From 42724cb11634b67f2801020a0672ef6833cf233e Mon Sep 17 00:00:00 2001
From: Grzegorz Koper <grzegorzk@stackhpc.com>
Date: Wed, 8 Jan 2025 13:52:26 +0100
Subject: [PATCH] feat(wazuh): Add JVM proxy configuration for Slack
 notifications

Add JVM proxy settings to wazuh-indexer configuration to enable OpenSearch
Dashboard Slack notifications when running behind a proxy. The configuration:
- Sets both HTTP and HTTPS proxy host and port from http_proxy_url
- Triggers wazuh-indexer restart when proxy settings change

http_proxy_url needs to be defined before running wazuh-manager.yml
---
 etc/kayobe/ansible/wazuh-manager.yml | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/etc/kayobe/ansible/wazuh-manager.yml b/etc/kayobe/ansible/wazuh-manager.yml
index d4013ebd69..868af57863 100644
--- a/etc/kayobe/ansible/wazuh-manager.yml
+++ b/etc/kayobe/ansible/wazuh-manager.yml
@@ -116,6 +116,23 @@
       notify:
         - Restart wazuh
 
+    - name: Add JVM proxy settings to wazuh-indexer
+      blockinfile:
+        path: "/etc/wazuh-indexer/jvm.options"
+        state: present
+        owner: root
+        group: wazuh
+        marker: "# {mark} ANSIBLE MANAGED BLOCK JVM PROXY SETTINGS"
+        block: |
+          -Dhttp.proxyHost={{ http_proxy_url | urlsplit('hostname') }}
+          -Dhttp.proxyPort={{ http_proxy_url | urlsplit('port') }}
+          -Dhttps.proxyHost={{ http_proxy_url | urlsplit('hostname') }}
+          -Dhttps.proxyPort={{ http_proxy_url | urlsplit('port') }}
+        backup: yes
+      when: http_proxy_url is defined
+      notify:
+        - Restart wazuh-indexer
+
     - name: Perform health check against filebeat
       command: filebeat test output
       changed_when: false
@@ -126,3 +143,8 @@
       service:
         name: wazuh-manager
         state: restarted
+
+    - name: Restart wazuh-indexer
+      service:
+        name: wazuh-indexer
+        state: restarted