From 2b10eff949d3e80451fb4f5548e63fef545fc6ed Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Thu, 20 Jun 2024 10:20:27 +0200 Subject: [PATCH 01/26] Bumped revision to 40901 --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index a25e5cee..38cd86c2 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ WAZUH-DOCKER_VERSION="4.9.0" -REVISION="40900" +REVISION="40901" From 956be62183db06a8281b05674e6d06abf0d88b01 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Thu, 20 Jun 2024 10:27:30 +0200 Subject: [PATCH 02/26] Changed image tag for 4.9.0-alpha1 --- multi-node/docker-compose.yml | 12 ++++++------ single-node/docker-compose.yml | 6 +++--- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index cdc62601..18b7fa23 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.master: - image: wazuh/wazuh-manager:4.9.0 + image: wazuh/wazuh-manager:4.9.0-alpha1 hostname: wazuh.master restart: always ulimits: @@ -45,7 +45,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: - image: wazuh/wazuh-manager:4.9.0 + image: wazuh/wazuh-manager:4.9.0-alpha1 hostname: wazuh.worker restart: always ulimits: @@ -81,7 +81,7 @@ services: - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf wazuh1.indexer: - image: wazuh/wazuh-indexer:4.9.0 + image: wazuh/wazuh-indexer:4.9.0-alpha1 hostname: wazuh1.indexer restart: always ports: @@ -107,7 +107,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh2.indexer: - image: wazuh/wazuh-indexer:4.9.0 + image: wazuh/wazuh-indexer:4.9.0-alpha1 hostname: wazuh2.indexer restart: always environment: @@ -129,7 +129,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh3.indexer: - image: wazuh/wazuh-indexer:4.9.0 + image: wazuh/wazuh-indexer:4.9.0-alpha1 hostname: wazuh3.indexer restart: always environment: @@ -151,7 +151,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.9.0 + image: wazuh/wazuh-dashboard:4.9.0-alpha1 hostname: wazuh.dashboard restart: always ports: diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index 799c027a..00d6fcca 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.manager: - image: wazuh/wazuh-manager:4.9.0 + image: wazuh/wazuh-manager:4.9.0-alpha1 hostname: wazuh.manager restart: always ulimits: @@ -46,7 +46,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.indexer: - image: wazuh/wazuh-indexer:4.9.0 + image: wazuh/wazuh-indexer:4.9.0-alpha1 hostname: wazuh.indexer restart: always ports: @@ -71,7 +71,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.9.0 + image: wazuh/wazuh-dashboard:4.9.0-alpha1 hostname: wazuh.dashboard restart: always ports: From f4596dc83326a22685dcedc8f3af114bb61dba80 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Thu, 20 Jun 2024 10:35:59 +0200 Subject: [PATCH 03/26] Reverted image tag from 4.9.0-alpha1 --- multi-node/docker-compose.yml | 12 ++++++------ single-node/docker-compose.yml | 6 +++--- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index 18b7fa23..cdc62601 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.master: - image: wazuh/wazuh-manager:4.9.0-alpha1 + image: wazuh/wazuh-manager:4.9.0 hostname: wazuh.master restart: always ulimits: @@ -45,7 +45,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: - image: wazuh/wazuh-manager:4.9.0-alpha1 + image: wazuh/wazuh-manager:4.9.0 hostname: wazuh.worker restart: always ulimits: @@ -81,7 +81,7 @@ services: - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf wazuh1.indexer: - image: wazuh/wazuh-indexer:4.9.0-alpha1 + image: wazuh/wazuh-indexer:4.9.0 hostname: wazuh1.indexer restart: always ports: @@ -107,7 +107,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh2.indexer: - image: wazuh/wazuh-indexer:4.9.0-alpha1 + image: wazuh/wazuh-indexer:4.9.0 hostname: wazuh2.indexer restart: always environment: @@ -129,7 +129,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh3.indexer: - image: wazuh/wazuh-indexer:4.9.0-alpha1 + image: wazuh/wazuh-indexer:4.9.0 hostname: wazuh3.indexer restart: always environment: @@ -151,7 +151,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.9.0-alpha1 + image: wazuh/wazuh-dashboard:4.9.0 hostname: wazuh.dashboard restart: always ports: diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index 00d6fcca..799c027a 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.manager: - image: wazuh/wazuh-manager:4.9.0-alpha1 + image: wazuh/wazuh-manager:4.9.0 hostname: wazuh.manager restart: always ulimits: @@ -46,7 +46,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.indexer: - image: wazuh/wazuh-indexer:4.9.0-alpha1 + image: wazuh/wazuh-indexer:4.9.0 hostname: wazuh.indexer restart: always ports: @@ -71,7 +71,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.9.0-alpha1 + image: wazuh/wazuh-dashboard:4.9.0 hostname: wazuh.dashboard restart: always ports: From 24f12a72d7b9eabcaccb4e5280e331a49f637085 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 25 Jun 2024 09:33:41 -0300 Subject: [PATCH 04/26] Modify Wazuh indexer and dashboard Dockerfles --- .../wazuh-dashboard/Dockerfile | 27 +-- .../config/check_repository.sh | 30 ++++ .../wazuh-dashboard/config/dl_base.sh | 25 --- .../config/install_wazuh_app.sh | 35 ---- .../config/opensearch_dashboards.yml | 13 -- .../wazuh-dashboard/config/wazuh.yml | 155 ------------------ build-docker-images/wazuh-indexer/Dockerfile | 10 +- .../wazuh-indexer/config/check_repository.sh | 30 ++++ .../wazuh-indexer/config/config.sh | 31 ---- 9 files changed, 75 insertions(+), 281 deletions(-) create mode 100644 build-docker-images/wazuh-dashboard/config/check_repository.sh delete mode 100644 build-docker-images/wazuh-dashboard/config/dl_base.sh delete mode 100644 build-docker-images/wazuh-dashboard/config/install_wazuh_app.sh delete mode 100644 build-docker-images/wazuh-dashboard/config/opensearch_dashboards.yml delete mode 100644 build-docker-images/wazuh-dashboard/config/wazuh.yml create mode 100644 build-docker-images/wazuh-indexer/config/check_repository.sh diff --git a/build-docker-images/wazuh-dashboard/Dockerfile b/build-docker-images/wazuh-dashboard/Dockerfile index 51545c7c..d9162b75 100644 --- a/build-docker-images/wazuh-dashboard/Dockerfile +++ b/build-docker-images/wazuh-dashboard/Dockerfile @@ -3,38 +3,23 @@ FROM amazonlinux:2023 AS builder ARG WAZUH_VERSION ARG WAZUH_TAG_REVISION -ARG INSTALL_DIR=/usr/share/wazuh-dashboard ARG WAZUH_UI_REVISION # Update and install dependencies -RUN yum install curl-minimal libcap xz tar openssl -y +RUN yum install curl-minimal libcap openssl -y -# Create Install dir -RUN mkdir -p $INSTALL_DIR +COPY config/check_repository.sh / +RUN chmod 775 /check_repository.sh && \ + source /check_repository.sh -# Download and extract Wazuh dashboard base -COPY config/dl_base.sh . -RUN bash dl_base.sh +RUN yum install wazuh-dashboard-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && \ + yum clean all # Generate certificates COPY config/config.sh . COPY config/config.yml / RUN bash config.sh -COPY config/install_wazuh_app.sh / -RUN chmod 775 /install_wazuh_app.sh -RUN bash /install_wazuh_app.sh - -# Copy and set permissions to config files -COPY config/opensearch_dashboards.yml $INSTALL_DIR/config/ -COPY config/wazuh.yml $INSTALL_DIR/data/wazuh/config/ -RUN chmod 664 $INSTALL_DIR/config/opensearch_dashboards.yml - -# Create and set permissions