From 93d12d214306d31c08c078e187a9e70b348e0847 Mon Sep 17 00:00:00 2001 From: krzee <4845550+krzee@users.noreply.github.com> Date: Wed, 11 Aug 2021 15:11:43 -0700 Subject: [PATCH 001/163] in bash if already tests exit status is 0 or not The other way works too, but it seems pointless to go through extra steps when the if command already does exactly this --- kibana-odfe/config/wazuh_app_config.sh | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/kibana-odfe/config/wazuh_app_config.sh b/kibana-odfe/config/wazuh_app_config.sh index fddf93b4..048f1f17 100644 --- a/kibana-odfe/config/wazuh_app_config.sh +++ b/kibana-odfe/config/wazuh_app_config.sh @@ -47,10 +47,7 @@ done CONFIG_CODE=$(curl ${auth} -s -o /dev/null -w "%{http_code}" -XGET $el_url/.wazuh/_doc/1513629884013) -grep -q 1513629884013 $kibana_config_file -_config_exists=$? - -if [[ "x$CONFIG_CODE" != "x200" && $_config_exists -ne 0 ]]; then +if [[ "x$CONFIG_CODE" != "x200" ]] && ! grep -q 1513629884013 $kibana_config_file ; then cat << EOF >> $kibana_config_file hosts: - 1513629884013: From a87676a03daf24c5a357ed557a8524af8af806c4 Mon Sep 17 00:00:00 2001 From: Nick McKinney Date: Mon, 8 Nov 2021 14:09:24 -0500 Subject: [PATCH 002/163] Add environment variable to customize wazuh.monitoring.creation interval --- README.md | 1 + kibana-odfe/config/wazuh_app_config.sh | 1 + kibana/config/wazuh_app_config.sh | 1 + 3 files changed, 3 insertions(+) diff --git a/README.md b/README.md index 0cc0f4fc..c5bdf462 100644 --- a/README.md +++ b/README.md @@ -78,6 +78,7 @@ IP_SELECTOR=true # Defines if the user is allowed to change the s IP_IGNORE="[]" # List of index patterns to be ignored WAZUH_MONITORING_ENABLED=true # Custom settings to enable/disable wazuh-monitoring indices +WAZUH_MONITORING_CREATION=d # Custom setting to set the wazuh-monitoring-* indices creation interval WAZUH_MONITORING_FREQUENCY=900 # Custom setting to set the frequency for wazuh-monitoring indices cron task WAZUH_MONITORING_SHARDS=2 # Configure wazuh-monitoring-* indices shards and replicas WAZUH_MONITORING_REPLICAS=0 # diff --git a/kibana-odfe/config/wazuh_app_config.sh b/kibana-odfe/config/wazuh_app_config.sh index fddf93b4..3144aef4 100644 --- a/kibana-odfe/config/wazuh_app_config.sh +++ b/kibana-odfe/config/wazuh_app_config.sh @@ -32,6 +32,7 @@ declare -A CONFIG_MAP=( [ip.selector]=$IP_SELECTOR [ip.ignore]=$IP_IGNORE [wazuh.monitoring.enabled]=$WAZUH_MONITORING_ENABLED + [wazuh.monitoring.creation]=$WAZUH_MONITORING_CREATION [wazuh.monitoring.frequency]=$WAZUH_MONITORING_FREQUENCY [wazuh.monitoring.shards]=$WAZUH_MONITORING_SHARDS [wazuh.monitoring.replicas]=$WAZUH_MONITORING_REPLICAS diff --git a/kibana/config/wazuh_app_config.sh b/kibana/config/wazuh_app_config.sh index fddf93b4..3144aef4 100644 --- a/kibana/config/wazuh_app_config.sh +++ b/kibana/config/wazuh_app_config.sh @@ -32,6 +32,7 @@ declare -A CONFIG_MAP=( [ip.selector]=$IP_SELECTOR [ip.ignore]=$IP_IGNORE [wazuh.monitoring.enabled]=$WAZUH_MONITORING_ENABLED + [wazuh.monitoring.creation]=$WAZUH_MONITORING_CREATION [wazuh.monitoring.frequency]=$WAZUH_MONITORING_FREQUENCY [wazuh.monitoring.shards]=$WAZUH_MONITORING_SHARDS [wazuh.monitoring.replicas]=$WAZUH_MONITORING_REPLICAS From c1120c1995c396bb3fa38c2529b8cd1b34277238 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 14 Dec 2021 09:23:36 -0300 Subject: [PATCH 003/163] log4j workaround --- production-cluster.yml | 3 +++ production_cluster/elastic_opendistro/disabledlog4j.options | 1 + xpack-compose.yml | 4 +++- xpack/disabledlog4j.options | 1 + 4 files changed, 8 insertions(+), 1 deletion(-) create mode 100644 production_cluster/elastic_opendistro/disabledlog4j.options create mode 100644 xpack/disabledlog4j.options diff --git a/production-cluster.yml b/production-cluster.yml index df0d2250..2e36d701 100644 --- a/production-cluster.yml +++ b/production-cluster.yml @@ -90,6 +90,7 @@ services: - ./production_cluster/ssl_certs/admin.key:/usr/share/elasticsearch/config/admin.key - ./production_cluster/elastic_opendistro/elasticsearch-node1.yml:/usr/share/elasticsearch/config/elasticsearch.yml - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml + - ./production_cluster/elastic_opendistro/disabledlog4j.options:/etc/elasticsearch/jvm.options.d/disabledlog4j.options elasticsearch-2: image: amazon/opendistro-for-elasticsearch:1.13.2 @@ -111,6 +112,7 @@ services: - ./production_cluster/ssl_certs/node2.pem:/usr/share/elasticsearch/config/node2.pem - ./production_cluster/elastic_opendistro/elasticsearch-node2.yml:/usr/share/elasticsearch/config/elasticsearch.yml - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml + - ./production_cluster/elastic_opendistro/disabledlog4j.options:/etc/elasticsearch/jvm.options.d/disabledlog4j.options elasticsearch-3: image: amazon/opendistro-for-elasticsearch:1.13.2 @@ -132,6 +134,7 @@ services: - ./production_cluster/ssl_certs/node3.pem:/usr/share/elasticsearch/config/node3.pem - ./production_cluster/elastic_opendistro/elasticsearch-node3.yml:/usr/share/elasticsearch/config/elasticsearch.yml - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml + - ./production_cluster/elastic_opendistro/disabledlog4j.options:/etc/elasticsearch/jvm.options.d/disabledlog4j.options kibana: image: wazuh/wazuh-kibana-odfe:4.3.0 diff --git a/production_cluster/elastic_opendistro/disabledlog4j.options b/production_cluster/elastic_opendistro/disabledlog4j.options new file mode 100644 index 00000000..c3d67115 --- /dev/null +++ b/production_cluster/elastic_opendistro/disabledlog4j.options @@ -0,0 +1 @@ +-Dlog4j2.formatMsgNoLookups=true \ No newline at end of file diff --git a/xpack-compose.yml b/xpack-compose.yml index f741a7ce..96e68985 100644 --- a/xpack-compose.yml +++ b/xpack-compose.yml @@ -72,6 +72,7 @@ services: - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt - ./xpack/elasticsearch/elasticsearch.key:/usr/share/elasticsearch/config/elasticsearch.key - ./xpack/elasticsearch/elasticsearch.crt:/usr/share/elasticsearch/config/elasticsearch.crt + - ./xpack/disabledlog4j.options:/etc/elasticsearch/jvm.options.d/disabledlog4j.options elasticsearch2: image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2 @@ -107,6 +108,7 @@ services: - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt - ./xpack/elasticsearch2/elasticsearch2.key:/usr/share/elasticsearch/config/elasticsearch.key - ./xpack/elasticsearch2/elasticsearch2.crt:/usr/share/elasticsearch/config/elasticsearch.crt + - ./xpack/disabledlog4j.options:/etc/elasticsearch/jvm.options.d/disabledlog4j.options elasticsearch3: image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2 @@ -142,7 +144,7 @@ services: - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt - ./xpack/elasticsearch3/elasticsearch3.key:/usr/share/elasticsearch/config/elasticsearch.key - ./xpack/elasticsearch3/elasticsearch3.crt:/usr/share/elasticsearch/config/elasticsearch.crt - + - ./xpack/disabledlog4j.options:/etc/elasticsearch/jvm.options.d/disabledlog4j.options kibana: diff --git a/xpack/disabledlog4j.options b/xpack/disabledlog4j.options new file mode 100644 index 00000000..c3d67115 --- /dev/null +++ b/xpack/disabledlog4j.options @@ -0,0 +1 @@ +-Dlog4j2.formatMsgNoLookups=true \ No newline at end of file From b395bcab40eb4a563a1286bd78d9fb0d490bc036 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 14 Dec 2021 12:18:07 -0300 Subject: [PATCH 004/163] log4j workaround --- production_cluster/elastic_opendistro/disabledlog4j.options | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 production_cluster/elastic_opendistro/disabledlog4j.options diff --git a/production_cluster/elastic_opendistro/disabledlog4j.options b/production_cluster/elastic_opendistro/disabledlog4j.options old mode 100644 new mode 100755 From e3ee599f83d77083d2bb5ecbc4b26d0a6a5e3c49 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 14 Dec 2021 12:24:12 -0300 Subject: [PATCH 005/163] log4j workaround --- xpack/disabledlog4j.options | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 xpack/disabledlog4j.options diff --git a/xpack/disabledlog4j.options b/xpack/disabledlog4j.options old mode 100644 new mode 100755 From da2f257f00615712ec89f11e9038685df030599e Mon Sep 17 00:00:00 2001 From: vcerenu Date: Wed, 15 Dec 2021 10:08:27 -0300 Subject: [PATCH 006/163] log4j workaround --- .../disabledlog4j.options => disabledlog4j.options | 0 production-cluster.yml | 6 +++--- xpack-compose.yml | 6 +++--- xpack/disabledlog4j.options | 1 - 4 files changed, 6 insertions(+), 7 deletions(-) rename production_cluster/elastic_opendistro/disabledlog4j.options => disabledlog4j.options (100%) delete mode 100755 xpack/disabledlog4j.options diff --git a/production_cluster/elastic_opendistro/disabledlog4j.options b/disabledlog4j.options similarity index 100% rename from production_cluster/elastic_opendistro/disabledlog4j.options rename to disabledlog4j.options diff --git a/production-cluster.yml b/production-cluster.yml index 2e36d701..12855122 100644 --- a/production-cluster.yml +++ b/production-cluster.yml @@ -90,7 +90,7 @@ services: - ./production_cluster/ssl_certs/admin.key:/usr/share/elasticsearch/config/admin.key - ./production_cluster/elastic_opendistro/elasticsearch-node1.yml:/usr/share/elasticsearch/config/elasticsearch.yml - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml - - ./production_cluster/elastic_opendistro/disabledlog4j.options:/etc/elasticsearch/jvm.options.d/disabledlog4j.options + - ./disabledlog4j.options:/etc/elasticsearch/jvm.options.d/disabledlog4j.options elasticsearch-2: image: amazon/opendistro-for-elasticsearch:1.13.2 @@ -112,7 +112,7 @@ services: - ./production_cluster/ssl_certs/node2.pem:/usr/share/elasticsearch/config/node2.pem - ./production_cluster/elastic_opendistro/elasticsearch-node2.yml:/usr/share/elasticsearch/config/elasticsearch.yml - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml - - ./production_cluster/elastic_opendistro/disabledlog4j.options:/etc/elasticsearch/jvm.options.d/disabledlog4j.options + - ./disabledlog4j.options:/etc/elasticsearch/jvm.options.d/disabledlog4j.options elasticsearch-3: image: amazon/opendistro-for-elasticsearch:1.13.2 @@ -134,7 +134,7 @@ services: - ./production_cluster/ssl_certs/node3.pem:/usr/share/elasticsearch/config/node3.pem - ./production_cluster/elastic_opendistro/elasticsearch-node3.yml:/usr/share/elasticsearch/config/elasticsearch.yml - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml - - ./production_cluster/elastic_opendistro/disabledlog4j.options:/etc/elasticsearch/jvm.options.d/disabledlog4j.options + - ./disabledlog4j.options:/etc/elasticsearch/jvm.options.d/disabledlog4j.options kibana: image: wazuh/wazuh-kibana-odfe:4.3.0 diff --git a/xpack-compose.yml b/xpack-compose.yml index 96e68985..33bf97b5 100644 --- a/xpack-compose.yml +++ b/xpack-compose.yml @@ -72,7 +72,7 @@ services: - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt - ./xpack/elasticsearch/elasticsearch.key:/usr/share/elasticsearch/config/elasticsearch.key - ./xpack/elasticsearch/elasticsearch.crt:/usr/share/elasticsearch/config/elasticsearch.crt - - ./xpack/disabledlog4j.options:/etc/elasticsearch/jvm.options.d/disabledlog4j.options + - ./disabledlog4j.options:/etc/elasticsearch/jvm.options.d/disabledlog4j.options elasticsearch2: image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2 @@ -108,7 +108,7 @@ services: - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt - ./xpack/elasticsearch2/elasticsearch2.key:/usr/share/elasticsearch/config/elasticsearch.key - ./xpack/elasticsearch2/elasticsearch2.crt:/usr/share/elasticsearch/config/elasticsearch.crt - - ./xpack/disabledlog4j.options:/etc/elasticsearch/jvm.options.d/disabledlog4j.options + - ./disabledlog4j.options:/etc/elasticsearch/jvm.options.d/disabledlog4j.options elasticsearch3: image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2 @@ -144,7 +144,7 @@ services: - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt - ./xpack/elasticsearch3/elasticsearch3.key:/usr/share/elasticsearch/config/elasticsearch.key - ./xpack/elasticsearch3/elasticsearch3.crt:/usr/share/elasticsearch/config/elasticsearch.crt - - ./xpack/disabledlog4j.options:/etc/elasticsearch/jvm.options.d/disabledlog4j.options + - ./disabledlog4j.options:/etc/elasticsearch/jvm.options.d/disabledlog4j.options kibana: diff --git a/xpack/disabledlog4j.options b/xpack/disabledlog4j.options deleted file mode 100755 index c3d67115..00000000 --- a/xpack/disabledlog4j.options +++ /dev/null @@ -1 +0,0 @@ --Dlog4j2.formatMsgNoLookups=true \ No newline at end of file From f769c5371605fa54acb0c74b53827a4278fa096e Mon Sep 17 00:00:00 2001 From: vcerenu Date: Wed, 15 Dec 2021 11:03:50 -0300 Subject: [PATCH 007/163] log4j workaround --- disabledlog4j.options | 1 - production-cluster.yml | 13 +++++-------- xpack-compose.yml | 9 +++------ 3 files changed, 8 insertions(+), 15 deletions(-) delete mode 100755 disabledlog4j.options diff --git a/disabledlog4j.options b/disabledlog4j.options deleted file mode 100755 index c3d67115..00000000 --- a/disabledlog4j.options +++ /dev/null @@ -1 +0,0 @@ --Dlog4j2.formatMsgNoLookups=true \ No newline at end of file diff --git a/production-cluster.yml b/production-cluster.yml index 12855122..8f1b1872 100644 --- a/production-cluster.yml +++ b/production-cluster.yml @@ -73,7 +73,7 @@ services: ports: - "9200:9200" environment: - - "ES_JAVA_OPTS=-Xms512m -Xmx512m" + - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Dlog4j2.formatMsgNoLookups=true" ulimits: memlock: soft: -1 @@ -90,14 +90,13 @@ services: - ./production_cluster/ssl_certs/admin.key:/usr/share/elasticsearch/config/admin.key - ./production_cluster/elastic_opendistro/elasticsearch-node1.yml:/usr/share/elasticsearch/config/elasticsearch.yml - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml - - ./disabledlog4j.options:/etc/elasticsearch/jvm.options.d/disabledlog4j.options elasticsearch-2: image: amazon/opendistro-for-elasticsearch:1.13.2 hostname: elasticsearch-2 restart: always environment: - - "ES_JAVA_OPTS=-Xms512m -Xmx512m" + - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Dlog4j2.formatMsgNoLookups=true" ulimits: memlock: soft: -1 @@ -112,14 +111,13 @@ services: - ./production_cluster/ssl_certs/node2.pem:/usr/share/elasticsearch/config/node2.pem - ./production_cluster/elastic_opendistro/elasticsearch-node2.yml:/usr/share/elasticsearch/config/elasticsearch.yml - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml - - ./disabledlog4j.options:/etc/elasticsearch/jvm.options.d/disabledlog4j.options - + elasticsearch-3: image: amazon/opendistro-for-elasticsearch:1.13.2 hostname: elasticsearch-3 restart: always environment: - - "ES_JAVA_OPTS=-Xms512m -Xmx512m" + - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Dlog4j2.formatMsgNoLookups=true" ulimits: memlock: soft: -1 @@ -134,8 +132,7 @@ services: - ./production_cluster/ssl_certs/node3.pem:/usr/share/elasticsearch/config/node3.pem - ./production_cluster/elastic_opendistro/elasticsearch-node3.yml:/usr/share/elasticsearch/config/elasticsearch.yml - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml - - ./disabledlog4j.options:/etc/elasticsearch/jvm.options.d/disabledlog4j.options - + kibana: image: wazuh/wazuh-kibana-odfe:4.3.0 hostname: kibana diff --git a/xpack-compose.yml b/xpack-compose.yml index 33bf97b5..28849a66 100644 --- a/xpack-compose.yml +++ b/xpack-compose.yml @@ -48,7 +48,7 @@ services: - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3 - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3 - ELASTIC_PASSWORD=SecretPassword - - "ES_JAVA_OPTS=-Xms512m -Xmx512m" + - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Dlog4j2.formatMsgNoLookups=true" - bootstrap.memory_lock=true - xpack.license.self_generated.type=basic - xpack.security.enabled=true @@ -72,7 +72,6 @@ services: - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt - ./xpack/elasticsearch/elasticsearch.key:/usr/share/elasticsearch/config/elasticsearch.key - ./xpack/elasticsearch/elasticsearch.crt:/usr/share/elasticsearch/config/elasticsearch.crt - - ./disabledlog4j.options:/etc/elasticsearch/jvm.options.d/disabledlog4j.options elasticsearch2: image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2 @@ -84,7 +83,7 @@ services: - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3 - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3 - ELASTIC_PASSWORD=SecretPassword - - "ES_JAVA_OPTS=-Xms512m -Xmx512m" + - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Dlog4j2.formatMsgNoLookups=true" - bootstrap.memory_lock=true - xpack.license.self_generated.type=basic - xpack.security.enabled=true @@ -108,7 +107,6 @@ services: - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt - ./xpack/elasticsearch2/elasticsearch2.key:/usr/share/elasticsearch/config/elasticsearch.key - ./xpack/elasticsearch2/elasticsearch2.crt:/usr/share/elasticsearch/config/elasticsearch.crt - - ./disabledlog4j.options:/etc/elasticsearch/jvm.options.d/disabledlog4j.options elasticsearch3: image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2 @@ -120,7 +118,7 @@ services: - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3 - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3 - ELASTIC_PASSWORD=SecretPassword - - "ES_JAVA_OPTS=-Xms512m -Xmx512m" + - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Dlog4j2.formatMsgNoLookups=true" - bootstrap.memory_lock=true - xpack.license.self_generated.type=basic - xpack.security.enabled=true @@ -144,7 +142,6 @@ services: - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt - ./xpack/elasticsearch3/elasticsearch3.key:/usr/share/elasticsearch/config/elasticsearch.key - ./xpack/elasticsearch3/elasticsearch3.crt:/usr/share/elasticsearch/config/elasticsearch.crt - - ./disabledlog4j.options:/etc/elasticsearch/jvm.options.d/disabledlog4j.options kibana: From ec59357d59869bc860e299da18f2a8ce862cea4d Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 18 Jan 2022 17:18:36 -0300 Subject: [PATCH 008/163] Dockerfile for wazuh-indexer image --- wazuh-indexer/Dockerfile | 30 +++++++ wazuh-indexer/Dockerfile_ubuntu | 27 ++++++ wazuh-indexer/config/entrypoint.sh | 13 +++ wazuh-indexer/config/entrypoint_odfe.sh | 103 ++++++++++++++++++++++ wazuh-indexer/config/entrypoint_prueba.sh | 12 +++ wazuh-indexer/config/wazuh.repo | 7 ++ 6 files changed, 192 insertions(+) create mode 100644 wazuh-indexer/Dockerfile create mode 100644 wazuh-indexer/Dockerfile_ubuntu create mode 100644 wazuh-indexer/config/entrypoint.sh create mode 100644 wazuh-indexer/config/entrypoint_odfe.sh create mode 100644 wazuh-indexer/config/entrypoint_prueba.sh create mode 100644 wazuh-indexer/config/wazuh.repo diff --git a/wazuh-indexer/Dockerfile b/wazuh-indexer/Dockerfile new file mode 100644 index 00000000..bad305d4 --- /dev/null +++ b/wazuh-indexer/Dockerfile @@ -0,0 +1,30 @@ +# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) +FROM centos:7 + +ARG FILEBEAT_CHANNEL=filebeat-oss +ARG FILEBEAT_VERSION=7.10.2 +ARG WAZUH_VERSION=4.3.0-1 +ARG TEMPLATE_VERSION="master" +ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" + +USER root + +# Set repositories. +RUN rpm --import https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH + +COPY config/wazuh.repo /etc/yum.repos.d/wazuh.repo + +RUN yum --enablerepo=updates clean metadata && \ + yum upgrade -y && \ + yum -y install wazuh-indexer -y && \ + sed -i "s/^enabled=1/enabled=0/" /etc/yum.repos.d/wazuh.repo && \ + yum clean all && rm -rf /var/cache/yum + +COPY config/entrypoint.sh / + +RUN chmod 700 /entrypoint.sh + +# Services ports +EXPOSE 9700 + +ENTRYPOINT [ "/entrypoint.sh" ] \ No newline at end of file diff --git a/wazuh-indexer/Dockerfile_ubuntu b/wazuh-indexer/Dockerfile_ubuntu new file mode 100644 index 00000000..9f538059 --- /dev/null +++ b/wazuh-indexer/Dockerfile_ubuntu @@ -0,0 +1,27 @@ +# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) +FROM ubuntu:focal + +ARG WAZUH_VERSION=4.3.0 +ARG TEMPLATE_VERSION="master" +ARG FILEBEAT_CHANNEL=filebeat-oss +ARG FILEBEAT_VERSION=7.10.2 +ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" + +RUN apt-get update && apt install curl gnupg -y + +RUN curl -s https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH | apt-key add - && \ + echo "deb https://packages-dev.wazuh.com/trash/apt/ unstable main" | tee -a /etc/apt/sources.list.d/wazuh.list && \ + apt-get update && \ + apt-get install wazuh-indexer + +# Prepare permanent data +# Sync calls are due to https://github.com/docker/docker/issues/9547 + +RUN chmod 755 /permanent_data.sh && \ + sync && /permanent_data.sh && \ + sync && rm /permanent_data.sh + +# Services ports +EXPOSE 9700 + +ENTRYPOINT [ "/init" ] \ No newline at end of file diff --git a/wazuh-indexer/config/entrypoint.sh b/wazuh-indexer/config/entrypoint.sh new file mode 100644 index 00000000..839f1d66 --- /dev/null +++ b/wazuh-indexer/config/entrypoint.sh @@ -0,0 +1,13 @@ +#!/bin/execlineb -S0 + +## +## load default PATH (the same that Docker includes if not provided) if it doesn't exist, +## then go ahead with stage1. +## this was motivated due to this issue: +## - https://github.com/just-containers/s6-overlay/issues/108 +## + + +/bin/importas -D /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin PATH PATH +export PATH ${PATH} +/etc/s6/init/init-stage1 $@ diff --git a/wazuh-indexer/config/entrypoint_odfe.sh b/wazuh-indexer/config/entrypoint_odfe.sh new file mode 100644 index 00000000..0519f90c --- /dev/null +++ b/wazuh-indexer/config/entrypoint_odfe.sh @@ -0,0 +1,103 @@ +#!/bin/bash +set -e + +# Files created by OpenDistroForElasticsearch should always be group writable too +umask 0002 + +run_as_other_user_if_needed() { + if [[ "$(id -u)" == "0" ]]; then + # If running as root, drop to specified UID and run command + exec chroot --userspec=1000 / "${@}" + else + # Either we are running in Openshift with random uid and are a member of the root group + # or with a custom --user + exec "${@}" + fi +} + +# Allow user specify custom CMD, maybe bin/elasticsearch itself +# for example to directly specify `-E` style parameters for elasticsearch on k8s +# or simply to run /bin/bash to check the image +if [[ "$1" != "eswrapper" ]]; then + if [[ "$(id -u)" == "0" && $(basename "$1") == "elasticsearch" ]]; then + # centos:7 chroot doesn't have the `--skip-chdir` option and + # changes our CWD. + # Rewrite CMD args to replace $1 with `elasticsearch` explicitly, + # so that we are backwards compatible with the docs + # from the previous Elasticsearch versions<6 + # and configuration option D: + # https://www.elastic.co/guide/en/elasticsearch/reference/5.6/docker.html#_d_override_the_image_8217_s_default_ulink_url_https_docs_docker_com_engine_reference_run_cmd_default_command_or_options_cmd_ulink + # Without this, user could specify `elasticsearch -E x.y=z` but + # `bin/elasticsearch -E x.y=z` would not work. + set -- "elasticsearch" "${@:2}" + # Use chroot to switch to UID 1000 + exec chroot --userspec=1000 / "$@" + else + # User probably wants to run something else, like /bin/bash, with another uid forced (Openshift?) + exec "$@" + fi +fi + +# Parse Docker env vars to customize Elasticsearch +# +# e.g. Setting the env var cluster.name=testcluster +# +# will cause Elasticsearch to be invoked with -Ecluster.name=testcluster +# +# see https://www.elastic.co/guide/en/elasticsearch/reference/current/settings.html#_setting_default_settings + +declare -a es_opts + +while IFS='=' read -r envvar_key envvar_value +do + # Elasticsearch settings need to have at least two dot separated lowercase + # words, e.g. `cluster.name`, except for `processors` which we handle + # specially + if [[ "$envvar_key" =~ ^[a-z0-9_]+\.[a-z0-9_]+ || "$envvar_key" == "processors" ]]; then + if [[ ! -z $envvar_value ]]; then + es_opt="-E${envvar_key}=${envvar_value}" + es_opts+=("${es_opt}") + fi + fi +done < <(env) + +# The virtual file /proc/self/cgroup should list the current cgroup +# membership. For each hierarchy, you can follow the cgroup path from +# this file to the cgroup filesystem (usually /sys/fs/cgroup/) and +# introspect the statistics for the cgroup for the given +# hierarchy. Alas, Docker breaks this by mounting the container +# statistics at the root while leaving the cgroup paths as the actual +# paths. Therefore, Elasticsearch provides a mechanism to override +# reading the cgroup path from /proc/self/cgroup and instead uses the +# cgroup path defined the JVM system property +# es.cgroups.hierarchy.override. Therefore, we set this value here so +# that cgroup statistics are available for the container this process +# will run in. +export ES_JAVA_OPTS="-Des.cgroups.hierarchy.override=/ $ES_JAVA_OPTS" + +if [[ "$(id -u)" == "0" ]]; then + # If requested and running as root, mutate the ownership of bind-mounts + if [[ -n "$TAKE_FILE_OWNERSHIP" ]]; then + chown -R 1000:0 /usr/share/elasticsearch/{data,logs} + fi +fi + +if [[ -d "/usr/share/elasticsearch/plugins/opendistro_security" && "$DISABLE_INSTALL_DEMO_CONFIG" != "true" ]]; then + # Install Demo certifactes for Security Plugin and update the elasticsearch.yml + # file to use those certificates. + /usr/share/elasticsearch/plugins/opendistro_security/tools/install_demo_configuration.sh -y -i -s +fi + +if [[ -d "/usr/share/elasticsearch/plugins/opendistro-performance-analyzer" ]]; then + CLK_TCK=`/usr/bin/getconf CLK_TCK` + ES_JAVA_OPTS="-Dclk.tck=$CLK_TCK -Djdk.attach.allowAttachSelf=true $ES_JAVA_OPTS" + if [[ -d "/usr/share/elasticsearch/performance-analyzer-rca" ]]; then + ES_JAVA_OPTS="-Djava.security.policy=file:///usr/share/elasticsearch/performance-analyzer-rca/pa_config/es_security.policy $ES_JAVA_OPTS" + /usr/bin/supervisord -c /usr/share/elasticsearch/performance-analyzer-rca/pa_config/supervisord.conf + else + ES_JAVA_OPTS="-Djava.security.policy=file:///usr/share/elasticsearch/plugins/opendistro-performance-analyzer/pa_config/es_security.policy $ES_JAVA_OPTS" + /usr/bin/supervisord -c /usr/share/elasticsearch/plugins/opendistro-performance-analyzer/pa_config/supervisord.conf + fi +fi + +run_as_other_user_if_needed /usr/share/elasticsearch/bin/elasticsearch "${es_opts[@]}" \ No newline at end of file diff --git a/wazuh-indexer/config/entrypoint_prueba.sh b/wazuh-indexer/config/entrypoint_prueba.sh new file mode 100644 index 00000000..28b20e15 --- /dev/null +++ b/wazuh-indexer/config/entrypoint_prueba.sh @@ -0,0 +1,12 @@ +#!/bin/bash +# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) + +############################################################################## +# Start Wazuh indexer +############################################################################## + +JAVA_HOME=/usr/share/wazuh-indexer/jdk/bin + +/usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/ -icl -nhnv -cacert /etc/wazuh-indexer/certs/root-ca.pem -cert /etc/wazuh-indexer/certs/admin.pem -key /etc/wazuh-indexer/certs/admin-key.pem + +service wazuh-indexer start diff --git a/wazuh-indexer/config/wazuh.repo b/wazuh-indexer/config/wazuh.repo new file mode 100644 index 00000000..163fb67f --- /dev/null +++ b/wazuh-indexer/config/wazuh.repo @@ -0,0 +1,7 @@ +[wazuh_repo] +gpgcheck=1 +gpgkey=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH +enabled=1 +name=Wazuh repository +baseurl=https://packages-dev.wazuh.com/trash/yum/ +protect=1 From b94bad1bd0e811043a8c5c0642aebecc32f20a48 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Wed, 19 Jan 2022 17:20:46 -0300 Subject: [PATCH 009/163] Add wazuh-dashboard Dockerfile --- wazuh-dashboard/Dockerfile | 25 +++++++++++++++++++++++ wazuh-dashboard/config/entrypoint.sh | 10 ++++++++++ wazuh-indexer/Dockerfile | 23 ++++++++++----------- wazuh-indexer/Dockerfile_centos | 30 ++++++++++++++++++++++++++++ wazuh-indexer/Dockerfile_ubuntu | 27 ------------------------- 5 files changed, 75 insertions(+), 40 deletions(-) create mode 100644 wazuh-dashboard/Dockerfile create mode 100644 wazuh-dashboard/config/entrypoint.sh create mode 100644 wazuh-indexer/Dockerfile_centos delete mode 100644 wazuh-indexer/Dockerfile_ubuntu diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile new file mode 100644 index 00000000..d2a14576 --- /dev/null +++ b/wazuh-dashboard/Dockerfile @@ -0,0 +1,25 @@ +# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) +FROM ubuntu:20.04 + +ARG WAZUH_VERSION=4.3.0-1_amd64 +ARG TEMPLATE_VERSION="master" +ARG FILEBEAT_CHANNEL=filebeat-oss +ARG FILEBEAT_VERSION=7.10.2 +ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" + +RUN apt-get update && apt install curl gnupg -y + +RUN curl https://s3.amazonaws.com/warehouse.wazuh.com/stack/dashboard/stable/wazuh-dashboard_${WAZUH_VERSION}.deb --output wazuh-dashboard_${WAZUH_VERSION}.deb && \ + dpkg -i wazuh-dashboard_${WAZUH_VERSION}.deb + +# Prepare permanent data +# Sync calls are due to https://github.com/docker/docker/issues/9547 + +COPY config/entrypoint.sh / + +RUN chmod 700 /entrypoint.sh + +# Services ports +EXPOSE 5601 443 + +ENTRYPOINT [ "/entrypoint.sh" ] \ No newline at end of file diff --git a/wazuh-dashboard/config/entrypoint.sh b/wazuh-dashboard/config/entrypoint.sh new file mode 100644 index 00000000..c221b9c2 --- /dev/null +++ b/wazuh-dashboard/config/entrypoint.sh @@ -0,0 +1,10 @@ +#!/bin/bash +# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) + +############################################################################## +# Start Wazuh dashboard +############################################################################## + +service wazuh-dashboard start + +service wazuh-dashboard enable diff --git a/wazuh-indexer/Dockerfile b/wazuh-indexer/Dockerfile index bad305d4..5a79630b 100644 --- a/wazuh-indexer/Dockerfile +++ b/wazuh-indexer/Dockerfile @@ -1,24 +1,21 @@ # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) -FROM centos:7 +FROM ubuntu:20.04 +ARG WAZUH_VERSION=4.3.0 +ARG TEMPLATE_VERSION="master" ARG FILEBEAT_CHANNEL=filebeat-oss ARG FILEBEAT_VERSION=7.10.2 -ARG WAZUH_VERSION=4.3.0-1 -ARG TEMPLATE_VERSION="master" ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" -USER root +RUN apt-get update && apt install curl gnupg -y -# Set repositories. -RUN rpm --import https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH +RUN curl -s https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH | apt-key add - && \ + echo "deb https://packages-dev.wazuh.com/trash/apt/ unstable main" | tee -a /etc/apt/sources.list.d/wazuh.list && \ + apt-get update && \ + apt-get install wazuh-indexer -COPY config/wazuh.repo /etc/yum.repos.d/wazuh.repo - -RUN yum --enablerepo=updates clean metadata && \ - yum upgrade -y && \ - yum -y install wazuh-indexer -y && \ - sed -i "s/^enabled=1/enabled=0/" /etc/yum.repos.d/wazuh.repo && \ - yum clean all && rm -rf /var/cache/yum +# Prepare permanent data +# Sync calls are due to https://github.com/docker/docker/issues/9547 COPY config/entrypoint.sh / diff --git a/wazuh-indexer/Dockerfile_centos b/wazuh-indexer/Dockerfile_centos new file mode 100644 index 00000000..bad305d4 --- /dev/null +++ b/wazuh-indexer/Dockerfile_centos @@ -0,0 +1,30 @@ +# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) +FROM centos:7 + +ARG FILEBEAT_CHANNEL=filebeat-oss +ARG FILEBEAT_VERSION=7.10.2 +ARG WAZUH_VERSION=4.3.0-1 +ARG TEMPLATE_VERSION="master" +ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" + +USER root + +# Set repositories. +RUN rpm --import https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH + +COPY config/wazuh.repo /etc/yum.repos.d/wazuh.repo + +RUN yum --enablerepo=updates clean metadata && \ + yum upgrade -y && \ + yum -y install wazuh-indexer -y && \ + sed -i "s/^enabled=1/enabled=0/" /etc/yum.repos.d/wazuh.repo && \ + yum clean all && rm -rf /var/cache/yum + +COPY config/entrypoint.sh / + +RUN chmod 700 /entrypoint.sh + +# Services ports +EXPOSE 9700 + +ENTRYPOINT [ "/entrypoint.sh" ] \ No newline at end of file diff --git a/wazuh-indexer/Dockerfile_ubuntu b/wazuh-indexer/Dockerfile_ubuntu deleted file mode 100644 index 9f538059..00000000 --- a/wazuh-indexer/Dockerfile_ubuntu +++ /dev/null @@ -1,27 +0,0 @@ -# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) -FROM ubuntu:focal - -ARG WAZUH_VERSION=4.3.0 -ARG TEMPLATE_VERSION="master" -ARG FILEBEAT_CHANNEL=filebeat-oss -ARG FILEBEAT_VERSION=7.10.2 -ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" - -RUN apt-get update && apt install curl gnupg -y - -RUN curl -s https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH | apt-key add - && \ - echo "deb https://packages-dev.wazuh.com/trash/apt/ unstable main" | tee -a /etc/apt/sources.list.d/wazuh.list && \ - apt-get update && \ - apt-get install wazuh-indexer - -# Prepare permanent data -# Sync calls are due to https://github.com/docker/docker/issues/9547 - -RUN chmod 755 /permanent_data.sh && \ - sync && /permanent_data.sh && \ - sync && rm /permanent_data.sh - -# Services ports -EXPOSE 9700 - -ENTRYPOINT [ "/init" ] \ No newline at end of file From 3de9c0b173d2755c9c43baeca96ed16156ee1a31 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 20 Jan 2022 09:25:11 -0300 Subject: [PATCH 010/163] Add wazuh-dashboard Dockerfile --- production-cluster.yml | 2 +- wazuh-dashboard/Dockerfile | 2 +- wazuh-dashboard/config/entrypoint.sh | 2 -- 3 files changed, 2 insertions(+), 4 deletions(-) diff --git a/production-cluster.yml b/production-cluster.yml index 8f1b1872..d169462e 100644 --- a/production-cluster.yml +++ b/production-cluster.yml @@ -134,7 +134,7 @@ services: - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml kibana: - image: wazuh/wazuh-kibana-odfe:4.3.0 + image: wazuh/wazuh-dashboard hostname: kibana restart: always ports: diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index d2a14576..d6fd76a0 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -7,7 +7,7 @@ ARG FILEBEAT_CHANNEL=filebeat-oss ARG FILEBEAT_VERSION=7.10.2 ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" -RUN apt-get update && apt install curl gnupg -y +RUN apt-get update && apt install curl libcap2-bin -y RUN curl https://s3.amazonaws.com/warehouse.wazuh.com/stack/dashboard/stable/wazuh-dashboard_${WAZUH_VERSION}.deb --output wazuh-dashboard_${WAZUH_VERSION}.deb && \ dpkg -i wazuh-dashboard_${WAZUH_VERSION}.deb diff --git a/wazuh-dashboard/config/entrypoint.sh b/wazuh-dashboard/config/entrypoint.sh index c221b9c2..bba97efc 100644 --- a/wazuh-dashboard/config/entrypoint.sh +++ b/wazuh-dashboard/config/entrypoint.sh @@ -6,5 +6,3 @@ ############################################################################## service wazuh-dashboard start - -service wazuh-dashboard enable From 3170ac81c0f35463570221e9a228e4ce30140b7d Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 20 Jan 2022 18:45:15 -0300 Subject: [PATCH 011/163] Add wazuh-dashboard Dockerfile --- docker-compose.yml | 15 +++-- production-cluster.yml | 2 +- production_cluster/ssl_certs/certs.yml | 35 ---------- wazuh-dashboard/Dockerfile | 10 +-- wazuh-dashboard/config/entrypoint.sh | 9 ++- wazuh-dashboard/config/entrypoint_prueba.sh | 59 +++++++++++++++++ wazuh-dashboard/config/wazuh-dashboard.yml | 14 ++++ wazuh-dashboard/config/wazuh_app_config.sh | 64 +++++++++++++++++++ wazuh-indexer/Dockerfile_centos | 30 --------- .../{Dockerfile => Dockerfile_ubuntu} | 10 ++- wazuh-indexer/config/entrypoint.sh | 21 +++--- wazuh-indexer/config/entrypoint_prueba.sh | 12 ---- 12 files changed, 173 insertions(+), 108 deletions(-) delete mode 100644 production_cluster/ssl_certs/certs.yml create mode 100644 wazuh-dashboard/config/entrypoint_prueba.sh create mode 100644 wazuh-dashboard/config/wazuh-dashboard.yml create mode 100644 wazuh-dashboard/config/wazuh_app_config.sh delete mode 100644 wazuh-indexer/Dockerfile_centos rename wazuh-indexer/{Dockerfile => Dockerfile_ubuntu} (57%) delete mode 100644 wazuh-indexer/config/entrypoint_prueba.sh diff --git a/docker-compose.yml b/docker-compose.yml index 2b12af30..d06a8402 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh: - image: wazuh/wazuh-odfe:4.3.0 + image: wazuh/wazuh-odfe:4.2.5 hostname: wazuh-manager restart: always ports: @@ -12,7 +12,7 @@ services: - "514:514/udp" - "55000:55000" environment: - - ELASTICSEARCH_URL=https://elasticsearch:9200 + - ELASTICSEARCH_URL=https://elasticsearch:9700 - ELASTIC_USERNAME=admin - ELASTIC_PASSWORD=admin - FILEBEAT_SSL_VERIFICATION_MODE=none @@ -30,17 +30,18 @@ services: - filebeat_var:/var/lib/filebeat elasticsearch: - image: amazon/opendistro-for-elasticsearch:1.13.2 + image: wazuh/wazuh-indexer:4.3.0 hostname: elasticsearch restart: always ports: - - "9200:9200" + - "9700:9700" environment: - discovery.type=single-node - cluster.name=wazuh-cluster - network.host=0.0.0.0 - "ES_JAVA_OPTS=-Xms512m -Xmx512m" - bootstrap.memory_lock=true + - JAVA_HOME=/usr/share/wazuh-indexer/jdk/bin ulimits: memlock: soft: -1 @@ -50,7 +51,7 @@ services: hard: 65536 kibana: - image: wazuh/wazuh-kibana-odfe:4.3.0 + image: wazuh/wazuh-dashboard:4.3.0 hostname: kibana restart: always ports: @@ -59,8 +60,8 @@ services: - ELASTICSEARCH_USERNAME=admin - ELASTICSEARCH_PASSWORD=admin - SERVER_SSL_ENABLED=true - - SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/opendistroforelasticsearch.example.org.cert - - SERVER_SSL_KEY=/usr/share/kibana/config/opendistroforelasticsearch.example.org.key + - SERVER_SSL_CERTIFICATE=/etc/wazuh-dashboard/config/opendistroforelasticsearch.example.org.cert + - SERVER_SSL_KEY=/etc/wazuh-dashboard/config/opendistroforelasticsearch.example.org.key depends_on: - elasticsearch diff --git a/production-cluster.yml b/production-cluster.yml index d169462e..8f1b1872 100644 --- a/production-cluster.yml +++ b/production-cluster.yml @@ -134,7 +134,7 @@ services: - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml kibana: - image: wazuh/wazuh-dashboard + image: wazuh/wazuh-kibana-odfe:4.3.0 hostname: kibana restart: always ports: diff --git a/production_cluster/ssl_certs/certs.yml b/production_cluster/ssl_certs/certs.yml deleted file mode 100644 index 486e4178..00000000 --- a/production_cluster/ssl_certs/certs.yml +++ /dev/null @@ -1,35 +0,0 @@ -ca: - root: - dn: CN=root-ca,OU=CA,O=Example\, Inc.,DC=example,DC=com - pkPassword: none - keysize: 2048 - file: root-ca.pem - intermediate: - dn: CN=intermediate,OU=CA,O=Example\, Inc.,DC=example,DC=com - keysize: 2048 - validityDays: 3650 - pkPassword: intermediate-ca-password - file: intermediate-ca.pem - -nodes: - - name: node1 - dn: CN=node1,OU=Ops,O=Example\, Inc.,DC=example,DC=com - dns: - - elasticsearch - - name: node2 - dn: CN=node2,OU=Ops,O=Example\, Inc.,DC=example,DC=com - dns: - - elasticsearch-2 - - name: node3 - dn: CN=node3,OU=Ops,O=Example\, Inc.,DC=example,DC=com - dns: - - elasticsearch-3 - - name: filebeat - dn: CN=filebeat,OU=Ops,O=Example\, Inc.,DC=example,DC=com - dns: - - wazuh - -clients: - - name: admin - dn: CN=admin,OU=Ops,O=Example\, Inc.,DC=example,DC=com - admin: true diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index d6fd76a0..5a4af7ca 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -1,7 +1,7 @@ # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) FROM ubuntu:20.04 -ARG WAZUH_VERSION=4.3.0-1_amd64 +ARG WAZUH_VERSION=4.3.0-1 ARG TEMPLATE_VERSION="master" ARG FILEBEAT_CHANNEL=filebeat-oss ARG FILEBEAT_VERSION=7.10.2 @@ -9,17 +9,19 @@ ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" RUN apt-get update && apt install curl libcap2-bin -y -RUN curl https://s3.amazonaws.com/warehouse.wazuh.com/stack/dashboard/stable/wazuh-dashboard_${WAZUH_VERSION}.deb --output wazuh-dashboard_${WAZUH_VERSION}.deb && \ - dpkg -i wazuh-dashboard_${WAZUH_VERSION}.deb +RUN curl https://s3.amazonaws.com/warehouse.wazuh.com/stack/dashboard/stable/wazuh-dashboard_${WAZUH_VERSION}_amd64.deb --output wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ + dpkg -i wazuh-dashboard_${WAZUH_VERSION}_amd64.deb # Prepare permanent data # Sync calls are due to https://github.com/docker/docker/issues/9547 COPY config/entrypoint.sh / +COPY config/wazuh_app_config.sh / RUN chmod 700 /entrypoint.sh +RUN chmod 700 /wazuh_app_config.sh # Services ports -EXPOSE 5601 443 +EXPOSE 5601 ENTRYPOINT [ "/entrypoint.sh" ] \ No newline at end of file diff --git a/wazuh-dashboard/config/entrypoint.sh b/wazuh-dashboard/config/entrypoint.sh index bba97efc..47e780c9 100644 --- a/wazuh-dashboard/config/entrypoint.sh +++ b/wazuh-dashboard/config/entrypoint.sh @@ -1,8 +1,11 @@ #!