wazuh · teddytpc1 · Nov 27, 2024 · Nov 14, 2024
diff --git a/.github/playbooks/aio-wazuh.yml b/.github/playbooks/aio-wazuh.yml
@@ -1,38 +1,42 @@
 - name: Generate certificates prior to converging
-  hosts: localhost
+  hosts: aio
   become: true
   become_user: root
   roles:
     # 1. Check packages
     - role: ../../roles/wazuh/check-packages
       become: no
-      delegate_to: localhost
+      delegate_to: aio
       run_once: true
     # 2. Generate certificates
     - role: ../../roles/wazuh/wazuh-indexer
       vars:
         generate_certs: true
         perform_installation: false
-        instances:
-          node1:
-            name: wazuh-es01       # Important: must be equal to indexer_node_name.
-            ip: "127.0.0.1"   # When unzipping, the node will search for its node name folder to get the cert.
-            role: indexer
-          node3:
-            name: wazuh-mgr01
-            ip: "127.0.0.1"
-            role: wazuh
-          node5:
-            name: wazuh-dash01
-            ip: "127.0.0.1"
-            role: dashboard
+        macos_localhost: false
+  vars:
+    # wazuh_endpoint_list: "{{ groups['aio'] }}"
+    instances:
+      node1:
+        name: wazuh-es01       # Important: must be equal to indexer_node_name.
+        ip: "127.0.0.1"   # When unzipping, the node will search for its node name folder to get the cert.
+        role: indexer
+      node3:
+        name: wazuh-mgr01
+        ip: "127.0.0.1"
+        role: wazuh
+      node5:
+        name: wazuh-dash01
+        ip: "127.0.0.1"
+        role: dashboard
   pre_tasks:
     - name: overview of cert configuration
       debug:
-        var: wazuh_endpoint_list
+        # var: wazuh_endpoint_list
+        var: instances
 
 - name: Converge
-  hosts: localhost
+  hosts: aio
   become: true
   become_user: root
   roles:

diff --git a/.github/playbooks/distributed-wazuh.yml b/.github/playbooks/distributed-wazuh.yml
@@ -0,0 +1,177 @@
+---
+# Certificates generation
+- hosts: wi1
+  roles:
+    # Check packages
+    - role: ../../roles/wazuh/check-packages
+      become: no
+      delegate_to: localhost
+      run_once: true
+    # Generate certificates
+    - role: ../../roles/wazuh/wazuh-indexer
+      vars:
+        generate_certs: true
+        perform_installation: false
+  become: true
+  become_user: root
+  vars:
+    indexer_node_master: true
+    instances:
+      node1:
+        name: node-1
+        ip: "{{ hostvars.wi1.private_ip }}"
+        role: indexer
+      node2:
+        name: node-2
+        ip: "{{ hostvars.wi2.private_ip }}"
+        role: indexer
+      node3:
+        name: node-3
+        ip: "{{ hostvars.wi3.private_ip }}"
+        role: indexer
+      node4:
+        name: node-4
+        ip: "{{ hostvars.manager.private_ip }}"
+        role: wazuh
+        node_type: master
+      node5:
+        name: node-5
+        ip: "{{ hostvars.worker.private_ip }}"
+        role: wazuh
+        node_type: worker
+      node6:
+        name: node-6
+        ip: "{{ hostvars.dashboard.private_ip }}"
+        role: dashboard
+    macos_localhost: false
+  tags:
+    - generate-certs
+
+# Wazuh indexer cluster
+- hosts: wi_cluster
+  strategy: free
+  roles:
+    - role: ../../roles/wazuh/wazuh-indexer
+      indexer_network_host: "{{ private_ip }}"
+  become: yes
+  become_user: root
+  vars:
+    indexer_cluster_nodes:
+      - "{{ hostvars.wi1.private_ip }}"
+      - "{{ hostvars.wi2.private_ip }}"
+      - "{{ hostvars.wi3.private_ip }}"
+    indexer_discovery_nodes:
+      - "{{ hostvars.wi1.private_ip }}"
+      - "{{ hostvars.wi2.private_ip }}"
+      - "{{ hostvars.wi3.private_ip }}"
+    indexer_node_master: true
+    instances:
+      node1:
+        name: node-1       # Important: must be equal to indexer_node_name.
