Skip to main content

Adding FleetDM Hosts via Ansible

Other Install Options

Of course, the main focus of this page is to demonstrate the convenience of Ansible with respect to pushing and installing software to a batch of hosts. You don't have to use Ansible to install Fleet DM Osquery agents on your endpoints!

You could just as well generate the installation packages as demonstrated below, copy the package to your endpoints, and install the package manually. If you have a large batch of hosts, Ansible may be the better choice, but the choice is yours.

 

Generating Installation Packages

  1. SSH into your FleetDM management server
  2. Download the latest copy of fleetctl 
  3. Install the docker and docker-compose
  4. Log into the FleetDM management web server
  5. Click on Hosts
  6. Click on add hosts
  7. My FleetDM's TLS server is self-signed, so I will do an advanced installation command using fleetctl
  8. Go back to your SSH session and use fleetctl to generate the packages
# .rpm
fleetctl package --type=rpm --fleet-url=https://fleetdm.home.lab:8080 --enroll-secret=<redacted> --fleet-certificate=/etc/ssl/fleet.cert

# .deb
fleetctl package --type=deb --fleet-url=https://fleetdm.home.lab:8080 --enroll-secret=<redacted> --fleet-certificate=/etc/ssl/fleet.cert

# .msi
fleetctl package --type=msi --fleet-url=https://fleetdm.home.lab:8080 --enroll-secret=<redacted> --fleet-certificate=/etc/ssl/fleet.cert

Transfer the Installation Packages to Ansible Server

Inventory is at ~/.ansible/inventory/inventory.ini and is my default inventory in ~/.ansible.cfg

[linux]
# Debian
10.80.80.19
# Fedora
10.80.80.20

[windows]
# Win 10 Enterprise
10.80.80.23

Group variables are specified in:

~/.ansible/inventory/group_vars/
|___linux/
|	|_____vars.yml
|   |_____vault.yml
|___windows/
	|_____vars.yml
    |_____vault.yml

My playbook folder structure is as such:

/home/user/ansible-playbooks/fleet/
|___fleet.yml
|___fleet-osquery.deb
|___fleet-osquery.msi
|___fleet-osquery.rpm

Here is the playbook I used to install the packages

---
- name: Install Fleet osquery on Windows
  hosts:
    - windows
  vars:
    # relative or absolute path
    msi_src: fleet-osquery.msi
    msi_dest_dir: C:\Temp\
    msi_dest_path: '{{ msi_dest_dir ~ msi_src }}'
  tasks:
    # Windows
    - name: Copy installer to Windows hosts
      win_copy:
        src: '{{ msi_src }}'
        dest: '{{ msi_dest_dir }}'
      become: yes
      become_method: runas

    - name: Install Fleet osquery agent on Windows hosts
      win_package:
        path: '{{ msi_dest_path }}'
        state: present
        chdir: '{{ msi_dest_dir }}'
      become: yes
      become_method: runas

- name: Install Fleet osquery on Linux
  hosts:
    - linux
  vars:
    # relative or absolute path
    deb_src: fleet-osquery.deb
    rpm_src: fleet-osquery.rpm
    linux_dest_dir: /tmp/
    deb_dest_path: '{{ linux_dest_dir ~ deb_src }}'
    rpm_dest_path: '{{ linux_dest_dir ~ rpm_src }}'
  tasks:
    # Debian-based
    - name: Copy Fleet osquery installer to Debian Linux hosts
      copy:
        src: '{{ deb_src }}'
        dest: '{{ linux_dest_dir }}'
      become: yes
      when: ansible_os_family == "Debian"

    - name: Install Fleet osquery agent on Debian Linux hosts
      apt:
        deb: '{{ deb_dest_path }}'
      become: yes
      when: ansible_os_family == "Debian"

    # RedHat-based
    - name: Copy Fleet osquery installer to RedHat Linux hosts
      copy:
        src: '{{ rpm_src }}'
        dest: '{{ linux_dest_dir }}'
      become: yes
      when: ansible_os_family == "RedHat"

    - name: Install Fleet osquery on RedHat Linux hosts
      yum:
        name: '{{ rpm_dest_path }}'
        state: present
        validate_certs: no
        disable_gpg_check: yes
      become: yes
      when: ansible_os_family == "RedHat"
Back to top