/bin/bash # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) -############################################################################## -# Start Wazuh dashboard -############################################################################## +set -e + + +#sed -i 's/localhost:9700/elasticsearch:9200/' /etc/wazuh-dashboard/wazuh-dashboard.yml service wazuh-dashboard start + +while true; do sleep 1000; done \ No newline at end of file diff --git a/wazuh-dashboard/config/entrypoint_prueba.sh b/wazuh-dashboard/config/entrypoint_prueba.sh new file mode 100644 index 00000000..91e44dc1 --- /dev/null +++ b/wazuh-dashboard/config/entrypoint_prueba.sh @@ -0,0 +1,59 @@ +#!/bin/bash +# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) + +set -e + +############################################################################## +# Waiting for indexer +############################################################################## + +if [ "x${ELASTICSEARCH_URL}" == "x" ]; then + if [[ ${ENABLED_SECURITY} == "false" ]]; then + export el_url="http://elasticsearch:9200" + else + export el_url="https://elasticsearch:9200" + fi +else + export el_url="${ELASTICSEARCH_URL}" +fi + +if [[ ${ENABLED_SECURITY} == "false" || "x${ELASTICSEARCH_USERNAME}" == "x" || "x${ELASTICSEARCH_PASSWORD}" == "x" ]]; then + auth="" + # remove security plugin from kibana if elasticsearch is not using it either + /usr/share/kibana/bin/kibana-plugin remove opendistro_security +else + export auth="--user ${ELASTICSEARCH_USERNAME}:${ELASTICSEARCH_PASSWORD} -k" +fi + +until curl -XGET $el_url ${auth}; do + >&2 echo "Elastic is unavailable - sleeping" + sleep 5 +done + +sleep 2 + +>&2 echo "Elasticsearch is up." + + +############################################################################## +# Waiting for wazuh alerts template +############################################################################## + +strlen=0 + +while [[ $strlen -eq 0 ]] +do + template=$(curl ${auth} $el_url/_cat/templates/wazuh -s) + strlen=${#template} + >&2 echo "Wazuh alerts template not loaded - sleeping." + sleep 2 +done + +chown wazuh-dashboard:wazuh-dashboard /etc/wazuh-dashboard/certs/* + +sleep 5 + +./wazuh_app_config.sh + + +while true; do sleep 1000; done diff --git a/wazuh-dashboard/config/wazuh-dashboard.yml b/wazuh-dashboard/config/wazuh-dashboard.yml new file mode 100644 index 00000000..8786ea4c --- /dev/null +++ b/wazuh-dashboard/config/wazuh-dashboard.yml @@ -0,0 +1,14 @@ +server.host: 0.0.0.0 +server.port: 443 +opensearch.hosts: https://localhost:9700 +opensearch.ssl.verificationMode: certificate +opensearch.username: kibanaserver +opensearch.password: kibanaserver +opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"] +opensearch_security.multitenancy.enabled: false +opensearch_security.readonly_mode.roles: ["kibana_read_only"] +server.ssl.enabled: true +server.ssl.key: "/etc/wazuh-dashboard/certs/wazuh-dashboard-key.pem" +server.ssl.certificate: "/etc/wazuh-dashboard/certs/wazuh-dashboard.pem" +opensearch.ssl.certificateAuthorities: ["/etc/wazuh-dashboard/certs/root-ca.pem"] +logging.dest: "/var/log/wazuh-dashboard/wazuh-dashboard.log" \ No newline at end of file diff --git a/wazuh-dashboard/config/wazuh_app_config.sh b/wazuh-dashboard/config/wazuh_app_config.sh new file mode 100644 index 00000000..ca6e1a6a --- /dev/null +++ b/wazuh-dashboard/config/wazuh_app_config.sh @@ -0,0 +1,64 @@ +#!/bin/bash +# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) + +wazuh_url="${WAZUH_API_URL:-https://wazuh}" +wazuh_port="${API_PORT:-55000}" +api_username="${API_USERNAME:-wazuh-wui}" +api_password="${API_PASSWORD:-wazuh-wui}" + +kibana_config_file="/etc/wazuh-dashboard/wazuh-dashboard.yml" + +sed 's/9700/9200/' /etc/wazuh-dashboard/wazuh-dashboard.yml + +declare -A CONFIG_MAP=( + [pattern]=$PATTERN + [checks.pattern]=$CHECKS_PATTERN + [checks.template]=$CHECKS_TEMPLATE + [checks.api]=$CHECKS_API + [checks.setup]=$CHECKS_SETUP + [extensions.pci]=$EXTENSIONS_PCI + [extensions.gdpr]=$EXTENSIONS_GDPR + [extensions.hipaa]=$EXTENSIONS_HIPAA + [extensions.nist]=$EXTENSIONS_NIST + [extensions.tsc]=$EXTENSIONS_TSC + [extensions.audit]=$EXTENSIONS_AUDIT + [extensions.oscap]=$EXTENSIONS_OSCAP + [extensions.ciscat]=$EXTENSIONS_CISCAT + [extensions.aws]=$EXTENSIONS_AWS + [extensions.gcp]=$EXTENSIONS_GCP + [extensions.virustotal]=$EXTENSIONS_VIRUSTOTAL + [extensions.osquery]=$EXTENSIONS_OSQUERY + [extensions.docker]=$EXTENSIONS_DOCKER + [timeout]=$APP_TIMEOUT + [api.selector]=$API_SELECTOR + [ip.selector]=$IP_SELECTOR + [ip.ignore]=$IP_IGNORE + [wazuh.monitoring.enabled]=$WAZUH_MONITORING_ENABLED + [wazuh.monitoring.creation]=$WAZUH_MONITORING_CREATION + [wazuh.monitoring.frequency]=$WAZUH_MONITORING_FREQUENCY + [wazuh.monitoring.shards]=$WAZUH_MONITORING_SHARDS + [wazuh.monitoring.replicas]=$WAZUH_MONITORING_REPLICAS + [admin]=$ADMIN_PRIVILEGES +) + +for i in "${!CONFIG_MAP[@]}" +do + if [ "${CONFIG_MAP[$i]}" != "" ]; then + sed -i 's/.*#'"$i"'.*/'"$i"': '"${CONFIG_MAP[$i]}"'/' $kibana_config_file + fi +done + +CONFIG_CODE=$(curl ${auth} -s -o /dev/null -w "%{http_code}" -XGET $el_url/.wazuh/_doc/1513629884013) + +if [[ "x$CONFIG_CODE" != "x200" ]] && ! grep -q 1513629884013 $kibana_config_file ; then +cat << EOF >> $kibana_config_file +hosts: + - 1513629884013: + url: $wazuh_url + port: $wazuh_port + username: $api_username + password: $api_password +EOF +else + echo "Wazuh APP already configured" +fi diff --git a/wazuh-indexer/Dockerfile_centos b/wazuh-indexer/Dockerfile_centos deleted file mode 100644 index bad305d4..00000000 --- a/wazuh-indexer/Dockerfile_centos +++ /dev/null @@ -1,30 +0,0 @@ -# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) -FROM centos:7 - -ARG FILEBEAT_CHANNEL=filebeat-oss -ARG FILEBEAT_VERSION=7.10.2 -ARG WAZUH_VERSION=4.3.0-1 -ARG TEMPLATE_VERSION="master" -ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" - -USER root - -# Set repositories. -RUN rpm --import https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH - -COPY config/wazuh.repo /etc/yum.repos.d/wazuh.repo - -RUN yum --enablerepo=updates clean metadata && \ - yum upgrade -y && \ - yum -y install wazuh-indexer -y && \ - sed -i "s/^enabled=1/enabled=0/" /etc/yum.repos.d/wazuh.repo && \ - yum clean all && rm -rf /var/cache/yum - -COPY config/entrypoint.sh / - -RUN chmod 700 /entrypoint.sh - -# Services ports -EXPOSE 9700 - -ENTRYPOINT [ "/entrypoint.sh" ] \ No newline at end of file diff --git a/wazuh-indexer/Dockerfile b/wazuh-indexer/Dockerfile_ubuntu similarity index 57% rename from wazuh-indexer/Dockerfile rename to wazuh-indexer/Dockerfile_ubuntu index 5a79630b..15290316 100644 --- a/wazuh-indexer/Dockerfile +++ b/wazuh-indexer/Dockerfile_ubuntu @@ -1,18 +1,16 @@ # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) FROM ubuntu:20.04 -ARG WAZUH_VERSION=4.3.0 +ARG WAZUH_VERSION=4.3.0-1 ARG TEMPLATE_VERSION="master" ARG FILEBEAT_CHANNEL=filebeat-oss ARG FILEBEAT_VERSION=7.10.2 ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" -RUN apt-get update && apt install curl gnupg -y +RUN apt-get update && apt install curl -y -RUN curl -s https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH | apt-key add - && \ - echo "deb https://packages-dev.wazuh.com/trash/apt/ unstable main" | tee -a /etc/apt/sources.list.d/wazuh.list && \ - apt-get update && \ - apt-get install wazuh-indexer +RUN curl https://s3.amazonaws.com/warehouse.wazuh.com/stack/indexer/stable/wazuh-indexer_${WAZUH_VERSION}_amd64.deb --output wazuh-indexer_${WAZUH_VERSION}_amd64.deb && \ + dpkg -i wazuh-indexer_${WAZUH_VERSION}_amd64.deb # Prepare permanent data # Sync calls are due to https://github.com/docker/docker/issues/9547 diff --git a/wazuh-indexer/config/entrypoint.sh b/wazuh-indexer/config/entrypoint.sh index 839f1d66..d94dfc6c 100644 --- a/wazuh-indexer/config/entrypoint.sh +++ b/wazuh-indexer/config/entrypoint.sh @@ -1,13 +1,14 @@ -#!/bin/execlineb -S0 +#!/bin/bash +# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) -## -## load default PATH (the same that Docker includes if not provided) if it doesn't exist, -## then go ahead with stage1. -## this was motivated due to this issue: -## - https://github.com/just-containers/s6-overlay/issues/108 -## +############################################################################## +# Start Wazuh indexer +############################################################################## +export JAVA_HOME=/usr/share/wazuh-indexer/jdk/bin -/bin/importas -D /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin PATH PATH -export PATH ${PATH} -/etc/s6/init/init-stage1 $@ +#/usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/ -icl -nhnv -cacert /etc/wazuh-indexer/certs/root-ca.pem -cert /etc/wazuh-indexer/certs/admin.pem -key /etc/wazuh-indexer/certs/admin-key.pem + +service wazuh-indexer start + +while true; do sleep 1000; done diff --git a/wazuh-indexer/config/entrypoint_prueba.sh b/wazuh-indexer/config/entrypoint_prueba.sh deleted file mode 100644 index 28b20e15..00000000 --- a/wazuh-indexer/config/entrypoint_prueba.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash -# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) - -############################################################################## -# Start Wazuh indexer -############################################################################## - -JAVA_HOME=/usr/share/wazuh-indexer/jdk/bin - -/usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/ -icl -nhnv -cacert /etc/wazuh-indexer/certs/root-ca.pem -cert /etc/wazuh-indexer/certs/admin.pem -key /etc/wazuh-indexer/certs/admin-key.pem - -service wazuh-indexer start From ca5bbd0ca3c0e07d3c883a34e5941798043b1931 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 20 Jan 2022 18:48:43 -0300 Subject: [PATCH 012/163] Add wazuh-dashboard Dockerfile --- wazuh-indexer/Dockerfile_centos | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 wazuh-indexer/Dockerfile_centos diff --git a/wazuh-indexer/Dockerfile_centos b/wazuh-indexer/Dockerfile_centos new file mode 100644 index 00000000..2bdb83bd --- /dev/null +++ b/wazuh-indexer/Dockerfile_centos @@ -0,0 +1,25 @@ +# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) +FROM centos:8 + +ARG FILEBEAT_CHANNEL=filebeat-oss +ARG FILEBEAT_VERSION=7.10.2 +ARG WAZUH_VERSION=4.3.0-1 +ARG TEMPLATE_VERSION="master" +ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" + +USER root + +RUN yum install initscripts -y + +# Set repositories. +RUN curl https://s3.amazonaws.com/warehouse.wazuh.com/stack/indexer/stable/wazuh-indexer-${WAZUH_VERSION}_.x86_64.rpm --output wazuh-indexer-${WAZUH_VERSION}_.x86_64.rpm && \ + rpm -i wazuh-indexer-${WAZUH_VERSION}_.x86_64.rpm + +COPY config/entrypoint.sh / + +RUN chmod 700 /entrypoint.sh + +# Services ports +EXPOSE 9700 + +ENTRYPOINT [ "/entrypoint.sh" ] \ No newline at end of file From 4435658edfe7330f2af652b3044afaacf0de3d08 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 20 Jan 2022 18:51:47 -0300 Subject: [PATCH 013/163] Add wazuh-dashboard Dockerfile --- wazuh-indexer/Dockerfile_centos | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/wazuh-indexer/Dockerfile_centos b/wazuh-indexer/Dockerfile_centos index 2bdb83bd..5a2cf89e 100644 --- a/wazuh-indexer/Dockerfile_centos +++ b/wazuh-indexer/Dockerfile_centos @@ -12,8 +12,8 @@ USER root RUN yum install initscripts -y # Set repositories. -RUN curl https://s3.amazonaws.com/warehouse.wazuh.com/stack/indexer/stable/wazuh-indexer-${WAZUH_VERSION}_.x86_64.rpm --output wazuh-indexer-${WAZUH_VERSION}_.x86_64.rpm && \ - rpm -i wazuh-indexer-${WAZUH_VERSION}_.x86_64.rpm +RUN curl https://s3.amazonaws.com/warehouse.wazuh.com/stack/indexer/stable/wazuh-indexer-${WAZUH_VERSION}.x86_64.rpm --output wazuh-indexer-${WAZUH_VERSION}.x86_64.rpm && \ + rpm -i wazuh-indexer-${WAZUH_VERSION}.x86_64.rpm COPY config/entrypoint.sh / From b7b87cb06ea73b259a1cbd708bc771ebb6d403ee Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 21 Jan 2022 15:28:56 -0300 Subject: [PATCH 014/163] Fixes in Dockerfiles and entrypoints --- docker-compose.yml | 8 +- production-cluster.yml | 36 +++---- wazuh-dashboard/Dockerfile | 14 +-- wazuh-dashboard/config/entrypoint.sh | 11 ++- wazuh-dashboard/config/entrypoint_prueba.sh | 59 ----------- wazuh-dashboard/config/wazuh-dashboard.yml | 14 --- wazuh-dashboard/config/wazuh_app_config.sh | 64 ------------ wazuh-indexer/Dockerfile_centos | 10 +- wazuh-indexer/Dockerfile_ubuntu | 7 -- wazuh-indexer/config/entrypoint.sh | 10 +- wazuh-indexer/config/entrypoint_odfe.sh | 103 -------------------- 11 files changed, 41 insertions(+), 295 deletions(-) delete mode 100644 wazuh-dashboard/config/entrypoint_prueba.sh delete mode 100644 wazuh-dashboard/config/wazuh-dashboard.yml delete mode 100644 wazuh-dashboard/config/wazuh_app_config.sh delete mode 100644 wazuh-indexer/config/entrypoint_odfe.sh diff --git a/docker-compose.yml b/docker-compose.yml index d06a8402..66126ac5 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -41,7 +41,6 @@ services: - network.host=0.0.0.0 - "ES_JAVA_OPTS=-Xms512m -Xmx512m" - bootstrap.memory_lock=true - - JAVA_HOME=/usr/share/wazuh-indexer/jdk/bin ulimits: memlock: soft: -1 @@ -55,13 +54,12 @@ services: hostname: kibana restart: always ports: - - 443:5601 + - 5601:5601 + - 443:443 environment: - ELASTICSEARCH_USERNAME=admin - ELASTICSEARCH_PASSWORD=admin - - SERVER_SSL_ENABLED=true - - SERVER_SSL_CERTIFICATE=/etc/wazuh-dashboard/config/opendistroforelasticsearch.example.org.cert - - SERVER_SSL_KEY=/etc/wazuh-dashboard/config/opendistroforelasticsearch.example.org.key + - SERVER_SSL_ENABLED=false depends_on: - elasticsearch diff --git a/production-cluster.yml b/production-cluster.yml index 8f1b1872..93ed9770 100644 --- a/production-cluster.yml +++ b/production-cluster.yml @@ -82,14 +82,14 @@ services: soft: 65536 hard: 65536 volumes: - - elastic-data-1:/usr/share/elasticsearch/data - - ./production_cluster/ssl_certs/root-ca.pem:/usr/share/elasticsearch/config/root-ca.pem - - ./production_cluster/ssl_certs/node1.key:/usr/share/elasticsearch/config/node1.key - - ./production_cluster/ssl_certs/node1.pem:/usr/share/elasticsearch/config/node1.pem - - ./production_cluster/ssl_certs/admin.pem:/usr/share/elasticsearch/config/admin.pem - - ./production_cluster/ssl_certs/admin.key:/usr/share/elasticsearch/config/admin.key - - ./production_cluster/elastic_opendistro/elasticsearch-node1.yml:/usr/share/elasticsearch/config/elasticsearch.yml - - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml + - elastic-data-1:/var/lib/wazuh-indexer + - ./production_cluster/ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem + - ./production_cluster/ssl_certs/node1.key:/etc/wazuh-indexer/certs/node1.key + - ./production_cluster/ssl_certs/node1.pem:/etc/wazuh-indexer/certs/node1.pem + - ./production_cluster/ssl_certs/admin.pem:/etc/wazuh-indexer/certs/admin.pem + - ./production_cluster/ssl_certs/admin.key:/etc/wazuh-indexer/certs/admin.key + - ./production_cluster/elastic_opendistro/elasticsearch-node1.yml:/etc/wazuh-indexer/opensearch.yml + - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml elasticsearch-2: image: amazon/opendistro-for-elasticsearch:1.13.2 @@ -105,11 +105,11 @@ services: soft: 65536 hard: 65536 volumes: - - elastic-data-2:/usr/share/elasticsearch/data - - ./production_cluster/ssl_certs/root-ca.pem:/usr/share/elasticsearch/config/root-ca.pem - - ./production_cluster/ssl_certs/node2.key:/usr/share/elasticsearch/config/node2.key - - ./production_cluster/ssl_certs/node2.pem:/usr/share/elasticsearch/config/node2.pem - - ./production_cluster/elastic_opendistro/elasticsearch-node2.yml:/usr/share/elasticsearch/config/elasticsearch.yml + - elastic-data-2:/var/lib/wazuh-indexer + - ./production_cluster/ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem + - ./production_cluster/ssl_certs/node2.key:/etc/wazuh-indexer/certs/node2.key + - ./production_cluster/ssl_certs/node2.pem:/etc/wazuh-indexer/certs/node2.pem + - ./production_cluster/elastic_opendistro/elasticsearch-node2.yml:/etc/wazuh-indexer/elasticsearch.yml - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml elasticsearch-3: @@ -126,11 +126,11 @@ services: soft: 65536 hard: 65536 volumes: - - elastic-data-3:/usr/share/elasticsearch/data - - ./production_cluster/ssl_certs/root-ca.pem:/usr/share/elasticsearch/config/root-ca.pem - - ./production_cluster/ssl_certs/node3.key:/usr/share/elasticsearch/config/node3.key - - ./production_cluster/ssl_certs/node3.pem:/usr/share/elasticsearch/config/node3.pem - - ./production_cluster/elastic_opendistro/elasticsearch-node3.yml:/usr/share/elasticsearch/config/elasticsearch.yml + - elastic-data-3:/var/lib/wazuh-indexer + - ./production_cluster/ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem + - ./production_cluster/ssl_certs/node3.key:/etc/wazuh-indexer/certs/node3.key + - ./production_cluster/ssl_certs/node3.pem:/etc/wazuh-indexer/certs/node3.pem + - ./production_cluster/elastic_opendistro/elasticsearch-node3.yml:/etc/wazuh-indexer/elasticsearch.yml - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml kibana: diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index 5a4af7ca..5dea97f0 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -2,24 +2,18 @@ FROM ubuntu:20.04 ARG WAZUH_VERSION=4.3.0-1 -ARG TEMPLATE_VERSION="master" -ARG FILEBEAT_CHANNEL=filebeat-oss -ARG FILEBEAT_VERSION=7.10.2 -ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" +# Update and install dependencies RUN apt-get update && apt install curl libcap2-bin -y +#Download and install Wazuh Dashboard RUN curl https://s3.amazonaws.com/warehouse.wazuh.com/stack/dashboard/stable/wazuh-dashboard_${WAZUH_VERSION}_amd64.deb --output wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ - dpkg -i wazuh-dashboard_${WAZUH_VERSION}_amd64.deb - -# Prepare permanent data -# Sync calls are due to https://github.com/docker/docker/issues/9547 + dpkg -i wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ + apt-get clean -y && rm -rf wazuh-dashboard_${WAZUH_VERSION}_amd64.deb COPY config/entrypoint.sh / -COPY config/wazuh_app_config.sh / RUN chmod 700 /entrypoint.sh -RUN chmod 700 /wazuh_app_config.sh # Services ports EXPOSE 5601 diff --git a/wazuh-dashboard/config/entrypoint.sh b/wazuh-dashboard/config/entrypoint.sh index 47e780c9..33e6f8ee 100644 --- a/wazuh-dashboard/config/entrypoint.sh +++ b/wazuh-dashboard/config/entrypoint.sh @@ -1,11 +1,14 @@ #!/bin/bash # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) -set -e +############################################################################## +# Start Wazuh dashboard +############################################################################## - -#sed -i 's/localhost:9700/elasticsearch:9200/' /etc/wazuh-dashboard/wazuh-dashboard.yml +sed -i 's/localhost:9700/elasticsearch:9700/' /etc/wazuh-dashboard/wazuh-dashboard.yml service wazuh-dashboard start -while true; do sleep 1000; done \ No newline at end of file +sleep 20 + +tail -f /var/log/wazuh-dashboard/wazuh-dashboard.log diff --git a/wazuh-dashboard/config/entrypoint_prueba.sh b/wazuh-dashboard/config/entrypoint_prueba.sh deleted file mode 100644 index 91e44dc1..00000000 --- a/wazuh-dashboard/config/entrypoint_prueba.sh +++ /dev/null @@ -1,59 +0,0 @@ -#!/bin/bash -# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) - -set -e - -############################################################################## -# Waiting for indexer -############################################################################## - -if [ "x${ELASTICSEARCH_URL}" == "x" ]; then - if [[ ${ENABLED_SECURITY} == "false" ]]; then - export el_url="http://elasticsearch:9200" - else - export el_url="https://elasticsearch:9200" - fi -else - export el_url="${ELASTICSEARCH_URL}" -fi - -if [[ ${ENABLED_SECURITY} == "false" || "x${ELASTICSEARCH_USERNAME}" == "x" || "x${ELASTICSEARCH_PASSWORD}" == "x" ]]; then - auth="" - # remove security plugin from kibana if elasticsearch is not using it either - /usr/share/kibana/bin/kibana-plugin remove opendistro_security -else - export auth="--user ${ELASTICSEARCH_USERNAME}:${ELASTICSEARCH_PASSWORD} -k" -fi - -until curl -XGET $el_url ${auth}; do - >&2 echo "Elastic is unavailable - sleeping" - sleep 5 -done - -sleep 2 - ->&2 echo "Elasticsearch is up." - - -############################################################################## -# Waiting for wazuh alerts template -############################################################################## - -strlen=0 - -while [[ $strlen -eq 0 ]] -do - template=$(curl ${auth} $el_url/_cat/templates/wazuh -s) - strlen=${#template} - >&2 echo "Wazuh alerts template not loaded - sleeping." - sleep 2 -done - -chown wazuh-dashboard:wazuh-dashboard /etc/wazuh-dashboard/certs/* - -sleep 5 - -./wazuh_app_config.sh - - -while true; do sleep 1000; done diff --git a/wazuh-dashboard/config/wazuh-dashboard.yml b/wazuh-dashboard/config/wazuh-dashboard.yml deleted file mode 100644 index 8786ea4c..00000000 --- a/wazuh-dashboard/config/wazuh-dashboard.yml +++ /dev/null @@ -1,14 +0,0 @@ -server.host: 0.0.0.0 -server.port: 443 -opensearch.hosts: https://localhost:9700 -opensearch.ssl.verificationMode: certificate -opensearch.username: kibanaserver -opensearch.password: kibanaserver -opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"] -opensearch_security.multitenancy.enabled: false -opensearch_security.readonly_mode.roles: ["kibana_read_only"] -server.ssl.enabled: true -server.ssl.key: "/etc/wazuh-dashboard/certs/wazuh-dashboard-key.pem" -server.ssl.certificate: "/etc/wazuh-dashboard/certs/wazuh-dashboard.pem" -opensearch.ssl.certificateAuthorities: ["/etc/wazuh-dashboard/certs/root-ca.pem"] -logging.dest: "/var/log/wazuh-dashboard/wazuh-dashboard.log" \ No newline at end of file diff --git a/wazuh-dashboard/config/wazuh_app_config.sh b/wazuh-dashboard/config/wazuh_app_config.sh deleted file mode 100644 index ca6e1a6a..00000000 --- a/wazuh-dashboard/config/wazuh_app_config.sh +++ /dev/null @@ -1,64 +0,0 @@ -#!/bin/bash -# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) - -wazuh_url="${WAZUH_API_URL:-https://wazuh}" -wazuh_port="${API_PORT:-55000}" -api_username="${API_USERNAME:-wazuh-wui}" -api_password="${API_PASSWORD:-wazuh-wui}" - -kibana_config_file="/etc/wazuh-dashboard/wazuh-dashboard.yml" - -sed 's/9700/9200/' /etc/wazuh-dashboard/wazuh-dashboard.yml - -declare -A CONFIG_MAP=( - [pattern]=$PATTERN - [checks.pattern]=$CHECKS_PATTERN - [checks.template]=$CHECKS_TEMPLATE - [checks.api]=$CHECKS_API - [checks.setup]=$CHECKS_SETUP - [extensions.pci]=$EXTENSIONS_PCI - [extensions.gdpr]=$EXTENSIONS_GDPR - [extensions.hipaa]=$EXTENSIONS_HIPAA - [extensions.nist]=$EXTENSIONS_NIST - [extensions.tsc]=$EXTENSIONS_TSC - [extensions.audit]=$EXTENSIONS_AUDIT - [extensions.oscap]=$EXTENSIONS_OSCAP - [extensions.ciscat]=$EXTENSIONS_CISCAT - [extensions.aws]=$EXTENSIONS_AWS - [extensions.gcp]=$EXTENSIONS_GCP - [extensions.virustotal]=$EXTENSIONS_VIRUSTOTAL - [extensions.osquery]=$EXTENSIONS_OSQUERY - [extensions.docker]=$EXTENSIONS_DOCKER - [timeout]=$APP_TIMEOUT - [api.selector]=$API_SELECTOR - [ip.selector]=$IP_SELECTOR - [ip.ignore]=$IP_IGNORE - [wazuh.monitoring.enabled]=$WAZUH_MONITORING_ENABLED - [wazuh.monitoring.creation]=$WAZUH_MONITORING_CREATION - [wazuh.monitoring.frequency]=$WAZUH_MONITORING_FREQUENCY - [wazuh.monitoring.shards]=$WAZUH_MONITORING_SHARDS - [wazuh.monitoring.replicas]=$WAZUH_MONITORING_REPLICAS - [admin]=$ADMIN_PRIVILEGES -) - -for i in "${!CONFIG_MAP[@]}" -do - if [ "${CONFIG_MAP[$i]}" != "" ]; then - sed -i 's/.*#'"$i"'.*/'"$i"': '"${CONFIG_MAP[$i]}"'/' $kibana_config_file - fi -done - -CONFIG_CODE=$(curl ${auth} -s -o /dev/null -w "%{http_code}" -XGET $el_url/.wazuh/_doc/1513629884013) - -if [[ "x$CONFIG_CODE" != "x200" ]] && ! grep -q 1513629884013 $kibana_config_file ; then -cat << EOF >> $kibana_config_file -hosts: - - 1513629884013: - url: $wazuh_url - port: $wazuh_port - username: $api_username - password: $api_password -EOF -else - echo "Wazuh APP already configured" -fi diff --git a/wazuh-indexer/Dockerfile_centos b/wazuh-indexer/Dockerfile_centos index 5a2cf89e..c3621dfa 100644 --- a/wazuh-indexer/Dockerfile_centos +++ b/wazuh-indexer/Dockerfile_centos @@ -1,19 +1,17 @@ # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) FROM centos:8 -ARG FILEBEAT_CHANNEL=filebeat-oss -ARG FILEBEAT_VERSION=7.10.2 ARG WAZUH_VERSION=4.3.0-1 -ARG TEMPLATE_VERSION="master" -ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" USER root +# Update and install dependecies RUN yum install initscripts -y -# Set repositories. +#Download and install Wazuh indexer RUN curl https://s3.amazonaws.com/warehouse.wazuh.com/stack/indexer/stable/wazuh-indexer-${WAZUH_VERSION}.x86_64.rpm --output wazuh-indexer-${WAZUH_VERSION}.x86_64.rpm && \ - rpm -i wazuh-indexer-${WAZUH_VERSION}.x86_64.rpm + rpm -i wazuh-indexer-${WAZUH_VERSION}.x86_64.rpm && \ + yum clean all && rm -rf /var/cache/yum && rm -rf wazuh-indexer-${WAZUH_VERSION}.x86_64.rpm COPY config/entrypoint.sh / diff --git a/wazuh-indexer/Dockerfile_ubuntu b/wazuh-indexer/Dockerfile_ubuntu index 15290316..b6b058a6 100644 --- a/wazuh-indexer/Dockerfile_ubuntu +++ b/wazuh-indexer/Dockerfile_ubuntu @@ -2,19 +2,12 @@ FROM ubuntu:20.04 ARG WAZUH_VERSION=4.3.0-1 -ARG TEMPLATE_VERSION="master" -ARG FILEBEAT_CHANNEL=filebeat-oss -ARG FILEBEAT_VERSION=7.10.2 -ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" RUN apt-get update && apt install curl -y RUN curl https://s3.amazonaws.com/warehouse.wazuh.com/stack/indexer/stable/wazuh-indexer_${WAZUH_VERSION}_amd64.deb --output wazuh-indexer_${WAZUH_VERSION}_amd64.deb && \ dpkg -i wazuh-indexer_${WAZUH_VERSION}_amd64.deb -# Prepare permanent data -# Sync calls are due to https://github.com/docker/docker/issues/9547 - COPY config/entrypoint.sh / RUN chmod 700 /entrypoint.sh diff --git a/wazuh-indexer/config/entrypoint.sh b/wazuh-indexer/config/entrypoint.sh index d94dfc6c..e4347ee6 100644 --- a/wazuh-indexer/config/entrypoint.sh +++ b/wazuh-indexer/config/entrypoint.sh @@ -5,10 +5,10 @@ # Start Wazuh indexer ############################################################################## -export JAVA_HOME=/usr/share/wazuh-indexer/jdk/bin - -#/usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/ -icl -nhnv -cacert /etc/wazuh-indexer/certs/root-ca.pem -cert /etc/wazuh-indexer/certs/admin.pem -key /etc/wazuh-indexer/certs/admin-key.pem - service wazuh-indexer start -while true; do sleep 1000; done +sleep 20 + +export JAVA_HOME=/usr/share/wazuh-indexer/jdk/ && bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/ -nhnv -cacert /etc/wazuh-indexer/certs/root-ca.pem -cert /etc/wazuh-indexer/certs/admin.pem -key /etc/wazuh-indexer/certs/admin-key.pem -p 9800 -icl + +tail -f /var/log/wazuh-indexer/wazuh-cluster.log diff --git a/wazuh-indexer/config/entrypoint_odfe.sh b/wazuh-indexer/config/entrypoint_odfe.sh deleted file mode 100644 index 0519f90c..00000000 --- a/wazuh-indexer/config/entrypoint_odfe.sh +++ /dev/null @@ -1,103 +0,0 @@ -#!/bin/bash -set -e - -# Files created by OpenDistroForElasticsearch should always be group writable too -umask 0002 - -run_as_other_user_if_needed() { - if [[ "$(id -u)" == "0" ]]; then - # If running as root, drop to specified UID and run command - exec chroot --userspec=1000 / "${@}" - else - # Either we are running in Openshift with random uid and are a member of the root group - # or with a custom --user - exec "${@}" - fi -} - -# Allow user specify custom CMD, maybe bin/elasticsearch itself -# for example to directly specify `-E` style parameters for elasticsearch on k8s -# or simply to run /bin/bash to check the image -if [[ "$1" != "eswrapper" ]]; then - if [[ "$(id -u)" == "0" && $(basename "$1") == "elasticsearch" ]]; then - # centos:7 chroot doesn't have the `--skip-chdir` option and - # changes our CWD. - # Rewrite CMD args to replace $1 with `elasticsearch` explicitly, - # so that we are backwards compatible with the docs - # from the previous Elasticsearch versions<6 - # and configuration option D: - # https://www.elastic.co/guide/en/elasticsearch/reference/5.6/docker.html#_d_override_the_image_8217_s_default_ulink_url_https_docs_docker_com_engine_reference_run_cmd_default_command_or_options_cmd_ulink - # Without this, user could specify `elasticsearch -E x.y=z` but - # `bin/elasticsearch -E x.y=z` would not work. - set -- "elasticsearch" "${@:2}" - # Use chroot to switch to UID 1000 - exec chroot --userspec=1000 / "$@" - else - # User probably wants to run something else, like /bin/bash, with another uid forced (Openshift?) - exec "$@" - fi -fi - -# Parse Docker env vars to customize Elasticsearch -# -# e.g. Setting the env var cluster.name=testcluster -# -# will cause Elasticsearch to be invoked with -Ecluster.name=testcluster -# -# see https://www.elastic.co/guide/en/elasticsearch/reference/current/settings.html#_setting_default_settings - -declare -a es_opts - -while IFS='=' read -r envvar_key envvar_value -do - # Elasticsearch settings need to have at least two dot separated lowercase - # words, e.g. `cluster.name`, except for `processors` which we handle - # specially - if [[ "$envvar_key" =~ ^[a-z0-9_]+\.[a-z0-9_]+ || "$envvar_key" == "processors" ]]; then - if [[ ! -z $envvar_value ]]; then - es_opt="-E${envvar_key}=${envvar_value}" - es_opts+=("${es_opt}") - fi - fi -done < <(env) - -# The virtual file /proc/self/cgroup should list the current cgroup -# membership. For each hierarchy, you can follow the cgroup path from -# this file to the cgroup filesystem (usually /sys/fs/cgroup/) and -# introspect the statistics for the cgroup for the given -# hierarchy. Alas, Docker breaks this by mounting the container -# statistics at the root while leaving the cgroup paths as the actual -# paths. Therefore, Elasticsearch provides a mechanism to override -# reading the cgroup path from /proc/self/cgroup and instead uses the -# cgroup path defined the JVM system property -# es.cgroups.hierarchy.override. Therefore, we set this value here so -# that cgroup statistics are available for the container this process -# will run in. -export ES_JAVA_OPTS="-Des.cgroups.hierarchy.override=/ $ES_JAVA_OPTS" - -if [[ "$(id -u)" == "0" ]]; then - # If requested and running as root, mutate the ownership of bind-mounts - if [[ -n "$TAKE_FILE_OWNERSHIP" ]]; then - chown -R 1000:0 /usr/share/elasticsearch/{data,logs} - fi -fi - -if [[ -d "/usr/share/elasticsearch/plugins/opendistro_security" && "$DISABLE_INSTALL_DEMO_CONFIG" != "true" ]]; then - # Install Demo certifactes for Security Plugin and update the elasticsearch.yml - # file to use those certificates. - /usr/share/elasticsearch/plugins/opendistro_security/tools/install_demo_configuration.sh -y -i -s -fi - -if [[ -d "/usr/share/elasticsearch/plugins/opendistro-performance-analyzer" ]]; then - CLK_TCK=`/usr/bin/getconf CLK_TCK` - ES_JAVA_OPTS="-Dclk.tck=$CLK_TCK -Djdk.attach.allowAttachSelf=true $ES_JAVA_OPTS" - if [[ -d "/usr/share/elasticsearch/performance-analyzer-rca" ]]; then - ES_JAVA_OPTS="-Djava.security.policy=file:///usr/share/elasticsearch/performance-analyzer-rca/pa_config/es_security.policy $ES_JAVA_OPTS" - /usr/bin/supervisord -c /usr/share/elasticsearch/performance-analyzer-rca/pa_config/supervisord.conf - else - ES_JAVA_OPTS="-Djava.security.policy=file:///usr/share/elasticsearch/plugins/opendistro-performance-analyzer/pa_config/es_security.policy $ES_JAVA_OPTS" - /usr/bin/supervisord -c /usr/share/elasticsearch/plugins/opendistro-performance-analyzer/pa_config/supervisord.conf - fi -fi - -run_as_other_user_if_needed /usr/share/elasticsearch/bin/elasticsearch "${es_opts[@]}" \ No newline at end of file From 8327d5bed29fb7641855c883217501e9322dd7ba Mon Sep 17 00:00:00 2001 From: vcerenu Date: Mon, 24 Jan 2022 17:35:44 -0300 Subject: [PATCH 015/163] Add Wazuh indexer cluster configuration --- generate-indexer-verts.yml | 10 ++ indexer_certs_creator/Dockerfile | 20 ++++ indexer_certs_creator/config/entrypoint.sh | 8 ++ production-cluster.yml | 66 +++++------ .../wazuh-indexer-node1.yml | 31 ++++++ .../wazuh-indexer-node2.yml | 31 ++++++ .../wazuh-indexer-node3.yml | 31 ++++++ production_cluster/ssl_certs/certs.yml | 35 ++++++ .../wazuh_indexer_ssl_certs/certs.yml | 35 ++++++ wazuh-dashboard/config/entrypoint_prueba.sh | 59 ++++++++++ wazuh-dashboard/config/wazuh-dashboard.yml | 14 +++ wazuh-dashboard/config/wazuh_app_config.sh | 64 +++++++++++ wazuh-indexer/config/entrypoint_odfe.sh | 103 ++++++++++++++++++ 13 files changed, 474 insertions(+), 33 deletions(-) create mode 100644 generate-indexer-verts.yml create mode 100644 indexer_certs_creator/Dockerfile create mode 100644 indexer_certs_creator/config/entrypoint.sh create mode 100644 production_cluster/elastic_opendistro/wazuh-indexer-node1.yml create mode 100644 production_cluster/elastic_opendistro/wazuh-indexer-node2.yml create mode 100644 production_cluster/elastic_opendistro/wazuh-indexer-node3.yml create mode 100644 production_cluster/ssl_certs/certs.yml create mode 100644 production_cluster/wazuh_indexer_ssl_certs/certs.yml create mode 100644 wazuh-dashboard/config/entrypoint_prueba.sh create mode 100644 wazuh-dashboard/config/wazuh-dashboard.yml create mode 100644 wazuh-dashboard/config/wazuh_app_config.sh create mode 100644 wazuh-indexer/config/entrypoint_odfe.sh diff --git a/generate-indexer-verts.yml b/generate-indexer-verts.yml new file mode 100644 index 00000000..01503c55 --- /dev/null +++ b/generate-indexer-verts.yml @@ -0,0 +1,10 @@ +# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2) +version: '3' + +services: + generator: + image: wazuh/opendistro-certs-generator:0.1 + hostname: opendistro-certs-generator + volumes: + - ./production_cluster/wazuh_indexer_ssl_certs/certs.yml:/usr/src/config/myconf.yml + - ./production_cluster/wazuh_indexer_ssl_certs/:/usr/src/certs/out/ \ No newline at end of file diff --git a/indexer_certs_creator/Dockerfile b/indexer_certs_creator/Dockerfile new file mode 100644 index 00000000..56181606 --- /dev/null +++ b/indexer_certs_creator/Dockerfile @@ -0,0 +1,20 @@ +# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) +FROM centos:8 + +ARG WAZUH_VERSION=4.3.0-1 + +USER root + +# Update and install dependecies +RUN yum install initscripts -y + +#Download and install Wazuh indexer +RUN curl https://s3.amazonaws.com/warehouse.wazuh.com/stack/indexer/stable/wazuh-indexer-${WAZUH_VERSION}.x86_64.rpm --output wazuh-indexer-${WAZUH_VERSION}.x86_64.rpm && \ + rpm -i wazuh-indexer-${WAZUH_VERSION}.x86_64.rpm && \ + yum clean all && rm -rf /var/cache/yum && rm -rf wazuh-indexer-${WAZUH_VERSION}.x86_64.rpm + +COPY config/entrypoint.sh / + +RUN chmod 700 /entrypoint.sh + +ENTRYPOINT [ "/entrypoint.sh" ] \ No newline at end of file diff --git a/indexer_certs_creator/config/entrypoint.sh b/indexer_certs_creator/config/entrypoint.sh new file mode 100644 index 00000000..9f24ba39 --- /dev/null +++ b/indexer_certs_creator/config/entrypoint.sh @@ -0,0 +1,8 @@ +#!/bin/bash +# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) + +############################################################################## +# Start Wazuh indexer +############################################################################## + +/usr/share/wazuh-indexer/plugins/opensearch-security/tools/wazuh-cert-tool.sh diff --git a/production-cluster.yml b/production-cluster.yml index 93ed9770..01e7eaa8 100644 --- a/production-cluster.yml +++ b/production-cluster.