to data directories -RUN mkdir -p $INSTALL_DIR/data/wazuh && chmod -R 775 $INSTALL_DIR/data/wazuh -RUN mkdir -p $INSTALL_DIR/data/wazuh/config && chmod -R 775 $INSTALL_DIR/data/wazuh/config -RUN mkdir -p $INSTALL_DIR/data/wazuh/logs && chmod -R 775 $INSTALL_DIR/data/wazuh/logs - ################################################################################ # Build stage 1 (the current Wazuh dashboard image): # diff --git a/build-docker-images/wazuh-dashboard/config/check_repository.sh b/build-docker-images/wazuh-dashboard/config/check_repository.sh new file mode 100644 index 00000000..5323ec81 --- /dev/null +++ b/build-docker-images/wazuh-dashboard/config/check_repository.sh @@ -0,0 +1,30 @@ +## variables +APT_KEY=https://packages.wazuh.com/key/GPG-KEY-WAZUH +GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]" +REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/4.x/yum/\nprotect=1" +WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '["]tag_name["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-) +MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1) +MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2) +MINOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f3) +MAJOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f1) +MID_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f2) +MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3) + +## check version to use the correct repository +if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then + APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH + REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages-dev.wazuh.com/pre-release/yum/\nprotect=1" +elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then + if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then + APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH + REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages-dev.wazuh.com/pre-release/yum/\nprotect=1" + elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then + if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then + APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH + REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages-dev.wazuh.com/pre-release/yum/\nprotect=1" + fi + fi +fi + +rpm --import "${APT_KEY}" +echo -e "${REPOSITORY}" | tee /etc/yum.repos.d/wazuh.repo \ No newline at end of file diff --git a/build-docker-images/wazuh-dashboard/config/dl_base.sh b/build-docker-images/wazuh-dashboard/config/dl_base.sh deleted file mode 100644 index 21b23421..00000000 --- a/build-docker-images/wazuh-dashboard/config/dl_base.sh +++ /dev/null @@ -1,25 +0,0 @@ -REPOSITORY="packages.wazuh.com/4.x" -WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '["]tag_name["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-) -MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1) -MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2) -MINOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f3) -MAJOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f1) -MID_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f2) -MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3) - -## check version to use the correct repository -if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then - REPOSITORY="packages-dev.wazuh.com/pre-release" -elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then - if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then - REPOSITORY="packages-dev.wazuh.com/pre-release" - elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then - if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then - REPOSITORY="packages-dev.wazuh.com/pre-release" - fi - fi -fi - - -curl -o wazuh-dashboard-base.tar.xz https://${REPOSITORY}/stack/dashboard/wazuh-dashboard-base-${WAZUH_VERSION}-${WAZUH_TAG_REVISION}-linux-x64.tar.xz -tar -xf wazuh-dashboard-base.tar.xz --directory $INSTALL_DIR --strip-components=1 diff --git a/build-docker-images/wazuh-dashboard/config/install_wazuh_app.sh b/build-docker-images/wazuh-dashboard/config/install_wazuh_app.sh deleted file mode 100644 index 4e8cb199..00000000 --- a/build-docker-images/wazuh-dashboard/config/install_wazuh_app.sh +++ /dev/null @@ -1,35 +0,0 @@ -## variables -WAZUH_APP=https://packages.wazuh.com/4.x/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip -WAZUH_CHECK_UPDATES=https://packages.wazuh.com/4.x/ui/dashboard/wazuhCheckUpdates-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip -WAZUH_CORE=https://packages.wazuh.com/4.x/ui/dashboard/wazuhCore-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip -WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '["]tag_name["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-) -MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1) -MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2) -MINOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f3) -MAJOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f1) -MID_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f2) -MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3) - -## check version to use the correct repository -if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then - WAZUH_APP=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip - WAZUH_CHECK_UPDATES=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuhCheckUpdates-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip - WAZUH_CORE=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuhCore-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip -elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then - if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then - WAZUH_APP=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip - WAZUH_CHECK_UPDATES=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuhCheckUpdates-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip - WAZUH_CORE=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuhCore-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip - elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then - if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then - WAZUH_APP=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip - WAZUH_CHECK_UPDATES=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuhCheckUpdates-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip - WAZUH_CORE=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuhCore-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip - fi - fi -fi - -# Install Wazuh App -$INSTALL_DIR/bin/opensearch-dashboards-plugin install $WAZUH_APP --allow-root -$INSTALL_DIR/bin/opensearch-dashboards-plugin install $WAZUH_CHECK_UPDATES --allow-root -$INSTALL_DIR/bin/opensearch-dashboards-plugin install $WAZUH_CORE --allow-root \ No newline at end of file diff --git a/build-docker-images/wazuh-dashboard/config/opensearch_dashboards.yml b/build-docker-images/wazuh-dashboard/config/opensearch_dashboards.yml deleted file mode 100644 index 68e6c85f..00000000 --- a/build-docker-images/wazuh-dashboard/config/opensearch_dashboards.yml +++ /dev/null @@ -1,13 +0,0 @@ -server.host: 0.0.0.0 -server.port: 5601 -opensearch.hosts: https://wazuh.indexer:9200 -opensearch.ssl.verificationMode: none -opensearch.requestHeadersWhitelist: [ authorization,securitytenant ] -opensearch_security.multitenancy.enabled: false -opensearch_security.readonly_mode.roles: ["kibana_read_only"] -server.ssl.enabled: true -server.ssl.key: "/usr/share/wazuh-dashboard/config/certs/dashboard-key.pem" -server.ssl.certificate: "/usr/share/wazuh-dashboard/config/certs/dashboard.pem" -opensearch.ssl.certificateAuthorities: ["/usr/share/wazuh-dashboard/config/certs/root-ca.pem"] -uiSettings.overrides.defaultRoute: /app/wz-home - diff --git a/build-docker-images/wazuh-dashboard/config/wazuh.yml b/build-docker-images/wazuh-dashboard/config/wazuh.yml deleted file mode 100644 index 8e5f9447..00000000 --- a/build-docker-images/wazuh-dashboard/config/wazuh.yml +++ /dev/null @@ -1,155 +0,0 @@ ---- -# -# Wazuh app - App configuration file -# Copyright (C) 2017, Wazuh Inc. -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# Find more information about this on the LICENSE file. -# -# ======================== Wazuh app configuration file ======================== -# -# Please check the documentation for more information on configuration options: -# https://documentation.wazuh.com/current/installation-guide/index.html -# -# Also, you can check our repository: -# https://github.com/wazuh/wazuh-dashboard-plugins -# -# ------------------------------- Index patterns ------------------------------- -# -# Default index pattern to use. -#pattern: wazuh-alerts-* -# -# ----------------------------------- Checks ----------------------------------- -# -# Defines which checks must to be consider by the healthcheck -# step once the Wazuh app starts. Values must to be true or false. -#checks.pattern : true -#checks.template: true -#checks.api : true -#checks.setup : true -#checks.metaFields: true -# -# --------------------------------- Extensions --------------------------------- -# -# Defines which extensions should be activated when you add a new API entry. -# You can change them after Wazuh app starts. -# Values must to be true or false. -#extensions.pci : true -#extensions.gdpr : true -#extensions.hipaa : true -#extensions.nist : true -#extensions.tsc : true -#extensions.audit : true -#extensions.oscap : false -#extensions.ciscat : false -#extensions.aws : false -#extensions.gcp : false -#extensions.virustotal: false -#extensions.osquery : false -#extensions.docker : false -# -# ---------------------------------- Time out ---------------------------------- -# -# Defines maximum timeout to be used on the Wazuh app requests. -# It will be ignored if it is bellow 1500. -# It means milliseconds before we consider a request as failed. -# Default: 20000 -#timeout: 20000 -# -# -------------------------------- API selector -------------------------------- -# -# Defines if the user is allowed to change the selected -# API directly from the Wazuh app top menu. -# Default: true -#api.selector: true -# -# --------------------------- Index pattern selector --------------------------- -# -# Defines if the user is allowed to change the selected -# index pattern directly from the Wazuh app top menu. -# Default: true -#ip.selector: true -# -# List of index patterns to be ignored -#ip.ignore: [] -# -# ------------------------------ wazuh-monitoring ------------------------------ -# -# Custom setting to enable/disable wazuh-monitoring indices. -# Values: true, false, worker -# If worker is given as value, the app will show the Agents status -# visualization but won't insert data on wazuh-monitoring indices. -# Default: true -#wazuh.monitoring.enabled: true -# -# Custom setting to set the frequency for wazuh-monitoring indices cron task. -# Default: 900 (s) -#wazuh.monitoring.frequency: 900 -# -# Configure wazuh-monitoring-* indices shards and replicas. -#wazuh.monitoring.shards: 2 -#wazuh.monitoring.replicas: 0 -# -# Configure wazuh-monitoring-* indices custom creation interval. -# Values: h (hourly), d (daily), w (weekly), m (monthly) -# Default: d -#wazuh.monitoring.creation: d -# -# Default index pattern to use for Wazuh monitoring -#wazuh.monitoring.pattern: wazuh-monitoring-* -# -# --------------------------------- wazuh-cron ---------------------------------- -# -# Customize the index prefix of predefined jobs -# This change is not retroactive, if you change it new indexes will be created -# cron.prefix: test -# -# ------------------------------ wazuh-statistics ------------------------------- -# -# Custom setting to enable/disable statistics tasks. -#cron.statistics.status: true -# -# Enter the ID of the APIs you want to save data from, leave this empty to run -# the task on all configured APIs -#cron.statistics.apis: [] -# -# Define the frequency of task execution using cron schedule expressions -#cron.statistics.interval: 0 0 * * * * -# -# Define the name of the index in which the documents are to be saved. -#cron.statistics.index.name: statistics -# -# Define the interval in which the index will be created -#cron.statistics.index.creation: w -# -# ------------------------------- App privileges -------------------------------- -#admin: true -# -# ---------------------------- Hide manager alerts ------------------------------ -# Hide the alerts of the manager in all dashboards and discover -#hideManagerAlerts: false -# -# ------------------------------- App logging level ----------------------------- -# Set the logging level for the Wazuh App log files. -# Default value: info -# Allowed values: info, debug -#logs.level: info -# -# -------------------------------- Enrollment DNS ------------------------------- -# Set the variable WAZUH_REGISTRATION_SERVER in agents deployment. -# Default value: '' -#enrollment.dns: '' -# -#-------------------------------- API entries ----------------------------------- -#The following configuration is the default structure to define an API entry. -# -#hosts: -# - : -# url: http(s):// -# port: -# username: -# password: diff --git a/build-docker-images/wazuh-indexer/Dockerfile b/build-docker-images/wazuh-indexer/Dockerfile index d30b67ff..9c7fd189 100644 --- a/build-docker-images/wazuh-indexer/Dockerfile +++ b/build-docker-images/wazuh-indexer/Dockerfile @@ -6,6 +6,13 @@ ARG WAZUH_TAG_REVISION RUN yum install curl-minimal openssl xz tar findutils shadow-utils -y +COPY config/check_repository.sh / +RUN chmod 775 /check_repository.sh && \ + source /check_repository.sh + +RUN yum install wazuh-indexer-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && \ + yum clean all + COPY config/opensearch.yml / COPY config/config.sh . @@ -59,7 +66,8 @@ RUN chmod 700 /entrypoint.sh && chmod 700 /securityadmin.sh RUN chown 1000:1000 /*.sh -COPY --from=builder --chown=1000:1000 /debian/wazuh-indexer/usr/share/wazuh-indexer /usr/share/wazuh-indexer +COPY --from=builder --chown=1000:1000 /usr/share/wazuh-indexer /usr/share/wazuh-indexer +COPY --from=builder --chown=1000:1000 /etc/wazuh-indexer /usr/share/wazuh-indexer COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/systemd /usr/lib/systemd COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/sysctl.d /usr/lib/sysctl.d COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/tmpfiles.d /usr/lib/tmpfiles.d diff --git a/build-docker-images/wazuh-indexer/config/check_repository.sh b/build-docker-images/wazuh-indexer/config/check_repository.sh new