mirror of
https://github.com/wazuh/wazuh-docker.git
synced 2025-10-23 04:51:57 +00:00
fix in wazuh-indexer demo certificates
This commit is contained in:
vcerenu
@@ -3,7 +3,7 @@ version: '3.7'
|
||||
|
||||
services:
|
||||
wazuh.manager:
|
||||
image: wazuh/wazuh-odfe:4.3.0
|
||||
image: wazuh/wazuh-manager:4.3.0
|
||||
hostname: wazuh.manager
|
||||
restart: always
|
||||
ports:
|
||||
|
||||
Binary file not shown.
@@ -6,12 +6,6 @@ path.data: /var/lib/wazuh-indexer
|
||||
path.logs: /var/log/wazuh-indexer
|
||||
discovery.type: single-node
|
||||
compatibility.override_main_response_version: true
|
||||
###############################################################################
|
||||
# #
|
||||
# WARNING: Insecure demo certificates set up in this file. #
|
||||
# Please change on production cluster! #
|
||||
# #
|
||||
###############################################################################
|
||||
plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/admin.pem
|
||||
plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/admin-key.pem
|
||||
plugins.security.ssl.http.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem
|
||||
|
||||
@@ -14,12 +14,6 @@ transport.tcp.port: 9800-9899
|
||||
node.max_local_storage_nodes: "3"
|
||||
path.data: /var/lib/wazuh-indexer
|
||||
path.logs: /var/log/wazuh-indexer
|
||||
###############################################################################
|
||||
# #
|
||||
# WARNING: Insecure demo certificates set up in this file. #
|
||||
# Please change on production cluster! #
|
||||
# #
|
||||
###############################################################################
|
||||
plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/wazuh1.indexer.pem
|
||||
plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/wazuh1.indexer.key
|
||||
plugins.security.ssl.http.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem
|
||||
@@ -31,14 +25,14 @@ plugins.security.ssl.transport.enforce_hostname_verification: false
|
||||
plugins.security.ssl.transport.resolve_hostname: false
|
||||
plugins.security.audit.type: internal_opensearch
|
||||
plugins.security.authcz.admin_dn:
|
||||
- "CN=admin,OU=Docu,O=Wazuh,L=California,C=US"
|
||||
- "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
|
||||
plugins.security.check_snapshot_restore_write_privileges: true
|
||||
plugins.security.enable_snapshot_restore_privilege: true
|
||||
plugins.security.nodes_dn:
|
||||
- "CN=wazuh1.indexer,OU=Docu,O=Wazuh,L=California,C=US"
|
||||
- "CN=wazuh2.indexer,OU=Docu,O=Wazuh,L=California,C=US"
|
||||
- "CN=wazuh3.indexer,OU=Docu,O=Wazuh,L=California,C=US"
|
||||
- "CN=filebeat,OU=Docu,O=Wazuh,L=California,C=US"
|
||||
- "CN=wazuh1.indexer,OU=Wazuh,O=Wazuh,L=California,C=US"
|
||||
- "CN=wazuh2.indexer,OU=Wazuh,O=Wazuh,L=California,C=US"
|
||||
- "CN=wazuh3.indexer,OU=Wazuh,O=Wazuh,L=California,C=US"
|
||||
- "CN=filebeat,OU=Wazuh,O=Wazuh,L=California,C=US"
|
||||
plugins.security.restapi.roles_enabled:
|
||||
- "all_access"
|
||||
- "security_rest_api_access"
|
||||
|
||||
@@ -14,12 +14,6 @@ transport.tcp.port: 9800-9899
|
||||
node.max_local_storage_nodes: "3"
|
||||
path.data: /var/lib/wazuh-indexer
|
||||
path.logs: /var/log/wazuh-indexer
|
||||
###############################################################################
|
||||
# #
|
||||
# WARNING: Insecure demo certificates set up in this file. #
|
||||
# Please change on production cluster! #
|
||||
# #
|
||||