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh-master: - image: wazuh/wazuh-odfe:4.3.0 + image: wazuh/wazuh-odfe:4.2.5 hostname: wazuh-master restart: always ports: @@ -11,7 +11,7 @@ services: - "514:514/udp" - "55000:55000" environment: - - ELASTICSEARCH_URL=https://elasticsearch:9200 + - ELASTICSEARCH_URL=https://elasticsearch:9700 - ELASTIC_USERNAME=admin - ELASTIC_PASSWORD=SecretPassword - FILEBEAT_SSL_VERIFICATION_MODE=full @@ -32,17 +32,17 @@ services: - ossec-wodles:/var/ossec/wodles - filebeat-etc:/etc/filebeat - filebeat-var:/var/lib/filebeat - - ./production_cluster/ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem - - ./production_cluster/ssl_certs/filebeat.pem:/etc/ssl/filebeat.pem - - ./production_cluster/ssl_certs/filebeat.key:/etc/ssl/filebeat.key + - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem + - ./production_cluster/wazuh_indexer_ssl_certs/filebeat.pem:/etc/ssl/filebeat.pem + - ./production_cluster/wazuh_indexer_ssl_certs/filebeat.key:/etc/ssl/filebeat.key - ./production_cluster/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh-worker: - image: wazuh/wazuh-odfe:4.3.0 + image: wazuh/wazuh-odfe:4.2.5 hostname: wazuh-worker restart: always environment: - - ELASTICSEARCH_URL=https://elasticsearch:9200 + - ELASTICSEARCH_URL=https://elasticsearch:9700 - ELASTIC_USERNAME=admin - ELASTIC_PASSWORD=SecretPassword - FILEBEAT_SSL_VERIFICATION_MODE=full @@ -61,17 +61,17 @@ services: - worker-ossec-wodles:/var/ossec/wodles - worker-filebeat-etc:/etc/filebeat - worker-filebeat-var:/var/lib/filebeat - - ./production_cluster/ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem - - ./production_cluster/ssl_certs/filebeat.pem:/etc/ssl/filebeat.pem - - ./production_cluster/ssl_certs/filebeat.key:/etc/ssl/filebeat.key + - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem + - ./production_cluster/wazuh_indexer_ssl_certs/filebeat.pem:/etc/ssl/filebeat.pem + - ./production_cluster/wazuh_indexer_ssl_certs/filebeat.key:/etc/ssl/filebeat.key - ./production_cluster/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf elasticsearch: - image: amazon/opendistro-for-elasticsearch:1.13.2 + image: wazuh/wazuh-indexer:4.3.0 hostname: elasticsearch restart: always ports: - - "9200:9200" + - "9700:9700" environment: - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Dlog4j2.formatMsgNoLookups=true" ulimits: @@ -83,16 +83,16 @@ services: hard: 65536 volumes: - elastic-data-1:/var/lib/wazuh-indexer - - ./production_cluster/ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem - - ./production_cluster/ssl_certs/node1.key:/etc/wazuh-indexer/certs/node1.key - - ./production_cluster/ssl_certs/node1.pem:/etc/wazuh-indexer/certs/node1.pem - - ./production_cluster/ssl_certs/admin.pem:/etc/wazuh-indexer/certs/admin.pem - - ./production_cluster/ssl_certs/admin.key:/etc/wazuh-indexer/certs/admin.key - - ./production_cluster/elastic_opendistro/elasticsearch-node1.yml:/etc/wazuh-indexer/opensearch.yml + - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem + - ./production_cluster/wazuh_indexer_ssl_certs/node1.key:/etc/wazuh-indexer/certs/node1.key + - ./production_cluster/wazuh_indexer_ssl_certs/node1.pem:/etc/wazuh-indexer/certs/node1.pem + - ./production_cluster/wazuh_indexer_ssl_certs/admin.pem:/etc/wazuh-indexer/certs/admin.pem + - ./production_cluster/wazuh_indexer_ssl_certs/admin.key:/etc/wazuh-indexer/certs/admin.key + - ./production_cluster/elastic_opendistro/wazuh-indexer-node1.yml:/etc/wazuh-indexer/opensearch.yml - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml elasticsearch-2: - image: amazon/opendistro-for-elasticsearch:1.13.2 + image: wazuh/wazuh-indexer:4.3.0 hostname: elasticsearch-2 restart: always environment: @@ -106,14 +106,14 @@ services: hard: 65536 volumes: - elastic-data-2:/var/lib/wazuh-indexer - - ./production_cluster/ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem - - ./production_cluster/ssl_certs/node2.key:/etc/wazuh-indexer/certs/node2.key - - ./production_cluster/ssl_certs/node2.pem:/etc/wazuh-indexer/certs/node2.pem - - ./production_cluster/elastic_opendistro/elasticsearch-node2.yml:/etc/wazuh-indexer/elasticsearch.yml + - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem + - ./production_cluster/wazuh_indexer_ssl_certs/node2.key:/etc/wazuh-indexer/certs/node2.key + - ./production_cluster/wazuh_indexer_ssl_certs/node2.pem:/etc/wazuh-indexer/certs/node2.pem + - ./production_cluster/elastic_opendistro/wazuh-indexer-node2.yml:/etc/wazuh-indexer/elasticsearch.yml - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml elasticsearch-3: - image: amazon/opendistro-for-elasticsearch:1.13.2 + image: wazuh/wazuh-indexer:4.3.0 hostname: elasticsearch-3 restart: always environment: @@ -127,14 +127,14 @@ services: hard: 65536 volumes: - elastic-data-3:/var/lib/wazuh-indexer - - ./production_cluster/ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem - - ./production_cluster/ssl_certs/node3.key:/etc/wazuh-indexer/certs/node3.key - - ./production_cluster/ssl_certs/node3.pem:/etc/wazuh-indexer/certs/node3.pem - - ./production_cluster/elastic_opendistro/elasticsearch-node3.yml:/etc/wazuh-indexer/elasticsearch.yml + - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem + - ./production_cluster/wazuh_indexer_ssl_certs/node3.key:/etc/wazuh-indexer/certs/node3.key + - ./production_cluster/wazuh_indexer_ssl_certs/node3.pem:/etc/wazuh-indexer/certs/node3.pem + - ./production_cluster/elastic_opendistro/wazuh-indexer-node3.yml:/etc/wazuh-indexer/elasticsearch.yml - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml kibana: - image: wazuh/wazuh-kibana-odfe:4.3.0 + image: wazuh/wazuh-dashboard:4.3.0 hostname: kibana restart: always ports: @@ -143,14 +143,14 @@ services: - ELASTICSEARCH_USERNAME=admin - ELASTICSEARCH_PASSWORD=SecretPassword - SERVER_SSL_ENABLED=true - - SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/cert.pem - - SERVER_SSL_KEY=/usr/share/kibana/config/key.pem + - SERVER_SSL_CERTIFICATE=/etc/wazuh-dashboard/certs/cert.pem + - SERVER_SSL_KEY=/etc/wazuh-dashboard/certs/key.pem - WAZUH_API_URL="https://wazuh-master" - API_USERNAME=acme-user - API_PASSWORD=MyS3cr37P450r.*- volumes: - - ./production_cluster/kibana_ssl/cert.pem:/usr/share/kibana/config/cert.pem - - ./production_cluster/kibana_ssl/key.pem:/usr/share/kibana/config/key.pem + - ./production_cluster/kibana_ssl/cert.pem:/etc/wazuh-dashboard/certs/cert.pem + - ./production_cluster/kibana_ssl/key.pem:/etc/wazuh-dashboard/certs/key.pem depends_on: - elasticsearch diff --git a/production_cluster/elastic_opendistro/wazuh-indexer-node1.yml b/production_cluster/elastic_opendistro/wazuh-indexer-node1.yml new file mode 100644 index 00000000..af63bdf8 --- /dev/null +++ b/production_cluster/elastic_opendistro/wazuh-indexer-node1.yml @@ -0,0 +1,31 @@ +network.host: elasticsearch +cluster.name: wazuh-cluster +node.name: elasticsearch +discovery.seed_hosts: elasticsearch,elasticsearch-2,elasticsearch-3 +cluster.initial_master_nodes: elasticsearch,elasticsearch-2,elasticsearch-3 +bootstrap.memory_lock: true + +opendistro_security.ssl.transport.pemcert_filepath: node1.pem +opendistro_security.ssl.transport.pemkey_filepath: node1.key +opendistro_security.ssl.transport.pemtrustedcas_filepath: root-ca.pem +opendistro_security.ssl.transport.enforce_hostname_verification: false +opendistro_security.ssl.transport.resolve_hostname: false +opendistro_security.ssl.http.enabled: true +opendistro_security.ssl.http.pemcert_filepath: node1.pem +opendistro_security.ssl.http.pemkey_filepath: node1.key +opendistro_security.ssl.http.pemtrustedcas_filepath: root-ca.pem +opendistro_security.allow_default_init_securityindex: true +opendistro_security.nodes_dn: + - 'CN=node1,OU=Ops,O=Example\, Inc.,DC=example,DC=com' + - 'CN=node2,OU=Ops,O=Example\, Inc.,DC=example,DC=com' + - 'CN=node3,OU=Ops,O=Example\, Inc.,DC=example,DC=com' + - 'CN=filebeat,OU=Ops,O=Example\, Inc.,DC=example,DC=com' +opendistro_security.authcz.admin_dn: ['CN=admin,OU=Ops,O=Example\, Inc.,DC=example,DC=com'] +opendistro_security.audit.type: internal_elasticsearch +opendistro_security.enable_snapshot_restore_privilege: true +opendistro_security.check_snapshot_restore_write_privileges: true +opendistro_security.restapi.roles_enabled: ["all_access", "security_rest_api_access"] +cluster.routing.allocation.disk.threshold_enabled: false +#opendistro_security.audit.config.disabled_rest_categories: NONE +#opendistro_security.audit.config.disabled_transport_categories: NONE +opendistro_security.audit.log_request_body: false diff --git a/production_cluster/elastic_opendistro/wazuh-indexer-node2.yml b/production_cluster/elastic_opendistro/wazuh-indexer-node2.yml new file mode 100644 index 00000000..158d7abe --- /dev/null +++ b/production_cluster/elastic_opendistro/wazuh-indexer-node2.yml @@ -0,0 +1,31 @@ +network.host: elasticsearch-2 +cluster.name: wazuh-cluster +node.name: elasticsearch-2 +discovery.seed_hosts: elasticsearch,elasticsearch-2,elasticsearch-3 +cluster.initial_master_nodes: elasticsearch,elasticsearch-2,elasticsearch-3 +bootstrap.memory_lock: true + +opendistro_security.ssl.transport.pemcert_filepath: node2.pem +opendistro_security.ssl.transport.pemkey_filepath: node2.key +opendistro_security.ssl.transport.pemtrustedcas_filepath: root-ca.pem +opendistro_security.ssl.transport.enforce_hostname_verification: false +opendistro_security.ssl.transport.resolve_hostname: false +opendistro_security.ssl.http.enabled: true +opendistro_security.ssl.http.pemcert_filepath: node2.pem +opendistro_security.ssl.http.pemkey_filepath: node2.key +opendistro_security.ssl.http.pemtrustedcas_filepath: root-ca.pem +opendistro_security.allow_default_init_securityindex: true +opendistro_security.nodes_dn: + - 'CN=node1,OU=Ops,O=Example\, Inc.,DC=example,DC=com' + - 'CN=node2,OU=Ops,O=Example\, Inc.,DC=example,DC=com' + - 'CN=node3,OU=Ops,O=Example\, Inc.,DC=example,DC=com' + - 'CN=filebeat,OU=Ops,O=Example\, Inc.,DC=example,DC=com' +opendistro_security.authcz.admin_dn: ['CN=admin,OU=Ops,O=Example\, Inc.,DC=example,DC=com'] +opendistro_security.audit.type: internal_elasticsearch +opendistro_security.enable_snapshot_restore_privilege: true +opendistro_security.check_snapshot_restore_write_privileges: true +opendistro_security.restapi.roles_enabled: ["all_access", "security_rest_api_access"] +cluster.routing.allocation.disk.threshold_enabled: false +#opendistro_security.audit.config.disabled_rest_categories: NONE +#opendistro_security.audit.config.disabled_transport_categories: NONE +opendistro_security.audit.log_request_body: false diff --git a/production_cluster/elastic_opendistro/wazuh-indexer-node3.yml b/production_cluster/elastic_opendistro/wazuh-indexer-node3.yml new file mode 100644 index 00000000..98457c46 --- /dev/null +++ b/production_cluster/elastic_opendistro/wazuh-indexer-node3.yml @@ -0,0 +1,31 @@ +network.host: elasticsearch-3 +cluster.name: wazuh-cluster +node.name: elasticsearch-3 +discovery.seed_hosts: elasticsearch,elasticsearch-2,elasticsearch-3 +cluster.initial_master_nodes: elasticsearch,elasticsearch-2,elasticsearch-3 +bootstrap.memory_lock: true + +opendistro_security.ssl.transport.pemcert_filepath: node3.pem +opendistro_security.ssl.transport.pemkey_filepath: node3.key +opendistro_security.ssl.transport.pemtrustedcas_filepath: root-ca.pem +opendistro_security.ssl.transport.enforce_hostname_verification: false +opendistro_security.ssl.transport.resolve_hostname: false +opendistro_security.ssl.http.enabled: true +opendistro_security.ssl.http.pemcert_filepath: node3.pem +opendistro_security.ssl.http.pemkey_filepath: node3.key +opendistro_security.ssl.http.pemtrustedcas_filepath: root-ca.pem +opendistro_security.allow_default_init_securityindex: true +opendistro_security.nodes_dn: + - 'CN=node1,OU=Ops,O=Example\, Inc.,DC=example,DC=com' + - 'CN=node2,OU=Ops,O=Example\, Inc.,DC=example,DC=com' + - 'CN=node3,OU=Ops,O=Example\, Inc.,DC=example,DC=com' + - 'CN=filebeat,OU=Ops,O=Example\, Inc.,DC=example,DC=com' +opendistro_security.authcz.admin_dn: ['CN=admin,OU=Ops,O=Example\, Inc.,DC=example,DC=com'] +opendistro_security.audit.type: internal_elasticsearch +opendistro_security.enable_snapshot_restore_privilege: true +opendistro_security.check_snapshot_restore_write_privileges: true +opendistro_security.restapi.roles_enabled: ["all_access", "security_rest_api_access"] +cluster.routing.allocation.disk.threshold_enabled: false +#opendistro_security.audit.config.disabled_rest_categories: NONE +#opendistro_security.audit.config.disabled_transport_categories: NONE +opendistro_security.audit.log_request_body: false diff --git a/production_cluster/ssl_certs/certs.yml b/production_cluster/ssl_certs/certs.yml new file mode 100644 index 00000000..486e4178 --- /dev/null +++ b/production_cluster/ssl_certs/certs.yml @@ -0,0 +1,35 @@ +ca: + root: + dn: CN=root-ca,OU=CA,O=Example\, Inc.,DC=example,DC=com + pkPassword: none + keysize: 2048 + file: root-ca.pem + intermediate: + dn: CN=intermediate,OU=CA,O=Example\, Inc.,DC=example,DC=com + keysize: 2048 + validityDays: 3650 + pkPassword: intermediate-ca-password + file: intermediate-ca.pem + +nodes: + - name: node1 + dn: CN=node1,OU=Ops,O=Example\, Inc.,DC=example,DC=com + dns: + - elasticsearch + - name: node2 + dn: CN=node2,OU=Ops,O=Example\, Inc.,DC=example,DC=com + dns: + - elasticsearch-2 + - name: node3 + dn: CN=node3,OU=Ops,O=Example\, Inc.,DC=example,DC=com + dns: + - elasticsearch-3 + - name: filebeat + dn: CN=filebeat,OU=Ops,O=Example\, Inc.,DC=example,DC=com + dns: + - wazuh + +clients: + - name: admin + dn: CN=admin,OU=Ops,O=Example\, Inc.,DC=example,DC=com + admin: true diff --git a/production_cluster/wazuh_indexer_ssl_certs/certs.yml b/production_cluster/wazuh_indexer_ssl_certs/certs.yml new file mode 100644 index 00000000..486e4178 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/certs.yml @@ -0,0 +1,35 @@ +ca: + root: + dn: CN=root-ca,OU=CA,O=Example\, Inc.,DC=example,DC=com + pkPassword: none + keysize: 2048 + file: root-ca.pem + intermediate: + dn: CN=intermediate,OU=CA,O=Example\, Inc.,DC=example,DC=com + keysize: 2048 + validityDays: 3650 + pkPassword: intermediate-ca-password + file: intermediate-ca.pem + +nodes: + - name: node1 + dn: CN=node1,OU=Ops,O=Example\, Inc.,DC=example,DC=com + dns: + - elasticsearch + - name: node2 + dn: CN=node2,OU=Ops,O=Example\, Inc.,DC=example,DC=com + dns: + - elasticsearch-2 + - name: node3 + dn: CN=node3,OU=Ops,O=Example\, Inc.,DC=example,DC=com + dns: + - elasticsearch-3 + - name: filebeat + dn: CN=filebeat,OU=Ops,O=Example\, Inc.,DC=example,DC=com + dns: + - wazuh + +clients: + - name: admin + dn: CN=admin,OU=Ops,O=Example\, Inc.,DC=example,DC=com + admin: true diff --git a/wazuh-dashboard/config/entrypoint_prueba.sh b/wazuh-dashboard/config/entrypoint_prueba.sh new file mode 100644 index 00000000..91e44dc1 --- /dev/null +++ b/wazuh-dashboard/config/entrypoint_prueba.sh @@ -0,0 +1,59 @@ +#!/bin/bash +# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) + +set -e + +############################################################################## +# Waiting for indexer +############################################################################## + +if [ "x${ELASTICSEARCH_URL}" == "x" ]; then + if [[ ${ENABLED_SECURITY} == "false" ]]; then + export el_url="http://elasticsearch:9200" + else + export el_url="https://elasticsearch:9200" + fi +else + export el_url="${ELASTICSEARCH_URL}" +fi + +if [[ ${ENABLED_SECURITY} == "false" || "x${ELASTICSEARCH_USERNAME}" == "x" || "x${ELASTICSEARCH_PASSWORD}" == "x" ]]; then + auth="" + # remove security plugin from kibana if elasticsearch is not using it either + /usr/share/kibana/bin/kibana-plugin remove opendistro_security +else + export auth="--user ${ELASTICSEARCH_USERNAME}:${ELASTICSEARCH_PASSWORD} -k" +fi + +until curl -XGET $el_url ${auth}; do + >&2 echo "Elastic is unavailable - sleeping" + sleep 5 +done + +sleep 2 + +>&2 echo "Elasticsearch is up." + + +############################################################################## +# Waiting for wazuh alerts template +############################################################################## + +strlen=0 + +while [[ $strlen -eq 0 ]] +do + template=$(curl ${auth} $el_url/_cat/templates/wazuh -s) + strlen=${#template} + >&2 echo "Wazuh alerts template not loaded - sleeping." + sleep 2 +done + +chown wazuh-dashboard:wazuh-dashboard /etc/wazuh-dashboard/certs/* + +sleep 5 + +./wazuh_app_config.sh + + +while true; do sleep 1000; done diff --git a/wazuh-dashboard/config/wazuh-dashboard.yml b/wazuh-dashboard/config/wazuh-dashboard.yml new file mode 100644 index 00000000..8786ea4c --- /dev/null +++ b/wazuh-dashboard/config/wazuh-dashboard.yml @@ -0,0 +1,14 @@ +server.host: 0.0.0.0 +server.port: 443 +opensearch.hosts: https://localhost:9700 +opensearch.ssl.verificationMode: certificate +opensearch.username: kibanaserver +opensearch.password: kibanaserver +opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"] +opensearch_security.multitenancy.enabled: false +opensearch_security.readonly_mode.roles: ["kibana_read_only"] +server.ssl.enabled: true +server.ssl.key: "/etc/wazuh-dashboard/certs/wazuh-dashboard-key.pem" +server.ssl.certificate: "/etc/wazuh-dashboard/certs/wazuh-dashboard.pem" +opensearch.ssl.certificateAuthorities: ["/etc/wazuh-dashboard/certs/root-ca.pem"] +logging.dest: "/var/log/wazuh-dashboard/wazuh-dashboard.log" \ No newline at end of file diff --git a/wazuh-dashboard/config/wazuh_app_config.sh b/wazuh-dashboard/config/wazuh_app_config.sh new file mode 100644 index 00000000..ca6e1a6a --- /dev/null +++ b/wazuh-dashboard/config/wazuh_app_config.sh @@ -0,0 +1,64 @@ +#!/bin/bash +# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) + +wazuh_url="${WAZUH_API_URL:-https://wazuh}" +wazuh_port="${API_PORT:-55000}" +api_username="${API_USERNAME:-wazuh-wui}" +api_password="${API_PASSWORD:-wazuh-wui}" + +kibana_config_file="/etc/wazuh-dashboard/wazuh-dashboard.yml" + +sed 's/9700/9200/' /etc/wazuh-dashboard/wazuh-dashboard.yml + +declare -A CONFIG_MAP=( + [pattern]=$PATTERN + [checks.pattern]=$CHECKS_PATTERN + [checks.template]=$CHECKS_TEMPLATE + [checks.api]=$CHECKS_API + [checks.setup]=$CHECKS_SETUP + [extensions.pci]=$EXTENSIONS_PCI + [extensions.gdpr]=$EXTENSIONS_GDPR + [extensions.hipaa]=$EXTENSIONS_HIPAA + [extensions.nist]=$EXTENSIONS_NIST + [extensions.tsc]=$EXTENSIONS_TSC + [extensions.audit]=$EXTENSIONS_AUDIT + [extensions.oscap]=$EXTENSIONS_OSCAP + [extensions.ciscat]=$EXTENSIONS_CISCAT + [extensions.aws]=$EXTENSIONS_AWS + [extensions.gcp]=$EXTENSIONS_GCP + [extensions.virustotal]=$EXTENSIONS_VIRUSTOTAL + [extensions.osquery]=$EXTENSIONS_OSQUERY + [extensions.docker]=$EXTENSIONS_DOCKER + [timeout]=$APP_TIMEOUT + [api.selector]=$API_SELECTOR + [ip.selector]=$IP_SELECTOR + [ip.ignore]=$IP_IGNORE + [wazuh.monitoring.enabled]=$WAZUH_MONITORING_ENABLED + [wazuh.monitoring.creation]=$WAZUH_MONITORING_CREATION + [wazuh.monitoring.frequency]=$WAZUH_MONITORING_FREQUENCY + [wazuh.monitoring.shards]=$WAZUH_MONITORING_SHARDS + [wazuh.monitoring.replicas]=$WAZUH_MONITORING_REPLICAS + [admin]=$ADMIN_PRIVILEGES +) + +for i in "${!CONFIG_MAP[@]}" +do + if [ "${CONFIG_MAP[$i]}" != "" ]; then + sed -i 's/.*#'"$i"'.*/'"$i"': '"${CONFIG_MAP[$i]}"'/' $kibana_config_file + fi +done + +CONFIG_CODE=$(curl ${auth} -s -o /dev/null -w "%{http_code}" -XGET $el_url/.wazuh/_doc/1513629884013) + +if [[ "x$CONFIG_CODE" != "x200" ]] && ! grep -q 1513629884013 $kibana_config_file ; then +cat << EOF >> $kibana_config_file +hosts: + - 1513629884013: + url: $wazuh_url + port: $wazuh_port + username: $api_username + password: $api_password +EOF +else + echo "Wazuh APP already configured" +fi diff --git a/wazuh-indexer/config/entrypoint_odfe.sh b/wazuh-indexer/config/entrypoint_odfe.sh new file mode 100644 index 00000000..0519f90c --- /dev/null +++ b/wazuh-indexer/config/entrypoint_odfe.sh @@ -0,0 +1,103 @@ +#!/bin/bash +set -e + +# Files created by OpenDistroForElasticsearch should always be group writable too +umask 0002 + +run_as_other_user_if_needed() { + if [[ "$(id -u)" == "0" ]]; then + # If running as root, drop to specified UID and run command + exec chroot --userspec=1000 / "${@}" + else + # Either we are running in Openshift with random uid and are a member of the root group + # or with a custom --user + exec "${@}" + fi +} + +# Allow user specify custom CMD, maybe bin/elasticsearch itself +# for example to directly specify `-E` style parameters for elasticsearch on k8s +# or simply to run /bin/bash to check the image +if [[ "$1" != "eswrapper" ]]; then + if [[ "$(id -u)" == "0" && $(basename "$1") == "elasticsearch" ]]; then + # centos:7 chroot doesn't have the `--skip-chdir` option and + # changes our CWD. + # Rewrite CMD args to replace $1 with `elasticsearch` explicitly, + # so that we are backwards compatible with the docs + # from the previous Elasticsearch versions<6 + # and configuration option D: + # https://www.elastic.co/guide/en/elasticsearch/reference/5.6/docker.html#_d_override_the_image_8217_s_default_ulink_url_https_docs_docker_com_engine_reference_run_cmd_default_command_or_options_cmd_ulink + # Without this, user could specify `elasticsearch -E x.y=z` but + # `bin/elasticsearch -E x.y=z` would not work. + set -- "elasticsearch" "${@:2}" + # Use chroot to switch to UID 1000 + exec chroot --userspec=1000 / "$@" + else + # User probably wants to run something else, like /bin/bash, with another uid forced (Openshift?) + exec "$@" + fi +fi + +# Parse Docker env vars to customize Elasticsearch +# +# e.g. Setting the env var cluster.name=testcluster +# +# will cause Elasticsearch to be invoked with -Ecluster.name=testcluster +# +# see https://www.elastic.co/guide/en/elasticsearch/reference/current/settings.html#_setting_default_settings + +declare -a es_opts + +while IFS='=' read -r envvar_key envvar_value +do + # Elasticsearch settings need to have at least two dot separated lowercase + # words, e.g. `cluster.name`, except for `processors` which we handle + # specially + if [[ "$envvar_key" =~ ^[a-z0-9_]+\.[a-z0-9_]+ || "$envvar_key" == "processors" ]]; then + if [[ ! -z $envvar_value ]]; then + es_opt="-E${envvar_key}=${envvar_value}" + es_opts+=("${es_opt}") + fi + fi +done < <(env) + +# The virtual file /proc/self/cgroup should list the current cgroup +# membership. For each hierarchy, you can follow the cgroup path from +# this file to the cgroup filesystem (usually /sys/fs/cgroup/) and +# introspect the statistics for the cgroup for the given +# hierarchy. Alas, Docker breaks this by mounting the container +# statistics at the root while leaving the cgroup paths as the actual +# paths. Therefore, Elasticsearch provides a mechanism to override +# reading the cgroup path from /proc/self/cgroup and instead uses the +# cgroup path defined the JVM system property +# es.cgroups.hierarchy.override. Therefore, we set this value here so +# that cgroup statistics are available for the container this process +# will run in. +export ES_JAVA_OPTS="-Des.cgroups.hierarchy.override=/ $ES_JAVA_OPTS" + +if [[ "$(id -u)" == "0" ]]; then + # If requested and running as root, mutate the ownership of bind-mounts + if [[ -n "$TAKE_FILE_OWNERSHIP" ]]; then + chown -R 1000:0 /usr/share/elasticsearch/{data,logs} + fi +fi + +if [[ -d "/usr/share/elasticsearch/plugins/opendistro_security" && "$DISABLE_INSTALL_DEMO_CONFIG" != "true" ]]; then + # Install Demo certifactes for Security Plugin and update the elasticsearch.yml + # file to use those certificates. + /usr/share/elasticsearch/plugins/opendistro_security/tools/install_demo_configuration.sh -y -i -s +fi + +if [[ -d "/usr/share/elasticsearch/plugins/opendistro-performance-analyzer" ]]; then + CLK_TCK=`/usr/bin/getconf CLK_TCK` + ES_JAVA_OPTS="-Dclk.tck=$CLK_TCK -Djdk.attach.allowAttachSelf=true $ES_JAVA_OPTS" + if [[ -d "/usr/share/elasticsearch/performance-analyzer-rca" ]]; then + ES_JAVA_OPTS="-Djava.security.policy=file:///usr/share/elasticsearch/performance-analyzer-rca/pa_config/es_security.policy $ES_JAVA_OPTS" + /usr/bin/supervisord -c /usr/share/elasticsearch/performance-analyzer-rca/pa_config/supervisord.conf + else + ES_JAVA_OPTS="-Djava.security.policy=file:///usr/share/elasticsearch/plugins/opendistro-performance-analyzer/pa_config/es_security.policy $ES_JAVA_OPTS" + /usr/bin/supervisord -c /usr/share/elasticsearch/plugins/opendistro-performance-analyzer/pa_config/supervisord.conf + fi +fi + +run_as_other_user_if_needed /usr/share/elasticsearch/bin/elasticsearch "${es_opts[@]}" \ No newline at end of file From d294ff5cd03f30012dfd09c414a49608fb98f0dc Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 25 Jan 2022 12:29:04 -0300 Subject: [PATCH 016/163] Add Wazuh indexer cluster configuration --- docker-compose.yml | 2 +- .../elastic_opendistro/wazuh-indexer-node1.yml | 2 +- .../elastic_opendistro/wazuh-indexer-node2.yml | 2 +- .../elastic_opendistro/wazuh-indexer-node3.yml | 2 +- wazuh-indexer/config/entrypoint.sh | 11 ++++++++++- 5 files changed, 14 insertions(+), 5 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 66126ac5..231b375b 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -30,7 +30,7 @@ services: - filebeat_var:/var/lib/filebeat elasticsearch: - image: wazuh/wazuh-indexer:4.3.0 + image: wazuh-indexer hostname: elasticsearch restart: always ports: diff --git a/production_cluster/elastic_opendistro/wazuh-indexer-node1.yml b/production_cluster/elastic_opendistro/wazuh-indexer-node1.yml index af63bdf8..39a2e0e0 100644 --- a/production_cluster/elastic_opendistro/wazuh-indexer-node1.yml +++ b/production_cluster/elastic_opendistro/wazuh-indexer-node1.yml @@ -2,7 +2,7 @@ network.host: elasticsearch cluster.name: wazuh-cluster node.name: elasticsearch discovery.seed_hosts: elasticsearch,elasticsearch-2,elasticsearch-3 -cluster.initial_master_nodes: elasticsearch,elasticsearch-2,elasticsearch-3 +cluster.initial_master_nodes: elasticsearch bootstrap.memory_lock: true opendistro_security.ssl.transport.pemcert_filepath: node1.pem diff --git a/production_cluster/elastic_opendistro/wazuh-indexer-node2.yml b/production_cluster/elastic_opendistro/wazuh-indexer-node2.yml index 158d7abe..dfa227ec 100644 --- a/production_cluster/elastic_opendistro/wazuh-indexer-node2.yml +++ b/production_cluster/elastic_opendistro/wazuh-indexer-node2.yml @@ -2,7 +2,7 @@ network.host: elasticsearch-2 cluster.name: wazuh-cluster node.name: elasticsearch-2 discovery.seed_hosts: elasticsearch,elasticsearch-2,elasticsearch-3 -cluster.initial_master_nodes: elasticsearch,elasticsearch-2,elasticsearch-3 +cluster.initial_master_nodes: elasticsearch bootstrap.memory_lock: true opendistro_security.ssl.transport.pemcert_filepath: node2.pem diff --git a/production_cluster/elastic_opendistro/wazuh-indexer-node3.yml b/production_cluster/elastic_opendistro/wazuh-indexer-node3.yml index 98457c46..20434d81 100644 --- a/production_cluster/elastic_opendistro/wazuh-indexer-node3.yml +++ b/production_cluster/elastic_opendistro/wazuh-indexer-node3.yml @@ -2,7 +2,7 @@ network.host: elasticsearch-3 cluster.name: wazuh-cluster node.name: elasticsearch-3 discovery.seed_hosts: elasticsearch,elasticsearch-2,elasticsearch-3 -cluster.initial_master_nodes: elasticsearch,elasticsearch-2,elasticsearch-3 +cluster.initial_master_nodes: elasticsearch bootstrap.memory_lock: true opendistro_security.ssl.transport.pemcert_filepath: node3.pem diff --git a/wazuh-indexer/config/entrypoint.sh b/wazuh-indexer/config/entrypoint.sh index e4347ee6..2708c7b5 100644 --- a/wazuh-indexer/config/entrypoint.sh +++ b/wazuh-indexer/config/entrypoint.sh @@ -5,10 +5,19 @@ # Start Wazuh indexer ############################################################################## +rm -rf /var/lib/wazuh-indexer/* + service wazuh-indexer start sleep 20 -export JAVA_HOME=/usr/share/wazuh-indexer/jdk/ && bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/ -nhnv -cacert /etc/wazuh-indexer/certs/root-ca.pem -cert /etc/wazuh-indexer/certs/admin.pem -key /etc/wazuh-indexer/certs/admin-key.pem -p 9800 -icl +echo "inicio ver hostname" +echo $HOSTNAME +echo "fin ver hostname" +export OPENSEARCH_PATH_CONF=/etc/wazuh-indexer +export JAVA_HOME=/usr/share/wazuh-indexer/jdk +/usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig -icl -p 9800 -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig -nhnv -cacert /etc/wazuh-indexer/certs/root-ca.pem -cert /etc/wazuh-indexer/certs/admin.pem -key /etc/wazuh-indexer/certs/admin-key.pem + +#export JAVA_HOME=/usr/share/wazuh-indexer/jdk/ && bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/ -nhnv -cacert /etc/wazuh-indexer/certs/root-ca.pem -cert /etc/wazuh-indexer/certs/admin.pem -key /etc/wazuh-indexer/certs/admin-key.pem -p 9800 -icl tail -f /var/log/wazuh-indexer/wazuh-cluster.log From 09f87ef2330aeacba2385ba8fb5b69db5e19ab81 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Wed, 26 Jan 2022 17:15:08 -0300 Subject: [PATCH 017/163] Add Wazuh indexer cluster configuration --- docker-compose.yml | 2 +- ...er-verts.yml => generate-indexer-certs.yml | 0 kibana-odfe/Dockerfile | 2 +- production-cluster.yml | 71 ++++++++++--------- .../wazuh-indexer-node1.yml | 31 -------- .../wazuh-indexer-node2.yml | 31 -------- .../wazuh-indexer-node3.yml | 31 -------- production_cluster/kibana_ssl/cert.pem | 21 ++++++ production_cluster/kibana_ssl/key.pem | 28 ++++++++ production_cluster/nginx/ssl/cert.pem | 21 ++++++ production_cluster/nginx/ssl/key.pem | 28 ++++++++ .../wazuh_indexer_ssl_certs/certs.yml | 55 ++++++-------- .../wazuh_indexer_ssl_certs/certs2.yml | 35 +++++++++ wazuh-dashboard/Dockerfile | 2 +- wazuh-indexer/Dockerfile_centos | 2 +- wazuh-indexer/config/entrypoint.sh | 37 +++++++--- wazuh-odfe/Dockerfile | 6 +- wazuh-odfe/config/filebeat.yml | 2 +- 18 files changed, 227 insertions(+), 178 deletions(-) rename generate-indexer-verts.yml => generate-indexer-certs.yml (100%) delete mode 100644 production_cluster/elastic_opendistro/wazuh-indexer-node1.yml delete mode 100644 production_cluster/elastic_opendistro/wazuh-indexer-node2.yml delete mode 100644 production_cluster/elastic_opendistro/wazuh-indexer-node3.yml create mode 100644 production_cluster/kibana_ssl/cert.pem create mode 100644 production_cluster/kibana_ssl/key.pem create mode 100644 production_cluster/nginx/ssl/cert.pem create mode 100644 production_cluster/nginx/ssl/key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/certs2.yml diff --git a/docker-compose.yml b/docker-compose.yml index 231b375b..b7453803 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -31,7 +31,7 @@ services: elasticsearch: image: wazuh-indexer - hostname: elasticsearch + hostname: node1 restart: always ports: - "9700:9700" diff --git a/generate-indexer-verts.yml b/generate-indexer-certs.yml similarity index 100% rename from generate-indexer-verts.yml rename to generate-indexer-certs.yml diff --git a/kibana-odfe/Dockerfile b/kibana-odfe/Dockerfile index 1d304341..3cad99ba 100644 --- a/kibana-odfe/Dockerfile +++ b/kibana-odfe/Dockerfile @@ -2,7 +2,7 @@ FROM amazon/opendistro-for-elasticsearch-kibana:1.13.2 USER kibana ARG ELASTIC_VERSION=7.10.2 -ARG WAZUH_VERSION=4.3.0 +ARG WAZUH_VERSION=4.2.5 ARG WAZUH_APP_VERSION="${WAZUH_VERSION}_${ELASTIC_VERSION}" WORKDIR /usr/share/kibana diff --git a/production-cluster.yml b/production-cluster.yml index 01e7eaa8..f1de638e 100644 --- a/production-cluster.yml +++ b/production-cluster.yml @@ -11,7 +11,7 @@ services: - "514:514/udp" - "55000:55000" environment: - - ELASTICSEARCH_URL=https://elasticsearch:9700 + - ELASTICSEARCH_URL=https://wazuh-indexer:9700 - ELASTIC_USERNAME=admin - ELASTIC_PASSWORD=SecretPassword - FILEBEAT_SSL_VERIFICATION_MODE=full @@ -42,7 +42,7 @@ services: hostname: wazuh-worker restart: always environment: - - ELASTICSEARCH_URL=https://elasticsearch:9700 + - ELASTICSEARCH_URL=https://wazuh-indexer:9700 - ELASTIC_USERNAME=admin - ELASTIC_PASSWORD=SecretPassword - FILEBEAT_SSL_VERIFICATION_MODE=full @@ -66,14 +66,15 @@ services: - ./production_cluster/wazuh_indexer_ssl_certs/filebeat.key:/etc/ssl/filebeat.key - ./production_cluster/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf - elasticsearch: - image: wazuh/wazuh-indexer:4.3.0 - hostname: elasticsearch + wazuh-indexer: + image: wazuh-indexer + hostname: wazuh-indexer restart: always ports: - "9700:9700" environment: - - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Dlog4j2.formatMsgNoLookups=true" + - "ES_JAVA_OPTS=-Xms1g -Xmx1g" + - "NODE_TYPE=master" ulimits: memlock: soft: -1 @@ -82,21 +83,22 @@ services: soft: 65536 hard: 65536 volumes: - - elastic-data-1:/var/lib/wazuh-indexer + - wazuh-indexer-data-1:/var/lib/wazuh-indexer - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem - - ./production_cluster/wazuh_indexer_ssl_certs/node1.key:/etc/wazuh-indexer/certs/node1.key - - ./production_cluster/wazuh_indexer_ssl_certs/node1.pem:/etc/wazuh-indexer/certs/node1.pem + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer.key:/etc/wazuh-indexer/certs/wazuh-indexer.key + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer.pem:/etc/wazuh-indexer/certs/wazuh-indexer.pem - ./production_cluster/wazuh_indexer_ssl_certs/admin.pem:/etc/wazuh-indexer/certs/admin.pem - ./production_cluster/wazuh_indexer_ssl_certs/admin.key:/etc/wazuh-indexer/certs/admin.key - - ./production_cluster/elastic_opendistro/wazuh-indexer-node1.yml:/etc/wazuh-indexer/opensearch.yml - - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml + - ./production_cluster/wazuh-indexer/opnesearch-node1.yml:/etc/wazuh-indexer/opensearch.yml + - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml - elasticsearch-2: - image: wazuh/wazuh-indexer:4.3.0 - hostname: elasticsearch-2 + wazuh-indexer-2: + image: wazuh-indexer + hostname: wazuh-indexer-2 restart: always environment: - - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Dlog4j2.formatMsgNoLookups=true" + - "ES_JAVA_OPTS=-Xms1g -Xmx1g" + - "NODE_TYPE=worker" ulimits: memlock: soft: -1 @@ -105,19 +107,20 @@ services: soft: 65536 hard: 65536 volumes: - - elastic-data-2:/var/lib/wazuh-indexer + - wazuh-indexer-data-2:/var/lib/wazuh-indexer - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem - - ./production_cluster/wazuh_indexer_ssl_certs/node2.key:/etc/wazuh-indexer/certs/node2.key - - ./production_cluster/wazuh_indexer_ssl_certs/node2.pem:/etc/wazuh-indexer/certs/node2.pem - - ./production_cluster/elastic_opendistro/wazuh-indexer-node2.yml:/etc/wazuh-indexer/elasticsearch.yml - - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-2.key:/etc/wazuh-indexer/certs/wazuh-indexer-2.key + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-2.pem:/etc/wazuh-indexer/certs/wazuh-indexer-2.pem + - ./production_cluster/wazuh-indexer/opnesearch-node2.yml:/etc/wazuh-indexer/opensearch.yml + - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml - elasticsearch-3: - image: wazuh/wazuh-indexer:4.3.0 - hostname: elasticsearch-3 + wazuh-indexer-3: + image: wazuh-indexer + hostname: wazuh-indexer-3 restart: always environment: - - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Dlog4j2.formatMsgNoLookups=true" + - "ES_JAVA_OPTS=-Xms1g -Xmx1g" + - "NODE_TYPE=worker" ulimits: memlock: soft: -1 @@ -126,12 +129,12 @@ services: soft: 65536 hard: 65536 volumes: - - elastic-data-3:/var/lib/wazuh-indexer + - wazuh-indexer-data-3:/var/lib/wazuh-indexer - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem - - ./production_cluster/wazuh_indexer_ssl_certs/node3.key:/etc/wazuh-indexer/certs/node3.key - - ./production_cluster/wazuh_indexer_ssl_certs/node3.pem:/etc/wazuh-indexer/certs/node3.pem - - ./production_cluster/elastic_opendistro/wazuh-indexer-node3.yml:/etc/wazuh-indexer/elasticsearch.yml - - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-3.key:/etc/wazuh-indexer/certs/wazuh-indexer-3.key + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-3.pem:/etc/wazuh-indexer/certs/wazuh-indexer-3.pem + - ./production_cluster/wazuh-indexer/opnesearch-node3.yml:/etc/wazuh-indexer/opensearch.yml + - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml kibana: image: wazuh/wazuh-dashboard:4.3.0 @@ -153,9 +156,9 @@ services: - ./production_cluster/kibana_ssl/key.pem:/etc/wazuh-dashboard/certs/key.pem depends_on: - - elasticsearch + - wazuh-indexer links: - - elasticsearch:elasticsearch + - wazuh-indexer:wazuh-indexer - wazuh-master:wazuh-master nginx: @@ -201,6 +204,6 @@ volumes: worker-ossec-wodles: worker-filebeat-etc: worker-filebeat-var: - elastic-data-1: - elastic-data-2: - elastic-data-3: + wazuh-indexer-data-1: + wazuh-indexer-data-2: + wazuh-indexer-data-3: diff --git a/production_cluster/elastic_opendistro/wazuh-indexer-node1.yml b/production_cluster/elastic_opendistro/wazuh-indexer-node1.yml deleted file mode 100644 index 39a2e0e0..00000000 --- a/production_cluster/elastic_opendistro/wazuh-indexer-node1.yml +++ /dev/null @@ -1,31 +0,0 @@ -network.host: elasticsearch -cluster.name: wazuh-cluster -node.name: elasticsearch -discovery.seed_hosts: elasticsearch,elasticsearch-2,elasticsearch-3 -cluster.initial_master_nodes: elasticsearch -bootstrap.memory_lock: true - -opendistro_security.ssl.transport.pemcert_filepath: node1.pem -opendistro_security.ssl.transport.pemkey_filepath: node1.key -opendistro_security.ssl.transport.pemtrustedcas_filepath: root-ca.pem -opendistro_security.ssl.transport.enforce_hostname_verification: false -opendistro_security.ssl.transport.resolve_hostname: false -opendistro_security.ssl.http.enabled: true -opendistro_security.ssl.http.pemcert_filepath: node1.pem -opendistro_security.ssl.http.pemkey_filepath: node1.key -opendistro_security.ssl.http.pemtrustedcas_filepath: root-ca.pem -opendistro_security.allow_default_init_securityindex: true -opendistro_security.nodes_dn: - - 'CN=node1,OU=Ops,O=Example\, Inc.,DC=example,DC=com' - - 'CN=node2,OU=Ops,O=Example\, Inc.,DC=example,DC=com' - - 'CN=node3,OU=Ops,O=Example\, Inc.,DC=example,DC=com' - - 'CN=filebeat,OU=Ops,O=Example\, Inc.,DC=example,DC=com' -opendistro_security.authcz.admin_dn: ['CN=admin,OU=Ops,O=Example\, Inc.,DC=example,DC=com'] -opendistro_security.audit.type: internal_elasticsearch -opendistro_security.enable_snapshot_restore_privilege: true -opendistro_security.check_snapshot_restore_write_privileges: true -opendistro_security.restapi.roles_enabled: ["all_access", "security_rest_api_access"] -cluster.routing.allocation.disk.threshold_enabled: false -#opendistro_security.audit.config.disabled_rest_categories: NONE -#opendistro_security.audit.config.disabled_transport_categories: NONE -opendistro_security.audit.log_request_body: false diff --git a/production_cluster/elastic_opendistro/wazuh-indexer-node2.yml b/production_cluster/elastic_opendistro/wazuh-indexer-node2.yml deleted file mode 100644 index dfa227ec..00000000 --- a/production_cluster/elastic_opendistro/wazuh-indexer-node2.yml +++ /dev/null @@ -1,31 +0,0 @@ -network.host: elasticsearch-2 -cluster.name: wazuh-cluster -node.name: elasticsearch-2 -discovery.seed_hosts: elasticsearch,elasticsearch-2,elasticsearch-3 -cluster.initial_master_nodes: elasticsearch -bootstrap.memory_lock: true - -opendistro_security.ssl.transport.pemcert_filepath: node2.pem -opendistro_security.ssl.transport.pemkey_filepath: node2.key -opendistro_security.ssl.transport.pemtrustedcas_filepath: root-ca.pem -opendistro_security.ssl.transport.enforce_hostname_verification: false -opendistro_security.ssl.transport.resolve_hostname: false -opendistro_security.ssl.http.enabled: true -opendistro_security.ssl.http.pemcert_filepath: node2.pem -opendistro_security.ssl.http.pemkey_filepath: node2.key -opendistro_security.ssl.http.pemtrustedcas_filepath: root-ca.pem -opendistro_security.allow_default_init_securityindex: true -opendistro_security.nodes_dn: - - 'CN=node1,OU=Ops,O=Example\, Inc.,DC=example,DC=com' - - 'CN=node2,OU=Ops,O=Example\, Inc.,DC=example,DC=com' - - 'CN=node3,OU=Ops,O=Example\, Inc.,DC=example,DC=com' - - 'CN=filebeat,OU=Ops,O=Example\, Inc.,DC=example,DC=com' -opendistro_security.authcz.admin_dn: ['CN=admin,OU=Ops,O=Example\, Inc.,DC=example,DC=com'] -opendistro_security.audit.type: internal_elasticsearch -opendistro_security.enable_snapshot_restore_privilege: true -opendistro_security.check_snapshot_restore_write_privileges: true -opendistro_security.restapi.roles_enabled: ["all_access", "security_rest_api_access"] -cluster.routing.allocation.disk.threshold_enabled: false -#opendistro_security.audit.config.disabled_rest_categories: NONE -#opendistro_security.audit.config.disabled_transport_categories: NONE -opendistro_security.audit.log_request_body: false diff --git a/production_cluster/elastic_opendistro/wazuh-indexer-node3.yml b/production_cluster/elastic_opendistro/wazuh-indexer-node3.yml deleted file mode 100644 index 20434d81..00000000 --- a/production_cluster/elastic_opendistro/wazuh-indexer-node3.yml +++ /dev/null @@ -1,31 +0,0 @@ -network.host: elasticsearch-3 -cluster.name: wazuh-cluster -node.name: elasticsearch-3 -discovery.seed_hosts: elasticsearch,elasticsearch-2,elasticsearch-3 -cluster.initial_master_nodes: elasticsearch -bootstrap.memory_lock: true - -opendistro_security.ssl.transport.pemcert_filepath: node3.pem -opendistro_security.ssl.transport.pemkey_filepath: node3.key -opendistro_security.ssl.transport.pemtrustedcas_filepath: root-ca.pem -opendistro_security.ssl.transport.enforce_hostname_verification: false -opendistro_security.ssl.transport.resolve_hostname: false -opendistro_security.ssl.http.enabled: true -opendistro_security.ssl.http.pemcert_filepath: node3.pem -opendistro_security.ssl.http.pemkey_filepath: node3.key -opendistro_security.ssl.http.pemtrustedcas_filepath: root-ca.pem -opendistro_security.allow_default_init_securityindex: true -opendistro_security.nodes_dn: - - 'CN=node1,OU=Ops,O=Example\, Inc.,DC=example,DC=com' - - 'CN=node2,OU=Ops,O=Example\, Inc.,DC=example,DC=com' - - 'CN=node3,OU=Ops,O=Example\, Inc.,DC=example,DC=com' - - 'CN=filebeat,OU=Ops,O=Example\, Inc.,DC=example,DC=com' -opendistro_security.authcz.admin_dn: ['CN=admin,OU=Ops,O=Example\, Inc.,DC=example,DC=com'] -opendistro_security.audit.type: internal_elasticsearch -opendistro_security.enable_snapshot_restore_privilege: true -opendistro_security.check_snapshot_restore_write_privileges: true -opendistro_security.restapi.roles_enabled: ["all_access", "security_rest_api_access"] -cluster.routing.allocation.disk.threshold_enabled: false -#opendistro_security.audit.config.disabled_rest_categories: NONE -#opendistro_security.audit.config.disabled_transport_categories: NONE -opendistro_security.audit.log_request_body: false diff --git a/production_cluster/kibana_ssl/cert.pem b/production_cluster/kibana_ssl/cert.pem new file mode 100644 index 00000000..dab3fec7 --- /dev/null +++ b/production_cluster/kibana_ssl/cert.