From 46132eed4060d549524c876ce8e5e0bec72b4037 Mon Sep 17 00:00:00 2001
From: Razin DV <d.razin@oom.ag>
Date: Mon, 7 Jul 2025 18:31:21 +0300
Subject: [PATCH 1/4] create playbook for deploy swarm cron

---
 playbooks/services/run-swarm-cron.yml | 36 +++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100755 playbooks/services/run-swarm-cron.yml

diff --git a/playbooks/services/run-swarm-cron.yml b/playbooks/services/run-swarm-cron.yml
new file mode 100755
index 00000000..f7822abb
--- /dev/null
+++ b/playbooks/services/run-swarm-cron.yml
@@ -0,0 +1,36 @@
+#!/usr/bin/env -S ansible-playbook 
+#
+# Playbook to install and run swarm-cron (https://crazymax.dev/swarm-cronjob) container on
+# target nodes. Run it like usual executable script:
+#
+# > ./run-swarm-cron.yml
+
+---
+- name: Configure target servers
+  hosts: swarm_cron_servers
+  become: yes
+  become_user: root
+
+  tasks:
+    - name: Start swarm-cron container
+      community.docker.docker_compose_v2:
+        state: present
+        project_name: swarm-cron
+        definition:
+          version: '3.5'
+          services:
+            swarm-cronjob:
+              image: "crazymax/swarm-cronjob:{{ swarm_cron_tag | default('1') }}"
+              volumes:
+                - "/var/run/docker.sock:/var/run/docker.sock"
+              environment:
+                - "TZ={{ swarm_cron_tag | default('Europe/Moscow') }}"
+                - "LOG_LEVEL={{ swarm_cron_tag | default('info') }}"
+                - "LOG_JSON={{ swarm_cron_tag | default('false') }}"
+              deploy:
+                placement:
+                  constraints:
+                    - node.role == manager
+
+      tags:
+        - swarm-cron

From 36f6d2ef277fe37614d50e87f9d38d2f79ab7eba Mon Sep 17 00:00:00 2001
From: Dmitry Razin <mnhyc.r@gmail.com>
Date: Fri, 22 May 2026 10:52:41 +0300
Subject: [PATCH 2/4] Fix swarm cron

---
 playbooks/services/run-swarm-cron.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/playbooks/services/run-swarm-cron.yml b/playbooks/services/run-swarm-cron.yml
index f7822abb..ab76c9cd 100755
--- a/playbooks/services/run-swarm-cron.yml
+++ b/playbooks/services/run-swarm-cron.yml
@@ -24,9 +24,9 @@
               volumes:
                 - "/var/run/docker.sock:/var/run/docker.sock"
               environment:
-                - "TZ={{ swarm_cron_tag | default('Europe/Moscow') }}"
-                - "LOG_LEVEL={{ swarm_cron_tag | default('info') }}"
-                - "LOG_JSON={{ swarm_cron_tag | default('false') }}"
+                - "TZ={{ swarm_cron_tz | default('Europe/Moscow') }}"
+                - "LOG_LEVEL={{ swarm_cron_log_level | default('info') }}"
+                - "LOG_JSON={{ swarm_cron_log_json | default('false') }}"
               deploy:
                 placement:
                   constraints:

From 37e96b50e082454e984eb39c16dd85903d216fe5 Mon Sep 17 00:00:00 2001
From: Dmitry Razin <mnhyc.r@gmail.com>
Date: Fri, 22 May 2026 10:55:48 +0300
Subject: [PATCH 3/4] Add wazuh and wazuh-agent playbooks

---
 playbooks/services/run-wazuh-agent.yml | 49 ++++++++++++++++++++++++++
 playbooks/services/run-wazuh.yml       | 12 +++++++
 tools/roles_lists/wazuh.yml            |  4 +++
 3 files changed, 65 insertions(+)
 create mode 100755 playbooks/services/run-wazuh-agent.yml
 create mode 100755 playbooks/services/run-wazuh.yml
 create mode 100644 tools/roles_lists/wazuh.yml

