mirror of
https://github.com/wazuh/wazuh-docker.git
synced 2025-11-02 04:53:16 +00:00
Fix wazuh.yml persistence
This commit is contained in:
vcerenu
@@ -102,7 +102,7 @@ ADMIN_PRIVILEGES=true # App privileges
|
||||
│ │ ├── wazuh_manager.conf
|
||||
│ │ └── wazuh_worker.conf
|
||||
│ ├── wazuh_dashboard
|
||||
│ │ └── opensearch_dashboard.yml
|
||||
│ │ └── opensearch_dashboards.yml
|
||||
│ ├── wazuh-indexer
|
||||
│ │ ├── internal_users.yml
|
||||
│ │ ├── opensearch.yml
|
||||
@@ -116,7 +116,7 @@ ADMIN_PRIVILEGES=true # App privileges
|
||||
├── VERSION
|
||||
├── wazuh-dashboard
|
||||
│ ├── config
|
||||
│ │ ├── opensearch_dashboard.yml
|
||||
│ │ ├── opensearch_dashboards.yml
|
||||
│ │ ├── entrypoint.sh
|
||||
│ │ ├── wazuh_app_config.sh
|
||||
│ │ └── wazuh.yml
|
||||
|
||||
@@ -149,7 +149,8 @@ services:
|
||||
- ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/etc/wazuh-dashboard/certs/wazuh-dashboard.pem
|
||||
- ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/etc/wazuh-dashboard/certs/wazuh-dashboard-key.pem
|
||||
- ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-dashboard/certs/root-ca.pem
|
||||
- ./production_cluster/wazuh_dashboard/opensearch_dashboard.yml:/etc/wazuh-dashboard/opensearch_dashboard.yml
|
||||
- ./production_cluster/wazuh_dashboard/opensearch_dashboards.yml:/etc/wazuh-dashboard/opensearch_dashboards.yml
|
||||
- ./production_cluster/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
|
||||
depends_on:
|
||||
- wazuh1.indexer
|
||||
links:
|
||||
|
||||
7
production_cluster/wazuh_dashboard/wazuh.yml
Normal file
7
production_cluster/wazuh_dashboard/wazuh.yml
Normal file
@@ -0,0 +1,7 @@
|
||||
hosts:
|
||||
- 1513629884013:
|
||||
url: "https://wazuh.master"
|
||||
port: 55000
|
||||
username: acme-user
|
||||
password: MyS3cr37P450r.*-
|
||||
run_as: false
|
||||
@@ -15,7 +15,7 @@ COPY config/entrypoint.sh /
|
||||
|
||||
COPY config/wazuh_app_config.sh /
|
||||
|
||||
COPY config/opensearch_dashboard.yml /etc/wazuh-dashboard/
|
||||
COPY config/opensearch_dashboards.yml /etc/wazuh-dashboard/
|
||||
|
||||
COPY config/wazuh.yml /usr/share/wazuh-dashboard/data/wazuh/config/
|
||||
|
||||
@@ -23,7 +23,9 @@ RUN chmod 700 /entrypoint.sh
|
||||
|
||||
RUN chmod 700 /wazuh_app_config.sh
|
||||
|
||||
RUN chown 101:101 /etc/wazuh-dashboard/opensearch_dashboard.yml && chmod 664 /etc/wazuh-dashboard/opensearch_dashboard.yml
|
||||
RUN chown 101:101 /etc/wazuh-dashboard/opensearch_dashboards.yml && chmod 664 /etc/wazuh-dashboard/opensearch_dashboards.yml
|
||||
|
||||
RUN mkdir -p /usr/share/wazuh-dashboard/data/wazuh && chown -R 101:101 /usr/share/wazuh-dashboard/data/wazuh && chmod -R 775 /usr/share/wazuh-dashboard/data/wazuh
|
||||
|
||||
RUN mkdir -p /usr/share/wazuh-dashboard/data/wazuh/config && chown -R 101:101 /usr/share/wazuh-dashboard/data/wazuh/config && chmod -R 775 /usr/share/wazuh-dashboard/data/wazuh/config
|
||||
|
||||
|
||||
@@ -1,10 +1,56 @@
|
||||
#!/bin/bash
|
||||
# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2)
|
||||
|
||||
set -e
|
||||
|
||||
##############################################################################
|
||||
# Waiting for Wazuh indexer
|
||||
##############################################################################
|
||||
|
||||
if [ "x${INDEXER_URL}" == "x" ]; then
|
||||
if [[ ${ENABLED_SECURITY} == "false" ]]; then
|
||||
export idx_url="http://wazuh1.indexer:9200"
|
||||
else
|
||||
export idx_url="https://wazuh1.indexer:9200"
|
||||
fi
|
||||
else
|
||||
export idx_url="${INDEXER_URL}"
|
||||
fi
|
||||
|
||||
export auth="--user ${INDEXER_USERNAME}:${INDEXER_PASSWORD} -k"
|
||||
|
||||
until curl -XGET $idx_url ${auth}; do
|
||||
>&2 echo "Wazuh indexer is unavailable - sleeping"
|
||||
sleep 5
|
||||
done
|
||||
|
||||
sleep 2
|
||||
|
||||
>&2 echo "Elasticsearch is up."
|
||||
|
||||
|
||||
##############################################################################
|
||||
# Waiting for wazuh alerts template
|
||||
##############################################################################
|
||||
|
||||
strlen=0
|
||||
|
||||
while [[ $strlen -eq 0 ]]
|
||||
do
|
||||
template=$(curl ${auth} $idx_url/_cat/templates/wazuh -s)
|
||||
strlen=${#template}
|
||||
>&2 echo "Wazuh alerts template not loaded - sleeping."
|
||||
sleep 2
|
||||
done
|
||||
|
||||
sleep 2
|
||||
|
||||
>&2 echo "Wazuh alerts template is loaded."
|
||||
|
||||
##############################################################################
|
||||
# Start Wazuh dashboard
|
||||
##############################################################################
|
||||
|
||||
/wazuh_app_config.sh
|
||||
|
||||
runuser wazuh-dashboard --shell="/bin/bash" --command="/usr/share/wazuh-dashboard/bin/opensearch-dashboards -c /etc/wazuh-dashboard/opensearch_dashboard.yml"
|
||||
runuser wazuh-dashboard --shell="/bin/bash" --command="/usr/share/wazuh-dashboard/bin/opensearch-dashboards -c /etc/wazuh-dashboard/opensearch_dashboards.yml"
|
||||
|
||||
@@ -5,9 +5,14 @@ wazuh_url="${WAZUH_API_URL:-https://wazuh}"
|
||||
wazuh_port="${API_PORT:-55000}"
|
||||
api_username="${API_USERNAME:-wazuh-wui}"
|
||||
api_password="${API_PASSWORD:-wazuh-wui}"
|
||||
api_run_as="${RUN_AS:-false}"
|
||||
|
||||
dashboard_config_file="/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml"
|
||||
|
||||
grep -q 1513629884013 $dashboard_config_file
|
||||
_config_exists=$?
|
||||
|
||||
if [[ $_config_exists -ne 0 ]]; then
|
||||
cat << EOF > $dashboard_config_file
|
||||
hosts:
|
||||
- 1513629884013:
|
||||
@@ -15,6 +20,9 @@ hosts:
|
||||
port: $wazuh_port
|
||||
username: $api_username
|
||||
password: $api_password
|
||||
run_as: $api_run_as
|
||||
EOF
|
||||
|
||||
else
|
||||
echo "Wazuh APP already configured"
|
||||
fi
|
||||
|
||||
|
||||
Reference in New Issue
Block a user