mirror of
https://github.com/wazuh/wazuh-docker.git
synced 2025-11-04 05:53:16 +00:00
Added new migration volumes script
This commit is contained in:
manuasir
138
migration/volumes.sh
Normal file
138
migration/volumes.sh
Normal file
@@ -0,0 +1,138 @@
|
||||
#!/bin/bash
|
||||
# Copyright (C) 2019, Wazuh Inc.
|
||||
|
||||
# Script to update old environments containing /var/ossec/data with symbolic links the new structure
|
||||
|
||||
wazuh_path=/var/ossec/
|
||||
data_path=/var/ossec/data/
|
||||
wazuh_dirs=(api/configuration etc logs queue var/multigroups active-response/bin integrations)
|
||||
no_wazuh_dirs=(/etc/filebeat)
|
||||
|
||||
wazuh_preserve_links=(/var/ossec/api/configuration/auth/htpasswd /var/ossec/etc/ossec-init.conf)
|
||||
wazuh_files=(/var/ossec/queue/agents-timestamp)
|
||||
filebeat_files=(/var/lib/filebeat/registry /var/lib/filebeat/meta.json)
|
||||
postfix_files=(/etc/postfix/dynamicmaps.cf /etc/postfix/main.cf /etc/postfix/main.cf.proto /etc/postfix/master.cf /etc/postfix/master.cf.proto /etc/postfix/postfix-files /etc/postfix/sasl /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db /etc/postfix/postfix-script /etc/postfix/post-install)
|
||||
|
||||
for dir in "${wazuh_dirs[@]}"; do
|
||||
if [ ! -e $data_path"wazuh"$wazuh_path$dir ]
|
||||
then
|
||||
mkdir -p $data_path"wazuh"$wazuh_path$dir
|
||||
fi
|
||||
echo "Copying $wazuh_path$dir to $data_path"wazuh"$wazuh_path$dir"
|
||||
cp -LR --preserve=all $wazuh_path$dir/* $data_path"wazuh"$wazuh_path$dir
|
||||
done
|
||||
|
||||
for dir in "${no_wazuh_dirs[@]}"; do
|
||||
base=$(basename $dir)
|
||||
if [ ! -e $data_path$base$dir ]
|
||||
then
|
||||
mkdir -p $data_path$base$dir
|
||||
fi
|
||||
echo "Copying $dir to $data_path$base$dir"
|
||||
cp -a $dir/* $data_path$base$dir
|
||||
done
|
||||
|
||||
|
||||
for file in "${wazuh_files[@]}"; do
|
||||
echo "Copying $file to $data_path"wazuh"$file"
|
||||
cp -LR --preserve=all $file $data_path"wazuh"$file
|
||||
done
|
||||
|
||||
echo ">> Checking filebeat files"
|
||||
mkdir -p $data_path"filebeat/var/lib/filebeat"
|
||||
|
||||
for file in "${filebeat_files[@]}"; do
|
||||
if [[ -e $file ]]; then
|
||||
if [[ -d $file ]]; then
|
||||
mkdir -p $data_path"filebeat"$file
|
||||
echo "Copying $file to $data_path"filebeat"$file"
|
||||
cp -a $file/* $data_path"filebeat"$file
|
||||
else
|
||||
echo "Copying $file to $data_path"filebeat"$file"
|
||||
cp -a $file $data_path"filebeat"$file
|
||||
fi
|
||||
fi
|
||||
done
|
||||
|
||||
echo ">> Checking postfix files"
|
||||
mkdir -p $data_path"postfix/etc/postfix"
|
||||
|
||||
for file in "${postfix_files[@]}"; do
|
||||
if [[ -e $file ]]; then
|
||||
if [[ -d $file ]]; then
|
||||
mkdir -p $data_path"postfix"$file
|
||||
echo "Copying $file to $data_path"postfix"$file"
|
||||
cp -a $file/* $data_path"postfix"$file
|
||||
else
|
||||
echo "Copying $file to $data_path"postfix"$file"
|
||||
cp -a $file $data_path"postfix"$file
|
||||
fi
|
||||
fi
|
||||
done
|
||||
|
||||
echo ">> Preserving Wazuh symbolic links files"
|
||||
for file in "${wazuh_preserve_links[@]}"; do
|
||||
rm $wazuh_path"data/wazuh"$file
|
||||
cp -a $file $wazuh_path"data/wazuh"$file
|
||||
done
|
||||
|
||||
# Grant proper permissions
|
||||
|
||||
chmod 750 /var/ossec/data/wazuh/var/ossec/api/configuration
|
||||
chown root:ossec /var/ossec/data/wazuh/var/ossec/api/configuration
|
||||
chmod 750 /var/ossec/data/wazuh/var/ossec/api/configuration/auth
|
||||
chmod 740 /var/ossec/data/wazuh/var/ossec/api/configuration/config.js
|
||||
chmod 750 /var/ossec/data/wazuh/var/ossec/api/configuration/preloaded_vars.conf
|
||||
chmod 750 /var/ossec/data/wazuh/var/ossec/api/configuration/ssl
