paulmataruso/wazuh-docker-mirror
1
0
Fork 0
mirror of https://github.com/wazuh/wazuh-docker.git synced 2025-11-04 05:53:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '4.8.1' into merge-4.8.1-into-master

Browse Source
This commit is contained in:
David Correa Rodríguez
2023-11-27 18:18:42 +01:00
parent dc167c2316 52ddc7607f
commit 0ef3428788
10 changed files with 54 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.env
View File

@@ -1,6 +1,6 @@
WAZUH_VERSION=4.9.0 WAZUH_VERSION=4.9.0
WAZUH_IMAGE_VERSION=4.9.0 WAZUH_IMAGE_VERSION=4.9.0
WAZUH_TAG_REVISION=1 WAZUH_TAG_REVISION=1
FILEBEAT_TEMPLATE_BRANCH=4.8.0 FILEBEAT_TEMPLATE_BRANCH=4.9.0
WAZUH_FILEBEAT_MODULE=wazuh-filebeat-0.2.tar.gz WAZUH_FILEBEAT_MODULE=wazuh-filebeat-0.3.tar.gz
WAZUH_UI_REVISION=1 WAZUH_UI_REVISION=1

5
CHANGELOG.md
View File

@@ -6,6 +6,11 @@ All notable changes to this project will be documented in this file.
- Update Wazuh to version [4.9.0](https://github.com/wazuh/wazuh/blob/v4.9.0/CHANGELOG.md#v490) - Update Wazuh to version [4.9.0](https://github.com/wazuh/wazuh/blob/v4.9.0/CHANGELOG.md#v490)
## Wazuh Docker v4.8.1
### Added
- Update Wazuh to version [4.8.1](https://github.com/wazuh/wazuh/blob/v4.8.1/CHANGELOG.md#v481)
## Wazuh Docker v4.8.0 ## Wazuh Docker v4.8.0
### Added ### Added

1
README.md
View File

@@ -197,6 +197,7 @@ WAZUH_MONITORING_REPLICAS=0 ##
| Wazuh version | ODFE | XPACK | | Wazuh version | ODFE | XPACK |
|---------------|---------|--------| |---------------|---------|--------|
| v4.9.0 | | | | v4.9.0 | | |
| v4.8.1 | | |
| v4.8.0 | | | | v4.8.0 | | |
| v4.7.1 | | | | v4.7.1 | | |
| v4.7.0 | | | | v4.7.0 | | |

2
build-docker-images/README.md
View File

@@ -24,7 +24,7 @@ $ build-docker-images/build-images.sh -h
Usage: build-docker-images/build-images.sh [OPTIONS] Usage: build-docker-images/build-images.sh [OPTIONS]
-d, --dev <ref> [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default. -d, --dev <ref> [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default.
-f, --filebeat-module <ref> [Optional] Set Filebeat module version. By default 0.2. -f, --filebeat-module <ref> [Optional] Set Filebeat module version. By default 0.3.
-r, --revision <rev> [Optional] Package revision. By default 1 -r, --revision <rev> [Optional] Package revision. By default 1
-v, --version <ver> [Optional] Set the Wazuh version should be builded. By default, 4.9.0. -v, --version <ver> [Optional] Set the Wazuh version should be builded. By default, 4.9.0.
-h, --help Show this help. -h, --help Show this help.

2
build-docker-images/build-images.sh
View File

@@ -15,7 +15,7 @@ IMAGE_VERSION=${WAZUH_IMAGE_VERSION}
WAZUH_IMAGE_VERSION="4.9.0" WAZUH_IMAGE_VERSION="4.9.0"
WAZUH_TAG_REVISION="1" WAZUH_TAG_REVISION="1"
WAZUH_DEV_STAGE="" WAZUH_DEV_STAGE=""
FILEBEAT_MODULE_VERSION="0.2" FILEBEAT_MODULE_VERSION="0.3"
# ----------------------------------------------------------------------------- # -----------------------------------------------------------------------------

3
build-docker-images/wazuh-dashboard/Dockerfile
View File

@@ -80,9 +80,6 @@ ENV PATTERN="" \
WAZUH_MONITORING_SHARDS="" \ WAZUH_MONITORING_SHARDS="" \
WAZUH_MONITORING_REPLICAS="" WAZUH_MONITORING_REPLICAS=""
# Install dependencies
RUN apt update && apt install -y libnss3-dev fonts-liberation libfontconfig1
# Create wazuh-dashboard user and group # Create wazuh-dashboard user and group
RUN getent group $GROUP || groupadd -r -g 1000 $GROUP RUN getent group $GROUP || groupadd -r -g 1000 $GROUP
RUN useradd --system \ RUN useradd --system \