+        ip: "{{ hostvars.wi1.private_ip }}"   # When unzipping, the node will search for its node name folder to get the cert.
+        role: indexer
+      node2:
+        name: node-2
+        ip: "{{ hostvars.wi2.private_ip }}"
+        role: indexer
+      node3:
+        name: node-3
+        ip: "{{ hostvars.wi3.private_ip }}"
+        role: indexer
+      node4:
+        name: node-4
+        ip: "{{ hostvars.manager.private_ip }}"
+        role: wazuh
+        node_type: master
+      node5:
+        name: node-5
+        ip: "{{ hostvars.worker.private_ip }}"
+        role: wazuh
+        node_type: worker
+      node6:
+        name: node-6
+        ip: "{{ hostvars.dashboard.private_ip }}"
+        role: dashboard
+
+# Wazuh cluster
+- hosts: manager
+  roles:
+    - role: "../../roles/wazuh/ansible-wazuh-manager"
+    - role: "../../roles/wazuh/ansible-filebeat-oss"
+  become: yes
+  become_user: root
+  vars:
+    filebeat_node_name: node-4
+    wazuh_manager_config:
+      connection:
+          - type: 'secure'
+            port: '1514'
+            protocol: 'tcp'
+            queue_size: 131072
+      api:
+          https: 'yes'
+      cluster:
+          disable: 'no'
+          node_name: 'master'
+          node_type: 'master'
+          key: 'c98b62a9b6169ac5f67dae55ae4a9088'
+          nodes:
+              - "{{ hostvars.manager.private_ip }}"
+          hidden: 'no'
+    wazuh_api_users:
+      - username: custom-user
+        password: SecretPassword1!
+    filebeat_output_indexer_hosts:
+            - "{{ hostvars.wi1.private_ip }}"
+            - "{{ hostvars.wi2.private_ip }}"
+            - "{{ hostvars.wi3.private_ip }}"
+
+- hosts: worker
+  roles:
+    - role: "../../roles/wazuh/ansible-wazuh-manager"
+    - role: "../../roles/wazuh/ansible-filebeat-oss"
+  become: yes
+  become_user: root
+  vars:
+    filebeat_node_name: node-5
+    wazuh_manager_config:
+      connection:
+          - type: 'secure'
+            port: '1514'
+            protocol: 'tcp'
+            queue_size: 131072
+      api:
+          https: 'yes'
+      cluster:
+          disable: 'no'
+          node_name: 'worker_01'
+          node_type: 'worker'
+          key: 'c98b62a9b6169ac5f67dae55ae4a9088'
+          nodes:
+              - "{{ hostvars.manager.private_ip }}"
+          hidden: 'no'
+    filebeat_output_indexer_hosts:
+            - "{{ hostvars.wi1.private_ip }}"
+            - "{{ hostvars.wi2.private_ip }}"
+            - "{{ hostvars.wi3.private_ip }}"
+
+# Wazuh dashboard node
+- hosts: dashboard
+  roles:
+    - role: "../../roles/wazuh/wazuh-dashboard"
+  become: yes
+  become_user: root
+  vars:
+    indexer_network_host: "{{ hostvars.wi1.private_ip }}"
+    indexer_cluster_nodes:
+      - "{{ hostvars.wi1.private_ip }}"
+      - "{{ hostvars.wi2.private_ip }}"
+      - "{{ hostvars.wi3.private_ip }}"
+    dashboard_node_name: node-6
+    wazuh_api_credentials:
+      - id: default
+        url: https://{{ hostvars.manager.private_ip }}
+        port: 55000
+        username: custom-user
+        password: SecretPassword1!
+    ansible_shell_allow_world_readable_temp: true
diff --git a/.github/playbooks/single-wazuh.yml b/.github/playbooks/single-wazuh.yml