From 5f80a6d041422d0e0f92a1b4e3fb044dee72fd8f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= <david.correa@wazuh.com>
Date: Thu, 11 Jan 2024 12:28:46 +0100
Subject: [PATCH 1/6] Indexer cluster initialization and ISM script are only
 executed once

---
 roles/wazuh/wazuh-indexer/tasks/security_actions.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/wazuh-indexer/tasks/security_actions.yml b/roles/wazuh/wazuh-indexer/tasks/security_actions.yml
index 797e2dbdd..2aa8c8023 100644
--- a/roles/wazuh/wazuh-indexer/tasks/security_actions.yml
+++ b/roles/wazuh/wazuh-indexer/tasks/security_actions.yml
@@ -102,7 +102,7 @@
     become: yes
     become_user: root
 
-  run_once: true
+  when: inventory_hostname == ansible_play_hosts[0]
 
 - name: Create custom user
   uri:

From 65d896ec7f4cd1cc8e51a3b62b85dc9f1c02e13b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= <teddytpc1@gmail.com>
Date: Wed, 24 Jan 2024 10:39:31 -0300
Subject: [PATCH 2/6] VD keystore changes

---
 .../ansible-wazuh-manager/tasks/main.yml      |  9 ++++++++
 .../var-ossec-etc-ossec-server.conf.j2        | 22 +++++++++----------
 2 files changed, 19 insertions(+), 12 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 1c029b6c5..1b9281137 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -252,6 +252,15 @@
     - init
     - config
 
+- name: Generate the wazuh-keystore
+  shell: >
+    /var/ossec/bin/wazuh-keystore -f indexer -k user -v {{ indexer_security_user }}
+    /var/ossec/bin/wazuh-keystore -f indexer -k password -v {{ indexer_security_password }}
+  notify: restart wazuh-manager
+  tags:
+    - init
+    - config
+
 - name: Ossec-authd password
   template:
     src: authd_pass.j2
diff --git a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2 b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
index d14a7bf67..d0b331703 100644
--- a/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
+++ b/roles/wazuh/ansible-wazuh-manager/templates/var-ossec-etc-ossec-server.conf.j2
@@ -267,20 +267,18 @@
   <indexer>
     <enabled>{% if wazuh_manager_config.vulnerability_detection.enabled == 'yes' or wazuh_manager_config.indexer.enabled == 'yes' %}yes{% else %}no{% endif %}</enabled>
     <hosts>
-    {% for item in wazuh_manager_config.indexer.hosts %} 
-      <host>https://{{ item }}:{{ filebeat_output_indexer_port }}</host> 
-    {% endfor %} 
+    {% for item in wazuh_manager_config.indexer.hosts %}
+      <host>https://{{ item }}:{{ filebeat_output_indexer_port }}</host>
+    {% endfor %}
     </hosts>
 
-    <username>{{ indexer_security_user }}</username> 
-    <password>{{ indexer_security_password }}</password> 
-    <ssl> 
-      <certificate_authorities> 
-        <ca>{{ filebeat_ssl_dir }}/root-ca.pem</ca> 
-      </certificate_authorities> 
-      <certificate>{{ filebeat_ssl_dir }}/{{ filebeat_node_name }}.pem</certificate> 
-      <key>{{ filebeat_ssl_dir }}/{{ filebeat_node_name }}-key.pem</key> 
-    </ssl> 
+    <ssl>
+      <certificate_authorities>
+        <ca>{{ filebeat_ssl_dir }}/root-ca.pem</ca>
+      </certificate_authorities>
+      <certificate>{{ filebeat_ssl_dir }}/{{ filebeat_node_name }}.pem</certificate>
+      <key>{{ filebeat_ssl_dir }}/{{ filebeat_node_name }}-key.pem</key>
+    </ssl>
   </indexer>
 
   <!-- File integrity monitoring -->

From eb9c4edcc9460ca39fa62f25164275d88404844d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= <david.correa@wazuh.com>
Date: Tue, 30 Jan 2024 16:18:25 +0100
Subject: [PATCH 3/6] Added condition to the custom user creation for Demo

---
 roles/wazuh/wazuh-indexer/tasks/security_actions.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/wazuh/wazuh-indexer/tasks/security_actions.yml b/roles/wazuh/wazuh-indexer/tasks/security_actions.yml
index 2aa8c8023..aea2138c2 100644
--- a/roles/wazuh/wazuh-indexer/tasks/security_actions.yml
+++ b/roles/wazuh/wazuh-indexer/tasks/security_actions.yml
@@ -122,5 +122,6 @@
     timeout: 4
   when:
     - indexer_custom_user is defined and indexer_custom_user
+    - inventory_hostname == ansible_play_hosts[0]
 
 

From 5936bf290f645fb1d1dabb0e6ae924096a83e8e8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= <teddytpc1@gmail.com>
Date: Wed, 31 Jan 2024 09:26:13 -0300
Subject: [PATCH 4/6] Changed user for username in the wazuh-keystore command

---
 roles/wazuh/ansible-wazuh-manager/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index 1b9281137..e8de0338a 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -254,7 +254,7 @@
 
 - name: Generate the wazuh-keystore
   shell: >
-    /var/ossec/bin/wazuh-keystore -f indexer -k user -v {{ indexer_security_user }}
+    /var/ossec/bin/wazuh-keystore -f indexer -k username -v {{ indexer_security_user }}
     /var/ossec/bin/wazuh-keystore -f indexer -k password -v {{ indexer_security_password }}
   notify: restart wazuh-manager
   tags:

From b8203475687d1c394a3998d413639b07ac4ae192 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= <david.correa@wazuh.com>
Date: Thu, 1 Feb 2024 16:13:41 +0100
Subject: [PATCH 5/6] Splitted wazuh-keystore generation task

---
 .../ansible-wazuh-manager/tasks/main.yml      | 25 ++++++++++++-------
 1 file changed, 16 insertions(+), 9 deletions(-)

diff --git a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
index e8de0338a..ba1c50808 100644
--- a/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
+++ b/roles/wazuh/ansible-wazuh-manager/tasks/main.yml
@@ -37,6 +37,22 @@
 - include_tasks: "Debian.yml"
   when: ansible_os_family == "Debian"
 
+- name: Generate the wazuh-keystore (username)
+  shell: >
+    /var/ossec/bin/wazuh-keystore -f indexer -k username -v {{ indexer_security_user }}
+  notify: restart wazuh-manager
+  tags:
+    - init
+    - config
+
+- name: Generate the wazuh-keystore (password)
+  shell: >
+    /var/ossec/bin/wazuh-keystore -f indexer -k password -v {{ indexer_security_password }}
+  notify: restart wazuh-manager
+  tags:
+    - init
+    - config
+  
 - name: Install expect
   package:
     name: expect
@@ -252,15 +268,6 @@
     - init
     - config
 
-- name: Generate the wazuh-keystore
-  shell: >
-    /var/ossec/bin/wazuh-keystore -f indexer -k username -v {{ indexer_security_user }}
-    /var/ossec/bin/wazuh-keystore -f indexer -k password -v {{ indexer_security_password }}
-  notify: restart wazuh-manager
-  tags:
-    - init
-    - config
-
 - name: Ossec-authd password
   template:
     src: authd_pass.j2

From 21bfbac8cdd311f11b9e6024d26e536b2bb761fd Mon Sep 17 00:00:00 2001
From: vcerenu <victor.erenu@wazuh.com>
Date: Mon, 5 Feb 2024 04:58:29 -0300
Subject: [PATCH 6/6] bump revision

---
 VERSION | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/VERSION b/VERSION
index cc9ada50a..4da3bcd88 100644
--- a/VERSION
+++ b/VERSION
@@ -1,2 +1,2 @@
 WAZUH-ANSIBLE_VERSION="v4.8.0"
-REVISION="40802"
+REVISION="40803"