--- kolide_fleet_ssl_cert: /etc/ssl/certs/fleet.cert kolide_fleet_ssl_key: /etc/ssl/private/fleet.key kolide_fleet_ssl_ca_cert: /etc/ssl/certs/fleet-ca.pem kolide_fleet_ssl_pem: /etc/ssl/private/fleet.pem osquery_enroll_secret_file: /etc/osquery/osquery_enroll_secret osquery_flags: - "--tls_server_certs={{ kolide_fleet_ssl_cert }}" - "--tls_hostname={{ hostvars[groups['kolide-fleet_all'][0]]['ansible_host'] }}:443" - "--host_identifier=hostname" - "--enroll_tls_endpoint=/api/v1/osquery/enroll" - "--config_plugin=filesystem,tls" - "--config_tls_endpoint=/api/v1/osquery/config" - "--config_tls_refresh=10" - "--disable_distributed=false" - "--distributed_plugin=tls" - "--distributed_interval=10" - "--distributed_tls_max_attempts=3" - "--distributed_tls_read_endpoint=/api/v1/osquery/distributed/read" - "--distributed_tls_write_endpoint=/api/v1/osquery/distributed/write" - "--logger_path=/var/log/osquery" - "--logger_plugin=filesystem,tls" - "--logger_tls_endpoint=/api/v1/osquery/log" - "--logger_tls_period=10" - "--enroll_secret_path={{ osquery_enroll_secret_file }}" - "--pidfile=/var/run/osqueryd.pid"