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDazCCAlOgAwIBAgIUeEaU6PZXSb2RQhzz6NQDsnXgPCYwDQYJKoZIhvcNAQEL +BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM +GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMjAxMjUxNTM4MjRaFw0yMzAx +MjUxNTM4MjRaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw +HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB +AQUAA4IBDwAwggEKAoIBAQDKJlBieT/1IJkd4AoUja9eFy6Z+k1yskwRLdVHuYLL +EhbDhsOOnoB0Yg7XAylxbyvXvxeNC5uQJWrU5nDwf70cGNmIG29sDd9XXKmEj7lo +NffkHBD+/UQb9aodWVaTVnu81qB+jCwi/vThaslb7ycmC+wyPz+P3SZbhQKT3BTI +2vYNzznPcugs1qFhnA0Mn4DuY4daEkFDYXjxtxfE8rWZOr+bbhxjgdAp25KaA1Sz +k47DiodTxASOumODtR/j/CPm4W9oZQ0y+cAE+mYg8TmMz+kyPK1oW8mMsjUHK1/m +EiBCMX1rdOVFNQ3ia7aX+xJzH/7ZDJPg7tG0MbfUxv+7AgMBAAGjUzBRMB0GA1Ud +DgQWBBTwTfEThtctV2m1mXpoUE0o7fQgXzAfBgNVHSMEGDAWgBTwTfEThtctV2m1 +mXpoUE0o7fQgXzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCq +1JHCAZCKFyJh/Dx8vjvXIhPeOjNBWcx4Dl4mw+DlkNyAfX6xJprUy3f/hIuXhZcs +TvLjLi2IFcGk/lGUh1SIxyAmyz49rSm/B0rYWR+rBwrEFHZwYHegS/oGtLn1kwZz +kMn3WzLFMwBLoSOs5tT3i3E0EAuH/MsO9a61HJUKbWJGG9cv3OtcCSU6wb+lQyK5 +mTsI8kjVAuKmuzwl9S3I7TqXolhwodz9MAagmLcwSfAU8Ce7qTwwpBOz4YkOHqkH +JAZhYEcLbLKCh2mGtB84mdA2pHoxK8y/J05P85ENwcYooFD7gYcsHphkKKKszNmf +AArKqDwDGSRGfbq/3rOE +-----END CERTIFICATE----- diff --git a/production_cluster/kibana_ssl/key.pem b/production_cluster/kibana_ssl/key.pem new file mode 100644 index 00000000..393f6768 --- /dev/null +++ b/production_cluster/kibana_ssl/key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDKJlBieT/1IJkd +4AoUja9eFy6Z+k1yskwRLdVHuYLLEhbDhsOOnoB0Yg7XAylxbyvXvxeNC5uQJWrU +5nDwf70cGNmIG29sDd9XXKmEj7loNffkHBD+/UQb9aodWVaTVnu81qB+jCwi/vTh +aslb7ycmC+wyPz+P3SZbhQKT3BTI2vYNzznPcugs1qFhnA0Mn4DuY4daEkFDYXjx +txfE8rWZOr+bbhxjgdAp25KaA1Szk47DiodTxASOumODtR/j/CPm4W9oZQ0y+cAE ++mYg8TmMz+kyPK1oW8mMsjUHK1/mEiBCMX1rdOVFNQ3ia7aX+xJzH/7ZDJPg7tG0 +MbfUxv+7AgMBAAECggEBAI1K0F6z3vdHjJ4sDP+mtI9wZpsrL1zesHpFbdCPIpMr +loudsywJL0GplDPGuv3VNXC72Qs1tMrAzHX4h7Ihpp1v5QPUIUIGRDf8xWOpTW9A +YX6n+10uyp88S2XuHqwnA5/O6CjrcqIXUDQKfqlqdBOMu8+3E4dLjNblFhMg/coQ +ueGY8BV7bLIIBCxZV9Ca/DuQZQQXBRJjGDEcxWl+GBuWR81P9D5BITma+js9yZKw +yvZckvfObSyJ9nR5bsWPlybn3GrdGHeBwXvGXswDekwj9wsRVc00LcQ0BwrwCn7I +xjnB0XuoH4+T4OrIS08XQROzKalhUOZKwYilKEt78ikCgYEA+xX+z3QW5lVcDVIx +IIU2elZlr515NqSDBkFbdUSAlDQqPxyqQg3y110xymypdJwvh3DL3tuLyAswANKD +M3nj8U/hhKKcDjxiHutk/3R3sb+z/X6apS7nfWHn7X2G97Xv1GSp+Jxv+bZAQ+jP +k4fe3CB8JHu+V9My69XYBwx6468CgYEAzhsisB+Y0nKBIfoMoB752fFbPissycMI +QliFZsp8upIZ8dGeThubhuSMTAvL73rZpN3pJCrAwxKDvwf/sPIK2Q/ux8oB3rUr +jkTNM2D51VRNkcNbedg2LJETNzrqChH+J4ZeSMXHG7kkgJHfNiyMOwAzR0pFTtQC +tRDrF1j8i7UCgYA2NiuMEx6WoLt9TM+6m8iFZX4TCscPGzoG8bmTejTgytqMQd4o +4OYbxc1oTUnRGZ/ReHMsLO7jRDcbFliplpm2km64untDP5pX3q8x0K2/PQrZoqo1 +HAlzMt5mkoG/nhKoIwvn1679lXIOt4eJ7P4bPRBQuD8Cq2EFNmisLO+jlQKBgGeR +MykVd5GogEM2h0mexyZBJfxjbaolGu1b1g0FCxAlgmwFTWsqbEioZ+d+tgesz9kM +ua623Q4pK5K+zjl4JwNUAkTauX3TxANFh2ed/2y3ZBMu+7SKdQ6ICAPk0t4klHYA +Czi+SYMg0brZkjSCxiSPwTS9mX43AvVBfyDIUn9RAoGBAKfABXsKw34AI2M/Dhyh +2tpjW/luRWhzeO9pBDbe7jHOKqXSdFuRj0uniTiAHiK2ozL0xCXvG7b2l2rQQ6dn +cPCPagKSZmyFQcHxRr6QG+EGAbKa61eVWlGgEmp8jinv96V9eifgg+W+yH988PwC +e+liYHi4YGgobcnMDrIUdWrw +-----END PRIVATE KEY----- diff --git a/production_cluster/nginx/ssl/cert.pem b/production_cluster/nginx/ssl/cert.pem new file mode 100644 index 00000000..12d42e83 --- /dev/null +++ b/production_cluster/nginx/ssl/cert.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDazCCAlOgAwIBAgIULAht6hsQE8zjr2rgFMp7AGNsjWAwDQYJKoZIhvcNAQEL +BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM +GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMjAxMjUxNTM4MzNaFw0yMzAx +MjUxNTM4MzNaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw +HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB +AQUAA4IBDwAwggEKAoIBAQC/++0tPSSbcSvhVG1VSu+GdJEECzJYrmflmBU6s+PP +zQ4wvQSuZKlItQdOyJgoOfX1LZDfmoPvg4cmtaozJZyXqSOEj+Y2RXu+CB1SbonQ +PvWWPIGHS2LDWuVF3xgi0yvwiDcbydThjv4iQ9peVwG+6d2Ehg8lo6eENUsnqh2U +hn8mGg3mUx+AeGLE8lVQtyFG5ucjn5lobOGbobWVDddCOibCEnoyLXRHH5Z+PQ1d ++qCe8QHh7+y9HEo7Qy5HHuZgeAaDglUXrymNE9LvZ+yeeztt1LBsy8bQPqCJ5dS0 +e4DffxSURZqUFqMLsUDcIMZw1Gb1YNxeX9VzngVew4QRAgMBAAGjUzBRMB0GA1Ud +DgQWBBRGuAOx1cBaeCbgkVevNEQ6TnCOCzAfBgNVHSMEGDAWgBRGuAOx1cBaeCbg +kVevNEQ6TnCOCzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAJ +S8e8tpUAkEB/zxdCF5R/RsFu0cpeBSma2hEd5o5vjuOCo1lX0Mjx3p16ZI6nlkGG +TByVQAQmvETyc2SY/TX9OqBzZIqqSs1mRQOJvF7kEBI6o3JDiURynd54uPKboO6Y +rsWAtFwcpzOF+zTUeCNFXPzCwivoKFvnxh2bUFX0WxxTBrR5scKR23BKoMAWeR+h +7cXsjd+wI8EhhVduJRvFV8m+rXPgBDHo446aAp0aDC8hEWhnWAIrJKIsmV06ZtKc +Kun1/kyNF8QloO4XNoY3DAKWmBW99PgV3gci535AZDMMCrDzZ4bcoqLMfXVR6odh +eumaeNEXCPMIb5+vAao3 +-----END CERTIFICATE----- diff --git a/production_cluster/nginx/ssl/key.pem b/production_cluster/nginx/ssl/key.pem new file mode 100644 index 00000000..0859b8fb --- /dev/null +++ b/production_cluster/nginx/ssl/key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC/++0tPSSbcSvh +VG1VSu+GdJEECzJYrmflmBU6s+PPzQ4wvQSuZKlItQdOyJgoOfX1LZDfmoPvg4cm +taozJZyXqSOEj+Y2RXu+CB1SbonQPvWWPIGHS2LDWuVF3xgi0yvwiDcbydThjv4i +Q9peVwG+6d2Ehg8lo6eENUsnqh2Uhn8mGg3mUx+AeGLE8lVQtyFG5ucjn5lobOGb +obWVDddCOibCEnoyLXRHH5Z+PQ1d+qCe8QHh7+y9HEo7Qy5HHuZgeAaDglUXrymN +E9LvZ+yeeztt1LBsy8bQPqCJ5dS0e4DffxSURZqUFqMLsUDcIMZw1Gb1YNxeX9Vz +ngVew4QRAgMBAAECggEAIp6hVGkUMtujmAyLcrgCnXJjvCDwwUEiByr3mRBbYluN +1YggUfpg9HWAjdpqZcad7cp7t3a7l/NV6csUmAiORmL/vqXcU6kP+WKpNvYr79uK +mb7rdKRJeQTpF0J1rcH6yHMnzOEGfG42saMeu6hg7jZp9b3e+WCbkqGxncN1dhTC +sNsHGGwlvfR0z7soAuVewysnJ5fckEP3mpHnEhegIz9LHeZvRbavpI1q/cgz2+FT +h1AAHXSio1dLEypHbTKw3uf+FA9Jpalbm6mBuY+7L0Lh5qkJ3sPdhQn6EfcDPY7O +YnsfAfY02g48ZsTbaRokPMDN95DWV0MmS4bMaUMlYQKBgQDtVJfC6ZOANtZCKFXO +/Rs20i9CYMXOp4m7qlfiKAezp5bh2uUlh49/BeAUJ45Hf5o+RleAhowmS3PTjy9t +vDBuU0m13K9b2e8KlFOSEkkwRhEChkHa3aTsIYgI1cXhTVIl9sRRHWLmFe0C5DEG +WQMjYL6POByAI8DNMdPv0aqe7QKBgQDPFiPODbRav0vabFl3E1R7ff2PpXSKgGj6 +Y/oeM+iAKwE6/9aHIqsDLaSMzAVXb0TMvEEjI77tIfGg3Azv/lfq3j4bXMEWVY6H +92JBDqagSxzzbFcqelyzEKLFBYG01MUEwOz8oNcIiQNndw8xakH04csBzHTMWUMb +3jUujDJxNQKBgQDNZN6KkzdSSSMY0mug3bAFu9WmrrXCaYBr57pzQY2Yz7tm79hM +qItptR3+k1UxT5+fsaTc2JTGN5qgR1UWtT183Zv3RmyFI5EbKM9CpYytuJXUB3lK +/3NR4Jsoekns+MvVi0DPqo0C74rVa8N56OMsZPfGXxtbUpXzf+IZtOzi6QKBgCKp +2BBzps7R2oaTQF54M9n/+uOClIFigS/4cDOCCNb7W9deX7B7ExkTGMoglHxQObnz +gQu6vgi/d8yvSNMbReggj1DRM9jjNVp5BE9TfnyyVgRBDE4l8UJf9H76Lv3v55Km +IIUg/x2Eobc97KMe4C93ZB3G9X4HKv6NMWW7Pe5JAoGBAJwsmcmyhgCmJ1F5dYj4 +kOZaiJrM8XNKdeIskzpyyfJRAbLWtClc2iZdOBP3YKnSYB5CyI16Padp60cDhVrX +5M1s/Uf8aJP+T/dtXPKH+Mug1Qbc5vBHKpEGaZNuvfbauTAH2B+QaoeVmEqNQg7T +lO5yoHbI38TYyvnY4YAmJ+N2 +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/certs.yml b/production_cluster/wazuh_indexer_ssl_certs/certs.yml index 486e4178..3325b392 100644 --- a/production_cluster/wazuh_indexer_ssl_certs/certs.yml +++ b/production_cluster/wazuh_indexer_ssl_certs/certs.yml @@ -1,35 +1,22 @@ -ca: - root: - dn: CN=root-ca,OU=CA,O=Example\, Inc.,DC=example,DC=com - pkPassword: none - keysize: 2048 - file: root-ca.pem - intermediate: - dn: CN=intermediate,OU=CA,O=Example\, Inc.,DC=example,DC=com - keysize: 2048 - validityDays: 3650 - pkPassword: intermediate-ca-password - file: intermediate-ca.pem - nodes: - - name: node1 - dn: CN=node1,OU=Ops,O=Example\, Inc.,DC=example,DC=com - dns: - - elasticsearch - - name: node2 - dn: CN=node2,OU=Ops,O=Example\, Inc.,DC=example,DC=com - dns: - - elasticsearch-2 - - name: node3 - dn: CN=node3,OU=Ops,O=Example\, Inc.,DC=example,DC=com - dns: - - elasticsearch-3 - - name: filebeat - dn: CN=filebeat,OU=Ops,O=Example\, Inc.,DC=example,DC=com - dns: - - wazuh - -clients: - - name: admin - dn: CN=admin,OU=Ops,O=Example\, Inc.,DC=example,DC=com - admin: true + # Elasticsearch server nodes + #wazuh-indexer: + - name: wazuh-indexer + ip: wazuh-indexer + - name: wazuh-indexer-2 + ip: wazuh-indexer-2 + - name: wazuh-indexer-3 + ip: wazuh-indexer-3 + # Wazuh server nodes + # Use node_type only with more than one Wazuh manager + #wazuh_servers: + - name: wazuh-master + ip: wazuh-master + #node_type: master + - name: wazuh-worker + ip: wazuh-worker + #node_type: worker + # Kibana node + #kibana: + - name: kibana + ip: kibana \ No newline at end of file diff --git a/production_cluster/wazuh_indexer_ssl_certs/certs2.yml b/production_cluster/wazuh_indexer_ssl_certs/certs2.yml new file mode 100644 index 00000000..07cf17af --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/certs2.yml @@ -0,0 +1,35 @@ +ca: + root: + dn: CN=root-ca,OU=CA,O=Example\, Inc.,DC=example,DC=com + pkPassword: none + keysize: 2048 + file: root-ca.pem + intermediate: + dn: CN=intermediate,OU=CA,O=Example\, Inc.,DC=example,DC=com + keysize: 2048 + validityDays: 3650 + pkPassword: intermediate-ca-password + file: intermediate-ca.pem + +nodes: + - name: wazuh-indexer + dn: CN=wazuh-indexer,OU=Ops,O=Example\, Inc.,DC=example,DC=com + dns: + - wazuh-indexer + - name: wazuh-indexer-2 + dn: CN=wazuh-indexer-2,OU=Ops,O=Example\, Inc.,DC=example,DC=com + dns: + - wazuh-indexer-2 + - name: wazuh-indexer-3 + dn: CN=wazuh-indexer-3,OU=Ops,O=Example\, Inc.,DC=example,DC=com + dns: + - wazuh-indexer-3 + - name: filebeat + dn: CN=filebeat,OU=Ops,O=Example\, Inc.,DC=example,DC=com + dns: + - wazuh + +clients: + - name: admin + dn: CN=admin,OU=Ops,O=Example\, Inc.,DC=example,DC=com + admin: true \ No newline at end of file diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index 5dea97f0..97d72ab1 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -7,7 +7,7 @@ ARG WAZUH_VERSION=4.3.0-1 RUN apt-get update && apt install curl libcap2-bin -y #Download and install Wazuh Dashboard -RUN curl https://s3.amazonaws.com/warehouse.wazuh.com/stack/dashboard/stable/wazuh-dashboard_${WAZUH_VERSION}_amd64.deb --output wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ +RUN curl https://s3.us-west-1.amazonaws.com/packages-dev.wazuh.com/pre-release/apt/pool/main/w/wazuh-dashboard/wazuh-dashboard_${WAZUH_VERSION}_amd64.deb --output wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ dpkg -i wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ apt-get clean -y && rm -rf wazuh-dashboard_${WAZUH_VERSION}_amd64.deb diff --git a/wazuh-indexer/Dockerfile_centos b/wazuh-indexer/Dockerfile_centos index c3621dfa..9afb2fb9 100644 --- a/wazuh-indexer/Dockerfile_centos +++ b/wazuh-indexer/Dockerfile_centos @@ -9,7 +9,7 @@ USER root RUN yum install initscripts -y #Download and install Wazuh indexer -RUN curl https://s3.amazonaws.com/warehouse.wazuh.com/stack/indexer/stable/wazuh-indexer-${WAZUH_VERSION}.x86_64.rpm --output wazuh-indexer-${WAZUH_VERSION}.x86_64.rpm && \ +RUN curl https://s3.us-west-1.amazonaws.com/packages-dev.wazuh.com/pre-release/yum/wazuh-indexer-${WAZUH_VERSION}.x86_64.rpm --output wazuh-indexer-${WAZUH_VERSION}.x86_64.rpm && \ rpm -i wazuh-indexer-${WAZUH_VERSION}.x86_64.rpm && \ yum clean all && rm -rf /var/cache/yum && rm -rf wazuh-indexer-${WAZUH_VERSION}.x86_64.rpm diff --git a/wazuh-indexer/config/entrypoint.sh b/wazuh-indexer/config/entrypoint.sh index 2708c7b5..60c3eabb 100644 --- a/wazuh-indexer/config/entrypoint.sh +++ b/wazuh-indexer/config/entrypoint.sh @@ -5,18 +5,37 @@ # Start Wazuh indexer ############################################################################## -rm -rf /var/lib/wazuh-indexer/* -service wazuh-indexer start -sleep 20 -echo "inicio ver hostname" -echo $HOSTNAME -echo "fin ver hostname" -export OPENSEARCH_PATH_CONF=/etc/wazuh-indexer -export JAVA_HOME=/usr/share/wazuh-indexer/jdk -/usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig -icl -p 9800 -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig -nhnv -cacert /etc/wazuh-indexer/certs/root-ca.pem -cert /etc/wazuh-indexer/certs/admin.pem -key /etc/wazuh-indexer/certs/admin-key.pem + service wazuh-indexer start + sleep 5 + service wazuh-indexer status + sleep 5 + +if [ $NODE_TYPE == "worker" ] + then + echo "inicio ver node_type" + echo $NODE_TYPE + echo "fin ver node_type" + rm -rf /var/lib/wazuh-indexer/* + else + echo "inicio ver hostname" + echo $HOSTNAME + sleep 1 + echo "fin ver hostname" + echo "inicio ver node_type" + echo $NODE_TYPE + sleep 1 + echo "fin ver node_type" + export OPENSEARCH_PATH_CONF=/etc/wazuh-indexer + export JAVA_HOME=/usr/share/wazuh-indexer/jdk + /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig -icl -p 9800 -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig -nhnv -cacert /etc/wazuh-indexer/certs/root-ca.pem -cert /etc/wazuh-indexer/certs/admin.pem -key /etc/wazuh-indexer/certs/admin-key.pem + cat /var/log/wazuh-indexer/opensearch.log +fi + + + #export JAVA_HOME=/usr/share/wazuh-indexer/jdk/ && bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/ -nhnv -cacert /etc/wazuh-indexer/certs/root-ca.pem -cert /etc/wazuh-indexer/certs/admin.pem -key /etc/wazuh-indexer/certs/admin-key.pem -p 9800 -icl diff --git a/wazuh-odfe/Dockerfile b/wazuh-odfe/Dockerfile index 73cb6034..143e1e11 100644 --- a/wazuh-odfe/Dockerfile +++ b/wazuh-odfe/Dockerfile @@ -3,7 +3,7 @@ FROM centos:7 ARG FILEBEAT_CHANNEL=filebeat-oss ARG FILEBEAT_VERSION=7.10.2 -ARG WAZUH_VERSION=4.3.0-1 +ARG WAZUH_VERSION=4.2.5-1 ARG TEMPLATE_VERSION="master" ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" @@ -14,7 +14,7 @@ COPY config/wazuh.repo /etc/yum.repos.d/wazuh.repo RUN yum --enablerepo=updates clean metadata && \ yum upgrade -y && \ - yum -y install openssl which expect openssh-clients && yum -y install wazuh-manager-${WAZUH_VERSION} -y && \ + yum -y install openssl which expect openssh-clients && yum install wazuh-manager-${WAZUH_VERSION} -y && \ sed -i "s/^enabled=1/enabled=0/" /etc/yum.repos.d/wazuh.repo && \ yum clean all && rm -rf /var/cache/yum @@ -40,7 +40,7 @@ ADD https://raw.githubusercontent.com/wazuh/wazuh/$TEMPLATE_VERSION/extensions/e RUN chmod go-w /etc/filebeat/wazuh-template.json COPY config/etc/ /etc/ -COPY --chown=root:wazuh config/create_user.py /var/ossec/framework/scripts/create_user.py +COPY --chown=root:1000 config/create_user.py /var/ossec/framework/scripts/create_user.py # Prepare permanent data # Sync calls are due to https://github.com/docker/docker/issues/9547 diff --git a/wazuh-odfe/config/filebeat.yml b/wazuh-odfe/config/filebeat.yml index 8a627bf9..5ecd1732 100644 --- a/wazuh-odfe/config/filebeat.yml +++ b/wazuh-odfe/config/filebeat.yml @@ -13,7 +13,7 @@ setup.template.json.name: 'wazuh' setup.template.overwrite: true setup.ilm.enabled: false output.elasticsearch: - hosts: ['https://elasticsearch:9200'] + hosts: ['https://elasticsearch:9700'] #username: #password: #ssl.verification_mode: From d0476d3f35957ad773a2c8879ded5be5eb161736 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Wed, 2 Feb 2022 18:06:20 -0300 Subject: [PATCH 018/163] Add new Dockerfile for Wazuh indexer --- docker-compose.yml | 8 +- generate-indexer-certs.yml | 4 +- indexer_certs_creator/Dockerfile | 17 +- production-cluster.yml | 12 +- production_cluster/kibana_ssl/cert.pem | 34 +- production_cluster/kibana_ssl/key.pem | 52 +- production_cluster/nginx/ssl/cert.pem | 34 +- production_cluster/nginx/ssl/key.pem | 52 +- .../wazuh-indexer/internal_users.yml | 56 + .../wazuh-indexer/opensearch-node1.yml | 40 + .../wazuh-indexer/opensearch-node2 copy.yml | 40 + .../wazuh-indexer/opensearch-node2.yml | 40 + .../wazuh-indexer/opensearch-node3.yml | 40 + .../wazuh_indexer_ssl_certs/certs.yml | 55 +- .../wazuh_indexer_ssl_certs/certs2.yml | 35 - wazuh-dashboard/config/entrypoint.sh | 10 +- wazuh-indexer/Dockerfile_new | 42 + wazuh-indexer/Dockerfile_ubuntu | 4 +- wazuh-indexer/config/config.sh | 961 ++++++++++++++++++ wazuh-indexer/config/entrypoint.sh | 73 +- wazuh-indexer/config/tarball.sh | 33 + 21 files changed, 1444 insertions(+), 198 deletions(-) create mode 100644 production_cluster/wazuh-indexer/internal_users.yml create mode 100644 production_cluster/wazuh-indexer/opensearch-node1.yml create mode 100644 production_cluster/wazuh-indexer/opensearch-node2 copy.yml create mode 100644 production_cluster/wazuh-indexer/opensearch-node2.yml create mode 100644 production_cluster/wazuh-indexer/opensearch-node3.yml delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/certs2.yml create mode 100644 wazuh-indexer/Dockerfile_new create mode 100644 wazuh-indexer/config/config.sh create mode 100644 wazuh-indexer/config/tarball.sh diff --git a/docker-compose.yml b/docker-compose.yml index b7453803..73d82ce4 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -12,7 +12,7 @@ services: - "514:514/udp" - "55000:55000" environment: - - ELASTICSEARCH_URL=https://elasticsearch:9700 + - ELASTICSEARCH_URL=https://wazuh-indexer:9700 - ELASTIC_USERNAME=admin - ELASTIC_PASSWORD=admin - FILEBEAT_SSL_VERIFICATION_MODE=none @@ -29,7 +29,7 @@ services: - filebeat_etc:/etc/filebeat - filebeat_var:/var/lib/filebeat - elasticsearch: + wazuh-indexer: image: wazuh-indexer hostname: node1 restart: always @@ -62,9 +62,9 @@ services: - SERVER_SSL_ENABLED=false depends_on: - - elasticsearch + - wazuh-indexer links: - - elasticsearch:elasticsearch + - wazuh-indexer:wazuh-indexer - wazuh:wazuh volumes: diff --git a/generate-indexer-certs.yml b/generate-indexer-certs.yml index 01503c55..acc05e81 100644 --- a/generate-indexer-certs.yml +++ b/generate-indexer-certs.yml @@ -3,8 +3,8 @@ version: '3' services: generator: - image: wazuh/opendistro-certs-generator:0.1 + image: certs_creator #wazuh/opendistro-certs-generator:0.1 hostname: opendistro-certs-generator volumes: - - ./production_cluster/wazuh_indexer_ssl_certs/certs.yml:/usr/src/config/myconf.yml + - ./production_cluster/wazuh_indexer_ssl_certs/certs.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/tools/config.yml - ./production_cluster/wazuh_indexer_ssl_certs/:/usr/src/certs/out/ \ No newline at end of file diff --git a/indexer_certs_creator/Dockerfile b/indexer_certs_creator/Dockerfile index 56181606..bd770c39 100644 --- a/indexer_certs_creator/Dockerfile +++ b/indexer_certs_creator/Dockerfile @@ -1,17 +1,18 @@ # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) -FROM centos:8 +FROM ubuntu:20.04 ARG WAZUH_VERSION=4.3.0-1 -USER root +RUN apt-get update && apt install curl -y -# Update and install dependecies -RUN yum install initscripts -y +RUN curl https://packages-dev.wazuh.com/pre-release/apt/pool/main/w/wazuh-indexer/wazuh-indexer_${WAZUH_VERSION}_amd64.deb --output wazuh-indexer_${WAZUH_VERSION}_amd64.deb && \ + dpkg -i wazuh-indexer_${WAZUH_VERSION}_amd64.deb -#Download and install Wazuh indexer -RUN curl https://s3.amazonaws.com/warehouse.wazuh.com/stack/indexer/stable/wazuh-indexer-${WAZUH_VERSION}.x86_64.rpm --output wazuh-indexer-${WAZUH_VERSION}.x86_64.rpm && \ - rpm -i wazuh-indexer-${WAZUH_VERSION}.x86_64.rpm && \ - yum clean all && rm -rf /var/cache/yum && rm -rf wazuh-indexer-${WAZUH_VERSION}.x86_64.rpm +WORKDIR /usr/share/wazuh-indexer/plugins/opensearch-security/tools/ + +RUN rm wazuh-cert-tool.sh && \ + curl -sO https://packages-dev.wazuh.com/resources/4.3/install_functions/opendistro/wazuh-cert-tool.sh &&\ + chmod 750 wazuh-cert-tool.sh COPY config/entrypoint.sh / diff --git a/production-cluster.yml b/production-cluster.yml index f1de638e..e5248381 100644 --- a/production-cluster.yml +++ b/production-cluster.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh-master: - image: wazuh/wazuh-odfe:4.2.5 + image: wazuh/wazuh-odfe:4.3.0 hostname: wazuh-master restart: always ports: @@ -38,7 +38,7 @@ services: - ./production_cluster/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh-worker: - image: wazuh/wazuh-odfe:4.2.5 + image: wazuh/wazuh-odfe:4.3.0 hostname: wazuh-worker restart: always environment: @@ -88,8 +88,8 @@ services: - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer.key:/etc/wazuh-indexer/certs/wazuh-indexer.key - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer.pem:/etc/wazuh-indexer/certs/wazuh-indexer.pem - ./production_cluster/wazuh_indexer_ssl_certs/admin.pem:/etc/wazuh-indexer/certs/admin.pem - - ./production_cluster/wazuh_indexer_ssl_certs/admin.key:/etc/wazuh-indexer/certs/admin.key - - ./production_cluster/wazuh-indexer/opnesearch-node1.yml:/etc/wazuh-indexer/opensearch.yml + - ./production_cluster/wazuh_indexer_ssl_certs/admin.key:/etc/wazuh-indexer/certs/admin-key.pem + - ./production_cluster/wazuh-indexer/opensearch-node1.yml:/etc/wazuh-indexer/opensearch.yml - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml wazuh-indexer-2: @@ -111,7 +111,7 @@ services: - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-2.key:/etc/wazuh-indexer/certs/wazuh-indexer-2.key - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-2.pem:/etc/wazuh-indexer/certs/wazuh-indexer-2.pem - - ./production_cluster/wazuh-indexer/opnesearch-node2.yml:/etc/wazuh-indexer/opensearch.yml + - ./production_cluster/wazuh-indexer/opensearch-node2.yml:/etc/wazuh-indexer/opensearch.yml - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml wazuh-indexer-3: @@ -133,7 +133,7 @@ services: - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-3.key:/etc/wazuh-indexer/certs/wazuh-indexer-3.key - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-3.pem:/etc/wazuh-indexer/certs/wazuh-indexer-3.pem - - ./production_cluster/wazuh-indexer/opnesearch-node3.yml:/etc/wazuh-indexer/opensearch.yml + - ./production_cluster/wazuh-indexer/opensearch-node3.yml:/etc/wazuh-indexer/opensearch.yml - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml kibana: diff --git a/production_cluster/kibana_ssl/cert.pem b/production_cluster/kibana_ssl/cert.pem index dab3fec7..92da3280 100644 --- a/production_cluster/kibana_ssl/cert.pem +++ b/production_cluster/kibana_ssl/cert.pem @@ -1,21 +1,21 @@ -----BEGIN CERTIFICATE----- -MIIDazCCAlOgAwIBAgIUeEaU6PZXSb2RQhzz6NQDsnXgPCYwDQYJKoZIhvcNAQEL +MIIDazCCAlOgAwIBAgIUaIlPP3pCoqvkHYK4/3ATalS/l4MwDQYJKoZIhvcNAQEL BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM -GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMjAxMjUxNTM4MjRaFw0yMzAx -MjUxNTM4MjRaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw +GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMjAxMjgxODE1MDRaFw0yMzAx +MjgxODE1MDRaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB -AQUAA4IBDwAwggEKAoIBAQDKJlBieT/1IJkd4AoUja9eFy6Z+k1yskwRLdVHuYLL -EhbDhsOOnoB0Yg7XAylxbyvXvxeNC5uQJWrU5nDwf70cGNmIG29sDd9XXKmEj7lo -NffkHBD+/UQb9aodWVaTVnu81qB+jCwi/vThaslb7ycmC+wyPz+P3SZbhQKT3BTI -2vYNzznPcugs1qFhnA0Mn4DuY4daEkFDYXjxtxfE8rWZOr+bbhxjgdAp25KaA1Sz -k47DiodTxASOumODtR/j/CPm4W9oZQ0y+cAE+mYg8TmMz+kyPK1oW8mMsjUHK1/m -EiBCMX1rdOVFNQ3ia7aX+xJzH/7ZDJPg7tG0MbfUxv+7AgMBAAGjUzBRMB0GA1Ud -DgQWBBTwTfEThtctV2m1mXpoUE0o7fQgXzAfBgNVHSMEGDAWgBTwTfEThtctV2m1 -mXpoUE0o7fQgXzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCq -1JHCAZCKFyJh/Dx8vjvXIhPeOjNBWcx4Dl4mw+DlkNyAfX6xJprUy3f/hIuXhZcs -TvLjLi2IFcGk/lGUh1SIxyAmyz49rSm/B0rYWR+rBwrEFHZwYHegS/oGtLn1kwZz -kMn3WzLFMwBLoSOs5tT3i3E0EAuH/MsO9a61HJUKbWJGG9cv3OtcCSU6wb+lQyK5 -mTsI8kjVAuKmuzwl9S3I7TqXolhwodz9MAagmLcwSfAU8Ce7qTwwpBOz4YkOHqkH -JAZhYEcLbLKCh2mGtB84mdA2pHoxK8y/J05P85ENwcYooFD7gYcsHphkKKKszNmf -AArKqDwDGSRGfbq/3rOE +AQUAA4IBDwAwggEKAoIBAQDtxUl6m3HlUPeTIXQu+BVCOiscwtVXTlSaIlOhz/cu +Py5ptLRMHdO1vTIawPag9Y1bLaLpkPuGSVUIXFhhfvc20OlQ0HaHMVu+zA6B+pV0 +uZTg4HAX7NJhGMh9qv1APtoeTx7wbG48f6+udV2bbay4a/+jQ8wkYeeTcRNSs7cz +zN30ToPUul/41ekROqvCwl7ss7BF0V/9V2ZgMnwdix7ogEZckYEvDkDccud+cF+f +CRBABKlueFL5C2+d5AkhQef8BqzjnwsRSlWSRulfcU4G0pkmVG+v59PnGaOuKVs/ +g6zOfvCmb3nKSMmJJs5sJfEN0JD1Xir6nJlEQMukRBKZAgMBAAGjUzBRMB0GA1Ud +DgQWBBRH3Gak7M/uyi4SvAv8sd3oX3uHADAfBgNVHSMEGDAWgBRH3Gak7M/uyi4S +vAv8sd3oX3uHADAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBv +1wBbjz5JSBU9UfJh5IPxTudOTtHQgU1N55M8Qz0cNBpc6dtyL/+xc85UoTKo9BEH +ZluycPDyFeIjEyvCTLTdJLkRY4gqKGgnI9JtR4nOGLjX2le1o78uL6aayYTHaQVF +Q/5K7q+JOwDXu4haBupKl43fZSFQhMQOpsKt9+PHymBXSxP35FrLNVG+UQcQNiwT +2u9Vm0K36TEmTc+eeVPo6L2bTqhWbURSJpsnMXEGssIUVuzHu2iPjsJpf6rW93DD +ZI41gjPBBuDrOPxuNQ5M9wz5j9Ckv3CHBXwg868qUAklv6tj+7bovbngof67HL4W +GzUBqvUWcjo4dV/ZkA1Z -----END CERTIFICATE----- diff --git a/production_cluster/kibana_ssl/key.pem b/production_cluster/kibana_ssl/key.pem index 393f6768..9fd51c8a 100644 --- a/production_cluster/kibana_ssl/key.pem +++ b/production_cluster/kibana_ssl/key.pem @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDKJlBieT/1IJkd -4AoUja9eFy6Z+k1yskwRLdVHuYLLEhbDhsOOnoB0Yg7XAylxbyvXvxeNC5uQJWrU -5nDwf70cGNmIG29sDd9XXKmEj7loNffkHBD+/UQb9aodWVaTVnu81qB+jCwi/vTh -aslb7ycmC+wyPz+P3SZbhQKT3BTI2vYNzznPcugs1qFhnA0Mn4DuY4daEkFDYXjx -txfE8rWZOr+bbhxjgdAp25KaA1Szk47DiodTxASOumODtR/j/CPm4W9oZQ0y+cAE -+mYg8TmMz+kyPK1oW8mMsjUHK1/mEiBCMX1rdOVFNQ3ia7aX+xJzH/7ZDJPg7tG0 -MbfUxv+7AgMBAAECggEBAI1K0F6z3vdHjJ4sDP+mtI9wZpsrL1zesHpFbdCPIpMr -loudsywJL0GplDPGuv3VNXC72Qs1tMrAzHX4h7Ihpp1v5QPUIUIGRDf8xWOpTW9A -YX6n+10uyp88S2XuHqwnA5/O6CjrcqIXUDQKfqlqdBOMu8+3E4dLjNblFhMg/coQ -ueGY8BV7bLIIBCxZV9Ca/DuQZQQXBRJjGDEcxWl+GBuWR81P9D5BITma+js9yZKw -yvZckvfObSyJ9nR5bsWPlybn3GrdGHeBwXvGXswDekwj9wsRVc00LcQ0BwrwCn7I -xjnB0XuoH4+T4OrIS08XQROzKalhUOZKwYilKEt78ikCgYEA+xX+z3QW5lVcDVIx -IIU2elZlr515NqSDBkFbdUSAlDQqPxyqQg3y110xymypdJwvh3DL3tuLyAswANKD -M3nj8U/hhKKcDjxiHutk/3R3sb+z/X6apS7nfWHn7X2G97Xv1GSp+Jxv+bZAQ+jP -k4fe3CB8JHu+V9My69XYBwx6468CgYEAzhsisB+Y0nKBIfoMoB752fFbPissycMI -QliFZsp8upIZ8dGeThubhuSMTAvL73rZpN3pJCrAwxKDvwf/sPIK2Q/ux8oB3rUr -jkTNM2D51VRNkcNbedg2LJETNzrqChH+J4ZeSMXHG7kkgJHfNiyMOwAzR0pFTtQC -tRDrF1j8i7UCgYA2NiuMEx6WoLt9TM+6m8iFZX4TCscPGzoG8bmTejTgytqMQd4o -4OYbxc1oTUnRGZ/ReHMsLO7jRDcbFliplpm2km64untDP5pX3q8x0K2/PQrZoqo1 -HAlzMt5mkoG/nhKoIwvn1679lXIOt4eJ7P4bPRBQuD8Cq2EFNmisLO+jlQKBgGeR -MykVd5GogEM2h0mexyZBJfxjbaolGu1b1g0FCxAlgmwFTWsqbEioZ+d+tgesz9kM -ua623Q4pK5K+zjl4JwNUAkTauX3TxANFh2ed/2y3ZBMu+7SKdQ6ICAPk0t4klHYA -Czi+SYMg0brZkjSCxiSPwTS9mX43AvVBfyDIUn9RAoGBAKfABXsKw34AI2M/Dhyh -2tpjW/luRWhzeO9pBDbe7jHOKqXSdFuRj0uniTiAHiK2ozL0xCXvG7b2l2rQQ6dn -cPCPagKSZmyFQcHxRr6QG+EGAbKa61eVWlGgEmp8jinv96V9eifgg+W+yH988PwC -e+liYHi4YGgobcnMDrIUdWrw +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDtxUl6m3HlUPeT +IXQu+BVCOiscwtVXTlSaIlOhz/cuPy5ptLRMHdO1vTIawPag9Y1bLaLpkPuGSVUI +XFhhfvc20OlQ0HaHMVu+zA6B+pV0uZTg4HAX7NJhGMh9qv1APtoeTx7wbG48f6+u +dV2bbay4a/+jQ8wkYeeTcRNSs7czzN30ToPUul/41ekROqvCwl7ss7BF0V/9V2Zg +Mnwdix7ogEZckYEvDkDccud+cF+fCRBABKlueFL5C2+d5AkhQef8BqzjnwsRSlWS +RulfcU4G0pkmVG+v59PnGaOuKVs/g6zOfvCmb3nKSMmJJs5sJfEN0JD1Xir6nJlE +QMukRBKZAgMBAAECggEANp+sUc6ES/pd5h85YdD8kUprvR/Fg1krdn2MWRA96RH6 +x64L/bCcgpQEfsD15+SBpQDG/IGiRydxsYoFg+B3StCTyU0a7dQZD6wxaQr4auh3 +m3H0TorJiiT3amdt5uSJl4z1vqYqbRuocJvl9V8s3vFwuUFKFNGpMeY4WjePTwbA +SoVvXHsatA6QPNfIYJXIdWD5DdPMIABWuFThm/hDfq1n57DsKQa3/pvyj4tMqKw9 +K0cgVJWqCFqAlza7WErn9NDvGOZxJqzmgAbjnj9l18VRHp1uzKn0oZBM50zuvykU +HpEoe+GCktNy8PhDx3w60gxftKgFilgRyHvVNYwAAQKBgQD/IghMwhWTrNlzxj20 +oQ2NwUnPNJjsu0ZklAAp4axekipu3kI5bNyoBBBTg1uJwHnfLOJxmCPuCBzvqcA+ +kr8jUH7DuKAHEdDyt6rGAyAnLHKI9+WRztXJqBwhk/CmHoxM/cT5sdEog3Z8WAes +sm7IPnI1J/0BevrcmDDwrot2AQKBgQDulCY3lZgpWj9PSKzkwxBYMGwVDKYwin38 +NY4a/jf+PzIXVrZSeLDmSgkNqgvsHCnjrzfI6dC+wG3wjblgM4ocAM3C6eG8Obnp +Bv+llfDGsndO9VO0oLeycyPkukrVBnG90KL+FEdJleLMb8Zcw8f8xF09lks5gmSX +ZEfv4mKMmQKBgQC9Csp7lZPHSFwXnNw76tnQH1hBYAev4VPXUpKMddryd/tZCvam +9jLJi7lNKBe7ihLDes6OvNxik0BdlLoNo05dLFfBThvFIT5hmhW/grFgVV7IfmZs +E4X1VcsCVkwJyrjKk35QRaFlE4PHvrJxFAVh+mNFX8voPOeEbIBW1f4gAQKBgBK1 +NUX4igT8GajK5xvNG/P+YAtKgaGeyoBDZtBBDPz30aK43vUal6yHM6yJoAO0tagv +7izoAMFkb3qEcnvTrsnBWmElW9kZobVfIh7G4imChw5++EBatezdUHw4C3Qm3DZp +LM7Fok1n3m/vd9uAUqdEcpdIuL9atS6V43oxA09JAoGBALO0H5n/jQxfzS1FzAR8 +ywA093adt4v84C8BsVj/nsMk56mqTquWtAuEgur7sWk2sBosb9qKsN0VmWG8h4nk +aV/nJopx77c8GAWzyiJ5W34mhS0LiTfax8L0FBx79eis+/lXr2bujgNJkGE7JHOu +zNDYtcVvKModj/du4hXIKExr -----END PRIVATE KEY----- diff --git a/production_cluster/nginx/ssl/cert.pem b/production_cluster/nginx/ssl/cert.pem index 12d42e83..25dfcf89 100644 --- a/production_cluster/nginx/ssl/cert.pem +++ b/production_cluster/nginx/ssl/cert.pem @@ -1,21 +1,21 @@ -----BEGIN CERTIFICATE----- -MIIDazCCAlOgAwIBAgIULAht6hsQE8zjr2rgFMp7AGNsjWAwDQYJKoZIhvcNAQEL +MIIDazCCAlOgAwIBAgIUKLi6nm5vryQ/9xCQOJsSZpsxT5MwDQYJKoZIhvcNAQEL BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM -GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMjAxMjUxNTM4MzNaFw0yMzAx -MjUxNTM4MzNaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw +GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMjAxMjcxOTQ3MDhaFw0yMzAx +MjcxOTQ3MDhaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB -AQUAA4IBDwAwggEKAoIBAQC/++0tPSSbcSvhVG1VSu+GdJEECzJYrmflmBU6s+PP -zQ4wvQSuZKlItQdOyJgoOfX1LZDfmoPvg4cmtaozJZyXqSOEj+Y2RXu+CB1SbonQ -PvWWPIGHS2LDWuVF3xgi0yvwiDcbydThjv4iQ9peVwG+6d2Ehg8lo6eENUsnqh2U -hn8mGg3mUx+AeGLE8lVQtyFG5ucjn5lobOGbobWVDddCOibCEnoyLXRHH5Z+PQ1d -+qCe8QHh7+y9HEo7Qy5HHuZgeAaDglUXrymNE9LvZ+yeeztt1LBsy8bQPqCJ5dS0 -e4DffxSURZqUFqMLsUDcIMZw1Gb1YNxeX9VzngVew4QRAgMBAAGjUzBRMB0GA1Ud -DgQWBBRGuAOx1cBaeCbgkVevNEQ6TnCOCzAfBgNVHSMEGDAWgBRGuAOx1cBaeCbg -kVevNEQ6TnCOCzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAJ -S8e8tpUAkEB/zxdCF5R/RsFu0cpeBSma2hEd5o5vjuOCo1lX0Mjx3p16ZI6nlkGG -TByVQAQmvETyc2SY/TX9OqBzZIqqSs1mRQOJvF7kEBI6o3JDiURynd54uPKboO6Y -rsWAtFwcpzOF+zTUeCNFXPzCwivoKFvnxh2bUFX0WxxTBrR5scKR23BKoMAWeR+h -7cXsjd+wI8EhhVduJRvFV8m+rXPgBDHo446aAp0aDC8hEWhnWAIrJKIsmV06ZtKc -Kun1/kyNF8QloO4XNoY3DAKWmBW99PgV3gci535AZDMMCrDzZ4bcoqLMfXVR6odh -eumaeNEXCPMIb5+vAao3 +AQUAA4IBDwAwggEKAoIBAQCbp1+YDLidHAF/7qfVN8kLixNgclux6FNcupmSo7om +gtS42zAfimDvlukhRTL/keV4yis2WwhLq/CP/FGvPVoSLnqXUx9oyW4X7zCHastq +dHj62wI+SgcbqTZidTqFdPt4WnJ17UauUuBGLqeDZALwUD2l45aYPPj6N+LjjdBW +Ag2Q6g3iWJM2uAY3Qu5IHf8yngkGWuFsKYleyGSdRWzSr6OUKsDj0ZljD3fKhWB1 +5+KFL/n9uRoHGrT/1O1FJFxUzX7PCO+6c16NN9tO1BP4dwiP+u8kORiiVoJ7xWlU +BJd88rfIV1Rds94nBGAl1H9eJMEe0dbdFCQEzhPf0KB3AgMBAAGjUzBRMB0GA1Ud +DgQWBBTRbzcDxJ1bHGdtqtvYUAGAV1xFGzAfBgNVHSMEGDAWgBTRbzcDxJ1bHGdt +qtvYUAGAV1xFGzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBr +uuCdm/zj5BfGD6Dg3V0nPOHeHv4b4UN4husPFRSb0YanZWTHpENfrbhRFknM9Ut1 +k6ces6c0m9UvDJQtIGkXQM57EXe2PYbDhPeP3GWvc1ymQoPoHwPmKtnrd2vTV0ni +MxAkr2BwX9Az0NrEef0ccAgyYXm+JBnQK4ZxTln4bBkK6+aZ34w9lGUSql33pdk4 +v9wySOffEOkaCFqXH6xZ1P4pJqcydaM75JXMuMg8DteSixARjuI5Ce6cyiki1Yte +nK8GqZC8lsM/s8ag3dHq0FT9gP0VGonKATqdknGa5bxCo/NolUhcyPgYPiTpz4s9 +w8668jDUM62W84lvKa6P -----END CERTIFICATE----- diff --git a/production_cluster/nginx/ssl/key.pem b/production_cluster/nginx/ssl/key.pem index 0859b8fb..8f62f328 100644 --- a/production_cluster/nginx/ssl/key.pem +++ b/production_cluster/nginx/ssl/key.pem @@ -1,28 +1,28 @@ -----BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC/++0tPSSbcSvh -VG1VSu+GdJEECzJYrmflmBU6s+PPzQ4wvQSuZKlItQdOyJgoOfX1LZDfmoPvg4cm -taozJZyXqSOEj+Y2RXu+CB1SbonQPvWWPIGHS2LDWuVF3xgi0yvwiDcbydThjv4i -Q9peVwG+6d2Ehg8lo6eENUsnqh2Uhn8mGg3mUx+AeGLE8lVQtyFG5ucjn5lobOGb -obWVDddCOibCEnoyLXRHH5Z+PQ1d+qCe8QHh7+y9HEo7Qy5HHuZgeAaDglUXrymN -E9LvZ+yeeztt1LBsy8bQPqCJ5dS0e4DffxSURZqUFqMLsUDcIMZw1Gb1YNxeX9Vz -ngVew4QRAgMBAAECggEAIp6hVGkUMtujmAyLcrgCnXJjvCDwwUEiByr3mRBbYluN -1YggUfpg9HWAjdpqZcad7cp7t3a7l/NV6csUmAiORmL/vqXcU6kP+WKpNvYr79uK -mb7rdKRJeQTpF0J1rcH6yHMnzOEGfG42saMeu6hg7jZp9b3e+WCbkqGxncN1dhTC -sNsHGGwlvfR0z7soAuVewysnJ5fckEP3mpHnEhegIz9LHeZvRbavpI1q/cgz2+FT -h1AAHXSio1dLEypHbTKw3uf+FA9Jpalbm6mBuY+7L0Lh5qkJ3sPdhQn6EfcDPY7O -YnsfAfY02g48ZsTbaRokPMDN95DWV0MmS4bMaUMlYQKBgQDtVJfC6ZOANtZCKFXO -/Rs20i9CYMXOp4m7qlfiKAezp5bh2uUlh49/BeAUJ45Hf5o+RleAhowmS3PTjy9t -vDBuU0m13K9b2e8KlFOSEkkwRhEChkHa3aTsIYgI1cXhTVIl9sRRHWLmFe0C5DEG -WQMjYL6POByAI8DNMdPv0aqe7QKBgQDPFiPODbRav0vabFl3E1R7ff2PpXSKgGj6 -Y/oeM+iAKwE6/9aHIqsDLaSMzAVXb0TMvEEjI77tIfGg3Azv/lfq3j4bXMEWVY6H -92JBDqagSxzzbFcqelyzEKLFBYG01MUEwOz8oNcIiQNndw8xakH04csBzHTMWUMb -3jUujDJxNQKBgQDNZN6KkzdSSSMY0mug3bAFu9WmrrXCaYBr57pzQY2Yz7tm79hM -qItptR3+k1UxT5+fsaTc2JTGN5qgR1UWtT183Zv3RmyFI5EbKM9CpYytuJXUB3lK -/3NR4Jsoekns+MvVi0DPqo0C74rVa8N56OMsZPfGXxtbUpXzf+IZtOzi6QKBgCKp -2BBzps7R2oaTQF54M9n/+uOClIFigS/4cDOCCNb7W9deX7B7ExkTGMoglHxQObnz -gQu6vgi/d8yvSNMbReggj1DRM9jjNVp5BE9TfnyyVgRBDE4l8UJf9H76Lv3v55Km -IIUg/x2Eobc97KMe4C93ZB3G9X4HKv6NMWW7Pe5JAoGBAJwsmcmyhgCmJ1F5dYj4 -kOZaiJrM8XNKdeIskzpyyfJRAbLWtClc2iZdOBP3YKnSYB5CyI16Padp60cDhVrX -5M1s/Uf8aJP+T/dtXPKH+Mug1Qbc5vBHKpEGaZNuvfbauTAH2B+QaoeVmEqNQg7T -lO5yoHbI38TYyvnY4YAmJ+N2 +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCbp1+YDLidHAF/ +7qfVN8kLixNgclux6FNcupmSo7omgtS42zAfimDvlukhRTL/keV4yis2WwhLq/CP +/FGvPVoSLnqXUx9oyW4X7zCHastqdHj62wI+SgcbqTZidTqFdPt4WnJ17UauUuBG +LqeDZALwUD2l45aYPPj6N+LjjdBWAg2Q6g3iWJM2uAY3Qu5IHf8yngkGWuFsKYle +yGSdRWzSr6OUKsDj0ZljD3fKhWB15+KFL/n9uRoHGrT/1O1FJFxUzX7PCO+6c16N +N9tO1BP4dwiP+u8kORiiVoJ7xWlUBJd88rfIV1Rds94nBGAl1H9eJMEe0dbdFCQE +zhPf0KB3AgMBAAECggEAFJRvnjHoYtVmGV0bkaRbj4wm1rSoDQCzrOn7DhlZrmfT +6lEIrtLj+CmSz1RP5tyKY4sPZZNpqF+mYdMxlaLd+tNsX/+cgoVHaiC04OKs3Hlj +2X8Fb+jnwa+AwknPn/+UlBgZVCA4HSpV/tGCUmvxu4ZQcFOEAMLnBGZJOF7ysbxE +9Q08spPjQQgYfScS9pRhKRj8PG+qepifpMAg4GtiT9u70r2DC+IbxmE15MUtA/qM +vqHhGLaH3LiuEI0sBEvU95mgQAGaScDiJR1uQ7VrRHQJlxYnxoNywe+8cvpi+qjK +E3NvQpI0NP1/BroDMP2je2FYedWipolR9vNpRK5FyQKBgQDLnI1jqMyl86xMzePi +G7gp/9IAi+5xwCs4o8THmozi3ktn0ma5hlg2RjP19tdslr39I47L9RMPnis+SYIE +Qzdol+wV0VhQmBt7yot+EnPgPqz1zxhGmeji+wImGgV+1acBV++YaDYimI8Ux1uG +Z4faczDrhpAG8TaECr5PCcieFQKBgQDDs/MzI0hVs+xzgLlcTrA7jgZnCVxtAVBa +NAEN0tJ1AC2lL5nYlcfd0x2ebRmluRCGmS8HfZ/3lTTARTE+HED/Vf2C0svStSwx +aDEu9zFYgxCI5ZYzwxcubvlpoEUaLS9jJPAiW/rSuImAinA3hDDq92VJwcr4qFu0 +WrB7iMlzWwKBgQCwkEZvmI42jnLoe1ZU2dK+4O87uByCmbEhQaq/qH7psPjUxDh+ +Q0i1b/VZIr+2k5WXMUGADjqEPZWkQtwzVBJ1aeC5Hrulz/FtTLvgDKJdYBxeYELd +3lN8mUxIvCHt1donqRjFIgFnyMGytBnjGF5PibpvU1YMHxo2MJbNNV+57QKBgQCo +nly2O/kwNqVNY6TSHs6Dkbx8fLlRBmfIQLSDx5kjzDKH+DqTPYKG40bK4O/PNWRC +xKubxabV+I4J99QU0t1B40JZvOx3MTjRnRd7gurWe578hOxkzvwjOuTVGI1Rn4sL +3qC0yhGUDAIVabKEcvZ/DQgNg9cxZkYVYGpdFh+UrwKBgGGb0yr7dBuvzVaJ5fLj +ITwJr6kqD41JVd0MKpGzIDGubMaGTtdc6N6GjIyNzgJAQ9VDv0l45BUYfjKtNp90 +al8RIfH0xUdPGHT/7JBgyEWZqBF88dC9Kn4JVfKzoaQK89a2RM554MxKuQOKw2Yr +q6EnyW8xKHg3z06lzZeFF51C -----END PRIVATE KEY----- diff --git a/production_cluster/wazuh-indexer/internal_users.yml b/production_cluster/wazuh-indexer/internal_users.yml new file mode 100644 index 00000000..d9f05b34 --- /dev/null +++ b/production_cluster/wazuh-indexer/internal_users.yml @@ -0,0 +1,56 @@ +--- +# This is the internal user database +# The hash value is a bcrypt hash and can be generated with plugin/tools/hash.sh + +_meta: + type: "internalusers" + config_version: 2 + +# Define your internal users here + +## Demo users + +admin: + hash: "$2y$12$K/SpwjtB.wOHJ/Nc6GVRDuc1h0rM1DfvziFRNPtk27P.c4yDr9njO" + reserved: true + backend_roles: + - "admin" + description: "Demo admin user" + +kibanaserver: + hash: "$2a$12$4AcgAt3xwOWadA5s5blL6ev39OXDNhmOesEoo33eZtrq2N0YrU3H." + reserved: true + description: "Demo kibanaserver user" + +kibanaro: + hash: "$2a$12$JJSXNfTowz7Uu5ttXfeYpeYE0arACvcwlPBStB1F.MI7f0U9Z4DGC" + reserved: false + backend_roles: + - "kibanauser" + - "readall" + attributes: + attribute1: "value1" + attribute2: "value2" + attribute3: "value3" + description: "Demo kibanaro user" + +logstash: + hash: "$2a$12$u1ShR4l4uBS3Uv59Pa2y5.1uQuZBrZtmNfqB3iM/.jL0XoV9sghS2" + reserved: false + backend_roles: + - "logstash" + description: "Demo logstash user" + +readall: + hash: "$2a$12$ae4ycwzwvLtZxwZ82RmiEunBbIPiAmGZduBAjKN0TXdwQFtCwARz2" + reserved: false + backend_roles: + - "readall" + description: "Demo readall user" + +snapshotrestore: + hash: "$2y$12$DpwmetHKwgYnorbgdvORCenv4NAK8cPUg8AI6pxLCuWf/ALc0.v7W" + reserved: false + backend_roles: + - "snapshotrestore" + description: "Demo snapshotrestore user" diff --git a/production_cluster/wazuh-indexer/opensearch-node1.yml b/production_cluster/wazuh-indexer/opensearch-node1.yml new file mode 100644 index 00000000..3ef82d19 --- /dev/null +++ b/production_cluster/wazuh-indexer/opensearch-node1.yml @@ -0,0 +1,40 @@ +network.host: wazuh-indexer +node.name: wazuh-indexer +cluster.initial_master_nodes: wazuh-indexer,wazuh-indexer-2,wazuh-indexer-3 +cluster.name: "wazuh-cluster" +discovery.seed_hosts: wazuh-indexer,wazuh-indexer-2,wazuh-indexer-3 +http.port: 9700-9799 +transport.tcp.port: 9800-9899 +node.max_local_storage_nodes: "3" +path.data: /var/lib/wazuh-indexer +path.logs: /var/log/wazuh-indexer +############################################################################### +# # +# WARNING: Insecure demo certificates set up in this file. # +# Please change on production cluster! # +# # +############################################################################### +plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/wazuh-indexer.pem +plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/wazuh-indexer.key +plugins.security.ssl.http.