10
build-docker-images/wazuh-dashboard/config/install_wazuh_app.sh
View File

@@ -1,5 +1,7 @@
## variables ## variables
WAZUH_APP=https://packages.wazuh.com/4.x/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip WAZUH_APP=https://packages.wazuh.com/4.x/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
WAZUH_CHECK_UPDATES=https://packages.wazuh.com/4.x/ui/dashboard/wazuhCheckUpdates-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
WAZUH_CORE=https://packages.wazuh.com/4.x/ui/dashboard/wazuhCore-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-) WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-)
MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1) MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1)
MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2) MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2)
@@ -11,15 +13,23 @@ MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3)
## check version to use the correct repository ## check version to use the correct repository
if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then
WAZUH_APP=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip WAZUH_APP=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
WAZUH_CHECK_UPDATES=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuhCheckUpdates-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
WAZUH_CORE=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuhCore-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then
if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then
WAZUH_APP=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip WAZUH_APP=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
WAZUH_CHECK_UPDATES=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuhCheckUpdates-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
WAZUH_CORE=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuhCore-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then
if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then
WAZUH_APP=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip WAZUH_APP=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
WAZUH_CHECK_UPDATES=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuhCheckUpdates-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
WAZUH_CORE=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuhCore-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
fi fi
fi fi
fi fi
# Install Wazuh App # Install Wazuh App
$INSTALL_DIR/bin/opensearch-dashboards-plugin install $WAZUH_APP --allow-root $INSTALL_DIR/bin/opensearch-dashboards-plugin install $WAZUH_APP --allow-root
$INSTALL_DIR/bin/opensearch-dashboards-plugin install $WAZUH_CHECK_UPDATES --allow-root
$INSTALL_DIR/bin/opensearch-dashboards-plugin install $WAZUH_CORE --allow-root

6
build-docker-images/wazuh-indexer/config/ism-check.sh
View File

@@ -1,4 +1,8 @@
#!/bin/bash #!/bin/bash
MIN_SHARD_SIZE=${MIN_SHARD_SIZE:-25}
MIN_INDEX_AGE=${MIN_INDEX_AGE:-"7d"}
MIN_DOC_COUNT=${MIN_DOC_COUNT:-600000000}
ISM_PRIORITY=${ISM_PRIORITY:-50}
SERVER=`hostname` SERVER=`hostname`
if [[ -n "$INDEXER_PASSWORD" ]]; then if [[ -n "$INDEXER_PASSWORD" ]]; then
until [[ `curl -XGET https://$SERVER:9200/_cat/indices -u admin:SecretPassword -k -s | grep .opendistro_security | wc -l` -eq 1 ]] until [[ `curl -XGET https://$SERVER:9200/_cat/indices -u admin:SecretPassword -k -s | grep .opendistro_security | wc -l` -eq 1 ]]
@@ -6,5 +10,5 @@ if [[ -n "$INDEXER_PASSWORD" ]]; then
echo "Wazuh indexer Security is not initiaized"; echo "Wazuh indexer Security is not initiaized";
sleep 30 sleep 30
done done
bash /usr/share/wazuh-indexer/bin/indexer-ism-init.sh -p $INDEXER_PASSWORD -i $SERVER bash /usr/share/wazuh-indexer/bin/indexer-ism-init.sh -p $INDEXER_PASSWORD -i $SERVER -P $ISM_PRIORITY -d $MIN_DOC_COUNT -a $MIN_INDEX_AGE -s $MIN_SHARD_SIZE
fi fi

7
build-docker-images/wazuh-manager/Dockerfile
View File

@@ -13,16 +13,15 @@ ARG WAZUH_FILEBEAT_MODULE
RUN apt-get update && apt install curl apt-transport-https lsb-release gnupg -y RUN apt-get update && apt install curl apt-transport-https lsb-release gnupg -y
COPY config/check_repository.sh / COPY config/check_repository.sh /
RUN chmod 775 /check_repository.sh RUN chmod 775 /check_repository.sh
RUN source /check_repository.sh RUN source /check_repository.sh
RUN apt-get update && \ RUN apt-get update && \
apt-get install wazuh-manager=${WAZUH_VERSION}-${WAZUH_TAG_REVISION} apt-get install wazuh-manager=${WAZUH_VERSION}-${WAZUH_TAG_REVISION}
RUN curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-amd64.deb &&\ COPY config/filebeat_module.sh /
dpkg -i ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-amd64.deb && rm -f ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-amd64.deb && \ RUN chmod 775 /filebeat_module.sh
curl -s https://packages.wazuh.com/4.x/filebeat/${WAZUH_FILEBEAT_MODULE} | tar -xvz -C /usr/share/filebeat/module RUN source /filebeat_module.sh
ARG S6_VERSION="v2.2.0.3" ARG S6_VERSION="v2.2.0.3"
RUN curl --fail --silent -L https://github.com/just-containers/s6-overlay/releases/download/${S6_VERSION}/s6-overlay-amd64.tar.gz \ RUN curl --fail --silent -L https://github.com/just-containers/s6-overlay/releases/download/${S6_VERSION}/s6-overlay-amd64.tar.gz \

25
build-docker-images/wazuh-manager/config/filebeat_module.sh Normal file
View File

@@ -0,0 +1,25 @@
REPOSITORY="packages.wazuh.com/4.x"
WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-)
MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1)
MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2)
MINOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f3)
MAJOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f1)
MID_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f2)
MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3)
## check version to use the correct repository
if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then
REPOSITORY="packages-dev.wazuh.com/pre-release"
elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then
if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then
REPOSITORY="packages-dev.wazuh.com/pre-release"
elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then
if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then
REPOSITORY="packages-dev.wazuh.com/pre-release"
fi
fi
fi
curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-amd64.deb &&\
dpkg -i ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-amd64.deb && rm -f ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-amd64.deb && \
curl -s https://${REPOSITORY}/filebeat/${WAZUH_FILEBEAT_MODULE} | tar -xvz -C /usr/share/filebeat/module