paulmataruso/wazuh-docker-mirror
1
0
Fork 0
mirror of https://github.com/wazuh/wazuh-docker.git synced 2025-10-23 04:51:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #467 from wazuh/4.3

Browse Source 
Merge 4.3 in master
This commit is contained in:
Alberto Rodríguez
2021-05-24 09:34:27 +02:00
committed by GitHub
parent 2eb9b7c8fc 6869fbacfc
commit 5f84a7eac2
15 changed files with 63 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
.goss.yaml
View File

@@ -16,22 +16,22 @@ file:
/var/ossec/etc/lists/audit-keys:
exists: true
mode: "0660"
owner: ossec
group: ossec
owner: wazuh
group: wazuh
filetype: file
contains: []
/var/ossec/etc/ossec.conf:
exists: true
mode: "0660"
owner: root
group: ossec
group: wazuh
filetype: file
contains: []
/var/ossec/etc/rules/local_rules.xml:
exists: true
mode: "0660"
owner: ossec
group: ossec
owner: wazuh
group: wazuh
filetype: file
contains: []
/var/ossec/etc/sslmanager.cert:
@@ -56,7 +56,7 @@ package:
wazuh-manager:
installed: true
versions:
- 4.1.5
- 4.3.0
port:
tcp:1514:
listening: true
@@ -71,26 +71,26 @@ port:
ip:
- 0.0.0.0
user:
ossec:
wazuh:
exists: true
groups:
- ossec
- wazuh
home: /var/ossec
shell: /sbin/nologin
ossecm:
wazuh:
exists: true
groups:
- ossec
- wazuh
home: /var/ossec
shell: /sbin/nologin
ossecr:
wazuh:
exists: true
groups:
- ossec
- wazuh
home: /var/ossec
shell: /sbin/nologin
group:
ossec:
wazuh:
exists: true
process:
filebeat:

9
CHANGELOG.md
View File

@@ -1,6 +1,15 @@
# Change Log
All notable changes to this project will be documented in this file.
## Wazuh Docker v4.3.0
### Added
- Update Wazuh to version [4.3.0](https://github.com/wazuh/wazuh/blob/v4.3.0/CHANGELOG.md#v430)
## Wazuh Docker v4.2.0
### Added
- Update Wazuh to version [4.2.0](https://github.com/wazuh/wazuh/blob/v4.2.0/CHANGELOG.md#v420)
## Wazuh Docker v4.1.5
### Added

4
README.md
View File

@@ -155,6 +155,10 @@ ADMIN_PRIVILEGES=true # App privileges
| Wazuh version | ODFE | XPACK |
|---------------|---------|--------|
| v4.3.0 | 1.12.0 | 7.10.2 |
|---------------|---------|--------|
| v4.2.0 | 1.12.0 | 7.10.2 |
|---------------|---------|--------|
| v4.1.4 | 1.12.0 | 7.10.2 |
|---------------|---------|--------|
| v4.1.3 | 1.12.0 | 7.10.2 |

4
VERSION
View File

@@ -1,2 +1,2 @@
WAZUH-DOCKER_VERSION="4.1.5"
REVISION="40114"
WAZUH-DOCKER_VERSION="4.3.0"
REVISION="43100"

4
docker-compose.yml
View File

@@ -3,7 +3,7 @@ version: '3.7'
services:
wazuh:
image: wazuh/wazuh-odfe:4.1.5
image: wazuh/wazuh-odfe:4.3.0
hostname: wazuh-manager
restart: always
ports:
@@ -50,7 +50,7 @@ services:
hard: 65536
kibana:
image: wazuh/wazuh-kibana-odfe:4.1.5
image: wazuh/wazuh-kibana-odfe:4.3.0
hostname: kibana
restart: always
ports:

2
kibana-odfe/Dockerfile
View File

@@ -2,7 +2,7 @@
FROM amazon/opendistro-for-elasticsearch-kibana:1.12.0
USER kibana
ARG ELASTIC_VERSION=7.10.0
ARG WAZUH_VERSION=4.1.5
ARG WAZUH_VERSION=4.3.0
ARG WAZUH_APP_VERSION="${WAZUH_VERSION}_${ELASTIC_VERSION}"
WORKDIR /usr/share/kibana