###############################################################################
|
||||
plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/wazuh2.indexer.pem
|
||||
plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/wazuh2.indexer.key
|
||||
plugins.security.ssl.http.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem
|
||||
@@ -31,14 +25,14 @@ plugins.security.ssl.transport.enforce_hostname_verification: false
|
||||
plugins.security.ssl.transport.resolve_hostname: false
|
||||
plugins.security.audit.type: internal_opensearch
|
||||
plugins.security.authcz.admin_dn:
|
||||
- "CN=admin,OU=Docu,O=Wazuh,L=California,C=US"
|
||||
- "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
|
||||
plugins.security.check_snapshot_restore_write_privileges: true
|
||||
plugins.security.enable_snapshot_restore_privilege: true
|
||||
plugins.security.nodes_dn:
|
||||
- "CN=wazuh1.indexer,OU=Docu,O=Wazuh,L=California,C=US"
|
||||
- "CN=wazuh2.indexer,OU=Docu,O=Wazuh,L=California,C=US"
|
||||
- "CN=wazuh3.indexer,OU=Docu,O=Wazuh,L=California,C=US"
|
||||
- "CN=filebeat,OU=Docu,O=Wazuh,L=California,C=US"
|
||||
- "CN=wazuh1.indexer,OU=Wazuh,O=Wazuh,L=California,C=US"
|
||||
- "CN=wazuh2.indexer,OU=Wazuh,O=Wazuh,L=California,C=US"
|
||||
- "CN=wazuh3.indexer,OU=Wazuh,O=Wazuh,L=California,C=US"
|
||||
- "CN=filebeat,OU=Wazuh,O=Wazuh,L=California,C=US"
|
||||
plugins.security.restapi.roles_enabled:
|
||||
- "all_access"
|
||||
- "security_rest_api_access"
|
||||
|
||||
@@ -14,12 +14,6 @@ transport.tcp.port: 9800-9899
|
||||
node.max_local_storage_nodes: "3"
|
||||
path.data: /var/lib/wazuh-indexer
|
||||
path.logs: /var/log/wazuh-indexer
|
||||
###############################################################################
|
||||
# #
|
||||
# WARNING: Insecure demo certificates set up in this file. #
|
||||
# Please change on production cluster! #
|
||||
# #
|
||||
###############################################################################
|
||||
plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/wazuh3.indexer.pem
|
||||
plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/wazuh3.indexer.key
|
||||
plugins.security.ssl.http.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem
|
||||
@@ -31,14 +25,14 @@ plugins.security.ssl.transport.enforce_hostname_verification: false
|
||||
plugins.security.ssl.transport.resolve_hostname: false
|
||||
plugins.security.audit.type: internal_opensearch
|
||||
plugins.security.authcz.admin_dn:
|
||||
- "CN=admin,OU=Docu,O=Wazuh,L=California,C=US"
|
||||
- "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
|
||||
plugins.security.check_snapshot_restore_write_privileges: true
|
||||
plugins.security.enable_snapshot_restore_privilege: true
|
||||
plugins.security.nodes_dn:
|
||||
- "CN=wazuh1.indexer,OU=Docu,O=Wazuh,L=California,C=US"
|
||||
- "CN=wazuh2.indexer,OU=Docu,O=Wazuh,L=California,C=US"
|
||||
- "CN=wazuh3.indexer,OU=Docu,O=Wazuh,L=California,C=US"
|
||||
- "CN=filebeat,OU=Docu,O=Wazuh,L=California,C=US"
|
||||
- "CN=wazuh1.indexer,OU=Wazuh,O=Wazuh,L=California,C=US"
|
||||
- "CN=wazuh2.indexer,OU=Wazuh,O=Wazuh,L=California,C=US"
|
||||
- "CN=wazuh3.indexer,OU=Wazuh,O=Wazuh,L=California,C=US"
|
||||
- "CN=filebeat,OU=Wazuh,O=Wazuh,L=California,C=US"
|
||||
plugins.security.restapi.roles_enabled:
|
||||
- "all_access"
|
||||
- "security_rest_api_access"
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
nodes:
|
||||
# Wazuh indexer server nodes
|
||||
elasticsearch:
|
||||
indexer:
|
||||
