- name: Wazuh | apt source
|
|
ansible.builtin.apt_repository:
|
|
repo: "deb [trusted=true] https://packages.wazuh.com/4.x/apt/ stable main"
|
|
state: present
|
|
|
|
- name: Wuzah install
|
|
ansible.builtin.apt:
|
|
name: wazuh-agent
|
|
state: present
|
|
update_cache: true
|
|
environment:
|
|
WAZUH_MANAGER: '{{ manager_ip }}'
|
|
|
|
- name: disable repo until needed - Debian
|
|
ansible.builtin.shell: |
|
|
sed -i "s/^deb/#deb/" /etc/apt/sources.list.d/wazuh.list
|
|
apt-get update
|
|
|
|
when: ansible_os_family == "Debian"
|
|
|
|
- name: start and enable
|
|
ansible.builtin.systemd_service:
|
|
state: started
|
|
enabled: true
|
|
daemon_reload: true
|
|
name: wazuh-agent
|
|
|
|
rescue:
|
|
- name: Add failed hosts to failed_host inventory
|
|
ansible.builtin.add_host:
|
|
name: "{{ inventory_hostname }}"
|
|
groups: failed_hosts
|
|
delegate_to: localhost
|
|
become: false
|
|
|
|
- name: List number of failed hosts
|
|
ansible.builtin.debug: # noqa: run-once[task]
|
|
var: "{{ groups['failed_hosts'] | length }}"
|
|
run_once: true
|
|
delegate_to: localhost
|
|
become: false
|
|
|
|
- name: List failed hosts - via hostgroup
|
|
ansible.builtin.debug: # noqa: run-once[task]
|
|
var: groups['failed_hosts']
|
|
run_once: true
|
|
delegate_to: localhost
|
|
become: false
|
|
|
|
- name: List failed hosts - direct
|
|
ansible.builtin.debug:
|
|
var: ansible_hostname
|
|
delegate_to: localhost
|
|
become: false
|
|
|
|
- name: Handle failed hosts
|
|
hosts: failed_hosts
|
|
tasks:
|
|
- name: Display debug info for failed hosts
|
|
ansible.builtin.debug:
|
|
var: ansible_hostname
|
|
delegate_to: localhost
|
|
become: false
|
|
|