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem +plugins.security.ssl.transport.pemcert_filepath: /etc/wazuh-indexer/certs/wazuh-indexer.pem +plugins.security.ssl.transport.pemkey_filepath: /etc/wazuh-indexer/certs/wazuh-indexer.key +plugins.security.ssl.transport.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem +plugins.security.ssl.http.enabled: true +plugins.security.ssl.transport.enforce_hostname_verification: false +plugins.security.ssl.transport.resolve_hostname: false +plugins.security.audit.type: internal_opensearch +plugins.security.authcz.admin_dn: +- "CN=admin,OU=Docu,O=Wazuh,L=California,C=US" +plugins.security.check_snapshot_restore_write_privileges: true +plugins.security.enable_snapshot_restore_privilege: true +plugins.security.nodes_dn: +- "CN=wazuh-indexer,OU=Docu,O=Wazuh,L=California,C=US" +- "CN=wazuh-indexer-2,OU=Docu,O=Wazuh,L=California,C=US" +- "CN=wazuh-indexer-3,OU=Docu,O=Wazuh,L=California,C=US" +- "CN=filebeat,OU=Docu,O=Wazuh,L=California,C=US" +plugins.security.restapi.roles_enabled: +- "all_access" +- "security_rest_api_access" +plugins.security.system_indices.enabled: true +plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opensearch-observability", ".opendistro-asynchronous-search-response*", ".replication-metadata-store"] diff --git a/production_cluster/wazuh-indexer/opensearch-node2 copy.yml b/production_cluster/wazuh-indexer/opensearch-node2 copy.yml new file mode 100644 index 00000000..3a57f906 --- /dev/null +++ b/production_cluster/wazuh-indexer/opensearch-node2 copy.yml @@ -0,0 +1,40 @@ +network.host: wazuh-indexer-2 +node.name: wazuh-indexer-2 +cluster.initial_master_nodes: wazuh-indexer,wazuh-indexer-2,wazuh-indexer-3 +cluster.name: "wazuh-cluster" +discovery.seed_hosts: wazuh-indexer,wazuh-indexer-2,wazuh-indexer-3 +http.port: 9700-9799 +transport.tcp.port: 9800-9899 +node.max_local_storage_nodes: "3" +path.data: /var/lib/wazuh-indexer +path.logs: /var/log/wazuh-indexer +############################################################################### +# # +# WARNING: Insecure demo certificates set up in this file. # +# Please change on production cluster! # +# # +############################################################################### +plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/wazuh-indexer-2.pem +plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/wazuh-indexer-2.key +plugins.security.ssl.http.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem +plugins.security.ssl.transport.pemcert_filepath: /etc/wazuh-indexer/certs/wazuh-indexer-2.pem +plugins.security.ssl.transport.pemkey_filepath: /etc/wazuh-indexer/certs/wazuh-indexer-2.key +plugins.security.ssl.transport.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem +plugins.security.ssl.http.enabled: true +plugins.security.ssl.transport.enforce_hostname_verification: false +plugins.security.ssl.transport.resolve_hostname: false +plugins.security.audit.type: internal_opensearch +plugins.security.authcz.admin_dn: +- 'CN=admin,OU=Ops,O=Example\, Inc.,DC=example,DC=com' +plugins.security.check_snapshot_restore_write_privileges: true +plugins.security.enable_snapshot_restore_privilege: true +plugins.security.nodes_dn: +- 'CN=wazuh-indexer,OU=Ops,O=Example\, Inc.,DC=example,DC=com' +- 'CN=wazuh-indexer-2,OU=Ops,O=Example\, Inc.,DC=example,DC=com' +- 'CN=wazuh-indexer-3,OU=Ops,O=Example\, Inc.,DC=example,DC=com' +- 'CN=filebeat,OU=Ops,O=Example\, Inc.,DC=example,DC=com' +plugins.security.restapi.roles_enabled: +- "all_access" +- "security_rest_api_access" +plugins.security.system_indices.enabled: true +plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opensearch-observability", ".opendistro-asynchronous-search-response*", ".replication-metadata-store"] diff --git a/production_cluster/wazuh-indexer/opensearch-node2.yml b/production_cluster/wazuh-indexer/opensearch-node2.yml new file mode 100644 index 00000000..a20cbf57 --- /dev/null +++ b/production_cluster/wazuh-indexer/opensearch-node2.yml @@ -0,0 +1,40 @@ +network.host: wazuh-indexer-2 +node.name: wazuh-indexer-2 +cluster.initial_master_nodes: wazuh-indexer,wazuh-indexer-2,wazuh-indexer-3 +cluster.name: "wazuh-cluster" +discovery.seed_hosts: wazuh-indexer,wazuh-indexer-2,wazuh-indexer-3 +http.port: 9700-9799 +transport.tcp.port: 9800-9899 +node.max_local_storage_nodes: "3" +path.data: /var/lib/wazuh-indexer +path.logs: /var/log/wazuh-indexer +############################################################################### +# # +# WARNING: Insecure demo certificates set up in this file. # +# Please change on production cluster! # +# # +############################################################################### +plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/wazuh-indexer-2.pem +plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/wazuh-indexer-2.key +plugins.security.ssl.http.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem +plugins.security.ssl.transport.pemcert_filepath: /etc/wazuh-indexer/certs/wazuh-indexer-2.pem +plugins.security.ssl.transport.pemkey_filepath: /etc/wazuh-indexer/certs/wazuh-indexer-2.key +plugins.security.ssl.transport.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem +plugins.security.ssl.http.enabled: true +plugins.security.ssl.transport.enforce_hostname_verification: false +plugins.security.ssl.transport.resolve_hostname: false +plugins.security.audit.type: internal_opensearch +plugins.security.authcz.admin_dn: +- "CN=admin,OU=Docu,O=Wazuh,L=California,C=US" +plugins.security.check_snapshot_restore_write_privileges: true +plugins.security.enable_snapshot_restore_privilege: true +plugins.security.nodes_dn: +- "CN=wazuh-indexer,OU=Docu,O=Wazuh,L=California,C=US" +- "CN=wazuh-indexer-2,OU=Docu,O=Wazuh,L=California,C=US" +- "CN=wazuh-indexer-3,OU=Docu,O=Wazuh,L=California,C=US" +- "CN=filebeat,OU=Docu,O=Wazuh,L=California,C=US" +plugins.security.restapi.roles_enabled: +- "all_access" +- "security_rest_api_access" +plugins.security.system_indices.enabled: true +plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opensearch-observability", ".opendistro-asynchronous-search-response*", ".replication-metadata-store"] diff --git a/production_cluster/wazuh-indexer/opensearch-node3.yml b/production_cluster/wazuh-indexer/opensearch-node3.yml new file mode 100644 index 00000000..49257c7f --- /dev/null +++ b/production_cluster/wazuh-indexer/opensearch-node3.yml @@ -0,0 +1,40 @@ +network.host: wazuh-indexer-3 +node.name: wazuh-indexer-3 +cluster.initial_master_nodes: wazuh-indexer,wazuh-indexer-2,wazuh-indexer-3 +cluster.name: "wazuh-cluster" +discovery.seed_hosts: wazuh-indexer,wazuh-indexer-2,wazuh-indexer-3 +http.port: 9700-9799 +transport.tcp.port: 9800-9899 +node.max_local_storage_nodes: "3" +path.data: /var/lib/wazuh-indexer +path.logs: /var/log/wazuh-indexer +############################################################################### +# # +# WARNING: Insecure demo certificates set up in this file. # +# Please change on production cluster! # +# # +############################################################################### +plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/wazuh-indexer-3.pem +plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/wazuh-indexer-3.key +plugins.security.ssl.http.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem +plugins.security.ssl.transport.pemcert_filepath: /etc/wazuh-indexer/certs/wazuh-indexer-3.pem +plugins.security.ssl.transport.pemkey_filepath: /etc/wazuh-indexer/certs/wazuh-indexer-3.key +plugins.security.ssl.transport.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem +plugins.security.ssl.http.enabled: true +plugins.security.ssl.transport.enforce_hostname_verification: false +plugins.security.ssl.transport.resolve_hostname: false +plugins.security.audit.type: internal_opensearch +plugins.security.authcz.admin_dn: +- "CN=admin,OU=Docu,O=Wazuh,L=California,C=US" +plugins.security.check_snapshot_restore_write_privileges: true +plugins.security.enable_snapshot_restore_privilege: true +plugins.security.nodes_dn: +- "CN=wazuh-indexer,OU=Docu,O=Wazuh,L=California,C=US" +- "CN=wazuh-indexer-2,OU=Docu,O=Wazuh,L=California,C=US" +- "CN=wazuh-indexer-3,OU=Docu,O=Wazuh,L=California,C=US" +- "CN=filebeat,OU=Docu,O=Wazuh,L=California,C=US" +plugins.security.restapi.roles_enabled: +- "all_access" +- "security_rest_api_access" +plugins.security.system_indices.enabled: true +plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opensearch-observability", ".opendistro-asynchronous-search-response*", ".replication-metadata-store"] diff --git a/production_cluster/wazuh_indexer_ssl_certs/certs.yml b/production_cluster/wazuh_indexer_ssl_certs/certs.yml index 3325b392..fce2c93d 100644 --- a/production_cluster/wazuh_indexer_ssl_certs/certs.yml +++ b/production_cluster/wazuh_indexer_ssl_certs/certs.yml @@ -1,22 +1,35 @@ +ca: + root: + dn: CN=admin,OU=Docu,O=Wazuh,L=California,C=US + pkPassword: none + keysize: 2048 + file: root-ca.pem + intermediate: + dn: CN=admin,OU=Docu,O=Wazuh,L=California,C=US + keysize: 2048 + validityDays: 3650 + pkPassword: intermediate-ca-password + file: intermediate-ca.pem + nodes: - # Elasticsearch server nodes - #wazuh-indexer: - - name: wazuh-indexer - ip: wazuh-indexer - - name: wazuh-indexer-2 - ip: wazuh-indexer-2 - - name: wazuh-indexer-3 - ip: wazuh-indexer-3 - # Wazuh server nodes - # Use node_type only with more than one Wazuh manager - #wazuh_servers: - - name: wazuh-master - ip: wazuh-master - #node_type: master - - name: wazuh-worker - ip: wazuh-worker - #node_type: worker - # Kibana node - #kibana: - - name: kibana - ip: kibana \ No newline at end of file + - name: wazuh-indexer + dn: CN=wazuh-indexer,OU=Docu,O=Wazuh,L=California,C=US + dns: + - wazuh-indexer + - name: wazuh-indexer-2 + dn: CN=wazuh-indexer-2,OU=Docu,O=Wazuh,L=California,C=US + dns: + - wazuh-indexer-2 + - name: wazuh-indexer-3 + dn: CN=wazuh-indexer-3,OU=Docu,O=Wazuh,L=California,C=US + dns: + - wazuh-indexer-3 + - name: filebeat + dn: CN=filebeat,OU=Docu,O=Wazuh,L=California,C=US + dns: + - wazuh + +clients: + - name: admin + dn: CN=admin,OU=Docu,O=Wazuh,L=California,C=US + admin: true \ No newline at end of file diff --git a/production_cluster/wazuh_indexer_ssl_certs/certs2.yml b/production_cluster/wazuh_indexer_ssl_certs/certs2.yml deleted file mode 100644 index 07cf17af..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/certs2.yml +++ /dev/null @@ -1,35 +0,0 @@ -ca: - root: - dn: CN=root-ca,OU=CA,O=Example\, Inc.,DC=example,DC=com - pkPassword: none - keysize: 2048 - file: root-ca.pem - intermediate: - dn: CN=intermediate,OU=CA,O=Example\, Inc.,DC=example,DC=com - keysize: 2048 - validityDays: 3650 - pkPassword: intermediate-ca-password - file: intermediate-ca.pem - -nodes: - - name: wazuh-indexer - dn: CN=wazuh-indexer,OU=Ops,O=Example\, Inc.,DC=example,DC=com - dns: - - wazuh-indexer - - name: wazuh-indexer-2 - dn: CN=wazuh-indexer-2,OU=Ops,O=Example\, Inc.,DC=example,DC=com - dns: - - wazuh-indexer-2 - - name: wazuh-indexer-3 - dn: CN=wazuh-indexer-3,OU=Ops,O=Example\, Inc.,DC=example,DC=com - dns: - - wazuh-indexer-3 - - name: filebeat - dn: CN=filebeat,OU=Ops,O=Example\, Inc.,DC=example,DC=com - dns: - - wazuh - -clients: - - name: admin - dn: CN=admin,OU=Ops,O=Example\, Inc.,DC=example,DC=com - admin: true \ No newline at end of file diff --git a/wazuh-dashboard/config/entrypoint.sh b/wazuh-dashboard/config/entrypoint.sh index 33e6f8ee..0169fb29 100644 --- a/wazuh-dashboard/config/entrypoint.sh +++ b/wazuh-dashboard/config/entrypoint.sh @@ -5,10 +5,8 @@ # Start Wazuh dashboard ############################################################################## -sed -i 's/localhost:9700/elasticsearch:9700/' /etc/wazuh-dashboard/wazuh-dashboard.yml +sed -i 's/:9700/wazuh-indexer:9700/' /etc/wazuh-dashboard/dashboard.yml +sed -i 's//0.0.0.0/' /etc/wazuh-dashboard/dashboard.yml +sed -i '/logging.dest:/d' /etc/wazuh-dashboard/dashboard.yml -service wazuh-dashboard start - -sleep 20 - -tail -f /var/log/wazuh-dashboard/wazuh-dashboard.log +runuser wazuh-dashboard --shell="/bin/bash" --command="/usr/share/wazuh-dashboard/bin/opensearch-dashboards -c /etc/wazuh-dashboard/dashboard.yml" diff --git a/wazuh-indexer/Dockerfile_new b/wazuh-indexer/Dockerfile_new new file mode 100644 index 00000000..63276d9b --- /dev/null +++ b/wazuh-indexer/Dockerfile_new @@ -0,0 +1,42 @@ +FROM centos:7 AS builder + +ENV tini_bin="tini-amd64" + +RUN yum install initscripts curl -y + +RUN curl --retry 8 -S -L -O https://github.com/krallin/tini/releases/download/v0.19.0/${tini_bin} +RUN curl --retry 8 -S -L -O https://github.com/krallin/tini/releases/download/v0.19.0/${tini_bin}.sha256sum +RUN sha256sum -c ${tini_bin}.sha256sum && \ + echo ${tini_bin} \ + rm ${tini_bin}.sha256sum && \ + mv ${tini_bin} /tini && \ + chmod +x /tini +#RUN mkdir /usr/share/wazuh-indexer +#WORKDIR /usr/share/opensearch +#RUN tar zxf /opt/opensearch.tar.gz --strip-components=1 +#RUN sed -i -e 's/OPENSEARCH_DISTRIBUTION_TYPE=tar/OPENSEARCH_DISTRIBUTION_TYPE=docker/' /usr/share/opensearch/bin/opensearch-env +#RUN mkdir -p config config/jvm.options.d data logs +#RUN chmod 0775 config config/jvm.options.d data logs +#COPY config/opensearch.yml config/log4j2.properties config/ +#RUN chmod 0660 config/opensearch.yml config/log4j2.properties +COPY config/config.sh . +RUN bash config.sh + +################################################################################ +# Build stage 1 (the actual OpenSearch image): +# +# Copy opensearch from stage 0 +# Add entrypoint +################################################################################ +FROM alpine +ENV USER="wazuh-indexer" \ + GROUP="wazuh-indexer" \ + NAME="wazuh-indexer" \ + INSTALL_DIR="/usr/share/wazuh-indexer" +RUN addgroup --system --gid 1000 $GROUP && \ + adduser -u 1000 -G $GROUP -D -h $INSTALL_DIR $USER && \ + chmod 0775 $INSTALL_DIR + #chown -R 1000:0 $INSTALL_DIR +WORKDIR $INSTALL_DIR +COPY --from=builder --chown=1000:0 /usr/share/wazuh-indexer /usr/share/wazuh-indexer +COPY --from=builder --chown=0:0 /tini /tini \ No newline at end of file diff --git a/wazuh-indexer/Dockerfile_ubuntu b/wazuh-indexer/Dockerfile_ubuntu index b6b058a6..9e6ddf67 100644 --- a/wazuh-indexer/Dockerfile_ubuntu +++ b/wazuh-indexer/Dockerfile_ubuntu @@ -3,9 +3,11 @@ FROM ubuntu:20.04 ARG WAZUH_VERSION=4.3.0-1 +# Update and install dependecies RUN apt-get update && apt install curl -y -RUN curl https://s3.amazonaws.com/warehouse.wazuh.com/stack/indexer/stable/wazuh-indexer_${WAZUH_VERSION}_amd64.deb --output wazuh-indexer_${WAZUH_VERSION}_amd64.deb && \ +#Download and install Wazuh indexer +RUN curl https://packages-dev.wazuh.com/pre-release/apt/pool/main/w/wazuh-indexer/wazuh-indexer_${WAZUH_VERSION}_amd64.deb --output wazuh-indexer_${WAZUH_VERSION}_amd64.deb && \ dpkg -i wazuh-indexer_${WAZUH_VERSION}_amd64.deb COPY config/entrypoint.sh / diff --git a/wazuh-indexer/config/config.sh b/wazuh-indexer/config/config.sh new file mode 100644 index 00000000..93bb459a --- /dev/null +++ b/wazuh-indexer/config/config.sh @@ -0,0 +1,961 @@ +export NAME=wazuh-indexer +export VERSION=4.3.0 +export RELEASE=1 +export USER=$NAME +export GROUP=$NAME +export CONFIG_DIR=/etc/$NAME +export LOG_DIR=/var/log/$NAME +export LIB_DIR=/var/lib/$NAME +export SYS_DIR=/usr/lib +export INSTALL_DIR=/usr/share/$NAME +export REPO_DIR=/root/unattended_installer + + +getent group $GROUP || groupadd -r -g 1000 $GROUP + +# Create package user +if ! id $USER &> /dev/null; then + useradd --system \ + --uid 1000 \ + --no-create-home \ + --home-dir $INSTALL_DIR \ + --gid $GROUP \ + --shell /sbin/nologin \ + --comment "$USER user" \ + $USER +fi + +# Create directories +mkdir -p ${RPM_BUILD_ROOT}${INSTALL_DIR} +mkdir -p ${RPM_BUILD_ROOT}/etc +mkdir -p ${RPM_BUILD_ROOT}${LOG_DIR} +mkdir -p ${RPM_BUILD_ROOT}${LIB_DIR} +mkdir -p ${RPM_BUILD_ROOT}${SYS_DIR} + +# Download required sources +curl -kOL https://s3.amazonaws.com/warehouse.wazuh.com/stack/indexer/wazuh-indexer-base-linux-x64.tar.gz +tar -xzf wazuh-indexer-*.tar.gz && rm -f wazuh-indexer-*.tar.gz +chown -R ${USER}:${GROUP} wazuh-indexer-*/* + +# Copy base files into RPM_BUILD_ROOT directory +mv wazuh-indexer-*/etc/ ${RPM_BUILD_ROOT}/etc/ +cp -r wazuh-indexer-*${SYS_DIR}/* ${RPM_BUILD_ROOT}${SYS_DIR}/ +rm -rf wazuh-indexer-*/etc +rm -rf wazuh-indexer-*/usr +cp -pr wazuh-indexer-*/* ${RPM_BUILD_ROOT}${INSTALL_DIR}/ + +# Download demo certificates +curl -kOL https://s3.amazonaws.com/warehouse.wazuh.com/stack/demo-certs.tar.gz +tar xzf demo-certs.tar.gz && rm -f demo-certs.tar.gz +chown -R ${USER}:${GROUP} certs +mkdir -p ${RPM_BUILD_ROOT}${CONFIG_DIR}/certs/ +cp certs/admin.pem ${RPM_BUILD_ROOT}${CONFIG_DIR}/certs/ +cp certs/admin-key.pem ${RPM_BUILD_ROOT}${CONFIG_DIR}/certs/ +cp certs/demo-indexer.pem ${RPM_BUILD_ROOT}${CONFIG_DIR}/certs/ +cp certs/demo-indexer-key.pem ${RPM_BUILD_ROOT}${CONFIG_DIR}/certs/ +cp certs/root-ca.pem ${RPM_BUILD_ROOT}${CONFIG_DIR}/certs/ + +#cp ${REPO_DIR}/install_functions/wazuh-cert-tool.sh ${RPM_BUILD_ROOT}${INSTALL_DIR}/plugins/opensearch-security/tools/ +#cp ${REPO_DIR}/install_functions/wazuh-passwords-tool.sh ${RPM_BUILD_ROOT}${INSTALL_DIR}/plugins/opensearch-security/tools/ +#cp ${REPO_DIR}/config/opensearch/certificate/config_aio.yml ${RPM_BUILD_ROOT}${INSTALL_DIR}/plugins/opensearch-security/tools/config.yml + +#cp ${REPO_DIR}/config/opensearch/roles/internal_users.yml ${RPM_BUILD_ROOT}${INSTALL_DIR}/plugins/opensearch-security/securityconfig/ +#cp ${REPO_DIR}/config/opensearch/roles/roles.yml ${RPM_BUILD_ROOT}${INSTALL_DIR}/plugins/opensearch-security/securityconfig/ +#cp ${REPO_DIR}/config/opensearch/roles/roles_mapping.yml ${RPM_BUILD_ROOT}${INSTALL_DIR}/plugins/opensearch-security/securityconfig/ + +#chmod 0660 "/etc/sysconfig/${NAME}" && chown root:${GROUP} "/etc/sysconfig/${NAME}" +chmod 400 ${CONFIG_DIR}/certs/admin.pem && chown ${USER}:${GROUP} ${CONFIG_DIR}/certs/admin.pem +chmod 400 ${CONFIG_DIR}/certs/admin-key.pem && chown ${USER}:${GROUP} ${CONFIG_DIR}/certs/admin-key.pem +chmod 400 ${CONFIG_DIR}/certs/demo-indexer.pem && chown ${USER}:${GROUP} ${CONFIG_DIR}/certs/demo-indexer.pem +chmod 400 ${CONFIG_DIR}/certs/demo-indexer-key.pem && chown ${USER}:${GROUP} ${CONFIG_DIR}/certs/demo-indexer-key.pem +chmod 400 ${CONFIG_DIR}/certs/root-ca.pem && chown ${USER}:${GROUP} ${CONFIG_DIR}/certs/root-ca.pem +chmod 660 ${CONFIG_DIR}/jvm.options && chown ${USER}:${GROUP} ${CONFIG_DIR}/jvm.options +chmod 660 ${CONFIG_DIR}/opensearch.yml && chown ${USER}:${GROUP} ${CONFIG_DIR}/opensearch.yml +chmod 660 ${CONFIG_DIR}/log4j2.properties && chown ${USER}:${GROUP} ${CONFIG_DIR}/log4j2.properties +chmod 750 ${CONFIG_DIR} && chown ${USER}:${GROUP} ${CONFIG_DIR} +chmod 750 ${LIB_DIR} && chown ${USER}:${GROUP} ${LIB_DIR} +chmod 750 ${LOG_DIR} && chown ${USER}:${GROUP} ${LOG_DIR} +chmod 750 ${INSTALL_DIR}/performance-analyzer-rca/lib && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib +chmod 750 ${INSTALL_DIR} && chown ${USER}:${GROUP} ${INSTALL_DIR} +chmod 750 ${INSTALL_DIR}/performance-analyzer-rca && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca +chmod 750 ${INSTALL_DIR}/performance-analyzer-rca/bin && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/bin +chmod 750 ${INSTALL_DIR}/performance-analyzer-rca/pa_bin && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/pa_bin +chmod 750 ${INSTALL_DIR}/performance-analyzer-rca/pa_config && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/pa_config +chmod 750 ${INSTALL_DIR}/bin && chown ${USER}:${GROUP} ${INSTALL_DIR}/bin +chmod 750 ${INSTALL_DIR}/lib && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib +chmod 750 ${INSTALL_DIR}/lib/tools && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/tools +chmod 750 ${INSTALL_DIR}/lib/tools/plugin-cli && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/tools/plugin-cli +chmod 750 ${INSTALL_DIR}/lib/tools/upgrade-cli && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/tools/upgrade-cli +chmod 750 ${INSTALL_DIR}/lib/tools/keystore-cli && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/tools/keystore-cli +chmod 750 ${CONFIG_DIR}/certs && chown ${USER}:${GROUP} ${CONFIG_DIR}/certs +chmod 750 ${CONFIG_DIR}/opensearch-observability && chown ${USER}:${GROUP} ${CONFIG_DIR}/opensearch-observability +chmod 750 ${CONFIG_DIR}/opensearch-reports-scheduler && chown ${USER}:${GROUP} ${CONFIG_DIR}/opensearch-reports-scheduler +chmod 750 ${CONFIG_DIR}/jvm.options.d && chown ${USER}:${GROUP} ${CONFIG_DIR}/jvm.options.d +chmod 750 ${INSTALL_DIR}/plugins && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins +chmod 750 ${INSTALL_DIR}/plugins/opensearch-observability && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-observability +chmod 750 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler +chmod 750 ${INSTALL_DIR}/plugins/opensearch-sql && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql +chmod 750 ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication +chmod 750 ${INSTALL_DIR}/plugins/opensearch-knn && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn +chmod 750 ${INSTALL_DIR}/plugins/opensearch-knn/knnlib && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/knnlib +chmod 750 ${INSTALL_DIR}/plugins/opensearch-index-management && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management +chmod 750 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer +chmod 750 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_bin && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_bin +chmod 750 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config +chmod 750 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/extensions && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/extensions +chmod 750 ${INSTALL_DIR}/plugins/opensearch-job-scheduler && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-job-scheduler +chmod 750 ${INSTALL_DIR}/plugins/opensearch-security && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security +chmod 750 ${INSTALL_DIR}/plugins/opensearch-security/securityconfig && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/securityconfig +chmod 750 ${INSTALL_DIR}/plugins/opensearch-security/tools && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/tools +chmod 750 ${INSTALL_DIR}/plugins/opensearch-asynchronous-search && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-asynchronous-search +chmod 750 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection +chmod 750 ${INSTALL_DIR}/plugins/opensearch-alerting && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting +chmod 750 ${INSTALL_DIR}/modules && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules +chmod 750 ${INSTALL_DIR}/modules/ingest-common && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-common +chmod 750 ${INSTALL_DIR}/modules/geo && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/geo +chmod 750 ${INSTALL_DIR}/modules/ingest-geoip && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-geoip +chmod 750 ${INSTALL_DIR}/modules/percolator && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/percolator +chmod 750 ${INSTALL_DIR}/modules/analysis-common && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/analysis-common +chmod 750 ${INSTALL_DIR}/modules/aggs-matrix-stats && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/aggs-matrix-stats +chmod 750 ${INSTALL_DIR}/modules/repository-url && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/repository-url +chmod 750 ${INSTALL_DIR}/modules/lang-mustache && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-mustache +chmod 750 ${INSTALL_DIR}/modules/systemd && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/systemd +chmod 750 ${INSTALL_DIR}/modules/transport-netty4 && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/transport-netty4 +chmod 750 ${INSTALL_DIR}/modules/lang-expression && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-expression +chmod 750 ${INSTALL_DIR}/modules/lang-painless && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-painless +chmod 750 ${INSTALL_DIR}/modules/rank-eval && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/rank-eval +chmod 750 ${INSTALL_DIR}/modules/opensearch-dashboards && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/opensearch-dashboards +chmod 750 ${INSTALL_DIR}/modules/ingest-user-agent && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-user-agent +chmod 750 ${INSTALL_DIR}/modules/mapper-extras && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/mapper-extras +chmod 750 ${INSTALL_DIR}/modules/parent-join && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/parent-join +chmod 750 ${INSTALL_DIR}/modules/reindex && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/reindex +chmod 750 ${INSTALL_DIR}/jdk && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk +chmod 750 ${INSTALL_DIR}/jdk/man && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man +chmod 750 ${INSTALL_DIR}/jdk/man/man1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1 +chmod 750 ${INSTALL_DIR}/jdk/bin && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin +chmod 750 ${INSTALL_DIR}/jdk/legal && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal +chmod 750 ${INSTALL_DIR}/jdk/legal/java.base && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.base +chmod 750 ${INSTALL_DIR}/jdk/legal/java.security.sasl && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.security.sasl +chmod 750 ${INSTALL_DIR}/jdk/legal/java.scripting && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.scripting +chmod 750 ${INSTALL_DIR}/jdk/legal/java.management && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.management +chmod 750 ${INSTALL_DIR}/jdk/legal/java.xml && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.xml +chmod 750 ${INSTALL_DIR}/jdk/legal/java.smartcardio && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.smartcardio +chmod 750 ${INSTALL_DIR}/jdk/legal/java.transaction.xa && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.transaction.xa +chmod 750 ${INSTALL_DIR}/jdk/legal/java.prefs && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.prefs +chmod 750 ${INSTALL_DIR}/jdk/legal/java.compiler && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.compiler +chmod 750 ${INSTALL_DIR}/jdk/legal/java.logging && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.logging +chmod 750 ${INSTALL_DIR}/jdk/legal/java.xml.crypto && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.xml.crypto +chmod 750 ${INSTALL_DIR}/jdk/legal/java.sql.rowset && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.sql.rowset +chmod 750 ${INSTALL_DIR}/jdk/legal/java.net.http && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.net.http +chmod 750 ${INSTALL_DIR}/jdk/legal/java.rmi && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.rmi +chmod 750 ${INSTALL_DIR}/jdk/legal/java.sql && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.sql +chmod 750 ${INSTALL_DIR}/jdk/legal/java.naming && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.naming +chmod 750 ${INSTALL_DIR}/jdk/legal/java.datatransfer && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.datatransfer +chmod 750 ${INSTALL_DIR}/jdk/legal/java.instrument && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.instrument +chmod 750 ${INSTALL_DIR}/jdk/legal/java.management.rmi && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.management.rmi +chmod 750 ${INSTALL_DIR}/jdk/legal/java.desktop && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.desktop +chmod 750 ${INSTALL_DIR}/jdk/lib && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib +chmod 750 ${INSTALL_DIR}/jdk/lib/server && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/server +chmod 750 ${INSTALL_DIR}/jdk/lib/jfr && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/jfr +chmod 750 ${INSTALL_DIR}/jdk/lib/security && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/security +chmod 750 ${INSTALL_DIR}/jdk/include && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/include +chmod 750 ${INSTALL_DIR}/jdk/include/linux && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/include/linux +chmod 750 ${INSTALL_DIR}/jdk/conf && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf +chmod 750 ${INSTALL_DIR}/jdk/conf/sdp && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/sdp +chmod 750 ${INSTALL_DIR}/jdk/conf/management && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/management +chmod 750 ${INSTALL_DIR}/jdk/conf/security && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/security +chmod 750 ${INSTALL_DIR}/jdk/conf/security/policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/security/policy +chmod 750 ${INSTALL_DIR}/jdk/conf/security/policy/limited && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/security/policy/limited +chmod 750 ${INSTALL_DIR}/jdk/conf/security/policy/unlimited && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/security/policy/unlimited +chmod 750 ${INSTALL_DIR}/jdk/jmods && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods +chmod 0750 /etc/init.d/${NAME} && chown root:root /etc/init.d/${NAME} +chmod 0640 ${SYS_DIR}/sysctl.d/${NAME}.conf && chown root:root ${SYS_DIR}/sysctl.d/${NAME}.conf +chmod 0640 ${SYS_DIR}/systemd/system/${NAME}.service && chown root:root ${SYS_DIR}/systemd/system/${NAME}.service +chmod 0640 ${SYS_DIR}/systemd/system/${NAME}-performance-analyzer.service && chown root:root ${SYS_DIR}/systemd/system/${NAME}-performance-analyzer.service +chmod 0640 ${SYS_DIR}/tmpfiles.d/${NAME}.conf && chown root:root ${SYS_DIR}/tmpfiles.d/${NAME}.conf +chmod 750 ${INSTALL_DIR}/performance-analyzer-rca/bin/performance-analyzer-rca && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/bin/performance-analyzer-rca +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/performance-analyzer-rca-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/performance-analyzer-rca-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/error_prone_annotations-2.3.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/error_prone_annotations-2.3.4.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/sqlite-jdbc-3.32.3.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/sqlite-jdbc-3.32.3.2.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-stub-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-stub-1.28.0.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/log4j-api-2.17.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/log4j-api-2.17.1.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/bcpkix-jdk15on-1.68.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/bcpkix-jdk15on-1.68.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/bcprov-jdk15on-1.68.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/bcprov-jdk15on-1.68.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/jackson-databind-2.11.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/jackson-databind-2.11.4.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/protobuf-java-3.11.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/protobuf-java-3.11.0.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/gson-2.8.6.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/gson-2.8.6.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/j2objc-annotations-1.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/j2objc-annotations-1.3.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/commons-lang3-3.9.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/commons-lang3-3.9.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/jsr305-3.0.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/jsr305-3.0.2.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/log4j-core-2.17.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/log4j-core-2.17.1.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/perfmark-api-0.19.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/perfmark-api-0.19.0.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/guava-28.2-jre.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/guava-28.2-jre.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-core-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-core-1.28.0.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-netty-shaded-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-netty-shaded-1.28.0.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-context-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-context-1.28.0.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/annotations-4.1.1.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/annotations-4.1.1.4.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/animal-sniffer-annotations-1.18.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/animal-sniffer-annotations-1.18.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/jackson-annotations-2.11.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/jackson-annotations-2.11.4.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/proto-google-common-protos-1.17.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/proto-google-common-protos-1.17.0.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/javax.annotation-api-1.3.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/javax.annotation-api-1.3.2.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/checker-qual-2.10.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/checker-qual-2.10.0.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/commons-io-2.7.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/commons-io-2.7.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/jooq-3.10.8.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/jooq-3.10.8.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/jackson-core-2.11.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/jackson-core-2.11.4.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-protobuf-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-protobuf-1.28.0.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-protobuf-lite-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-protobuf-lite-1.28.0.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-api-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-api-1.28.0.jar +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/failureaccess-1.0.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/failureaccess-1.0.1.jar +chmod 750 ${INSTALL_DIR}/performance-analyzer-rca/pa_bin/performance-analyzer-agent && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/pa_bin/performance-analyzer-agent +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/pa_config/agent-stats-metadata && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/pa_config/agent-stats-metadata +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/pa_config/plugin-stats-metadata && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/pa_config/plugin-stats-metadata +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/pa_config/performance-analyzer.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/pa_config/performance-analyzer.properties +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/pa_config/rca_master.conf && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/pa_config/rca_master.conf +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/pa_config/rca.conf && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/pa_config/rca.conf +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/pa_config/opensearch_security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/pa_config/opensearch_security.policy +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/pa_config/log4j2.xml && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/pa_config/log4j2.xml +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/pa_config/rca_idle_master.conf && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/pa_config/rca_idle_master.conf +chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/pa_config/supervisord.conf && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/pa_config/supervisord.conf +chmod 750 ${INSTALL_DIR}/bin/opensearch-shard && chown ${USER}:${GROUP} ${INSTALL_DIR}/bin/opensearch-shard +chmod 750 ${INSTALL_DIR}/bin/opensearch-node && chown ${USER}:${GROUP} ${INSTALL_DIR}/bin/opensearch-node +chmod 750 ${INSTALL_DIR}/bin/opensearch-keystore && chown ${USER}:${GROUP} ${INSTALL_DIR}/bin/opensearch-keystore +chmod 750 ${INSTALL_DIR}/bin/opensearch-plugin && chown ${USER}:${GROUP} ${INSTALL_DIR}/bin/opensearch-plugin +chmod 750 ${INSTALL_DIR}/bin/opensearch && chown ${USER}:${GROUP} ${INSTALL_DIR}/bin/opensearch +chmod 750 ${INSTALL_DIR}/bin/opensearch-cli && chown ${USER}:${GROUP} ${INSTALL_DIR}/bin/opensearch-cli +chmod 750 ${INSTALL_DIR}/bin/opensearch-env && chown ${USER}:${GROUP} ${INSTALL_DIR}/bin/opensearch-env +chmod 750 ${INSTALL_DIR}/bin/performance-analyzer-agent-cli && chown ${USER}:${GROUP} ${INSTALL_DIR}/bin/performance-analyzer-agent-cli +chmod 750 ${INSTALL_DIR}/bin/opensearch-env-from-file && chown ${USER}:${GROUP} ${INSTALL_DIR}/bin/opensearch-env-from-file +chmod 750 ${INSTALL_DIR}/bin/opensearch-upgrade && chown ${USER}:${GROUP} ${INSTALL_DIR}/bin/opensearch-upgrade +chmod 750 ${INSTALL_DIR}/bin/systemd-entrypoint && chown ${USER}:${GROUP} ${INSTALL_DIR}/bin/systemd-entrypoint +chmod 640 ${INSTALL_DIR}/lib/hppc-0.8.