file mode 100644 index 00000000..5323ec81 --- /dev/null +++ b/build-docker-images/wazuh-indexer/config/check_repository.sh @@ -0,0 +1,30 @@ +## variables +APT_KEY=https://packages.wazuh.com/key/GPG-KEY-WAZUH +GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]" +REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/4.x/yum/\nprotect=1" +WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '["]tag_name["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-) +MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1) +MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2) +MINOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f3) +MAJOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f1) +MID_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f2) +MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3) + +## check version to use the correct repository +if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then + APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH + REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages-dev.wazuh.com/pre-release/yum/\nprotect=1" +elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then + if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then + APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH + REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages-dev.wazuh.com/pre-release/yum/\nprotect=1" + elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then + if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then + APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH + REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages-dev.wazuh.com/pre-release/yum/\nprotect=1" + fi + fi +fi + +rpm --import "${APT_KEY}" +echo -e "${REPOSITORY}" | tee /etc/yum.repos.d/wazuh.repo \ No newline at end of file diff --git a/build-docker-images/wazuh-indexer/config/config.sh b/build-docker-images/wazuh-indexer/config/config.sh index 67e66fd7..b69f490f 100644 --- a/build-docker-images/wazuh-indexer/config/config.sh +++ b/build-docker-images/wazuh-indexer/config/config.sh @@ -19,37 +19,6 @@ export INDEXER_FILE=wazuh-indexer-base.tar.xz export BASE_FILE=wazuh-indexer-base-${VERSION}-linux-x64.tar.xz export REPO_DIR=/unattended_installer -rm -rf ${INSTALLATION_DIR}/ - -## variables -REPOSITORY="packages.wazuh.com/4.x" -WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '["]tag_name["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-) -MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1) -MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2) -MINOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f3) -MAJOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f1) -MID_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f2) -MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3) - -## check version to use the correct repository -if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then - REPOSITORY="packages-dev.wazuh.com/pre-release" -elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then - if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then - REPOSITORY="packages-dev.wazuh.com/pre-release" - elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then - if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then - REPOSITORY="packages-dev.wazuh.com/pre-release" - fi - fi -fi - - -curl -o ${INDEXER_FILE} https://${REPOSITORY}/stack/indexer/${BASE_FILE} -tar -xf ${INDEXER_FILE} - -## TOOLS - ## Variables CERT_TOOL=wazuh-certs-tool.sh PASSWORD_TOOL=wazuh-passwords-tool.sh From ed9b2f0d39768cfe9cd18737c27ce13bdbfe5e5c Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 25 Jun 2024 12:21:58 -0300 Subject: [PATCH 05/26] change version for goss --- .github/.goss.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/.goss.yaml b/.github/.goss.yaml index a2ee17aa..f4126912 100644 --- a/.github/.goss.yaml +++ b/.github/.goss.yaml @@ -56,7 +56,7 @@ package: wazuh-manager: installed: true versions: - - 4.9.0-1 + - 4.9.0 port: tcp:1514: listening: true From 3112eb2bd59c7c3a5fdf2d55e188706a9b49b67d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 2 Jul 2024 09:55:52 +0200 Subject: [PATCH 06/26] Bumped REVISION to 40814 --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index f57527d2..f577cf84 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ WAZUH-DOCKER_VERSION="4.8.1" -REVISION="40813" +REVISION="40814" From 7257ddc0aac99cb9f94eb60bd1516fbcee31fcd3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 2 Jul 2024 10:09:45 +0200 Subject: [PATCH 07/26] Changed image tag for 4.8.1 RC1 --- multi-node/docker-compose.yml | 12 ++++++------ single-node/docker-compose.yml | 6 +++--- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index 145af9fb..8c6e166b 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.master: - image: wazuh/wazuh-manager:4.8.1 + image: wazuh/wazuh-manager:4.8.1-rc1 hostname: wazuh.master restart: always ulimits: @@ -45,7 +45,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: - image: wazuh/wazuh-manager:4.8.1 + image: wazuh/wazuh-manager:4.8.1-rc1 hostname: wazuh.worker restart: always ulimits: @@ -81,7 +81,7 @@ services: - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf wazuh1.indexer: - image: wazuh/wazuh-indexer:4.8.1 + image: wazuh/wazuh-indexer:4.8.1-rc1 hostname: wazuh1.indexer restart: always ports: @@ -107,7 +107,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh2.indexer: - image: wazuh/wazuh-indexer:4.8.1 + image: wazuh/wazuh-indexer:4.8.1-rc1 hostname: wazuh2.indexer restart: always environment: @@ -129,7 +129,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh3.indexer: - image: wazuh/wazuh-indexer:4.8.1 + image: wazuh/wazuh-indexer:4.8.1-rc1 hostname: wazuh3.indexer restart: always environment: @@ -151,7 +151,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.8.1 + image: wazuh/wazuh-dashboard:4.8.1-rc1 hostname: wazuh.dashboard restart: always ports: diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index 03255d88..eb33365a 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.manager: - image: wazuh/wazuh-manager:4.8.1 + image: wazuh/wazuh-manager:4.8.1-rc1 hostname: wazuh.manager restart: always ulimits: @@ -46,7 +46,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.indexer: - image: wazuh/wazuh-indexer:4.8.1 + image: wazuh/wazuh-indexer:4.8.1-rc1 hostname: wazuh.indexer restart: always ports: @@ -71,7 +71,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.8.1 + image: wazuh/wazuh-dashboard:4.8.1-rc1 hostname: wazuh.dashboard restart: always ports: From 91513bda931dee600653ccb3fd8f66f6318e6db6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Tue, 2 Jul 2024 10:24:17 +0200 Subject: [PATCH 08/26] Reverted image tag for 4.8.1 RC1 --- multi-node/docker-compose.yml | 12 ++++++------ single-node/docker-compose.yml | 6 +++--- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index 8c6e166b..145af9fb 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.master: - image: wazuh/wazuh-manager:4.8.1-rc1 + image: wazuh/wazuh-manager:4.8.1 hostname: wazuh.master restart: always ulimits: @@ -45,7 +45,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: - image: wazuh/wazuh-manager:4.8.1-rc1 + image: wazuh/wazuh-manager:4.8.1 hostname: wazuh.worker restart: always ulimits: @@ -81,7 +81,7 @@ services: - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf wazuh1.indexer: - image: wazuh/wazuh-indexer:4.8.1-rc1 + image: wazuh/wazuh-indexer:4.8.1 hostname: wazuh1.indexer restart: always ports: @@ -107,7 +107,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh2.indexer: - image: wazuh/wazuh-indexer:4.8.1-rc1 + image: wazuh/wazuh-indexer:4.8.1 hostname: wazuh2.indexer restart: always environment: @@ -129,7 +129,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh3.indexer: - image: wazuh/wazuh-indexer:4.8.1-rc1 + image: wazuh/wazuh-indexer:4.8.1 hostname: wazuh3.indexer restart: always environment: @@ -151,7 +151,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.8.1-rc1 + image: wazuh/wazuh-dashboard:4.8.1 hostname: wazuh.dashboard restart: always ports: diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index eb33365a..03255d88 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.manager: - image: wazuh/wazuh-manager:4.8.1-rc1 + image: wazuh/wazuh-manager:4.8.1 hostname: wazuh.manager restart: always ulimits: @@ -46,7 +46,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.indexer: - image: wazuh/wazuh-indexer:4.8.1-rc1 + image: wazuh/wazuh-indexer:4.8.1 hostname: wazuh.indexer restart: always ports: @@ -71,7 +71,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.8.1-rc1 + image: wazuh/wazuh-dashboard:4.8.1 hostname: wazuh.dashboard restart: always ports: From 2487a5481e2792c63468c01b0408d0e6f802c45a Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 2 Jul 2024 15:01:37 -0300 Subject: [PATCH 09/26] Add new keystore generation --- .../config/etc/cont-init.d/0-wazuh-init | 33 ++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) diff --git a/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init b/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init index dae0e1f0..5ec1fe27 100644 --- a/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init +++ b/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init @@ -122,6 +122,20 @@ create_ossec_key_cert() { exec_cmd "openssl req -new -x509 -key ${WAZUH_INSTALL_PATH}/etc/sslmanager.key -out ${WAZUH_INSTALL_PATH}/etc/sslmanager.cert -days 3650 -subj /CN=${HOSTNAME}/" } +######################### +#GenerateKeystoreCert() +######################### +GenerateKeystoreCert() +{ + # Regenerate keys if they are not valid. + keystore_key=/etc/keystore.key + keystore_cert=/etc/keystore.cert + echo "Generating RSA keys for Keystore." + ${WAZUH_INSTALL_PATH}/bin/wazuh-authd -C 365 -B 2048 -K ${WAZUH_INSTALL_PATH}${keystore_key} -X ${WAZUH_INSTALL_PATH}${keystore_cert} -S "/C=US/ST=California/CN=wazuh/" + chmod 600 ${WAZUH_INSTALL_PATH}${keystore_key} + chmod 600 ${WAZUH_INSTALL_PATH}${keystore_cert} +} + ############################################################################## # Copy all files from $WAZUH_CONFIG_MOUNT to $WAZUH_INSTALL_PATH and respect # destination files permissions @@ -199,7 +213,7 @@ main() { # Restore files stored in permanent data that are not permanent (i.e. internal_options.conf) apply_exclusion_data - + # Apply correct permission and ownership set_correct_permOwner @@ -218,6 +232,23 @@ main() { fi fi + keystore_key=/etc/keystore.key + keystore_cert=/etc/keystore.cert + + # If we come from 4.8.0, no certificates will be found. + # Since the Keystore tool previously used sslmanager keys for encryption, + # We copy them to the new location to be able to recover the information. + if [ ! -f "${WAZUH_INSTALL_PATH}${keystore_key}" ] && [ ! -f "${WAZUH_INSTALL_PATH}${keystore_cert}" ]; then + cp -p ${WAZUH_INSTALL_PATH}/etc/sslmanager.cert ${WAZUH_INSTALL_PATH}${keystore_cert} + cp -p ${WAZUH_INSTALL_PATH}/etc/sslmanager.key ${WAZUH_INSTALL_PATH}${keystore_key} + fi + + # Test if the certificates are valid. If don't, re-generate them + ${WAZUH_INSTALL_PATH}/bin/wazuh-keystore -f default -k certificate_test -v test + if [ $? -eq 1 ]; then + GenerateKeystoreCert + fi + # Mount selected files (WAZUH_CONFIG_MOUNT) to container mount_files From 665f6fd84a04fcd52ce9228e166d0d57d8da1b71 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 4 Jul 2024 13:01:22 -0300 Subject: [PATCH 10/26] Fix goss test --- .github/.goss.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/.goss.yaml b/.github/.goss.yaml index 50b54fc2..1610cc42 100644 --- a/.github/.goss.yaml +++ b/.github/.goss.yaml @@ -56,7 +56,7 @@ package: wazuh-manager: installed: true versions: - - 4.8.1-1 + - 4.8.1 port: tcp:1514: listening: true From 6138516ad9c8ed52edf4288a89f3e500f0e75184 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 4 Jul 2024 13:36:55 -0300 Subject: [PATCH 11/26] Fix wazuh documents tests --- .github/workflows/push.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 0444cba7..cecc3e5c 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -270,7 +270,7 @@ jobs: sleep 10 done docs="`curl -XGET "https://0.0.0.0:9200/wazuh-alerts*/_count" -u admin:SecretPassword -k -s | jq -r ".count"`" - if [[ $docs -gt 1 ]]; then + if [[ $docs -gt 0 ]]; then echo "wazuh-alerts index documents: ${docs}" else echo "wazuh-alerts index documents: ${docs}" From a58306969816a6feb71326c11d78ba5f75240752 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 4 Jul 2024 14:13:07 -0300 Subject: [PATCH 12/26] Bump revision number --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index f577cf84..cff5943a 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ WAZUH-DOCKER_VERSION="4.8.1" -REVISION="40814" +REVISION="40815" From 6049aec3818e5a312495f39a19948951cdde44c0 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 4 Jul 2024 14:32:07 -0300 Subject: [PATCH 13/26] change image version por rc2 --- multi-node/docker-compose.yml | 12 ++++++------ single-node/docker-compose.yml | 6 +++--- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index 145af9fb..dcbf9bbd 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.master: - image: wazuh/wazuh-manager:4.8.1 + image: wazuh/wazuh-manager:4.8.1-rc2 hostname: wazuh.master restart: always ulimits: @@ -45,7 +45,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: - image: wazuh/wazuh-manager:4.8.1 + image: wazuh/wazuh-manager:4.8.1-rc2 hostname: wazuh.worker restart: always ulimits: @@ -81,7 +81,7 @@ services: - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf wazuh1.indexer: - image: wazuh/wazuh-indexer:4.8.1 + image: wazuh/wazuh-indexer:4.8.1-rc2 hostname: wazuh1.indexer restart: always ports: @@ -107,7 +107,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh2.indexer: - image: wazuh/wazuh-indexer:4.8.1 + image: wazuh/wazuh-indexer:4.8.1-rc2 hostname: wazuh2.indexer restart: always environment: @@ -129,7 +129,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh3.indexer: - image: wazuh/wazuh-indexer:4.8.1 + image: wazuh/wazuh-indexer:4.8.1-rc2 hostname: wazuh3.indexer restart: always environment: @@ -151,7 +151,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.8.1 + image: wazuh/wazuh-dashboard:4.8.1-rc2 hostname: wazuh.dashboard restart: always ports: diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index 03255d88..b3b40d12 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.manager: - image: wazuh/wazuh-manager:4.8.1 + image: wazuh/wazuh-manager:4.8.1-rc2 hostname: wazuh.manager