diff --git a/.ansible-lint b/.ansible-lint
new file mode 100644
index 00000000..1fc8ac67
--- /dev/null
+++ b/.ansible-lint
@@ -0,0 +1,6 @@
+---
+exclude_paths:
+ - .terragrunt-cache
+ - infra/
+ - packer/
+ - cli/
diff --git a/ansible/roles/settings_updates/README.md b/ansible/roles/settings_updates/README.md
index 3cb7e7b4..e1d18115 100644
--- a/ansible/roles/settings_updates/README.md
+++ b/ansible/roles/settings_updates/README.md
@@ -18,6 +18,11 @@ Install Windows updates on managed hosts
- **Enable update service** (ansible.windows.win_service)
- **Install all updates and reboot as many times as needed** (ansible.windows.win_updates)
+### main.yml
+
+- **Enable update service** (ansible.windows.win_service)
+- **Install all updates and reboot as many times as needed** (ansible.windows.win_updates)
+
## Example Playbook
```yaml
diff --git a/ansible/roles/settings_updates/tasks/main.yml b/ansible/roles/settings_updates/tasks/main.yml
new file mode 100644
index 00000000..56ec6d22
--- /dev/null
+++ b/ansible/roles/settings_updates/tasks/main.yml
@@ -0,0 +1,11 @@
+---
+- name: Enable update service
+ ansible.windows.win_service:
+ name: Windows Update
+ state: started
+ start_mode: auto
+
+- name: Install all updates and reboot as many times as needed
+ ansible.windows.win_updates:
+ category_names: '*'
+ reboot: true
diff --git a/ansible/roles/wazuh_agent_linux/README.md b/ansible/roles/wazuh_agent_linux/README.md
index 1c85b078..5f096f46 100644
--- a/ansible/roles/wazuh_agent_linux/README.md
+++ b/ansible/roles/wazuh_agent_linux/README.md
@@ -13,6 +13,16 @@ Install Wazuh agent on Linux hosts
## Tasks
+### main.yml
+
+- **Add Wazuh GPG key** (ansible.builtin.rpm_key) - Conditional
+- **Add Wazuh APT key** (ansible.builtin.apt_key) - Conditional
+- **Add Wazuh repository (Debian/Ubuntu)** (ansible.builtin.apt_repository) - Conditional
+- **Add Wazuh repository (RHEL/CentOS)** (ansible.builtin.yum_repository) - Conditional
+- **Install Wazuh agent** (ansible.builtin.package)
+- **Configure Wazuh agent manager address** (ansible.builtin.lineinfile)
+- **Enable and start Wazuh agent** (ansible.builtin.systemd)
+
## Example Playbook
```yaml
diff --git a/ansible/roles/wazuh_agent_linux/tasks/main.yml b/ansible/roles/wazuh_agent_linux/tasks/main.yml
new file mode 100644
index 00000000..88e5543b
--- /dev/null
+++ b/ansible/roles/wazuh_agent_linux/tasks/main.yml
@@ -0,0 +1,48 @@
+---
+- name: Add Wazuh GPG key
+ ansible.builtin.rpm_key:
+ key: https://packages.wazuh.com/key/GPG-KEY-WAZUH
+ state: present
+ when: ansible_os_family == "RedHat"
+
+- name: Add Wazuh APT key
+ ansible.builtin.apt_key:
+ url: https://packages.wazuh.com/key/GPG-KEY-WAZUH
+ state: present
+ when: ansible_os_family == "Debian"
+
+- name: Add Wazuh repository (Debian/Ubuntu)
+ ansible.builtin.apt_repository:
+ repo: "deb https://packages.wazuh.com/4.x/apt/ stable main"
+ state: present
+ filename: wazuh
+ when: ansible_os_family == "Debian"
+
+- name: Add Wazuh repository (RHEL/CentOS)
+ ansible.builtin.yum_repository:
+ name: wazuh
+ description: Wazuh repository
+ baseurl: https://packages.wazuh.com/4.x/yum/
+ gpgcheck: true
+ gpgkey: https://packages.wazuh.com/key/GPG-KEY-WAZUH
+ enabled: true
+ when: ansible_os_family == "RedHat"
+
+- name: Install Wazuh agent
+ ansible.builtin.package:
+ name: wazuh-agent
+ state: present
+ environment:
+ WAZUH_MANAGER: "{{ wazuh_manager_host }}"
+
+- name: Configure Wazuh agent manager address
+ ansible.builtin.lineinfile:
+ path: /var/ossec/etc/ossec.conf
+ regexp: '.*'
+ line: " {{ wazuh_manager_host }}"
+
+- name: Enable and start Wazuh agent
+ ansible.builtin.systemd:
+ name: wazuh-agent
+ state: started
+ enabled: true