|
||||
chmod 400 /var/ossec/data/wazuh/var/ossec/api/configuration/ssl/server.crt
|
||||
chmod 400 /var/ossec/data/wazuh/var/ossec/api/configuration/ssl/server.key
|
||||
chmod 770 /var/ossec/data/wazuh/var/ossec/etc
|
||||
chown ossec:ossec /var/ossec/data/wazuh/var/ossec/etc
|
||||
chmod 640 /var/ossec/data/wazuh/var/ossec/etc/client.keys
|
||||
chmod 640 /var/ossec/data/wazuh/var/ossec/etc/decoders/local_decoder.xml
|
||||
chown root:ossec /var/ossec/data/wazuh/var/ossec/etc/decoders/local_decoder.xml
|
||||
chmod 660 /var/ossec/data/wazuh/var/ossec/etc/lists/amazon/aws-sources.cdb
|
||||
chown ossec:ossec /var/ossec/data/wazuh/var/ossec/etc/lists/amazon/aws-sources.cdb
|
||||
chmod 640 /var/ossec/data/wazuh/var/ossec/etc/lists/audit-keys
|
||||
chmod 640 /var/ossec/data/wazuh/var/ossec/etc/lists/audit-keys.cdb
|
||||
chmod 640 /var/ossec/data/wazuh/var/ossec/etc/lists/security-eventchannel
|
||||
chmod 640 /var/ossec/data/wazuh//var/ossec/etc/lists/security-eventchannel.cdb
|
||||
chmod 640 /var/ossec/data/wazuh/var/ossec/etc/local_internal_options.conf
|
||||
chmod 640 /var/ossec/data/wazuh/var/ossec/etc/localtime
|
||||
chmod 640 /var/ossec/data/wazuh/var/ossec/etc/ossec.conf
|
||||
chmod 640 /var/ossec/data/wazuh/var/ossec/etc/rules/local_rules.xml
|
||||
chown root:ossec /var/ossec/data/wazuh/var/ossec/etc/rules/local_rules.xml
|
||||
chown root:ossec /var/ossec/data/wazuh/var/ossec/etc/shared/default/agent.conf
|
||||
chmod 640 /var/ossec/data/wazuh/var/ossec/etc/sslmanager.cert
|
||||
chmod 640 /var/ossec/data/wazuh/var/ossec/etc/sslmanager.key
|
||||
chmod 770 /var/ossec/data/wazuh/var/ossec/logs
|
||||
chown ossec:ossec /var/ossec/data/wazuh/var/ossec/logs
|
||||
chmod 750 /var/ossec/data/wazuh/var/ossec/logs/alerts
|
||||
chmod 750 /var/ossec/data/wazuh/var/ossec/logs/alerts/2019
|
||||
chmod 750 /var/ossec/data/wazuh/var/ossec/logs/alerts/2019/May
|
||||
chmod 750 /var/ossec/data/wazuh/var/ossec/logs/api
|
||||
chmod 750 /var/ossec/data/wazuh/var/ossec/logs/archives
|
||||
chmod 750 /var/ossec/data/wazuh/var/ossec/logs/archives/2019
|
||||
chmod 750 /var/ossec/data/wazuh/var/ossec/logs/archives/2019/May
|
||||
chmod 750 /var/ossec/data/wazuh/var/ossec/logs/cluster
|
||||
chmod 750 /var/ossec/data/wazuh/var/ossec/logs/firewall
|
||||
chmod 750 /var/ossec/data/wazuh/var/ossec/logs/firewall/2019
|
||||
chmod 750 /var/ossec/data/wazuh/var/ossec/logs/firewall/2019/May
|
||||
chmod 640 /var/ossec/data/wazuh/var/ossec/logs/integrations.log
|
||||
chmod 750 /var/ossec/data/wazuh/var/ossec/logs/ossec
|
||||
chmod 750 /var/ossec/data/wazuh/var/ossec/queue
|
||||
chown root:ossec /var/ossec/data/wazuh/var/ossec/queue
|
||||
chmod 750 /var/ossec/data/wazuh/var/ossec/queue/agentless
|
||||
chmod 600 /var/ossec/data/wazuh/var/ossec/queue/agents-timestamp
|
||||
chmod 750 /var/ossec/data/wazuh/var/ossec/queue/db
|
||||
chmod 640 /var/ossec/data/wazuh/var/ossec/queue/db/000.db
|
||||
chmod 640 /var/ossec/data/wazuh/var/ossec/queue/db/000.db-shm
|
||||
chmod 640 /var/ossec/data/wazuh/var/ossec/queue/db/000.db-wal
|
||||
chmod 750 /var/ossec/data/wazuh/var/ossec/queue/fts
|
||||
chmod 640 /var/ossec/data/wazuh/var/ossec/queue/fts/fts-queue
|
||||
chmod 640 /var/ossec/data/wazuh/var/ossec/queue/fts/hostinfo
|
||||
chmod 640 /var/ossec/data/wazuh/var/ossec/queue/fts/ig-queue
|
||||
chmod 644 /var/ossec/data/wazuh/var/ossec/queue/rids/sender_counter
|
||||
chmod 750 /var/ossec/data/wazuh/var/ossec/queue/rootcheck
|
||||
chmod 770 /var/ossec/data/wazuh/var/ossec/var/multigroups
|
||||
chown root:ossec /var/ossec/data/wazuh/var/ossec/var/multigroups
|
||||
Reference in New Issue
Block a user