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/hppc-0.8.1.jar +chmod 640 ${INSTALL_DIR}/lib/lucene-highlighter-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-highlighter-8.10.1.jar +chmod 640 ${INSTALL_DIR}/lib/opensearch-geo-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/opensearch-geo-1.2.4.jar +chmod 640 ${INSTALL_DIR}/lib/lucene-spatial-extras-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-spatial-extras-8.10.1.jar +chmod 640 ${INSTALL_DIR}/lib/opensearch-cli-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/opensearch-cli-1.2.4.jar +chmod 640 ${INSTALL_DIR}/lib/java-version-checker-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/java-version-checker-1.2.4.jar +chmod 640 ${INSTALL_DIR}/lib/lucene-memory-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-memory-8.10.1.jar +chmod 640 ${INSTALL_DIR}/lib/log4j-api-2.17.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/log4j-api-2.17.1.jar +chmod 640 ${INSTALL_DIR}/lib/lucene-analyzers-common-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-analyzers-common-8.10.1.jar +chmod 640 ${INSTALL_DIR}/lib/snakeyaml-1.26.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/snakeyaml-1.26.jar +chmod 640 ${INSTALL_DIR}/lib/joda-time-2.10.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/joda-time-2.10.4.jar +chmod 640 ${INSTALL_DIR}/lib/opensearch-x-content-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/opensearch-x-content-1.2.4.jar +chmod 640 ${INSTALL_DIR}/lib/lucene-join-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-join-8.10.1.jar +chmod 640 ${INSTALL_DIR}/lib/opensearch-plugin-classloader-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/opensearch-plugin-classloader-1.2.4.jar +chmod 640 ${INSTALL_DIR}/lib/jna-5.5.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/jna-5.5.0.jar +chmod 640 ${INSTALL_DIR}/lib/jackson-dataformat-smile-2.12.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/jackson-dataformat-smile-2.12.5.jar +chmod 640 ${INSTALL_DIR}/lib/log4j-core-2.17.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/log4j-core-2.17.1.jar +chmod 640 ${INSTALL_DIR}/lib/lucene-suggest-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-suggest-8.10.1.jar +chmod 640 ${INSTALL_DIR}/lib/opensearch-launchers-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/opensearch-launchers-1.2.4.jar +chmod 640 ${INSTALL_DIR}/lib/jackson-dataformat-yaml-2.12.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/jackson-dataformat-yaml-2.12.5.jar +chmod 640 ${INSTALL_DIR}/lib/HdrHistogram-2.1.9.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/HdrHistogram-2.1.9.jar +chmod 640 ${INSTALL_DIR}/lib/lucene-core-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-core-8.10.1.jar +chmod 640 ${INSTALL_DIR}/lib/lucene-queries-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-queries-8.10.1.jar +chmod 640 ${INSTALL_DIR}/lib/opensearch-secure-sm-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/opensearch-secure-sm-1.2.4.jar +chmod 640 ${INSTALL_DIR}/lib/tools/plugin-cli/bcpg-fips-1.0.5.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/tools/plugin-cli/bcpg-fips-1.0.5.1.jar +chmod 640 ${INSTALL_DIR}/lib/tools/plugin-cli/opensearch-plugin-cli-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/tools/plugin-cli/opensearch-plugin-cli-1.2.4.jar +chmod 640 ${INSTALL_DIR}/lib/tools/plugin-cli/bc-fips-1.0.2.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/tools/plugin-cli/bc-fips-1.0.2.1.jar +chmod 640 ${INSTALL_DIR}/lib/tools/upgrade-cli/jackson-annotations-2.12.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/tools/upgrade-cli/jackson-annotations-2.12.5.jar +chmod 640 ${INSTALL_DIR}/lib/tools/upgrade-cli/jackson-databind-2.12.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/tools/upgrade-cli/jackson-databind-2.12.5.jar +chmod 640 ${INSTALL_DIR}/lib/tools/upgrade-cli/jackson-core-2.12.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/tools/upgrade-cli/jackson-core-2.12.5.jar +chmod 640 ${INSTALL_DIR}/lib/tools/upgrade-cli/opensearch-upgrade-cli-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/tools/upgrade-cli/opensearch-upgrade-cli-1.2.4.jar +chmod 640 ${INSTALL_DIR}/lib/tools/keystore-cli/keystore-cli-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/tools/keystore-cli/keystore-cli-1.2.4.jar +chmod 640 ${INSTALL_DIR}/lib/lucene-queryparser-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-queryparser-8.10.1.jar +chmod 640 ${INSTALL_DIR}/lib/lucene-sandbox-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-sandbox-8.10.1.jar +chmod 640 ${INSTALL_DIR}/lib/jts-core-1.15.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/jts-core-1.15.0.jar +chmod 640 ${INSTALL_DIR}/lib/jackson-dataformat-cbor-2.12.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/jackson-dataformat-cbor-2.12.5.jar +chmod 640 ${INSTALL_DIR}/lib/opensearch-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/opensearch-1.2.4.jar +chmod 640 ${INSTALL_DIR}/lib/lucene-grouping-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-grouping-8.10.1.jar +chmod 640 ${INSTALL_DIR}/lib/lucene-misc-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-misc-8.10.1.jar +chmod 640 ${INSTALL_DIR}/lib/jackson-core-2.12.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/jackson-core-2.12.5.jar +chmod 640 ${INSTALL_DIR}/lib/t-digest-3.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/t-digest-3.2.jar +chmod 640 ${INSTALL_DIR}/lib/opensearch-core-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/opensearch-core-1.2.4.jar +chmod 640 ${INSTALL_DIR}/lib/lucene-backward-codecs-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-backward-codecs-8.10.1.jar +chmod 640 ${INSTALL_DIR}/lib/spatial4j-0.7.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/spatial4j-0.7.jar +chmod 640 ${INSTALL_DIR}/lib/jopt-simple-5.0.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/jopt-simple-5.0.2.jar +chmod 640 ${INSTALL_DIR}/lib/lucene-spatial3d-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-spatial3d-8.10.1.jar +chmod 660 ${CONFIG_DIR}/opensearch-observability/observability.yml && chown ${USER}:${GROUP} ${CONFIG_DIR}/opensearch-observability/observability.yml +chmod 660 ${CONFIG_DIR}/opensearch-reports-scheduler/reports-scheduler.yml && chown ${USER}:${GROUP} ${CONFIG_DIR}/opensearch-reports-scheduler/reports-scheduler.yml +chmod 640 ${INSTALL_DIR}/NOTICE.txt && chown ${USER}:${GROUP} ${INSTALL_DIR}/NOTICE.txt +chmod 640 ${INSTALL_DIR}/LICENSE.txt && chown ${USER}:${GROUP} ${INSTALL_DIR}/LICENSE.txt +chmod 640 ${INSTALL_DIR}/plugins/opensearch-observability/opensearch-observability-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-observability/opensearch-observability-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-observability/common-utils-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-observability/common-utils-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-observability/kotlin-stdlib-1.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-observability/kotlin-stdlib-1.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-observability/annotations-13.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-observability/annotations-13.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-observability/kotlinx-coroutines-core-jvm-1.3.9.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-observability/kotlinx-coroutines-core-jvm-1.3.9.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-observability/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-observability/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/plugins/opensearch-observability/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-observability/plugin-security.policy +chmod 640 ${INSTALL_DIR}/plugins/opensearch-observability/kotlin-stdlib-common-1.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-observability/kotlin-stdlib-common-1.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-observability/guava-15.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-observability/guava-15.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/jsoup-1.14.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/jsoup-1.14.3.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/minimal-json-0.9.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/minimal-json-0.9.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/json-flattener-0.1.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/json-flattener-0.1.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/common-utils-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/common-utils-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/kotlin-stdlib-1.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/kotlin-stdlib-1.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/annotations-13.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/annotations-13.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/json-20180813.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/json-20180813.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/kotlinx-coroutines-core-jvm-1.3.9.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/kotlinx-coroutines-core-jvm-1.3.9.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/plugin-security.policy +chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/kotlin-stdlib-common-1.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/kotlin-stdlib-common-1.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/opensearch-reports-scheduler-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/opensearch-reports-scheduler-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/guava-15.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/guava-15.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/spring-beans-5.2.5.RELEASE.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/spring-beans-5.2.5.RELEASE.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/resilience4j-core-1.5.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/resilience4j-core-1.5.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/error_prone_annotations-2.3.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/error_prone_annotations-2.3.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/core-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/core-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/spring-expression-5.2.5.RELEASE.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/spring-expression-5.2.5.RELEASE.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/httpcore-nio-4.4.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/httpcore-nio-4.4.12.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/httpasyncclient-4.1.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/httpasyncclient-4.1.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/spring-aop-5.2.5.RELEASE.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/spring-aop-5.2.5.RELEASE.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/guava-29.0-jre.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/guava-29.0-jre.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/protocol-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/protocol-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/spring-context-5.2.5.RELEASE.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/spring-context-5.2.5.RELEASE.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/slf4j-api-1.7.30.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/slf4j-api-1.7.30.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/druid-1.0.15.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/druid-1.0.15.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/sql-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/sql-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/opensearch-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/opensearch-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/commons-lang3-3.10.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/commons-lang3-3.10.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/jackson-databind-2.11.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/jackson-databind-2.11.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/checker-qual-2.11.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/checker-qual-2.11.1.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/reindex-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/reindex-client-1.2.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/gson-2.8.9.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/gson-2.8.9.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/j2objc-annotations-1.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/j2objc-annotations-1.3.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/jsr305-3.0.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/jsr305-3.0.2.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/spring-core-5.2.5.RELEASE.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/spring-core-5.2.5.RELEASE.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/antlr4-runtime-4.7.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/antlr4-runtime-4.7.1.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/json-20180813.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/json-20180813.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/NOTICE.txt && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/NOTICE.txt +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/resilience4j-retry-1.5.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/resilience4j-retry-1.5.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/spring-jcl-5.2.5.RELEASE.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/spring-jcl-5.2.5.RELEASE.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/LICENSE.txt && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/LICENSE.txt +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/jackson-annotations-2.11.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/jackson-annotations-2.11.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/vavr-match-0.10.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/vavr-match-0.10.2.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/parent-join-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/parent-join-client-1.2.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/vavr-0.10.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/vavr-0.10.2.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/presto-matching-0.240.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/presto-matching-0.240.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/opensearch-rest-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/opensearch-rest-client-1.2.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/plugin-security.policy +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/httpclient-4.5.13.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/httpclient-4.5.13.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/legacy-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/legacy-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/opensearch-ssl-config-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/opensearch-ssl-config-1.2.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/commons-codec-1.13.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/commons-codec-1.13.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/opensearch-sql-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/opensearch-sql-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/commons-math3-3.6.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/commons-math3-3.6.1.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/ppl-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/ppl-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/httpcore-4.4.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/httpcore-4.4.12.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/failureaccess-1.0.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/failureaccess-1.0.1.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/common-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/common-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/ipaddress-5.3.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/ipaddress-5.3.3.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/common-utils-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/common-utils-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/annotations-13.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/annotations-13.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/kotlinx-coroutines-core-1.3.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/kotlinx-coroutines-core-1.3.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/opensearch-cross-cluster-replication-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/opensearch-cross-cluster-replication-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/kotlin-stdlib-common-1.3.72.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/kotlin-stdlib-common-1.3.72.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/kotlin-stdlib-jdk7-1.3.72.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/kotlin-stdlib-jdk7-1.3.72.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/kotlin-stdlib-1.3.72.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/kotlin-stdlib-1.3.72.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/kotlin-stdlib-jdk8-1.3.72.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/kotlin-stdlib-jdk8-1.3.72.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/commons-lang-2.6.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/commons-lang-2.6.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/error_prone_annotations-2.3.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/error_prone_annotations-2.3.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/guava-29.0-jre.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/guava-29.0-jre.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/opensearch-knn-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/opensearch-knn-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/checker-qual-2.11.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/checker-qual-2.11.1.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/j2objc-annotations-1.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/j2objc-annotations-1.3.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/jsr305-3.0.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/jsr305-3.0.2.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/knnlib/libopensearchknn_common.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/knnlib/libopensearchknn_common.so +chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/knnlib/libgomp.so.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/knnlib/libgomp.so.1 +chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/knnlib/libopensearchknn_nmslib.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/knnlib/libopensearchknn_nmslib.so +chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/knnlib/libopensearchknn_faiss.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/knnlib/libopensearchknn_faiss.so +chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/plugin-security.policy +chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/failureaccess-1.0.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/failureaccess-1.0.1.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-index-management/ipaddress-5.3.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management/ipaddress-5.3.3.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-index-management/common-utils-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management/common-utils-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-index-management/kotlin-stdlib-1.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management/kotlin-stdlib-1.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-index-management/annotations-13.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management/annotations-13.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-index-management/kotlinx-coroutines-core-jvm-1.3.9.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management/kotlinx-coroutines-core-jvm-1.3.9.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-index-management/notification-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management/notification-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-index-management/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/plugins/opensearch-index-management/kotlin-stdlib-jdk8-1.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management/kotlin-stdlib-jdk8-1.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-index-management/opensearch-index-management-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management/opensearch-index-management-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-index-management/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management/plugin-security.policy +chmod 640 ${INSTALL_DIR}/plugins/opensearch-index-management/kotlin-stdlib-common-1.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management/kotlin-stdlib-common-1.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-index-management/kotlin-stdlib-jdk7-1.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management/kotlin-stdlib-jdk7-1.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/error_prone_annotations-2.3.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/error_prone_annotations-2.3.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/sqlite-jdbc-3.32.3.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/sqlite-jdbc-3.32.3.2.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-stub-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-stub-1.28.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/bcpkix-jdk15on-1.68.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/bcpkix-jdk15on-1.68.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/bcprov-jdk15on-1.68.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/bcprov-jdk15on-1.68.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/jackson-databind-2.11.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/jackson-databind-2.11.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/protobuf-java-3.11.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/protobuf-java-3.11.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/paranamer-2.8.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/paranamer-2.8.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/jackson-module-paranamer-2.11.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/jackson-module-paranamer-2.11.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/gson-2.8.6.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/gson-2.8.6.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/j2objc-annotations-1.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/j2objc-annotations-1.3.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/commons-lang3-3.9.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/commons-lang3-3.9.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/jsr305-3.0.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/jsr305-3.0.2.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/perfmark-api-0.19.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/perfmark-api-0.19.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/opensearch-performance-analyzer-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/opensearch-performance-analyzer-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/guava-28.2-jre.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/guava-28.2-jre.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-core-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-core-1.28.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-netty-shaded-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-netty-shaded-1.28.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-context-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-context-1.28.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/annotations-4.1.1.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/annotations-4.1.1.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/animal-sniffer-annotations-1.18.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/animal-sniffer-annotations-1.18.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/jackson-annotations-2.11.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/jackson-annotations-2.11.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_bin/performance-analyzer-agent && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_bin/performance-analyzer-agent +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/performance-analyzer.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/performance-analyzer.properties +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/rca_master.conf && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/rca_master.conf +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/rca.conf && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/rca.conf +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/agent-stats-metadata && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/agent-stats-metadata +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/plugin-stats-metadata && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/plugin-stats-metadata +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/opensearch_security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/opensearch_security.policy +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/log4j2.xml && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/log4j2.xml +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/rca_idle_master.conf && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/rca_idle_master.conf +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/supervisord.conf && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/supervisord.conf +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/performanceanalyzer-rca-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/performanceanalyzer-rca-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/proto-google-common-protos-1.17.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/proto-google-common-protos-1.17.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/plugin-security.policy +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/javax.annotation-api-1.3.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/javax.annotation-api-1.3.2.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/checker-qual-2.10.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/checker-qual-2.10.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/commons-io-2.7.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/commons-io-2.7.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/jooq-3.10.8.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/jooq-3.10.8.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-protobuf-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-protobuf-1.28.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-protobuf-lite-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-protobuf-lite-1.28.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/extensions/performance-analyzer-agent && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/extensions/performance-analyzer-agent +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-api-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-api-1.28.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/failureaccess-1.0.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/failureaccess-1.0.1.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-job-scheduler/opensearch-job-scheduler-spi-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-job-scheduler/opensearch-job-scheduler-spi-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-job-scheduler/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-job-scheduler/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/plugins/opensearch-job-scheduler/opensearch-job-scheduler-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-job-scheduler/opensearch-job-scheduler-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensaml-saml-api-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensaml-saml-api-3.4.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/commons-codec-1.14.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/commons-codec-1.14.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/java-saml-2.5.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/java-saml-2.5.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/slf4j-api-1.7.25.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/slf4j-api-1.7.25.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/minimal-json-0.9.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/minimal-json-0.9.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensaml-security-api-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensaml-security-api-3.4.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jakarta.jws-api-2.1.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jakarta.jws-api-2.1.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/netty-codec-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/netty-codec-4.1.72.Final.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jackson-databind-2.11.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jackson-databind-2.11.2.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jakarta.activation-1.2.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jakarta.activation-1.2.2.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/commons-logging-1.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/commons-logging-1.2.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/json-path-2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/json-path-2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/aggs-matrix-stats-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/aggs-matrix-stats-client-1.2.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/httpcore-nio-4.4.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/httpcore-nio-4.4.12.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/httpasyncclient-4.1.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/httpasyncclient-4.1.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/lang-mustache-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/lang-mustache-client-1.2.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/bcprov-jdk15on-1.67.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/bcprov-jdk15on-1.67.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/json-flattener-0.5.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/json-flattener-0.5.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/cxf-rt-rs-json-basic-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/cxf-rt-rs-json-basic-3.4.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/snappy-java-1.1.7.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/snappy-java-1.1.7.3.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/netty-common-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/netty-common-4.1.72.Final.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensaml-xmlsec-impl-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensaml-xmlsec-impl-3.4.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/txw2-2.3.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/txw2-2.3.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/cxf-core-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/cxf-core-3.4.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jackson-annotations-2.11.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jackson-annotations-2.11.2.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/metrics-core-3.1.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/metrics-core-3.1.2.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensaml-soap-impl-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensaml-soap-impl-3.4.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/j2objc-annotations-1.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/j2objc-annotations-1.1.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jsr305-3.0.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jsr305-3.0.2.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensaml-messaging-api-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensaml-messaging-api-3.4.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensaml-storage-api-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensaml-storage-api-3.4.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/commons-lang-2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/commons-lang-2.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/mapper-extras-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/mapper-extras-client-1.2.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jakarta.xml.bind-api-2.3.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jakarta.xml.bind-api-2.3.3.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensaml-saml-impl-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensaml-saml-impl-3.4.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/java-saml-core-2.5.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/java-saml-core-2.5.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/cryptacular-1.1.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/cryptacular-1.1.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensaml-core-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensaml-core-3.4.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/commons-cli-1.3.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/commons-cli-1.3.1.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jjwt-api-0.10.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jjwt-api-0.10.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/log4j-slf4j-impl-2.17.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/log4j-slf4j-impl-2.17.1.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/commons-lang3-3.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/commons-lang3-3.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/lz4-java-1.7.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/lz4-java-1.7.1.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/rank-eval-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/rank-eval-client-1.2.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/ldaptive-1.2.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/ldaptive-1.2.3.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jakarta.xml.soap-api-1.4.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jakarta.xml.soap-api-1.4.2.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensearch-security-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensearch-security-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jjwt-jackson-0.10.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jjwt-jackson-0.10.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/whitelist.yml && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/whitelist.yml +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/tenants.yml && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/tenants.yml +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/nodes_dn.yml && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/nodes_dn.yml +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/audit.yml && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/audit.yml +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/action_groups.yml && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/action_groups.yml +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/config.yml && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/config.yml +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/roles_mapping.yml && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/roles_mapping.yml +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/roles.yml && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/roles.yml +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/opensearch.yml.example && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/opensearch.yml.example +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/internal_users.yml && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/internal_users.yml +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/woodstox-core-6.2.6.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/woodstox-core-6.2.6.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/eventbus-3.2.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/eventbus-3.2.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/istack-commons-runtime-3.0.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/istack-commons-runtime-3.0.12.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/asm-9.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/asm-9.1.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/parent-join-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/parent-join-client-1.2.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jjwt-impl-0.10.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jjwt-impl-0.10.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/json-smart-2.4.7.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/json-smart-2.4.7.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/xmlsec-2.2.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/xmlsec-2.2.3.