Puppet Class: wazuh::dashboard
- Defined in:
- manifests/dashboard.pp
Overview
Copyright © 2015, Wazuh Inc. Setup for Wazuh Dashboard
3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 |
# File 'manifests/dashboard.pp', line 3
class wazuh::dashboard (
$dashboard_package = 'wazuh-dashboard',
$dashboard_service = 'wazuh-dashboard',
$dashboard_version = '4.8.0',
$indexer_server_ip = 'localhost',
$indexer_server_port = '9200',
$manager_api_host = '127.0.0.1',
$dashboard_path_certs = '/etc/wazuh-dashboard/certs',
$dashboard_fileuser = 'wazuh-dashboard',
$dashboard_filegroup = 'wazuh-dashboard',
$dashboard_server_port = '443',
$dashboard_server_host = '0.0.0.0',
$dashboard_server_hosts = "https://${indexer_server_ip}:${indexer_server_port}",
# If the keystore is used, the credentials are not managed by the module (TODO).
# If use_keystore is false, the keystore is deleted, the dashboard use the credentials in the configuration file.
$use_keystore = true,
$dashboard_user = 'kibanaserver',
$dashboard_password = 'kibanaserver',
$dashboard_wazuh_api_credentials = [
{
'id' => 'default',
'url' => "https://${manager_api_host}",
'port' => '55000',
'user' => 'wazuh-wui',
'password' => 'wazuh-wui',
},
],
) {
# assign version according to the package manager
case $facts['os']['family'] {
'Debian': {
$dashboard_version_install = "${dashboard_version}-*"
}
'Linux', 'RedHat', default: {
$dashboard_version_install = $dashboard_version
}
}
# install package
package { 'wazuh-dashboard':
ensure => $dashboard_version_install,
name => $dashboard_package,
}
exec { "ensure full path of ${dashboard_path_certs}":
path => '/usr/bin:/bin',
command => "mkdir -p ${dashboard_path_certs}",
creates => $dashboard_path_certs,
require => Package['wazuh-dashboard'],
}
-> file { $dashboard_path_certs:
ensure => directory,
owner => $dashboard_fileuser,
group => $dashboard_filegroup,
mode => '0500',
}
[
'dashboard.pem',
'dashboard-key.pem',
'root-ca.pem',
].each |String $certfile| {
file { "${dashboard_path_certs}/${certfile}":
ensure => file,
owner => $dashboard_fileuser,
group => $dashboard_filegroup,
mode => '0400',
replace => true,
recurse => remote,
source => "puppet:///modules/archive/${certfile}",
}
}
file { '/etc/wazuh-dashboard/opensearch_dashboards.yml':
content => template('wazuh/wazuh_dashboard_yml.erb'),
group => $dashboard_filegroup,
mode => '0640',
owner => $dashboard_fileuser,
require => Package['wazuh-dashboard'],
notify => Service['wazuh-dashboard'],
}
file { [ '/usr/share/wazuh-dashboard/data/wazuh/', '/usr/share/wazuh-dashboard/data/wazuh/config' ]:
ensure => 'directory',
group => $dashboard_filegroup,
mode => '0755',
owner => $dashboard_fileuser,
require => Package['wazuh-dashboard'],
}
-> file { '/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml':
content => template('wazuh/wazuh_yml.erb'),
group => $dashboard_filegroup,
mode => '0600',
owner => $dashboard_fileuser,
notify => Service['wazuh-dashboard'],
}
unless $use_keystore {
file { '/etc/wazuh-dashboard/opensearch_dashboards.keystore':
ensure => absent,
require => Package['wazuh-dashboard'],
before => Service['wazuh-dashboard'],
}
}
service { 'wazuh-dashboard':
ensure => running,
enable => true,
hasrestart => true,
name => $dashboard_service,
}
}
|