restart: always ulimits: @@ -46,7 +46,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.indexer: - image: wazuh/wazuh-indexer:4.8.1 + image: wazuh/wazuh-indexer:4.8.1-rc2 hostname: wazuh.indexer restart: always ports: @@ -71,7 +71,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.8.1 + image: wazuh/wazuh-dashboard:4.8.1-rc2 hostname: wazuh.dashboard restart: always ports: From 0682effeca3f96e50348741a6a5cbeef212b4192 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 4 Jul 2024 14:43:23 -0300 Subject: [PATCH 14/26] Rollback image version --- multi-node/docker-compose.yml | 12 ++++++------ single-node/docker-compose.yml | 6 +++--- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index dcbf9bbd..145af9fb 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.master: - image: wazuh/wazuh-manager:4.8.1-rc2 + image: wazuh/wazuh-manager:4.8.1 hostname: wazuh.master restart: always ulimits: @@ -45,7 +45,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: - image: wazuh/wazuh-manager:4.8.1-rc2 + image: wazuh/wazuh-manager:4.8.1 hostname: wazuh.worker restart: always ulimits: @@ -81,7 +81,7 @@ services: - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf wazuh1.indexer: - image: wazuh/wazuh-indexer:4.8.1-rc2 + image: wazuh/wazuh-indexer:4.8.1 hostname: wazuh1.indexer restart: always ports: @@ -107,7 +107,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh2.indexer: - image: wazuh/wazuh-indexer:4.8.1-rc2 + image: wazuh/wazuh-indexer:4.8.1 hostname: wazuh2.indexer restart: always environment: @@ -129,7 +129,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh3.indexer: - image: wazuh/wazuh-indexer:4.8.1-rc2 + image: wazuh/wazuh-indexer:4.8.1 hostname: wazuh3.indexer restart: always environment: @@ -151,7 +151,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.8.1-rc2 + image: wazuh/wazuh-dashboard:4.8.1 hostname: wazuh.dashboard restart: always ports: diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index b3b40d12..03255d88 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.manager: - image: wazuh/wazuh-manager:4.8.1-rc2 + image: wazuh/wazuh-manager:4.8.1 hostname: wazuh.manager restart: always ulimits: @@ -46,7 +46,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.indexer: - image: wazuh/wazuh-indexer:4.8.1-rc2 + image: wazuh/wazuh-indexer:4.8.1 hostname: wazuh.indexer restart: always ports: @@ -71,7 +71,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.8.1-rc2 + image: wazuh/wazuh-dashboard:4.8.1 hostname: wazuh.dashboard restart: always ports: From b60e8759620fc7af02ea8e270a5fd5c04806c42a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Victor=20Ere=C3=B1=C3=BA?= <56500015+vcerenu@users.noreply.github.com> Date: Thu, 11 Jul 2024 23:01:18 +1000 Subject: [PATCH 15/26] Revert "Add new keystore certificate" --- .github/.goss.yaml | 2 +- .github/workflows/push.yml | 2 +- .../config/etc/cont-init.d/0-wazuh-init | 33 +------------------ 3 files changed, 3 insertions(+), 34 deletions(-) diff --git a/.github/.goss.yaml b/.github/.goss.yaml index 1610cc42..50b54fc2 100644 --- a/.github/.goss.yaml +++ b/.github/.goss.yaml @@ -56,7 +56,7 @@ package: wazuh-manager: installed: true versions: - - 4.8.1 + - 4.8.1-1 port: tcp:1514: listening: true diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index cecc3e5c..0444cba7 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -270,7 +270,7 @@ jobs: sleep 10 done docs="`curl -XGET "https://0.0.0.0:9200/wazuh-alerts*/_count" -u admin:SecretPassword -k -s | jq -r ".count"`" - if [[ $docs -gt 0 ]]; then + if [[ $docs -gt 1 ]]; then echo "wazuh-alerts index documents: ${docs}" else echo "wazuh-alerts index documents: ${docs}" diff --git a/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init b/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init index 5ec1fe27..dae0e1f0 100644 --- a/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init +++ b/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init @@ -122,20 +122,6 @@ create_ossec_key_cert() { exec_cmd "openssl req -new -x509 -key ${WAZUH_INSTALL_PATH}/etc/sslmanager.key -out ${WAZUH_INSTALL_PATH}/etc/sslmanager.cert -days 3650 -subj /CN=${HOSTNAME}/" } -######################### -#GenerateKeystoreCert() -######################### -GenerateKeystoreCert() -{ - # Regenerate keys if they are not valid. - keystore_key=/etc/keystore.key - keystore_cert=/etc/keystore.cert - echo "Generating RSA keys for Keystore." - ${WAZUH_INSTALL_PATH}/bin/wazuh-authd -C 365 -B 2048 -K ${WAZUH_INSTALL_PATH}${keystore_key} -X ${WAZUH_INSTALL_PATH}${keystore_cert} -S "/C=US/ST=California/CN=wazuh/" - chmod 600 ${WAZUH_INSTALL_PATH}${keystore_key} - chmod 600 ${WAZUH_INSTALL_PATH}${keystore_cert} -} - ############################################################################## # Copy all files from $WAZUH_CONFIG_MOUNT to $WAZUH_INSTALL_PATH and respect # destination files permissions @@ -213,7 +199,7 @@ main() { # Restore files stored in permanent data that are not permanent (i.e. internal_options.conf) apply_exclusion_data - + # Apply correct permission and ownership set_correct_permOwner @@ -232,23 +218,6 @@ main() { fi fi - keystore_key=/etc/keystore.key - keystore_cert=/etc/keystore.cert - - # If we come from 4.8.0, no certificates will be found. - # Since the Keystore tool previously used sslmanager keys for encryption, - # We copy them to the new location to be able to recover the information. - if [ ! -f "${WAZUH_INSTALL_PATH}${keystore_key}" ] && [ ! -f "${WAZUH_INSTALL_PATH}${keystore_cert}" ]; then - cp -p ${WAZUH_INSTALL_PATH}/etc/sslmanager.cert ${WAZUH_INSTALL_PATH}${keystore_cert} - cp -p ${WAZUH_INSTALL_PATH}/etc/sslmanager.key ${WAZUH_INSTALL_PATH}${keystore_key} - fi - - # Test if the certificates are valid. If don't, re-generate them - ${WAZUH_INSTALL_PATH}/bin/wazuh-keystore -f default -k certificate_test -v test - if [ $? -eq 1 ]; then - GenerateKeystoreCert - fi - # Mount selected files (WAZUH_CONFIG_MOUNT) to container mount_files From 1e261c165e52b6fd6eafe96229c06cbb943216d2 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 11 Jul 2024 14:28:12 -0300 Subject: [PATCH 16/26] Revert test changes --- .github/.goss.yaml | 2 +- .github/workflows/push.