name: wazuh1.indexer
|
||||
ip: wazuh1.indexer
|
||||
name: wazuh2.indexer
|
||||
@@ -18,7 +18,7 @@ nodes:
|
||||
ip: wazuh.worker
|
||||
node_type: worker
|
||||
|
||||
# Kibana node
|
||||
kibana:
|
||||
# Wazuh dashboard node
|
||||
dashboard:
|
||||
name: wazuh.dashboard
|
||||
ip: wazuh.dashboard
|
||||
@@ -6,9 +6,9 @@ wazuh_port="${API_PORT:-55000}"
|
||||
api_username="${API_USERNAME:-wazuh-wui}"
|
||||
api_password="${API_PASSWORD:-wazuh-wui}"
|
||||
|
||||
kibana_config_file="/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml"
|
||||
dashboard_config_file="/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml"
|
||||
|
||||
cat << EOF > $kibana_config_file
|
||||
cat << EOF > $dashboard_config_file
|
||||
hosts:
|
||||
- 1513629884013:
|
||||
url: $wazuh_url
|
||||
|
||||
@@ -3,7 +3,7 @@ FROM ubuntu:focal AS builder
|
||||
|
||||
ENV tini_bin="tini-amd64"
|
||||
|
||||
RUN apt-get update -y && apt-get install curl -y
|
||||
RUN apt-get update -y && apt-get install curl openssl xz-utils -y
|
||||
|
||||
RUN curl --retry 8 -S -L -O https://github.com/krallin/tini/releases/download/v0.19.0/${tini_bin}
|
||||
RUN curl --retry 8 -S -L -O https://github.com/krallin/tini/releases/download/v0.19.0/${tini_bin}.sha256sum
|
||||
@@ -17,8 +17,14 @@ COPY config/unattended_installer.tar.gz /
|
||||
|
||||
COPY config/config.sh .
|
||||
|
||||
COPY config/config.yml /
|
||||
|
||||
RUN tar -xzvf /unattended_installer.tar.gz
|
||||
|
||||
RUN mv /config.yml /unattended_installer/install_functions/
|
||||
|
||||
RUN chmod 755 /unattended_installer/install_functions/wazuh-cert-tool.sh && bash /unattended_installer/install_functions/wazuh-cert-tool.sh
|
||||
|
||||
RUN bash config.sh
|
||||
|
||||
################################################################################
|
||||
|
||||
@@ -14,14 +14,15 @@ export LIB_DIR=/var/lib/${NAME}
|
||||
export PID_DIR=/run/${NAME}
|
||||
export INSTALLATION_DIR=/usr/share/${NAME}
|
||||
export BASE_DIR=${NAME}-*
|
||||
export INDEXER_FILE=wazuh-indexer-base-linux-x64.tar.gz
|
||||
export INDEXER_FILE=wazuh-indexer-base.tar.xz
|
||||
export BASE_FILE=wazuh-indexer-base-4.3.0-linux-x64.tar.xz
|
||||
export REPO_DIR=/unattended_installer
|
||||
|
||||
|
||||
rm -rf ${INSTALLATION_DIR}/
|
||||
|
||||
curl -o ${INDEXER_FILE} https://s3.amazonaws.com/warehouse.wazuh.com/indexer/${INDEXER_FILE}
|
||||
tar -zvxf ${INDEXER_FILE}
|
||||
curl -o ${INDEXER_FILE} https://packages-dev.wazuh.com/stack/indexer/base/${BASE_FILE}
|
||||
tar -xf ${INDEXER_FILE}
|
||||
|
||||
# copy to target
|
||||
mkdir -p ${TARGET_DIR}${INSTALLATION_DIR}
|
||||
@@ -47,8 +48,10 @@ cp -pr ${BASE_DIR}/* ${TARGET_DIR}${INSTALLATION_DIR}
|
||||
# Copy the security tools
|
||||
cp ${REPO_DIR}/install_functions/wazuh-cert-tool.sh ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/
|
||||
cp ${REPO_DIR}/install_functions/wazuh-passwords-tool.sh ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/
|
||||
cp ${REPO_DIR}/config/opensearch/certificate/config_aio.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/config.yml
|
||||
#cp ${REPO_DIR}/config/indexer/certificate/config_aio.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/config.yml
|
||||
# Copy Wazuh's config files for the security plugin
|
||||
cp -pr ${REPO_DIR}/config/opensearch/roles/roles_mapping.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/
|
||||
cp -pr ${REPO_DIR}/config/opensearch/roles/roles.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/
