Update wazuh-secrets.yml

MaxBed4d · web-flow · commit 8c6dccedee8b · 2024-11-07T16:47:04.000Z
diff --git a/etc/kayobe/ansible/wazuh-secrets.yml b/etc/kayobe/ansible/wazuh-secrets.yml
@@ -19,31 +19,6 @@
         path: "{{ wazuh_secrets_path }}"
       register: waz_exist_result
 
-    - name: Decrypt wazuh-secrets to checksum
-      no_log: True
-      copy:
-        content: "{{ lookup('ansible.builtin.file', wazuh_secrets_path) | ansible.builtin.vault(ansible_vault_password) }}"
-        dest: "{{ wazuh_secrets_path }}"
-        decrypt: true
-      vars:
-        ansible_vault_password: "{{ lookup('ansible.builtin.env', 'KAYOBE_VAULT_PASSWORD') }}"
-      when: waz_exist_result.stat.exists
-
-    - name: Template new secrets
-      no_log: True
-      template:
-        src: wazuh-secrets.yml.j2
-        dest: "/tmp/wazuh-secrets.yml"
-      when: waz_exist_result.stat.exists
-
-    - name: Copy for checksum
-      no_log: True
-      copy:
-        content: "{{ lookup('ansible.builtin.file', '/tmp/wazuh-secrets.yml') }}"
-        dest: "{{ wazuh_secrets_path }}"
-        checksum: yes
-      when: waz_exist_result.stat.exists
-
     - name: Template new secrets
       no_log: True
       template:
@@ -59,3 +34,4 @@
         decrypt: false
       vars:
         ansible_vault_password: "{{ lookup('ansible.builtin.env', 'KAYOBE_VAULT_PASSWORD') }}"
+      when: not waz_exist_result.stat.exists