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/tools/config.yml && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/tools/config.yml +chmod 740 ${INSTALL_DIR}/plugins/opensearch-security/tools/hash.sh && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/tools/hash.sh +chmod 740 ${INSTALL_DIR}/plugins/opensearch-security/tools/securityadmin.sh && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/tools/securityadmin.sh +chmod 740 ${INSTALL_DIR}/plugins/opensearch-security/tools/audit_config_migrater.sh && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/tools/audit_config_migrater.sh +chmod 740 ${INSTALL_DIR}/plugins/opensearch-security/tools/wazuh-cert-tool.sh && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/tools/wazuh-cert-tool.sh +chmod 740 ${INSTALL_DIR}/plugins/opensearch-security/tools/wazuh-passwords-tool.sh && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/tools/wazuh-passwords-tool.sh +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jakarta.xml.ws-api-2.3.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jakarta.xml.ws-api-2.3.3.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/xmlschema-core-2.2.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/xmlschema-core-2.2.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/httpclient-cache-4.5.13.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/httpclient-cache-4.5.13.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/velocity-1.7.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/velocity-1.7.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/error_prone_annotations-2.1.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/error_prone_annotations-2.1.3.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/netty-resolver-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/netty-resolver-4.1.72.Final.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/transport-netty4-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/transport-netty4-client-1.2.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/animal-sniffer-annotations-1.14.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/animal-sniffer-annotations-1.14.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/stax-ex-1.8.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/stax-ex-1.8.3.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensearch-rest-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensearch-rest-client-1.2.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/compiler-0.9.6.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/compiler-0.9.6.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/plugin-security.policy +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/guava-25.1-jre.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/guava-25.1-jre.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensaml-xmlsec-api-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensaml-xmlsec-api-3.4.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/httpclient-4.5.13.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/httpclient-4.5.13.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/zjsonpatch-0.4.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/zjsonpatch-0.4.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/accessors-smart-2.4.7.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/accessors-smart-2.4.7.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensearch-rest-high-level-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensearch-rest-high-level-client-1.2.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/cxf-rt-security-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/cxf-rt-security-3.4.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/java-support-7.5.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/java-support-7.5.1.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/netty-transport-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/netty-transport-4.1.72.Final.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/kafka-clients-2.5.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/kafka-clients-2.5.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/stax2-api-4.2.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/stax2-api-4.2.1.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/cxf-rt-rs-security-jose-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/cxf-rt-rs-security-jose-3.4.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensaml-profile-api-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensaml-profile-api-3.4.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jaxb-runtime-2.3.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jaxb-runtime-2.3.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensaml-security-impl-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensaml-security-impl-3.4.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/commons-collections-3.2.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/commons-collections-3.2.2.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/netty-buffer-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/netty-buffer-4.1.72.Final.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/saaj-impl-1.5.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/saaj-impl-1.5.3.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/commons-text-1.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/commons-text-1.2.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/zstd-jni-1.4.4-7.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/zstd-jni-1.4.4-7.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jakarta.annotation-api-1.3.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jakarta.annotation-api-1.3.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/geronimo-jta_1.1_spec-1.1.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/geronimo-jta_1.1_spec-1.1.1.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/checker-qual-2.0.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/checker-qual-2.0.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/netty-codec-http-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/netty-codec-http-4.1.72.Final.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/httpcore-4.4.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/httpcore-4.4.12.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensaml-soap-api-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensaml-soap-api-3.4.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/netty-handler-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/netty-handler-4.1.72.Final.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-asynchronous-search/opensearch-asynchronous-search-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-asynchronous-search/opensearch-asynchronous-search-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-asynchronous-search/common-utils-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-asynchronous-search/common-utils-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-asynchronous-search/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-asynchronous-search/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/plugins/opensearch-asynchronous-search/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-asynchronous-search/plugin-security.policy +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/commons-lang3-3.12.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/commons-lang3-3.12.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/commons-lang-2.6.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/commons-lang-2.6.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/org.jacoco.report-0.8.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/org.jacoco.report-0.8.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/slf4j-api-1.7.25.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/slf4j-api-1.7.25.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/error_prone_annotations-2.3.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/error_prone_annotations-2.3.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/httpcore-nio-4.4.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/httpcore-nio-4.4.12.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/httpasyncclient-4.1.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/httpasyncclient-4.1.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/guava-29.0-jre.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/guava-29.0-jre.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/randomcutforest-core-2.0.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/randomcutforest-core-2.0.1.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/randomcutforest-serialization-2.0.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/randomcutforest-serialization-2.0.1.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/jackson-databind-2.11.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/jackson-databind-2.11.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/checker-qual-2.11.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/checker-qual-2.11.1.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/randomcutforest-parkservices-2.0.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/randomcutforest-parkservices-2.0.1.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/gson-2.8.9.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/gson-2.8.9.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/protostuff-collectionschema-1.7.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/protostuff-collectionschema-1.7.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/j2objc-annotations-1.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/j2objc-annotations-1.3.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/common-utils-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/common-utils-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/opensearch-anomaly-detection-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/opensearch-anomaly-detection-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/jsr305-3.0.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/jsr305-3.0.2.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/org.jacoco.ant-0.8.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/org.jacoco.ant-0.8.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/commons-pool2-2.10.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/commons-pool2-2.10.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/sketches-core-0.13.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/sketches-core-0.13.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/org.jacoco.core-0.8.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/org.jacoco.core-0.8.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/org.jacoco.agent-0.8.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/org.jacoco.agent-0.8.5.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/protostuff-api-1.7.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/protostuff-api-1.7.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/memory-0.12.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/memory-0.12.2.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/jackson-annotations-2.11.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/jackson-annotations-2.11.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/protostuff-runtime-1.7.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/protostuff-runtime-1.7.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/protostuff-core-1.7.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/protostuff-core-1.7.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/commons-logging-1.1.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/commons-logging-1.1.3.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/opensearch-rest-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/opensearch-rest-client-1.2.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/plugin-security.policy +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/httpclient-4.5.13.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/httpclient-4.5.13.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/commons-codec-1.13.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/commons-codec-1.13.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/commons-math3-3.6.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/commons-math3-3.6.1.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/httpcore-4.4.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/httpcore-4.4.12.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/failureaccess-1.0.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/failureaccess-1.0.1.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/error_prone_annotations-2.3.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/error_prone_annotations-2.3.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/httpcore-nio-4.4.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/httpcore-nio-4.4.12.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/httpasyncclient-4.1.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/httpasyncclient-4.1.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/cron-utils-9.1.6.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/cron-utils-9.1.6.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/javax.mail-1.6.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/javax.mail-1.6.2.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/slf4j-api-1.7.30.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/slf4j-api-1.7.30.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/ipaddress-5.3.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/ipaddress-5.3.3.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/j2objc-annotations-1.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/j2objc-annotations-1.3.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/common-utils-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/common-utils-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/jsr305-3.0.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/jsr305-3.0.2.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/javax.el-3.0.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/javax.el-3.0.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/javassist-3.27.0-GA.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/javassist-3.27.0-GA.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/kotlinx-coroutines-core-1.1.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/kotlinx-coroutines-core-1.1.1.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/annotations-13.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/annotations-13.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/guava-30.0-jre.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/guava-30.0-jre.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/activation-1.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/activation-1.1.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/alerting-core-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/alerting-core-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/google-java-format-1.10.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/google-java-format-1.10.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/alerting-notification-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/alerting-notification-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/kotlin-stdlib-common-1.3.72.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/kotlin-stdlib-common-1.3.72.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/commons-logging-1.1.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/commons-logging-1.1.3.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/kotlin-stdlib-jdk7-1.3.72.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/kotlin-stdlib-jdk7-1.3.72.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/checker-qual-3.5.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/checker-qual-3.5.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/opensearch-rest-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/opensearch-rest-client-1.2.4.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/plugin-security.policy +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/httpclient-4.5.13.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/httpclient-4.5.13.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/opensearch-alerting-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/opensearch-alerting-1.2.4.0.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/kotlinx-coroutines-core-common-1.1.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/kotlinx-coroutines-core-common-1.1.1.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/kotlin-stdlib-1.3.72.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/kotlin-stdlib-1.3.72.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/commons-codec-1.13.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/commons-codec-1.13.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/kotlin-stdlib-jdk8-1.3.72.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/kotlin-stdlib-jdk8-1.3.72.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/httpcore-4.4.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/httpcore-4.4.12.jar +chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/failureaccess-1.0.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/failureaccess-1.0.1.jar +chmod 640 ${INSTALL_DIR}/modules/ingest-common/jcodings-1.0.44.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-common/jcodings-1.0.44.jar +chmod 640 ${INSTALL_DIR}/modules/ingest-common/joni-2.1.29.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-common/joni-2.1.29.jar +chmod 640 ${INSTALL_DIR}/modules/ingest-common/opensearch-grok-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-common/opensearch-grok-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/ingest-common/opensearch-dissect-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-common/opensearch-dissect-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/ingest-common/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-common/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/modules/ingest-common/ingest-common-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-common/ingest-common-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/geo/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/geo/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/modules/geo/geo-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/geo/geo-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/ingest-geoip/GeoLite2-Country.mmdb && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-geoip/GeoLite2-Country.mmdb +chmod 640 ${INSTALL_DIR}/modules/ingest-geoip/GeoLite2-City.mmdb && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-geoip/GeoLite2-City.mmdb +chmod 640 ${INSTALL_DIR}/modules/ingest-geoip/geoip2-2.13.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-geoip/geoip2-2.13.1.jar +chmod 640 ${INSTALL_DIR}/modules/ingest-geoip/maxmind-db-1.3.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-geoip/maxmind-db-1.3.1.jar +chmod 640 ${INSTALL_DIR}/modules/ingest-geoip/jackson-annotations-2.12.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-geoip/jackson-annotations-2.12.5.jar +chmod 640 ${INSTALL_DIR}/modules/ingest-geoip/jackson-databind-2.12.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-geoip/jackson-databind-2.12.5.jar +chmod 640 ${INSTALL_DIR}/modules/ingest-geoip/ingest-geoip-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-geoip/ingest-geoip-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/ingest-geoip/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-geoip/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/modules/ingest-geoip/GeoLite2-ASN.mmdb && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-geoip/GeoLite2-ASN.mmdb +chmod 640 ${INSTALL_DIR}/modules/ingest-geoip/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-geoip/plugin-security.policy +chmod 640 ${INSTALL_DIR}/modules/percolator/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/percolator/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/modules/percolator/percolator-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/percolator/percolator-client-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/analysis-common/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/analysis-common/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/modules/analysis-common/analysis-common-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/analysis-common/analysis-common-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/aggs-matrix-stats/aggs-matrix-stats-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/aggs-matrix-stats/aggs-matrix-stats-client-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/aggs-matrix-stats/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/aggs-matrix-stats/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/modules/repository-url/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/repository-url/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/modules/repository-url/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/repository-url/plugin-security.policy +chmod 640 ${INSTALL_DIR}/modules/repository-url/repository-url-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/repository-url/repository-url-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/lang-mustache/lang-mustache-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-mustache/lang-mustache-client-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/lang-mustache/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-mustache/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/modules/lang-mustache/compiler-0.9.6.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-mustache/compiler-0.9.6.jar +chmod 640 ${INSTALL_DIR}/modules/lang-mustache/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-mustache/plugin-security.policy +chmod 640 ${INSTALL_DIR}/modules/systemd/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/systemd/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/modules/systemd/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/systemd/plugin-security.policy +chmod 640 ${INSTALL_DIR}/modules/systemd/systemd-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/systemd/systemd-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/transport-netty4/netty-codec-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/transport-netty4/netty-codec-4.1.72.Final.jar +chmod 640 ${INSTALL_DIR}/modules/transport-netty4/netty-common-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/transport-netty4/netty-common-4.1.72.Final.jar +chmod 640 ${INSTALL_DIR}/modules/transport-netty4/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/transport-netty4/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/modules/transport-netty4/netty-resolver-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/transport-netty4/netty-resolver-4.1.72.Final.jar +chmod 640 ${INSTALL_DIR}/modules/transport-netty4/transport-netty4-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/transport-netty4/transport-netty4-client-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/transport-netty4/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/transport-netty4/plugin-security.policy +chmod 640 ${INSTALL_DIR}/modules/transport-netty4/netty-transport-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/transport-netty4/netty-transport-4.1.72.Final.jar +chmod 640 ${INSTALL_DIR}/modules/transport-netty4/netty-buffer-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/transport-netty4/netty-buffer-4.1.72.Final.jar +chmod 640 ${INSTALL_DIR}/modules/transport-netty4/netty-codec-http-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/transport-netty4/netty-codec-http-4.1.72.Final.jar +chmod 640 ${INSTALL_DIR}/modules/transport-netty4/netty-handler-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/transport-netty4/netty-handler-4.1.72.Final.jar +chmod 640 ${INSTALL_DIR}/modules/lang-expression/lucene-expressions-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-expression/lucene-expressions-8.10.1.jar +chmod 640 ${INSTALL_DIR}/modules/lang-expression/lang-expression-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-expression/lang-expression-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/lang-expression/antlr4-runtime-4.5.1-1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-expression/antlr4-runtime-4.5.1-1.jar +chmod 640 ${INSTALL_DIR}/modules/lang-expression/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-expression/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/modules/lang-expression/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-expression/plugin-security.policy +chmod 640 ${INSTALL_DIR}/modules/lang-expression/asm-5.0.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-expression/asm-5.0.4.jar +chmod 640 ${INSTALL_DIR}/modules/lang-expression/asm-commons-5.0.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-expression/asm-commons-5.0.4.jar +chmod 640 ${INSTALL_DIR}/modules/lang-expression/asm-tree-5.0.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-expression/asm-tree-5.0.4.jar +chmod 640 ${INSTALL_DIR}/modules/lang-painless/asm-7.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-painless/asm-7.2.jar +chmod 640 ${INSTALL_DIR}/modules/lang-painless/antlr4-runtime-4.5.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-painless/antlr4-runtime-4.5.3.jar +chmod 640 ${INSTALL_DIR}/modules/lang-painless/asm-tree-7.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-painless/asm-tree-7.2.jar +chmod 640 ${INSTALL_DIR}/modules/lang-painless/asm-util-7.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-painless/asm-util-7.2.jar +chmod 640 ${INSTALL_DIR}/modules/lang-painless/asm-analysis-7.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-painless/asm-analysis-7.2.jar +chmod 640 ${INSTALL_DIR}/modules/lang-painless/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-painless/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/modules/lang-painless/asm-commons-7.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-painless/asm-commons-7.2.jar +chmod 640 ${INSTALL_DIR}/modules/lang-painless/lang-painless-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-painless/lang-painless-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/lang-painless/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-painless/plugin-security.policy +chmod 640 ${INSTALL_DIR}/modules/lang-painless/opensearch-scripting-painless-spi-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-painless/opensearch-scripting-painless-spi-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/rank-eval/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/rank-eval/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/modules/rank-eval/rank-eval-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/rank-eval/rank-eval-client-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/opensearch-dashboards/httpcore-nio-4.4.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/opensearch-dashboards/httpcore-nio-4.4.12.jar +chmod 640 ${INSTALL_DIR}/modules/opensearch-dashboards/httpasyncclient-4.1.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/opensearch-dashboards/httpasyncclient-4.1.4.jar +chmod 640 ${INSTALL_DIR}/modules/opensearch-dashboards/reindex-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/opensearch-dashboards/reindex-client-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/opensearch-dashboards/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/opensearch-dashboards/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/modules/opensearch-dashboards/commons-logging-1.1.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/opensearch-dashboards/commons-logging-1.1.3.jar +chmod 640 ${INSTALL_DIR}/modules/opensearch-dashboards/opensearch-rest-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/opensearch-dashboards/opensearch-rest-client-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/opensearch-dashboards/httpclient-4.5.13.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/opensearch-dashboards/httpclient-4.5.13.jar +chmod 640 ${INSTALL_DIR}/modules/opensearch-dashboards/opensearch-dashboards-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/opensearch-dashboards/opensearch-dashboards-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/opensearch-dashboards/opensearch-ssl-config-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/opensearch-dashboards/opensearch-ssl-config-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/opensearch-dashboards/commons-codec-1.13.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/opensearch-dashboards/commons-codec-1.13.jar +chmod 640 ${INSTALL_DIR}/modules/opensearch-dashboards/httpcore-4.4.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/opensearch-dashboards/httpcore-4.4.12.jar +chmod 640 ${INSTALL_DIR}/modules/ingest-user-agent/ingest-user-agent-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-user-agent/ingest-user-agent-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/ingest-user-agent/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-user-agent/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/modules/mapper-extras/mapper-extras-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/mapper-extras/mapper-extras-client-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/mapper-extras/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/mapper-extras/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/modules/parent-join/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/parent-join/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/modules/parent-join/parent-join-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/parent-join/parent-join-client-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/reindex/httpcore-nio-4.4.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/reindex/httpcore-nio-4.4.12.jar +chmod 640 ${INSTALL_DIR}/modules/reindex/httpasyncclient-4.1.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/reindex/httpasyncclient-4.1.4.jar +chmod 640 ${INSTALL_DIR}/modules/reindex/reindex-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/reindex/reindex-client-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/reindex/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/reindex/plugin-descriptor.properties +chmod 640 ${INSTALL_DIR}/modules/reindex/commons-logging-1.1.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/reindex/commons-logging-1.1.3.jar +chmod 640 ${INSTALL_DIR}/modules/reindex/opensearch-rest-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/reindex/opensearch-rest-client-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/reindex/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/reindex/plugin-security.policy +chmod 640 ${INSTALL_DIR}/modules/reindex/httpclient-4.5.13.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/reindex/httpclient-4.5.13.jar +chmod 640 ${INSTALL_DIR}/modules/reindex/opensearch-ssl-config-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/reindex/opensearch-ssl-config-1.2.4.jar +chmod 640 ${INSTALL_DIR}/modules/reindex/commons-codec-1.13.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/reindex/commons-codec-1.13.jar +chmod 640 ${INSTALL_DIR}/modules/reindex/httpcore-4.4.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/reindex/httpcore-4.4.12.jar +chmod 640 ${INSTALL_DIR}/jdk/man/man1/jrunscript.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jrunscript.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/jcmd.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jcmd.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/java.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/java.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/jdeprscan.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jdeprscan.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/javadoc.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/javadoc.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/rmid.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/rmid.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/jar.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jar.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/jdb.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jdb.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/jpackage.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jpackage.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/jstatd.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jstatd.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/serialver.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/serialver.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/keytool.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/keytool.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/jconsole.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jconsole.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/jlink.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jlink.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/jhsdb.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jhsdb.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/jaotc.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jaotc.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/jshell.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jshell.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/rmiregistry.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/rmiregistry.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/javac.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/javac.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/jstack.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jstack.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/jfr.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jfr.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/jps.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jps.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/jarsigner.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jarsigner.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/jmod.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jmod.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/jstat.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jstat.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/jinfo.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jinfo.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/jmap.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jmap.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/jdeps.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jdeps.1 +chmod 640 ${INSTALL_DIR}/jdk/man/man1/javap.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/javap.1 +chmod 750 ${INSTALL_DIR}/jdk/bin/jdeps && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jdeps +chmod 750 ${INSTALL_DIR}/jdk/bin/rmiregistry && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/rmiregistry +chmod 750 ${INSTALL_DIR}/jdk/bin/jrunscript && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jrunscript +chmod 750 ${INSTALL_DIR}/jdk/bin/jdeprscan && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jdeprscan +chmod 750 ${INSTALL_DIR}/jdk/bin/jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jar +chmod 750 ${INSTALL_DIR}/jdk/bin/jmap && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jmap +chmod 750 ${INSTALL_DIR}/jdk/bin/jps && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jps +chmod 750 ${INSTALL_DIR}/jdk/bin/jstatd && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jstatd +chmod 750 ${INSTALL_DIR}/jdk/bin/rmid && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/rmid +chmod 750 ${INSTALL_DIR}/jdk/bin/java && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/java +chmod 750 ${INSTALL_DIR}/jdk/bin/jdb && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jdb +chmod 750 ${INSTALL_DIR}/jdk/bin/jimage && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jimage +chmod 750 ${INSTALL_DIR}/jdk/bin/javadoc && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/javadoc +chmod 750 ${INSTALL_DIR}/jdk/bin/jconsole && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jconsole +chmod 750 ${INSTALL_DIR}/jdk/bin/jcmd && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jcmd +chmod 750 ${INSTALL_DIR}/jdk/bin/jstack && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jstack +chmod 750 ${INSTALL_DIR}/jdk/bin/jinfo && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jinfo +chmod 750 ${INSTALL_DIR}/jdk/bin/jpackage && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jpackage +chmod 750 ${INSTALL_DIR}/jdk/bin/serialver && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/serialver +chmod 750 ${INSTALL_DIR}/jdk/bin/javap && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/javap +chmod 750 ${INSTALL_DIR}/jdk/bin/keytool && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/keytool +chmod 750 ${INSTALL_DIR}/jdk/bin/jaotc && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jaotc +chmod 750 ${INSTALL_DIR}/jdk/bin/jarsigner && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jarsigner +chmod 750 ${INSTALL_DIR}/jdk/bin/jhsdb && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jhsdb +chmod 750 ${INSTALL_DIR}/jdk/bin/jlink && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jlink +chmod 750 ${INSTALL_DIR}/jdk/bin/jfr && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jfr +chmod 750 ${INSTALL_DIR}/jdk/bin/jstat && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jstat +chmod 750 ${INSTALL_DIR}/jdk/bin/javac && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/javac +chmod 750 ${INSTALL_DIR}/jdk/bin/jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jmod +chmod 750 ${INSTALL_DIR}/jdk/bin/jshell && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jshell +chmod 640 ${INSTALL_DIR}/jdk/release && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/release +chmod 640 ${INSTALL_DIR}/jdk/legal/java.base/LICENSE && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.base/LICENSE +chmod 640 ${INSTALL_DIR}/jdk/legal/java.base/ADDITIONAL_LICENSE_INFO && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.base/ADDITIONAL_LICENSE_INFO +chmod 640 ${INSTALL_DIR}/jdk/legal/java.base/icu.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.base/icu.md +chmod 640 ${INSTALL_DIR}/jdk/legal/java.base/c-libutl.