2
kibana/Dockerfile
View File

@@ -2,7 +2,7 @@
FROM docker.elastic.co/kibana/kibana:7.10.2
USER kibana
ARG ELASTIC_VERSION=7.10.2
ARG WAZUH_VERSION=4.1.5
ARG WAZUH_VERSION=4.3.0
ARG WAZUH_APP_VERSION="${WAZUH_VERSION}_${ELASTIC_VERSION}"
WORKDIR /usr/share/kibana

6
production-cluster.yml
View File

@@ -3,7 +3,7 @@ version: '3.7'
services:
wazuh-master:
image: wazuh/wazuh-odfe:4.1.5
image: wazuh/wazuh-odfe:4.3.0
hostname: wazuh-master
restart: always
ports:
@@ -38,7 +38,7 @@ services:
- ./production_cluster/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
wazuh-worker:
image: wazuh/wazuh-odfe:4.1.5
image: wazuh/wazuh-odfe:4.3.0
hostname: wazuh-worker
restart: always
environment:
@@ -132,7 +132,7 @@ services:
- ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml
kibana:
image: wazuh/wazuh-kibana-odfe:4.1.5
image: wazuh/wazuh-kibana-odfe:4.3.0
hostname: kibana
restart: always
ports:

4
production_cluster/wazuh_cluster/wazuh_manager.conf
View File

@@ -6,7 +6,7 @@
<logall_json>no</logall_json>
<email_notification>no</email_notification>
<smtp_server>smtp.example.wazuh.com</smtp_server>
<email_from>ossecm@example.wazuh.com</email_from>
<email_from>wazuh@example.wazuh.com</email_from>
<email_to>recipient@example.wazuh.com</email_to>
<email_maxperhour>12</email_maxperhour>
<email_log_source>alerts.log</email_log_source>
@@ -307,7 +307,7 @@
<rule_dir>etc/rules</rule_dir>
</ruleset>
<!-- Configuration for ossec-authd -->
<!-- Configuration for wazuh-authd -->
<auth>
<disabled>no</disabled>
<port>1515</port>

4
production_cluster/wazuh_cluster/wazuh_worker.conf
View File

@@ -6,7 +6,7 @@
<logall_json>no</logall_json>
<email_notification>no</email_notification>
<smtp_server>smtp.example.wazuh.com</smtp_server>
<email_from>ossecm@example.wazuh.com</email_from>
<email_from>wazuh@example.wazuh.com</email_from>
<email_to>recipient@example.wazuh.com</email_to>
<email_maxperhour>12</email_maxperhour>
<email_log_source>alerts.log</email_log_source>
@@ -307,7 +307,7 @@
<rule_dir>etc/rules</rule_dir>
</ruleset>
<!-- Configuration for ossec-authd -->
<!-- Configuration for wazuh-authd -->
<auth>
<disabled>no</disabled>
<port>1515</port>

4
wazuh-odfe/Dockerfile
View File

@@ -3,7 +3,7 @@ FROM centos:7
ARG FILEBEAT_CHANNEL=filebeat-oss
ARG FILEBEAT_VERSION=7.10.0
ARG WAZUH_VERSION=4.1.5-1
ARG WAZUH_VERSION=4.3.0-1
ARG TEMPLATE_VERSION="master"
ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz"
@@ -39,7 +39,7 @@ ADD https://raw.githubusercontent.com/wazuh/wazuh/$TEMPLATE_VERSION/extensions/e
RUN chmod go-w /etc/filebeat/wazuh-template.json
COPY config/etc/ /etc/
COPY --chown=root:ossec config/create_user.py /var/ossec/framework/scripts/create_user.py
COPY --chown=root:wazuh config/create_user.py /var/ossec/framework/scripts/create_user.py
# Prepare permanent data
# Sync calls are due to https://github.com/docker/docker/issues/9547

4
wazuh-odfe/config/etc/cont-init.d/0-wazuh-init
View File

@@ -94,7 +94,7 @@ remove_data_files() {
##############################################################################
create_ossec_key_cert() {
print "Creating ossec-authd key and cert"
print "Creating wazuh-authd key and cert"
exec_cmd "openssl genrsa -out ${WAZUH_INSTALL_PATH}/etc/sslmanager.key 4096"
exec_cmd "openssl req -new -x509 -key ${WAZUH_INSTALL_PATH}/etc/sslmanager.key -out ${WAZUH_INSTALL_PATH}/etc/sslmanager.cert -days 3650 -subj /CN=${HOSTNAME}/"
}
@@ -161,7 +161,7 @@ main() {
# Remove some files in permanent_data (i.e. .template.db)
remove_data_files
# Generate ossec-authd certs if AUTO_ENROLLMENT_ENABLED is true and does not exist
# Generate wazuh-authd certs if AUTO_ENROLLMENT_ENABLED is true and does not exist
if [ $AUTO_ENROLLMENT_ENABLED == true ]
then
if [ ! -e ${WAZUH_INSTALL_PATH}/etc/sslmanager.key ]