diff --git a/playbooks/services/run-wazuh-agent.yml b/playbooks/services/run-wazuh-agent.yml
new file mode 100755
index 00000000..207cb5c6
--- /dev/null
+++ b/playbooks/services/run-wazuh-agent.yml
@@ -0,0 +1,49 @@
+#!/usr/bin/env -S ansible-playbook -e @vars/extra.yaml
+#
+# Playbook to install and run Wazuh Agent 
+# Run it like usual executable script:
+# > ./run-wazuh-agent.yml
+#
+# Required vars:
+# wazuh_agent_version: wazuh-agent_4.14.5-1_amd64.deb
+# wazuh_agent_manager_address: 127.0.0.1
+# wazuh_agent_group: default
+# wazuh_agent_name: agent
+#
+
+---
+- name: Deploy Wazuh Agent
+  hosts: wazuh_agent
+
+  tasks:
+  - name: Download wazuh agent
+    ansible.builtin.get_url:
+      url: "https://packages.wazuh.com/4.x/apt/pool/main/w/wazuh-agent/{{ wazuh_agent_version }}"
+      dest: "/tmp/{{ wazuh_agent_version }}"
+      mode: "0644"
+
+  - name: Install wazuh agent
+    ansible.builtin.shell: >
+      WAZUH_MANAGER='{{ wazuh_agent_manager_address }}'
+      WAZUH_AGENT_GROUP='{{ wazuh_agent_group }}'
+      WAZUH_AGENT_NAME='{{ wazuh_agent_name }}'
+      dpkg -i /tmp/{{ wazuh_agent_version }}
+    args:
+      creates: /var/ossec/bin/wazuh-control
+
+  - name: Systemctl daemon reload
+    ansible.builtin.systemd:
+      daemon_reload: true
+
+  - name: Set Wazuh Manager addres in ossec.conf
+    ansible.builtin.replace:
+      path: /var/ossec/etc/ossec.conf
+      regexp: '<address>.*</address>'
+      replace: '<address>{{ wazuh_agent_manager_address }}</address>'
+      backup: true
+
+  - name: Start wazuh-agent systemd unit
+    ansible.builtin.systemd:
+      name: wazuh-agent
+      enabled: true
+      state: restarted
diff --git a/playbooks/services/run-wazuh.yml b/playbooks/services/run-wazuh.yml
new file mode 100755
index 00000000..38bc56e5
--- /dev/null
+++ b/playbooks/services/run-wazuh.yml
@@ -0,0 +1,12 @@
+#!/usr/bin/env -S ansible-playbook -e @vars/extra.yaml
+#
+# Run it like usual executable script:
+#
+# > ./run-wazuh.yml
+#
+---
+- name: Setup wazuh
+  hosts: wazuh
+  become: true
+  roles:
+    - { role: one_mind.wazuh, tags: ['wazuh'] }
diff --git a/tools/roles_lists/wazuh.yml b/tools/roles_lists/wazuh.yml
new file mode 100644
index 00000000..60666e87
--- /dev/null
+++ b/tools/roles_lists/wazuh.yml
@@ -0,0 +1,4 @@
+---
+- src: https://github.com/one-mINd/ansible-wazuh.git
+  version: master
+  name: one_mind.wazuh

From 894c34ce61872373904d520c68e10a9afd06efa8 Mon Sep 17 00:00:00 2001
From: Dmitry Razin <mnhyc.r@gmail.com>
Date: Thu, 28 May 2026 18:07:29 +0300
Subject: [PATCH 4/4] Add jitsi

---
 playbooks/services/run-jitsi.yml | 15 +++++++++++++++
 tools/roles_lists/jitsi.yml      |  4 ++++
 2 files changed, 19 insertions(+)
 create mode 100755 playbooks/services/run-jitsi.yml
 create mode 100644 tools/roles_lists/jitsi.yml

diff --git a/playbooks/services/run-jitsi.yml b/playbooks/services/run-jitsi.yml
new file mode 100755
index 00000000..805e4b56
--- /dev/null
+++ b/playbooks/services/run-jitsi.yml
@@ -0,0 +1,15 @@
+#!/usr/bin/env ansible-playbook
+#
+# Playbook to install and run Jitsi 
+# Run it like usual executable script:
+#
+# > ./run-jitsi.yml
+#
+# For configuration vars look at roles variables
+#
+---
+- name: Configure target servers
+  hosts: jitsi
+  remote_user: root
+  roles:
+    - { role: one-mind.jitsi, tags: ['jitsi'] }
diff --git a/tools/roles_lists/jitsi.yml b/tools/roles_lists/jitsi.yml
new file mode 100644
index 00000000..c535d157
--- /dev/null
+++ b/tools/roles_lists/jitsi.yml
@@ -0,0 +1,4 @@
+---
+- src: https://github.com/one-mINd/ansible-jitsi.git
+  version: master
+  name: one-mind.jitsi