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/.goss.yaml b/.github/.goss.yaml index 50b54fc2..1610cc42 100644 --- a/.github/.goss.yaml +++ b/.github/.goss.yaml @@ -56,7 +56,7 @@ package: wazuh-manager: installed: true versions: - - 4.8.1-1 + - 4.8.1 port: tcp:1514: listening: true diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 0444cba7..cecc3e5c 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -270,7 +270,7 @@ jobs: sleep 10 done docs="`curl -XGET "https://0.0.0.0:9200/wazuh-alerts*/_count" -u admin:SecretPassword -k -s | jq -r ".count"`" - if [[ $docs -gt 1 ]]; then + if [[ $docs -gt 0 ]]; then echo "wazuh-alerts index documents: ${docs}" else echo "wazuh-alerts index documents: ${docs}" From 8cf7909bc00f79f2b01dc20522b5a472268a2330 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Fri, 12 Jul 2024 09:40:40 +0200 Subject: [PATCH 17/26] Bumped revision for 4.9.0-alpha2 --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 38cd86c2..588686e1 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ WAZUH-DOCKER_VERSION="4.9.0" -REVISION="40901" +REVISION="40902" From 98930a670890f9839fb8c8ecd1c4c699a77e0b5a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Fri, 12 Jul 2024 09:49:35 +0200 Subject: [PATCH 18/26] Changed image tag for `4.9.0-alpha2` --- multi-node/docker-compose.yml | 12 ++++++------ single-node/docker-compose.yml | 6 +++--- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index cdc62601..3339c4cb 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.master: - image: wazuh/wazuh-manager:4.9.0 + image: wazuh/wazuh-manager:4.9.0-alpha2 hostname: wazuh.master restart: always ulimits: @@ -45,7 +45,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: - image: wazuh/wazuh-manager:4.9.0 + image: wazuh/wazuh-manager:4.9.0-alpha2 hostname: wazuh.worker restart: always ulimits: @@ -81,7 +81,7 @@ services: - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf wazuh1.indexer: - image: wazuh/wazuh-indexer:4.9.0 + image: wazuh/wazuh-indexer:4.9.0-alpha2 hostname: wazuh1.indexer restart: always ports: @@ -107,7 +107,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh2.indexer: - image: wazuh/wazuh-indexer:4.9.0 + image: wazuh/wazuh-indexer:4.9.0-alpha2 hostname: wazuh2.indexer restart: always environment: @@ -129,7 +129,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh3.indexer: - image: wazuh/wazuh-indexer:4.9.0 + image: wazuh/wazuh-indexer:4.9.0-alpha2 hostname: wazuh3.indexer restart: always environment: @@ -151,7 +151,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.9.0 + image: wazuh/wazuh-dashboard:4.9.0-alpha2 hostname: wazuh.dashboard restart: always ports: diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index 799c027a..46b5f6b2 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.manager: - image: wazuh/wazuh-manager:4.9.0 + image: wazuh/wazuh-manager:4.9.0-alpha2 hostname: wazuh.manager restart: always ulimits: @@ -46,7 +46,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.indexer: - image: wazuh/wazuh-indexer:4.9.0 + image: wazuh/wazuh-indexer:4.9.0-alpha2 hostname: wazuh.indexer restart: always ports: @@ -71,7 +71,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.9.0 + image: wazuh/wazuh-dashboard:4.9.0-alpha2 hostname: wazuh.dashboard restart: always ports: From dca7f9382ecf77d6be62fa9527dbfc8db35284f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Fri, 12 Jul 2024 10:22:27 +0200 Subject: [PATCH 19/26] Reverted image tag for `4.9.0-alpha2` --- multi-node/docker-compose.yml | 12 ++++++------ single-node/docker-compose.yml | 6 +++--- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index 3339c4cb..cdc62601 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.master: - image: wazuh/wazuh-manager:4.9.0-alpha2 + image: wazuh/wazuh-manager:4.9.0 hostname: wazuh.master restart: always ulimits: @@ -45,7 +45,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: - image: wazuh/wazuh-manager:4.9.0-alpha2 + image: wazuh/wazuh-manager:4.9.0 hostname: wazuh.worker restart: always ulimits: @@ -81,7 +81,7 @@ services: - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf wazuh1.indexer: - image: wazuh/wazuh-indexer:4.9.0-alpha2 + image: wazuh/wazuh-indexer:4.9.0 hostname: wazuh1.indexer restart: always ports: @@ -107,7 +107,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh2.indexer: - image: wazuh/wazuh-indexer:4.9.0-alpha2 + image: wazuh/wazuh-indexer:4.9.0 hostname: wazuh2.indexer restart: always environment: @@ -129,7 +129,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh3.indexer: - image: wazuh/wazuh-indexer:4.9.0-alpha2 + image: wazuh/wazuh-indexer:4.9.0 hostname: wazuh3.indexer restart: always environment: @@ -151,7 +151,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.9.0-alpha2 + image: wazuh/wazuh-dashboard:4.9.0 hostname: wazuh.dashboard restart: always ports: diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index 46b5f6b2..799c027a 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.manager: - image: wazuh/wazuh-manager:4.9.0-alpha2 + image: wazuh/wazuh-manager:4.9.0 hostname: wazuh.manager restart: always ulimits: @@ -46,7 +46,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.indexer: - image: wazuh/wazuh-indexer:4.9.0-alpha2 + image: wazuh/wazuh-indexer:4.9.0 hostname: wazuh.indexer restart: always ports: @@ -71,7 +71,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.9.0-alpha2 + image: wazuh/wazuh-dashboard:4.9.0 hostname: wazuh.dashboard restart: always ports: From fe327f10a3549ebf0fbfc37d3ba9832f64e98758 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Mon, 15 Jul 2024 11:10:52 +0200 Subject: [PATCH 20/26] Bumped revision for 4.8.1 RC3 --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index cff5943a..3a9e770f 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ WAZUH-DOCKER_VERSION="4.8.1" -REVISION="40815" +REVISION="40816" From c014ea77f48d0ffe8191d8dfc6cbada3175d2fb4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Mon, 15 Jul 2024 11:23:03 +0200 Subject: [PATCH 21/26] Changed image tag for 4.8.1 RC3 --- multi-node/docker-compose.yml | 12 ++++++------ single-node/docker-compose.yml | 6 +++--- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index 145af9fb..2c8d2437 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.master: - image: wazuh/wazuh-manager:4.8.1 + image: wazuh/wazuh-manager:4.8.1-rc3 hostname: wazuh.master restart: always ulimits: @@ -45,7 +45,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: - image: wazuh/wazuh-manager:4.8.1 + image: wazuh/wazuh-manager:4.8.1-rc3 hostname: wazuh.worker restart: always ulimits: @@ -81,7 +81,7 @@ services: - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf wazuh1.indexer: - image: wazuh/wazuh-indexer:4.8.1 + image: wazuh/wazuh-indexer:4.8.1-rc3 hostname: wazuh1.indexer restart: always ports: @@ -107,7 +107,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh2.indexer: - image: wazuh/wazuh-indexer:4.8.1 + image: wazuh/wazuh-indexer:4.8.1-rc3 hostname: wazuh2.indexer restart: always environment: @@ -129,7 +129,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh3.indexer: - image: wazuh/wazuh-indexer:4.8.1 + image: wazuh/wazuh-indexer:4.8.1-rc3 hostname: wazuh3.indexer restart: always environment: @@ -151,7 +151,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.8.1 + image: wazuh/wazuh-dashboard:4.8.1-rc3 hostname: wazuh.dashboard restart: always ports: diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index 03255d88..95add11e 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.manager: - image: wazuh/wazuh-manager:4.8.1 + image: wazuh/wazuh-manager:4.8.1-rc3 hostname: wazuh.manager restart: always ulimits: @@ -46,7 +46,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.indexer: - image: wazuh/wazuh-indexer:4.8.1 + image: wazuh/wazuh-indexer:4.8.1-rc3 hostname: wazuh.indexer restart: always ports: @@ -71,7 +71,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.8.1 + image: wazuh/wazuh-dashboard:4.8.1-rc3 hostname: wazuh.dashboard restart: always ports: From 1e70aad5f84c459983360a4785fcb1daf0728a12 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Mon, 15 Jul 2024 11:30:08 +0200 Subject: [PATCH 22/26] Reverted image tag for 4.8.1 RC3 --- multi-node/docker-compose.yml | 12 ++++++------ single-node/docker-compose.yml | 6 +++--- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index 2c8d2437..145af9fb 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.master: - image: wazuh/wazuh-manager:4.8.1-rc3 + image: wazuh/wazuh-manager:4.8.1 hostname: wazuh.master restart: always ulimits: @@ -45,7 +45,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: - image: wazuh/wazuh-manager:4.8.1-rc3 + image: wazuh/wazuh-manager:4.8.1 hostname: wazuh.worker restart: always ulimits: @@ -81,7 +81,7 @@ services: - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf wazuh1.indexer: - image: wazuh/wazuh-indexer:4.8.1-rc3 + image: wazuh/wazuh-indexer:4.8.1 hostname: wazuh1.indexer restart: always ports: @@ -107,7 +107,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh2.indexer: - image: wazuh/wazuh-indexer:4.8.1-rc3 + image: wazuh/wazuh-indexer:4.8.1 hostname: wazuh2.indexer restart: always environment: @@ -129,7 +129,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh3.indexer: - image: wazuh/wazuh-indexer:4.8.1-rc3 + image: wazuh/wazuh-indexer:4.8.1 hostname: wazuh3.indexer restart: always environment: @@ -151,7 +151,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.8.1-rc3 + image: wazuh/wazuh-dashboard:4.8.1 hostname: wazuh.dashboard restart: always ports: diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index 95add11e..03255d88 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.manager: - image: wazuh/wazuh-manager:4.8.1-rc3 + image: wazuh/wazuh-manager:4.8.1 hostname: wazuh.manager restart: always ulimits: @@ -46,7 +46,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.indexer: - image: wazuh/wazuh-indexer:4.8.1-rc3 + image: wazuh/wazuh-indexer:4.8.1 hostname: wazuh.indexer restart: always ports: @@ -71,7 +71,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.8.1-rc3 + image: wazuh/wazuh-dashboard:4.8.1 hostname: wazuh.dashboard restart: always ports: From 5d5cc9d30ac8e972c07e42714f4bc48f87fa11ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Wed, 17 Jul 2024 12:06:16 +0200 Subject: [PATCH 23/26] Bumped revision for 4.8.1 RC4 --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 3a9e770f..bd49b62f 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ WAZUH-DOCKER_VERSION="4.8.1" -REVISION="40816" +REVISION="40817" From 3f320be95d12a0b25e6298df136d3df962802458 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Wed, 17 Jul 2024 12:13:52 +0200 Subject: [PATCH 24/26] Changed image tag for 4.8.1-RC4 --- multi-node/docker-compose.yml | 12 ++++++------ single-node/docker-compose.yml | 6 +++--- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index 145af9fb..784ced96 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.master: - image: wazuh/wazuh-manager:4.8.1 + image: wazuh/wazuh-manager:4.8.1-rc4 hostname: wazuh.master restart: always ulimits: @@ -45,7 +45,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: - image: wazuh/wazuh-manager:4.8.1 + image: wazuh/wazuh-manager:4.8.1-rc4 hostname: wazuh.worker restart: always ulimits: @@ -81,7 +81,7 @@ services: - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf wazuh1.indexer: - image: wazuh/wazuh-indexer:4.8.1 + image: wazuh/wazuh-indexer:4.8.1-rc4 hostname: wazuh1.indexer restart: always ports: @@ -107,7 +107,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh2.indexer: - image: wazuh/wazuh-indexer:4.8.1 + image: wazuh/wazuh-indexer:4.8.1-rc4 hostname: wazuh2.indexer restart: always environment: @@ -129,7 +129,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh3.indexer: - image: wazuh/wazuh-indexer:4.8.1 + image: wazuh/wazuh-indexer:4.8.1-rc4 hostname: wazuh3.indexer restart: always environment: @@ -151,7 +151,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.8.1 + image: wazuh/wazuh-dashboard:4.8.1-rc4 hostname: wazuh.dashboard restart: always ports: diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index 03255d88..d478ccb9 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.manager: - image: wazuh/wazuh-manager:4.8.1 + image: wazuh/wazuh-manager:4.8.1-rc4 hostname: wazuh.manager restart: always ulimits: @@ -46,7 +46,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.indexer: - image: wazuh/wazuh-indexer:4.8.1 + image: wazuh/wazuh-indexer:4.8.1-rc4 hostname: wazuh.indexer restart: always ports: @@ -71,7 +71,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.8.1 + image: wazuh/wazuh-dashboard:4.8.1-rc4 hostname: wazuh.dashboard restart: always ports: From 21e1943cab7fb0982fe640c6c85022266dfc9b36 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Wed, 17 Jul 2024 12:22:15 +0200 Subject: [PATCH 25/26] Reverted image tag for 4.8.1 RC4 --- multi-node/docker-compose.yml | 12 ++++++------ single-node/docker-compose.yml | 6 +++--- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index 784ced96..145af9fb 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.master: - image: wazuh/wazuh-manager:4.8.1-rc4 + image: wazuh/wazuh-manager:4.8.1 hostname: wazuh.master restart: always ulimits: @@ -45,7 +45,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: - image: wazuh/wazuh-manager:4.8.1-rc4 + image: wazuh/wazuh-manager:4.8.1 hostname: wazuh.worker restart: always ulimits: @@ -81,7 +81,7 @@ services: - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf wazuh1.indexer: - image: wazuh/wazuh-indexer:4.8.1-rc4 + image: wazuh/wazuh-indexer:4.8.1 hostname: wazuh1.indexer restart: always ports: @@ -107,7 +107,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh2.indexer: - image: wazuh/wazuh-indexer:4.8.1-rc4 + image: wazuh/wazuh-indexer:4.8.1 hostname: wazuh2.indexer restart: always environment: @@ -129,7 +129,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh3.indexer: - image: wazuh/wazuh-indexer:4.8.1-rc4 + image: wazuh/wazuh-indexer:4.8.1 hostname: wazuh3.indexer restart: always environment: @@ -151,7 +151,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.8.1-rc4 + image: wazuh/wazuh-dashboard:4.8.1 hostname: wazuh.dashboard restart: always ports: diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index d478ccb9..03255d88 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.manager: - image: wazuh/wazuh-manager:4.8.1-rc4 + image: wazuh/wazuh-manager:4.8.1 hostname: wazuh.manager restart: always ulimits: @@ -46,7 +46,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.indexer: - image: wazuh/wazuh-indexer:4.8.1-rc4 + image: wazuh/wazuh-indexer:4.8.1 hostname: wazuh.indexer restart: always ports: @@ -71,7 +71,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.8.1-rc4 + image: wazuh/wazuh-dashboard:4.8.1 hostname: wazuh.dashboard restart: always ports: From 0a440c04337ddb82ce4fa3c405cba35aa3268e1f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Thu, 18 Jul 2024 14:34:12 +0200 Subject: [PATCH 26/26] Removed whitespaces --- .../wazuh-manager/config/etc/cont-init.d/0-wazuh-init | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init b/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init index dae0e1f0..326c46de 100644 --- a/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init +++ b/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init @@ -199,7 +199,7 @@ main() { # Restore files stored in permanent data that are not permanent (i.e. internal_options.conf) apply_exclusion_data - + # Apply correct permission and ownership set_correct_permOwner