16
wazuh-odfe/config/etc/cont-init.d/2-manager
View File

@@ -36,11 +36,11 @@ function_wazuh_migration(){
fi
\cp -f /wazuh-migration/data/etc/ossec.conf /var/ossec/etc/ossec.conf
chown root:ossec /var/ossec/etc/ossec.conf
chown root:wazuh /var/ossec/etc/ossec.conf
chmod 640 /var/ossec/etc/ossec.conf
\cp -f /wazuh-migration/data/etc/client.keys /var/ossec/etc/client.keys
chown ossec:ossec /var/ossec/etc/client.keys
chown wazuh:wazuh /var/ossec/etc/client.keys
chmod 640 /var/ossec/etc/client.keys
\cp -f /wazuh-migration/data/etc/sslmanager.cert /var/ossec/etc/sslmanager.cert
@@ -49,25 +49,25 @@ function_wazuh_migration(){
chmod 640 /var/ossec/etc/sslmanager.cert /var/ossec/etc/sslmanager.key
\cp -f /wazuh-migration/data/etc/shared/default/agent.conf /var/ossec/etc/shared/default/agent.conf
chown ossec:ossec /var/ossec/etc/shared/default/agent.conf
chown wazuh:wazuh /var/ossec/etc/shared/default/agent.conf
chmod 660 /var/ossec/etc/shared/default/agent.conf
\cp -f /wazuh-migration/data/etc/decoders/* /var/ossec/etc/decoders/
chown ossec:ossec /var/ossec/etc/decoders/*
chown wazuh:wazuh /var/ossec/etc/decoders/*
chmod 660 /var/ossec/etc/decoders/*
\cp -f /wazuh-migration/data/etc/rules/* /var/ossec/etc/rules/
chown ossec:ossec /var/ossec/etc/rules/*
chown wazuh:wazuh /var/ossec/etc/rules/*
chmod 660 /var/ossec/etc/rules/*
if [ -e /wazuh-migration/data/agentless/.passlist ]; then
\cp -f /wazuh-migration/data/agentless/.passlist /var/ossec/agentless/.passlist
chown root:ossec /var/ossec/agentless/.passlist
chown root:wazuh /var/ossec/agentless/.passlist
chmod 640 /var/ossec/agentless/.passlist
fi
\cp -f /wazuh-migration/global.db /var/ossec/queue/db/global.db
chown ossec:ossec /var/ossec/queue/db/global.db
chown wazuh:wazuh /var/ossec/queue/db/global.db
chmod 640 /var/ossec/queue/db/global.db
# mark volume as migrated
@@ -123,4 +123,4 @@ function_create_custom_user
function_entrypoint_scripts
# Start Wazuh
/var/ossec/bin/ossec-control start
/var/ossec/bin/wazuh-control start

4
xpack-compose.yml
View File

@@ -3,7 +3,7 @@ version: '3.7'
services:
wazuh:
image: wazuh/wazuh:4.1.5
image: wazuh/wazuh:4.3.0
hostname: wazuh-manager
restart: always
ports:
@@ -146,7 +146,7 @@ services:
kibana:
image: wazuh/wazuh-kibana:4.1.5
image: wazuh/wazuh-kibana:4.3.0
hostname: kibana
restart: always
ports:

4
xpack-from-sources.yml
View File

@@ -8,7 +8,7 @@ services:
args:
- FILEBEAT_CHANNEL=filebeat
- FILEBEAT_VERSION=7.10.2
image: wazuh/wazuh:4.1.5
image: wazuh/wazuh:4.3.0
hostname: wazuh-manager
restart: always
ports:
@@ -152,7 +152,7 @@ services:
kibana:
build: kibana/
image: wazuh/wazuh-kibana:4.1.5
image: wazuh/wazuh-kibana:4.3.0
hostname: kibana
restart: always
ports: