modify several classes with new changes

wazuh · Jun 9, 2023 · 1ff19cd · 1ff19cd
1 parent 971e5dc
commit 1ff19cd
Show file tree

Hide file tree

Showing 17 changed files with 72 additions and 596 deletions.
diff --git a/manifests/agent.pp b/manifests/agent.pp
@@ -12,10 +12,6 @@
   $agent_service_ensure              = $wazuh::params_agent::agent_service_ensure,
   $agent_msi_download_location       = $wazuh::params_agent::agent_msi_download_location,
 
-  # Manage repository
-
-  $manage_repo                       = $wazuh::params_agent::manage_repo,
-
   # Authd registration options
   $manage_client_keys                = $wazuh::params_agent::manage_client_keys,
   $agent_name                        = $wazuh::params_agent::agent_name,
@@ -248,7 +244,7 @@
 ) inherits wazuh::params_agent {
   # validate_bool(
   #   $ossec_active_response, $ossec_rootcheck,
-  #   $selinux, $manage_repo,
+  #   $selinux,
   # )
   # This allows arrays of integers, sadly
   # (commented due to stdlib version requirement)
@@ -274,14 +270,6 @@
   # Package installation
   case $::kernel {
     'Linux': {
-      if $manage_repo {
-        class { 'wazuh::repo': }
-        if $::osfamily == 'Debian' {
-          Class['wazuh::repo'] -> Class['apt::update'] -> Package[$agent_package_name]
-        } else {
-          Class['wazuh::repo'] -> Package[$agent_package_name]
-        }
-      }
       package { $agent_package_name:
         ensure => "${agent_package_version}-${agent_package_revision}", # lint:ignore:security_package_pinned_version
       }

diff --git a/manifests/certificates.pp b/manifests/certificates.pp
@@ -3,6 +3,11 @@
 class wazuh::certificates (
   $wazuh_repository = 'packages.wazuh.com',
   $wazuh_version = '4.4',
+  $indexer_certs = [],
+  $manager_certs = [],
+  $manager_master_certs = [],
+  $manager_worker_certs = [],
+  $dashboard_certs = []
 ) {
   file { 'Configure Wazuh Certificates config.yml':
     owner   => 'root',
@@ -29,4 +34,13 @@
       File['/tmp/config.yml'],
     ],
   }
+  file { 'Copy all certificates into module':
+    ensure => 'directory',
+    source => '/tmp/wazuh-certificates/',
+    recurse => 'remote',
+    path => '/etc/puppetlabs/code/environments/production/modules/archive/files/',
+    owner => 'root',
+    group => 'root',
+    mode  => '0755',
+  }
 }
diff --git a/manifests/certificates_dist.pp b/manifests/certificates_dist.pp
diff --git a/manifests/dashboard.pp b/manifests/dashboard.pp
@@ -6,6 +6,7 @@
   $dashboard_version = '4.4.0',
   $indexer_server_ip = 'localhost',
   $indexer_server_port = '9200',
+  $manager_api_host = 'localhost',
   $dashboard_path_certs = '/etc/wazuh-dashboard/certs',
   $dashboard_fileuser = 'wazuh-dashboard',
   $dashboard_filegroup = 'wazuh-dashboard',
@@ -23,26 +24,15 @@
   $dashboard_wazuh_api_credentials = [
     {
       'id'       => 'default',
-      'url'      => 'https://localhost',
+      'url'      => "https://${manager_api_host}",
       'port'     => '55000',
       'user'     => 'wazuh-wui',
       'password' => 'wazuh-wui',
     },
   ],
 
-  $manage_repos = false, # Change to true when manager is not present.
 ) {
 
-  if $manage_repos {
-    include wazuh::repo
-
-    if $::osfamily == 'Debian' {
-      Class['wazuh::repo'] -> Class['apt::update'] -> Package['wazuh-dashboard']
-    } else {
-      Class['wazuh::repo'] -> Package['wazuh-dashboard']
-    }
-  }
-
   # assign version according to the package manager
   case $facts['os']['family'] {
     'Debian': {
@@ -59,8 +49,6 @@
     name   => $dashboard_package,
   }
 
-  require wazuh::certificates
-
   exec { "ensure full path of ${dashboard_path_certs}":
     path    => '/usr/bin:/bin',
     command => "mkdir -p ${dashboard_path_certs}",
@@ -84,8 +72,9 @@
       owner   => $dashboard_fileuser,
       group   => $dashboard_filegroup,
       mode    => '0400',
-      replace => false,  # only copy content when file not exist
-      source  => "/tmp/wazuh-certificates/${certfile}",
+      replace => true,
+      recurse => remote,
+      source  => "puppet:///modules/archive/${certfile}",
     }
   }
 

diff --git a/manifests/dashboard_dist.pp b/manifests/dashboard_dist.pp
diff --git a/manifests/filebeat_oss.pp b/manifests/filebeat_oss.pp
@@ -19,13 +19,6 @@
   $filebeat_filegroup = 'root',
   $filebeat_path_certs = '/etc/filebeat/certs',
 ) {
-  include wazuh::repo
-
-  if $facts['os']['family'] == 'Debian' {
-    Class['wazuh::repo'] -> Class['apt::update'] -> Package['filebeat']
-  } else {
-    Class['wazuh::repo'] -> Package['filebeat']
-  }
 
   package { 'filebeat':
     ensure => $filebeat_oss_version,
@@ -77,8 +70,6 @@
     require => Package['filebeat'],
   }
 
-  require wazuh::certificates
-
   exec { "ensure full path of ${filebeat_path_certs}":
     path    => '/usr/bin:/bin',
     command => "mkdir -p ${filebeat_path_certs}",
@@ -93,8 +84,8 @@
   }
 
   $_certfiles = {
-    'server.pem'     => 'filebeat.pem',
-    'server-key.pem' => 'filebeat-key.pem',
+    'manager-master.pem'     => 'filebeat.pem',
+    'manager-master-key.pem' => 'filebeat-key.pem',
     'root-ca.pem'    => 'root-ca.pem',
   }
   $_certfiles.each |String $certfile_source, String $certfile_target| {
@@ -103,8 +94,9 @@
       owner   => $filebeat_fileuser,
       group   => $filebeat_filegroup,
       mode    => '0400',
-      replace => false,  # only copy content when file not exist
-      source  => "/tmp/wazuh-certificates/${certfile_source}",
+      replace => true,
+      recurse => remote,
+      source  => "puppet:///modules/archive/${certfile_source}",
     }
   }