|
||||
cp -pr ${REPO_DIR}/config/opensearch/roles/internal_users.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/
|
||||
cp -pr ${REPO_DIR}/config/indexer/roles/roles_mapping.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/
|
||||
cp -pr ${REPO_DIR}/config/indexer/roles/roles.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/
|
||||
cp -pr ${REPO_DIR}/config/indexer/roles/internal_users.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/
|
||||
# Copy Wazuh indexer certificates
|
||||
cp -R ${REPO_DIR}/install_functions/certs ${TARGET_DIR}${CONFIG_DIR}
|
||||
|
||||
5
wazuh-indexer/config/config.yml
Normal file
5
wazuh-indexer/config/config.yml
Normal file
@@ -0,0 +1,5 @@
|
||||
nodes:
|
||||
# Wazuh indexer server nodes
|
||||
indexer:
|
||||
name: demo.indexer
|
||||
ip: demo.indexer
|
||||
@@ -6,31 +6,24 @@ path.data: /var/lib/wazuh-indexer
|
||||
path.logs: /var/log/wazuh-indexer
|
||||
discovery.type: single-node
|
||||
compatibility.override_main_response_version: true
|
||||
###############################################################################
|
||||
# #
|
||||
# WARNING: Insecure demo certificates set up in this file. #
|
||||
# Please change on production cluster! #
|
||||
# #
|
||||
###############################################################################
|
||||
plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/demo-indexer.pem
|
||||
plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/demo-indexer-key.pem
|
||||
plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/demo.indexer.pem
|
||||
plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/demo.indexer-key.pem
|
||||
plugins.security.ssl.http.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem
|
||||
plugins.security.ssl.transport.pemcert_filepath: /etc/wazuh-indexer/certs/demo-indexer.pem
|
||||
plugins.security.ssl.transport.pemkey_filepath: /etc/wazuh-indexer/certs/demo-indexer-key.pem
|
||||
plugins.security.ssl.transport.pemcert_filepath: /etc/wazuh-indexer/certs/demo.indexer.pem
|
||||
plugins.security.ssl.transport.pemkey_filepath: /etc/wazuh-indexer/certs/demo.indexer-key.pem
|
||||
plugins.security.ssl.transport.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem
|
||||
plugins.security.ssl.http.enabled: true
|
||||
plugins.security.ssl.transport.enforce_hostname_verification: false
|
||||
plugins.security.ssl.transport.resolve_hostname: false
|
||||
plugins.security.audit.type: internal_opensearch
|
||||
plugins.security.authcz.admin_dn:
|
||||
- "CN=admin,OU=Demo,O=Wazuh,L=California,C=US"
|
||||
- "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
|
||||
plugins.security.check_snapshot_restore_write_privileges: true
|
||||
plugins.security.enable_snapshot_restore_privilege: true
|
||||
plugins.security.nodes_dn:
|
||||
- "CN=demo-indexer,OU=Demo,O=Wazuh,L=California,C=US"
|
||||
- "CN=demo.indexer,OU=Wazuh,O=Wazuh,L=California,C=US"
|
||||
plugins.security.restapi.roles_enabled:
|
||||
- "all_access"
|
||||
- "security_rest_api_access"
|
||||
plugins.security.system_indices.enabled: true
|
||||
plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opensearch-observability", ".opendistro-asynchronous-search-response*", ".replication-metadata-store"]
|
||||
|
||||
plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opensearch-observability", ".opendistro-asynchronous-search-response*", ".replication-metadata-store"]
|
||||
Binary file not shown.
Reference in New Issue
Block a user