Move agent tasks to correct playbook

MoteHue · MoteHue · commit 25d216c52c06 · 2023-11-06T13:53:55.000Z
diff --git a/etc/kayobe/ansible/wazuh-agent.yml b/etc/kayobe/ansible/wazuh-agent.yml
@@ -5,3 +5,35 @@
   tasks:
     - import_role:
         name: "wazuh-ansible/wazuh-ansible/roles/wazuh/ansible-wazuh-agent"
+  post_tasks:
+    - name: Check if custom SCA policies directory exists
+      stat:
+        path: "{{ local_custom_sca_policies_path }}"
+      register: custom_sca_policies_folder
+      delegate_to: localhost
+
+    - name: Gather list of custom SCA policies
+      find:
+        paths: "{{ local_custom_sca_policies_path }}"
+        patterns: '*.yml'
+      delegate_to: localhost
+      register: custom_sca_policies
+      when: custom_sca_policies_folder.stat.exists
+
+    - name: Allow Wazuh agents to execute commands in SCA policies sent from the Wazuh manager
+      become: yes
+      blockinfile:
+        path: "/var/ossec/etc/local_internal_options.conf"
+        state: present
+        owner: wazuh
+        group: wazuh
+        block: sca.remote_commands=1
+      when: custom_sca_policies.files | length > 0
+      notify:
+        - Restart wazuh-agent
+
+  handlers:
+    - name: Restart wazuh-agent
+      service:
+        name: wazuh-agent
+        state: restarted
diff --git a/etc/kayobe/ansible/wazuh-manager.yml b/etc/kayobe/ansible/wazuh-manager.yml
@@ -105,49 +105,3 @@
       command: filebeat test output
       changed_when: false
       retries: 2
-
-  handlers:
-    - name: Restart wazuh
-      service:
-        name: wazuh-manager
-        state: restarted
-
-    - name: Restart wazuh-dashboard
-      service:
-        name: wazuh-dashboard
-        state: restarted
-
-- hosts: wazuh-agent
-  become_user: root
-  tasks:
-    - name: Check if custom SCA policies directory exists
-      stat:
-        path: "{{ local_custom_sca_policies_path }}"
-      register: custom_sca_policies_folder
-      delegate_to: localhost
-
-    - name: Gather list of custom SCA policies
-      find:
-        paths: "{{ local_custom_sca_policies_path }}"
-        patterns: '*.yml'
-      delegate_to: localhost
-      register: custom_sca_policies
-      when: custom_sca_policies_folder.stat.exists
-
-    - name: Allow Wazuh agents to execute commands in SCA policies sent from the Wazuh manager
-      become: yes
-      blockinfile:
-        path: "/var/ossec/etc/local_internal_options.conf"
-        state: present
-        owner: wazuh
-        group: wazuh
-        block: sca.remote_commands=1
-      when: custom_sca_policies.files | length > 0
-      notify:
-        - Restart wazuh-agent
-
-  handlers:
-    - name: Restart wazuh-agent
-      service:
-        name: wazuh-agent
-        state: restarted