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.base/c-libutl.md +chmod 640 ${INSTALL_DIR}/jdk/legal/java.base/public_suffix.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.base/public_suffix.md +chmod 640 ${INSTALL_DIR}/jdk/legal/java.base/cldr.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.base/cldr.md +chmod 640 ${INSTALL_DIR}/jdk/legal/java.base/aes.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.base/aes.md +chmod 640 ${INSTALL_DIR}/jdk/legal/java.base/ASSEMBLY_EXCEPTION && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.base/ASSEMBLY_EXCEPTION +chmod 640 ${INSTALL_DIR}/jdk/legal/java.base/asm.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.base/asm.md +chmod 640 ${INSTALL_DIR}/jdk/legal/java.base/unicode.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.base/unicode.md +chmod 640 ${INSTALL_DIR}/jdk/legal/jdk.dynalink/dynalink.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/jdk.dynalink/dynalink.md +chmod 640 ${INSTALL_DIR}/jdk/legal/jdk.javadoc/jqueryUI.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/jdk.javadoc/jqueryUI.md +chmod 640 ${INSTALL_DIR}/jdk/legal/jdk.javadoc/jquery.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/jdk.javadoc/jquery.md +chmod 640 ${INSTALL_DIR}/jdk/legal/java.xml/xalan.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.xml/xalan.md +chmod 640 ${INSTALL_DIR}/jdk/legal/java.xml/xerces.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.xml/xerces.md +chmod 640 ${INSTALL_DIR}/jdk/legal/java.xml/jcup.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.xml/jcup.md +chmod 640 ${INSTALL_DIR}/jdk/legal/java.xml/bcel.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.xml/bcel.md +chmod 640 ${INSTALL_DIR}/jdk/legal/java.xml/dom.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.xml/dom.md +chmod 640 ${INSTALL_DIR}/jdk/legal/java.smartcardio/pcsclite.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.smartcardio/pcsclite.md +chmod 640 ${INSTALL_DIR}/jdk/legal/jdk.internal.opt/jopt-simple.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/jdk.internal.opt/jopt-simple.md +chmod 640 ${INSTALL_DIR}/jdk/legal/java.xml.crypto/santuario.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.xml.crypto/santuario.md +chmod 640 ${INSTALL_DIR}/jdk/legal/jdk.localedata/thaidict.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/jdk.localedata/thaidict.md +chmod 640 ${INSTALL_DIR}/jdk/legal/jdk.internal.le/jline.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/jdk.internal.le/jline.md +chmod 640 ${INSTALL_DIR}/jdk/legal/jdk.crypto.cryptoki/pkcs11cryptotoken.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/jdk.crypto.cryptoki/pkcs11cryptotoken.md +chmod 640 ${INSTALL_DIR}/jdk/legal/jdk.crypto.cryptoki/pkcs11wrapper.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/jdk.crypto.cryptoki/pkcs11wrapper.md +chmod 640 ${INSTALL_DIR}/jdk/legal/java.desktop/xwd.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.desktop/xwd.md +chmod 640 ${INSTALL_DIR}/jdk/legal/java.desktop/mesa3d.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.desktop/mesa3d.md +chmod 640 ${INSTALL_DIR}/jdk/legal/java.desktop/harfbuzz.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.desktop/harfbuzz.md +chmod 640 ${INSTALL_DIR}/jdk/legal/java.desktop/lcms.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.desktop/lcms.md +chmod 640 ${INSTALL_DIR}/jdk/legal/java.desktop/freetype.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.desktop/freetype.md +chmod 640 ${INSTALL_DIR}/jdk/legal/java.desktop/giflib.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.desktop/giflib.md +chmod 640 ${INSTALL_DIR}/jdk/legal/java.desktop/jpeg.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.desktop/jpeg.md +chmod 640 ${INSTALL_DIR}/jdk/legal/java.desktop/colorimaging.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.desktop/colorimaging.md +chmod 640 ${INSTALL_DIR}/jdk/legal/java.desktop/libpng.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.desktop/libpng.md +chmod 640 ${INSTALL_DIR}/jdk/legal/jdk.crypto.ec/ecc.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/jdk.crypto.ec/ecc.md +chmod 640 ${INSTALL_DIR}/jdk/lib/server/libjsig.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/server/libjsig.so +chmod 640 ${INSTALL_DIR}/jdk/lib/server/classes.jsa && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/server/classes.jsa +chmod 640 ${INSTALL_DIR}/jdk/lib/server/classes_nocoops.jsa && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/server/classes_nocoops.jsa +chmod 640 ${INSTALL_DIR}/jdk/lib/server/libjvm.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/server/libjvm.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libawt.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libawt.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libawt_headless.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libawt_headless.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libsplashscreen.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libsplashscreen.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libnio.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libnio.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libjdwp.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libjdwp.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libj2pcsc.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libj2pcsc.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libjli.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libjli.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libsctp.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libsctp.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libjimage.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libjimage.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libjsig.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libjsig.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libjava.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libjava.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libsunec.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libsunec.so +chmod 640 ${INSTALL_DIR}/jdk/lib/liblcms.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/liblcms.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libawt_xawt.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libawt_xawt.so +chmod 640 ${INSTALL_DIR}/jdk/lib/jexec && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/jexec +chmod 640 ${INSTALL_DIR}/jdk/lib/libverify.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libverify.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libmanagement_agent.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libmanagement_agent.so +chmod 640 ${INSTALL_DIR}/jdk/lib/psfont.properties.ja && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/psfont.properties.ja +chmod 640 ${INSTALL_DIR}/jdk/lib/libprefs.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libprefs.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libzip.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libzip.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libjaas.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libjaas.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libjsound.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libjsound.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libextnet.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libextnet.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libj2gss.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libj2gss.so +chmod 640 ${INSTALL_DIR}/jdk/lib/tzdb.dat && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/tzdb.dat +chmod 640 ${INSTALL_DIR}/jdk/lib/libdt_socket.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libdt_socket.so +chmod 640 ${INSTALL_DIR}/jdk/lib/psfontj2d.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/psfontj2d.properties +chmod 640 ${INSTALL_DIR}/jdk/lib/jvm.cfg && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/jvm.cfg +chmod 640 ${INSTALL_DIR}/jdk/lib/ct.sym && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/ct.sym +chmod 640 ${INSTALL_DIR}/jdk/lib/libj2pkcs11.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libj2pkcs11.so +chmod 640 ${INSTALL_DIR}/jdk/lib/jfr/default.jfc && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/jfr/default.jfc +chmod 640 ${INSTALL_DIR}/jdk/lib/jfr/profile.jfc && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/jfr/profile.jfc +chmod 640 ${INSTALL_DIR}/jdk/lib/libmanagement_ext.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libmanagement_ext.so +chmod 640 ${INSTALL_DIR}/jdk/lib/classlist && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/classlist +chmod 640 ${INSTALL_DIR}/jdk/lib/libnet.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libnet.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libjavajpeg.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libjavajpeg.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libfontmanager.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libfontmanager.so +chmod 640 ${INSTALL_DIR}/jdk/lib/modules && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/modules +chmod 640 ${INSTALL_DIR}/jdk/lib/libinstrument.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libinstrument.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libmanagement.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libmanagement.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libjawt.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libjawt.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libsaproc.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libsaproc.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libmlib_image.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libmlib_image.so +chmod 640 ${INSTALL_DIR}/jdk/lib/security/cacerts && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/security/cacerts +chmod 640 ${INSTALL_DIR}/jdk/lib/security/blacklisted.certs && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/security/blacklisted.certs +chmod 640 ${INSTALL_DIR}/jdk/lib/security/public_suffix_list.dat && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/security/public_suffix_list.dat +chmod 640 ${INSTALL_DIR}/jdk/lib/security/default.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/security/default.policy +chmod 640 ${INSTALL_DIR}/jdk/lib/librmi.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/librmi.so +chmod 750 ${INSTALL_DIR}/jdk/lib/jspawnhelper && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/jspawnhelper +chmod 640 ${INSTALL_DIR}/jdk/lib/jrt-fs.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/jrt-fs.jar +chmod 640 ${INSTALL_DIR}/jdk/lib/libattach.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libattach.so +chmod 640 ${INSTALL_DIR}/jdk/lib/libfreetype.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libfreetype.so +chmod 640 ${INSTALL_DIR}/jdk/include/jvmti.h && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/include/jvmti.h +chmod 640 ${INSTALL_DIR}/jdk/include/classfile_constants.h && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/include/classfile_constants.h +chmod 640 ${INSTALL_DIR}/jdk/include/jdwpTransport.h && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/include/jdwpTransport.h +chmod 640 ${INSTALL_DIR}/jdk/include/jawt.h && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/include/jawt.h +chmod 640 ${INSTALL_DIR}/jdk/include/jni.h && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/include/jni.h +chmod 640 ${INSTALL_DIR}/jdk/include/jvmticmlr.h && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/include/jvmticmlr.h +chmod 640 ${INSTALL_DIR}/jdk/include/linux/jawt_md.h && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/include/linux/jawt_md.h +chmod 640 ${INSTALL_DIR}/jdk/include/linux/jni_md.h && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/include/linux/jni_md.h +chmod 640 ${INSTALL_DIR}/jdk/conf/net.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/net.properties +chmod 640 ${INSTALL_DIR}/jdk/conf/sound.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/sound.properties +chmod 640 ${INSTALL_DIR}/jdk/conf/sdp/sdp.conf.template && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/sdp/sdp.conf.template +chmod 640 ${INSTALL_DIR}/jdk/conf/management/management.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/management/management.properties +chmod 640 ${INSTALL_DIR}/jdk/conf/management/jmxremote.access && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/management/jmxremote.access +chmod 640 ${INSTALL_DIR}/jdk/conf/management/jmxremote.password.template && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/management/jmxremote.password.template +chmod 640 ${INSTALL_DIR}/jdk/conf/logging.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/logging.properties +chmod 640 ${INSTALL_DIR}/jdk/conf/security/java.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/security/java.policy +chmod 640 ${INSTALL_DIR}/jdk/conf/security/policy/limited/default_US_export.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/security/policy/limited/default_US_export.policy +chmod 640 ${INSTALL_DIR}/jdk/conf/security/policy/limited/exempt_local.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/security/policy/limited/exempt_local.policy +chmod 640 ${INSTALL_DIR}/jdk/conf/security/policy/limited/default_local.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/security/policy/limited/default_local.policy +chmod 640 ${INSTALL_DIR}/jdk/conf/security/policy/unlimited/default_US_export.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/security/policy/unlimited/default_US_export.policy +chmod 640 ${INSTALL_DIR}/jdk/conf/security/policy/unlimited/default_local.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/security/policy/unlimited/default_local.policy +chmod 640 ${INSTALL_DIR}/jdk/conf/security/policy/README.txt && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/security/policy/README.txt +chmod 640 ${INSTALL_DIR}/jdk/conf/security/java.security && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/security/java.security +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.unsupported.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.unsupported.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/java.transaction.xa.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.transaction.xa.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.crypto.cryptoki.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.crypto.cryptoki.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/java.rmi.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.rmi.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.attach.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.attach.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.jshell.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.jshell.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.xml.dom.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.xml.dom.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/java.se.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.se.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.internal.ed.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.internal.ed.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.jartool.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.jartool.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.compiler.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.compiler.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/java.base.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.base.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/java.smartcardio.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.smartcardio.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.security.auth.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.security.auth.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.unsupported.desktop.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.unsupported.desktop.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/java.security.sasl.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.security.sasl.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.incubator.foreign.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.incubator.foreign.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/java.management.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.management.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.management.agent.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.management.agent.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/java.xml.crypto.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.xml.crypto.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.internal.vm.ci.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.internal.vm.ci.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/java.prefs.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.prefs.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.crypto.ec.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.crypto.ec.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.internal.jvmstat.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.internal.jvmstat.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/java.sql.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.sql.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.incubator.jpackage.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.incubator.jpackage.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/java.xml.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.xml.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/java.security.jgss.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.security.jgss.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/java.compiler.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.compiler.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.sctp.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.sctp.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.charsets.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.charsets.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.management.jfr.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.management.jfr.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.jlink.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.jlink.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.localedata.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.localedata.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.jsobject.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.jsobject.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.net.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.net.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.hotspot.agent.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.hotspot.agent.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.jstatd.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.jstatd.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.dynalink.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.dynalink.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.jfr.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.jfr.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/java.naming.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.naming.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.internal.le.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.internal.le.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.jcmd.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.jcmd.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.management.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.management.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/java.net.http.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.net.http.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/java.logging.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.logging.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.accessibility.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.accessibility.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.internal.opt.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.internal.opt.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/java.management.rmi.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.management.rmi.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.security.jgss.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.security.jgss.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/java.desktop.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.desktop.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.nio.mapmode.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.nio.mapmode.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.internal.vm.compiler.management.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.internal.vm.compiler.management.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.jdwp.agent.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.jdwp.agent.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.jdi.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.jdi.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.javadoc.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.javadoc.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.naming.rmi.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.naming.rmi.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.naming.dns.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.naming.dns.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.editpad.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.editpad.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.jdeps.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.jdeps.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.internal.vm.compiler.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.internal.vm.compiler.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/java.sql.rowset.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.sql.rowset.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/java.scripting.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.scripting.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/java.datatransfer.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.datatransfer.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.httpserver.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.httpserver.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.zipfs.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.zipfs.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.aot.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.aot.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.jconsole.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.jconsole.jmod +chmod 640 ${INSTALL_DIR}/jdk/jmods/java.instrument.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.instrument.jmod \ No newline at end of file diff --git a/wazuh-indexer/config/entrypoint.sh b/wazuh-indexer/config/entrypoint.sh index 60c3eabb..9b0ec833 100644 --- a/wazuh-indexer/config/entrypoint.sh +++ b/wazuh-indexer/config/entrypoint.sh @@ -5,38 +5,53 @@ # Start Wazuh indexer ############################################################################## +export USER=wazuh-indexer +export OPENSEARCH_PATH_CONF=/etc/wazuh-indexer +export INSTALLATION_DIR=/usr/share/wazuh-indexer +export JAVA_HOME=${INSTALLATION_DIR}/jdk +export FILE=${INSTALLATION_DIR}/start - - - service wazuh-indexer start - sleep 5 - service wazuh-indexer status - sleep 5 - -if [ $NODE_TYPE == "worker" ] - then - echo "inicio ver node_type" - echo $NODE_TYPE - echo "fin ver node_type" - rm -rf /var/lib/wazuh-indexer/* - else - echo "inicio ver hostname" - echo $HOSTNAME - sleep 1 - echo "fin ver hostname" - echo "inicio ver node_type" - echo $NODE_TYPE - sleep 1 - echo "fin ver node_type" - export OPENSEARCH_PATH_CONF=/etc/wazuh-indexer - export JAVA_HOME=/usr/share/wazuh-indexer/jdk - /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig -icl -p 9800 -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig -nhnv -cacert /etc/wazuh-indexer/certs/root-ca.pem -cert /etc/wazuh-indexer/certs/admin.pem -key /etc/wazuh-indexer/certs/admin-key.pem - cat /var/log/wazuh-indexer/opensearch.log +if [ -f $FILE ] + then + echo "second or more start" + else + if [ $NODE_TYPE == "worker" ] + then + echo "node_type start" + echo $NODE_TYPE + echo "node_type end" + rm -rf /var/lib/wazuh-indexer/* + sleep 70 + echo "worker restart" + touch $FILE + else + echo "hostname start" + echo $HOSTNAME + echo "hostname end" + echo "node_type start" + echo $NODE_TYPE + echo "node_type end" + service wazuh-indexer start + sleep 5 + service wazuh-indexer status + sleep 55 + /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig -icl -p 9800 -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig -nhnv -cacert /etc/wazuh-indexer/certs/root-ca.pem -cert /etc/wazuh-indexer/certs/admin.pem -key /etc/wazuh-indexer/certs/admin-key.pem -h $HOSTNAME + touch $FILE + fi fi - -#export JAVA_HOME=/usr/share/wazuh-indexer/jdk/ && bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/ -nhnv -cacert /etc/wazuh-indexer/certs/root-ca.pem -cert /etc/wazuh-indexer/certs/admin.pem -key /etc/wazuh-indexer/certs/admin-key.pem -p 9800 -icl +sed -i '/path.logs:/d' /etc/wazuh-indexer/opensearch.yml -tail -f /var/log/wazuh-indexer/wazuh-cluster.log +service wazuh-indexer stop +service wazuh-indexer start +#CLK_TK=`getconf CLK_TCK` runuser ${USER} --shell="/bin/bash" --command="${INSTALLATION_DIR}/bin/opensearch" + +if [ -f /var/log/wazuh-indexer/wazuh-cluster.log ] + then + tail -f /var/log/wazuh-indexer/wazuh-cluster.log + else + while true; do sleep 1000; done +fi + diff --git a/wazuh-indexer/config/tarball.sh b/wazuh-indexer/config/tarball.sh new file mode 100644 index 00000000..2cb1dd64 --- /dev/null +++ b/wazuh-indexer/config/tarball.sh @@ -0,0 +1,33 @@ +export NAME=wazuh-indexer +export VERSION=4.3.0 +export RELEASE=1 +export USER=$NAME +export GROUP=$NAME +export CONFIG_DIR=/etc/$NAME +export LOG_DIR=/var/log/$NAME +export LIB_DIR=/var/lib/$NAME +export SYS_DIR=/usr/lib +export INSTALL_DIR=/usr/share/$NAME +export REPO_DIR=/root/unattended_installer + +mkdir -p ${INSTALL_DIR} +mkdir -p /etc +mkdir -p ${LOG_DIR} +mkdir -p ${LIB_DIR} +mkdir -p ${SYS_DIR} + +curl -kOL https://artifacts.opensearch.org/releases/bundle/opensearch/1.2.4/opensearch-${1}-linux-x64.tar.gz +tar zxf opensearch-${1}-linux-x64.tar.gz && rm -f opensearch-${1}.tar.gz +chown -R ${USER}:${GROUP} opensearch-${1}/* +mkdir -p /etc/wazuh-indexer && chown -R ${USER}:${GROUP} /etc/wazuh-indexer && cp opensearch-${1}/config/* /etc/wazuh-indexer/ +#etc/init.d directory not found +#etc/sysconfig directory not found +#usr directory not found +cp -pr opensearch-*/LICENSE.txt ${RPM_BUILD_ROOT}${INSTALL_DIR}/ +cp -pr opensearch-*/NOTICE.txt ${RPM_BUILD_ROOT}${INSTALL_DIR}/ +cp -pr opensearch-*/jdk ${RPM_BUILD_ROOT}${INSTALL_DIR}/ +cp -pr opensearch-*/plugins ${RPM_BUILD_ROOT}${INSTALL_DIR}/ +cp -pr opensearch-*/performance-analyzer-rca ${RPM_BUILD_ROOT}${INSTALL_DIR}/ +cp -pr opensearch-*/modules ${RPM_BUILD_ROOT}${INSTALL_DIR}/ +cp -pr opensearch-*/lib ${RPM_BUILD_ROOT}${INSTALL_DIR}/ +cp -pr opensearch-*/bin ${RPM_BUILD_ROOT}${INSTALL_DIR}/ From efed32f99706b8b1e8f35cdd5f87accf379e4f1c Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 4 Feb 2022 17:37:58 -0300 Subject: [PATCH 019/163] Add Wazuh indexer cluster configuration --- docker-compose.yml | 7 +- generate-indexer-certs.yml | 4 +- production-cluster.yml | 13 +- production_cluster/kibana_ssl/cert.pem | 21 -- production_cluster/kibana_ssl/key.pem | 28 --- production_cluster/nginx/ssl/cert.pem | 21 -- production_cluster/nginx/ssl/key.pem | 28 --- .../wazuh-indexer/opensearch-node1.yml | 16 +- .../wazuh-indexer/opensearch-node2 copy.yml | 40 ---- .../wazuh-indexer/opensearch-node2.yml | 16 +- .../wazuh-indexer/opensearch-node3.yml | 16 +- test-cluster.yml.yml | 209 ++++++++++++++++++ wazuh-dashboard/config/entrypoint.sh | 2 +- wazuh-dashboard/config/entrypoint_prueba.sh | 59 ----- wazuh-dashboard/config/wazuh-dashboard.yml | 14 -- wazuh-indexer/Dockerfile_new | 57 ++++- wazuh-indexer/config/config.sh | 50 +++-- wazuh-indexer/config/config2.sh | 53 +++++ wazuh-indexer/config/entrypoint.sh | 21 +- wazuh-indexer/config/entrypoint_OS.sh | 89 ++++++++ wazuh-indexer/config/entrypoint_odfe.sh | 103 --------- wazuh-indexer/config/tarball.sh | 33 --- .../config/unattended_installer.tar.gz | Bin 0 -> 8865 bytes 23 files changed, 484 insertions(+), 416 deletions(-) delete mode 100644 production_cluster/kibana_ssl/cert.pem delete mode 100644 production_cluster/kibana_ssl/key.pem delete mode 100644 production_cluster/nginx/ssl/cert.pem delete mode 100644 production_cluster/nginx/ssl/key.pem delete mode 100644 production_cluster/wazuh-indexer/opensearch-node2 copy.yml create mode 100644 test-cluster.yml.yml delete mode 100644 wazuh-dashboard/config/entrypoint_prueba.sh delete mode 100644 wazuh-dashboard/config/wazuh-dashboard.yml create mode 100644 wazuh-indexer/config/config2.sh create mode 100644 wazuh-indexer/config/entrypoint_OS.sh delete mode 100644 wazuh-indexer/config/entrypoint_odfe.sh delete mode 100644 wazuh-indexer/config/tarball.sh create mode 100644 wazuh-indexer/config/unattended_installer.tar.gz diff --git a/docker-compose.yml b/docker-compose.yml index 73d82ce4..58513581 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh: - image: wazuh/wazuh-odfe:4.2.5 + image: wazuh/wazuh-odfe:4.3.0 hostname: wazuh-manager restart: always ports: @@ -30,7 +30,7 @@ services: - filebeat_var:/var/lib/filebeat wazuh-indexer: - image: wazuh-indexer + image: test-indexer hostname: node1 restart: always ports: @@ -39,7 +39,8 @@ services: - discovery.type=single-node - cluster.name=wazuh-cluster - network.host=0.0.0.0 - - "ES_JAVA_OPTS=-Xms512m -Xmx512m" + - plugins.security.allow_default_init_securityindex=true + - "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m" - bootstrap.memory_lock=true ulimits: memlock: diff --git a/generate-indexer-certs.yml b/generate-indexer-certs.yml index acc05e81..01503c55 100644 --- a/generate-indexer-certs.yml +++ b/generate-indexer-certs.yml @@ -3,8 +3,8 @@ version: '3' services: generator: - image: certs_creator #wazuh/opendistro-certs-generator:0.1 + image: wazuh/opendistro-certs-generator:0.1 hostname: opendistro-certs-generator volumes: - - ./production_cluster/wazuh_indexer_ssl_certs/certs.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/tools/config.yml + - ./production_cluster/wazuh_indexer_ssl_certs/certs.yml:/usr/src/config/myconf.yml - ./production_cluster/wazuh_indexer_ssl_certs/:/usr/src/certs/out/ \ No newline at end of file diff --git a/production-cluster.yml b/production-cluster.yml index e5248381..ae431ba2 100644 --- a/production-cluster.yml +++ b/production-cluster.yml @@ -73,8 +73,9 @@ services: ports: - "9700:9700" environment: - - "ES_JAVA_OPTS=-Xms1g -Xmx1g" + - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g" - "NODE_TYPE=master" + - "bootstrap.memory_lock=true" ulimits: memlock: soft: -1 @@ -97,8 +98,9 @@ services: hostname: wazuh-indexer-2 restart: always environment: - - "ES_JAVA_OPTS=-Xms1g -Xmx1g" + - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g" - "NODE_TYPE=worker" + - "bootstrap.memory_lock=true" ulimits: memlock: soft: -1 @@ -113,14 +115,15 @@ services: - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-2.pem:/etc/wazuh-indexer/certs/wazuh-indexer-2.pem - ./production_cluster/wazuh-indexer/opensearch-node2.yml:/etc/wazuh-indexer/opensearch.yml - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml - + wazuh-indexer-3: image: wazuh-indexer hostname: wazuh-indexer-3 restart: always environment: - - "ES_JAVA_OPTS=-Xms1g -Xmx1g" + - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g" - "NODE_TYPE=worker" + - "bootstrap.memory_lock=true" ulimits: memlock: soft: -1 @@ -135,7 +138,7 @@ services: - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-3.pem:/etc/wazuh-indexer/certs/wazuh-indexer-3.pem - ./production_cluster/wazuh-indexer/opensearch-node3.yml:/etc/wazuh-indexer/opensearch.yml - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml - + kibana: image: wazuh/wazuh-dashboard:4.3.0 hostname: kibana diff --git a/production_cluster/kibana_ssl/cert.pem b/production_cluster/kibana_ssl/cert.pem deleted file mode 100644 index 92da3280..00000000 --- a/production_cluster/kibana_ssl/cert.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDazCCAlOgAwIBAgIUaIlPP3pCoqvkHYK4/3ATalS/l4MwDQYJKoZIhvcNAQEL -BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM -GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMjAxMjgxODE1MDRaFw0yMzAx -MjgxODE1MDRaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw -HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB -AQUAA4IBDwAwggEKAoIBAQDtxUl6m3HlUPeTIXQu+BVCOiscwtVXTlSaIlOhz/cu -Py5ptLRMHdO1vTIawPag9Y1bLaLpkPuGSVUIXFhhfvc20OlQ0HaHMVu+zA6B+pV0 -uZTg4HAX7NJhGMh9qv1APtoeTx7wbG48f6+udV2bbay4a/+jQ8wkYeeTcRNSs7cz -zN30ToPUul/41ekROqvCwl7ss7BF0V/9V2ZgMnwdix7ogEZckYEvDkDccud+cF+f -CRBABKlueFL5C2+d5AkhQef8BqzjnwsRSlWSRulfcU4G0pkmVG+v59PnGaOuKVs/ -g6zOfvCmb3nKSMmJJs5sJfEN0JD1Xir6nJlEQMukRBKZAgMBAAGjUzBRMB0GA1Ud -DgQWBBRH3Gak7M/uyi4SvAv8sd3oX3uHADAfBgNVHSMEGDAWgBRH3Gak7M/uyi4S -vAv8sd3oX3uHADAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBv -1wBbjz5JSBU9UfJh5IPxTudOTtHQgU1N55M8Qz0cNBpc6dtyL/+xc85UoTKo9BEH -ZluycPDyFeIjEyvCTLTdJLkRY4gqKGgnI9JtR4nOGLjX2le1o78uL6aayYTHaQVF -Q/5K7q+JOwDXu4haBupKl43fZSFQhMQOpsKt9+PHymBXSxP35FrLNVG+UQcQNiwT -2u9Vm0K36TEmTc+eeVPo6L2bTqhWbURSJpsnMXEGssIUVuzHu2iPjsJpf6rW93DD -ZI41gjPBBuDrOPxuNQ5M9wz5j9Ckv3CHBXwg868qUAklv6tj+7bovbngof67HL4W -GzUBqvUWcjo4dV/ZkA1Z ------END CERTIFICATE----- diff --git a/production_cluster/kibana_ssl/key.pem b/production_cluster/kibana_ssl/key.pem deleted file mode 100644 index 9fd51c8a..00000000 --- a/production_cluster/kibana_ssl/key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDtxUl6m3HlUPeT -IXQu+BVCOiscwtVXTlSaIlOhz/cuPy5ptLRMHdO1vTIawPag9Y1bLaLpkPuGSVUI -XFhhfvc20OlQ0HaHMVu+zA6B+pV0uZTg4HAX7NJhGMh9qv1APtoeTx7wbG48f6+u -dV2bbay4a/+jQ8wkYeeTcRNSs7czzN30ToPUul/41ekROqvCwl7ss7BF0V/9V2Zg -Mnwdix7ogEZckYEvDkDccud+cF+fCRBABKlueFL5C2+d5AkhQef8BqzjnwsRSlWS -RulfcU4G0pkmVG+v59PnGaOuKVs/g6zOfvCmb3nKSMmJJs5sJfEN0JD1Xir6nJlE -QMukRBKZAgMBAAECggEANp+sUc6ES/pd5h85YdD8kUprvR/Fg1krdn2MWRA96RH6 -x64L/bCcgpQEfsD15+SBpQDG/IGiRydxsYoFg+B3StCTyU0a7dQZD6wxaQr4auh3 -m3H0TorJiiT3amdt5uSJl4z1vqYqbRuocJvl9V8s3vFwuUFKFNGpMeY4WjePTwbA -SoVvXHsatA6QPNfIYJXIdWD5DdPMIABWuFThm/hDfq1n57DsKQa3/pvyj4tMqKw9 -K0cgVJWqCFqAlza7WErn9NDvGOZxJqzmgAbjnj9l18VRHp1uzKn0oZBM50zuvykU -HpEoe+GCktNy8PhDx3w60gxftKgFilgRyHvVNYwAAQKBgQD/IghMwhWTrNlzxj20 -oQ2NwUnPNJjsu0ZklAAp4axekipu3kI5bNyoBBBTg1uJwHnfLOJxmCPuCBzvqcA+ -kr8jUH7DuKAHEdDyt6rGAyAnLHKI9+WRztXJqBwhk/CmHoxM/cT5sdEog3Z8WAes -sm7IPnI1J/0BevrcmDDwrot2AQKBgQDulCY3lZgpWj9PSKzkwxBYMGwVDKYwin38 -NY4a/jf+PzIXVrZSeLDmSgkNqgvsHCnjrzfI6dC+wG3wjblgM4ocAM3C6eG8Obnp -Bv+llfDGsndO9VO0oLeycyPkukrVBnG90KL+FEdJleLMb8Zcw8f8xF09lks5gmSX -ZEfv4mKMmQKBgQC9Csp7lZPHSFwXnNw76tnQH1hBYAev4VPXUpKMddryd/tZCvam -9jLJi7lNKBe7ihLDes6OvNxik0BdlLoNo05dLFfBThvFIT5hmhW/grFgVV7IfmZs -E4X1VcsCVkwJyrjKk35QRaFlE4PHvrJxFAVh+mNFX8voPOeEbIBW1f4gAQKBgBK1 -NUX4igT8GajK5xvNG/P+YAtKgaGeyoBDZtBBDPz30aK43vUal6yHM6yJoAO0tagv -7izoAMFkb3qEcnvTrsnBWmElW9kZobVfIh7G4imChw5++EBatezdUHw4C3Qm3DZp -LM7Fok1n3m/vd9uAUqdEcpdIuL9atS6V43oxA09JAoGBALO0H5n/jQxfzS1FzAR8 -ywA093adt4v84C8BsVj/nsMk56mqTquWtAuEgur7sWk2sBosb9qKsN0VmWG8h4nk -aV/nJopx77c8GAWzyiJ5W34mhS0LiTfax8L0FBx79eis+/lXr2bujgNJkGE7JHOu -zNDYtcVvKModj/du4hXIKExr ------END PRIVATE KEY----- diff --git a/production_cluster/nginx/ssl/cert.pem b/production_cluster/nginx/ssl/cert.pem deleted file mode 100644 index 25dfcf89..00000000 --- a/production_cluster/nginx/ssl/cert.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDazCCAlOgAwIBAgIUKLi6nm5vryQ/9xCQOJsSZpsxT5MwDQYJKoZIhvcNAQEL -BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM -GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMjAxMjcxOTQ3MDhaFw0yMzAx -MjcxOTQ3MDhaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw -HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB -AQUAA4IBDwAwggEKAoIBAQCbp1+YDLidHAF/7qfVN8kLixNgclux6FNcupmSo7om -gtS42zAfimDvlukhRTL/keV4yis2WwhLq/CP/FGvPVoSLnqXUx9oyW4X7zCHastq -dHj62wI+SgcbqTZidTqFdPt4WnJ17UauUuBGLqeDZALwUD2l45aYPPj6N+LjjdBW -Ag2Q6g3iWJM2uAY3Qu5IHf8yngkGWuFsKYleyGSdRWzSr6OUKsDj0ZljD3fKhWB1 -5+KFL/n9uRoHGrT/1O1FJFxUzX7PCO+6c16NN9tO1BP4dwiP+u8kORiiVoJ7xWlU -BJd88rfIV1Rds94nBGAl1H9eJMEe0dbdFCQEzhPf0KB3AgMBAAGjUzBRMB0GA1Ud -DgQWBBTRbzcDxJ1bHGdtqtvYUAGAV1xFGzAfBgNVHSMEGDAWgBTRbzcDxJ1bHGdt -qtvYUAGAV1xFGzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBr -uuCdm/zj5BfGD6Dg3V0nPOHeHv4b4UN4husPFRSb0YanZWTHpENfrbhRFknM9Ut1 -k6ces6c0m9UvDJQtIGkXQM57EXe2PYbDhPeP3GWvc1ymQoPoHwPmKtnrd2vTV0ni -MxAkr2BwX9Az0NrEef0ccAgyYXm+JBnQK4ZxTln4bBkK6+aZ34w9lGUSql33pdk4 -v9wySOffEOkaCFqXH6xZ1P4pJqcydaM75JXMuMg8DteSixARjuI5Ce6cyiki1Yte -nK8GqZC8lsM/s8ag3dHq0FT9gP0VGonKATqdknGa5bxCo/NolUhcyPgYPiTpz4s9 -w8668jDUM62W84lvKa6P ------END CERTIFICATE----- diff --git a/production_cluster/nginx/ssl/key.pem b/production_cluster/nginx/ssl/key.pem deleted file mode 100644 index 8f62f328..00000000 --- a/production_cluster/nginx/ssl/key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCbp1+YDLidHAF/ -7qfVN8kLixNgclux6FNcupmSo7omgtS42zAfimDvlukhRTL/keV4yis2WwhLq/CP -/FGvPVoSLnqXUx9oyW4X7zCHastqdHj62wI+SgcbqTZidTqFdPt4WnJ17UauUuBG -LqeDZALwUD2l45aYPPj6N+LjjdBWAg2Q6g3iWJM2uAY3Qu5IHf8yngkGWuFsKYle -yGSdRWzSr6OUKsDj0ZljD3fKhWB15+KFL/n9uRoHGrT/1O1FJFxUzX7PCO+6c16N -N9tO1BP4dwiP+u8kORiiVoJ7xWlUBJd88rfIV1Rds94nBGAl1H9eJMEe0dbdFCQE -zhPf0KB3AgMBAAECggEAFJRvnjHoYtVmGV0bkaRbj4wm1rSoDQCzrOn7DhlZrmfT -6lEIrtLj+CmSz1RP5tyKY4sPZZNpqF+mYdMxlaLd+tNsX/+cgoVHaiC04OKs3Hlj -2X8Fb+jnwa+AwknPn/+UlBgZVCA4HSpV/tGCUmvxu4ZQcFOEAMLnBGZJOF7ysbxE -9Q08spPjQQgYfScS9pRhKRj8PG+qepifpMAg4GtiT9u70r2DC+IbxmE15MUtA/qM -vqHhGLaH3LiuEI0sBEvU95mgQAGaScDiJR1uQ7VrRHQJlxYnxoNywe+8cvpi+qjK -E3NvQpI0NP1/BroDMP2je2FYedWipolR9vNpRK5FyQKBgQDLnI1jqMyl86xMzePi -G7gp/9IAi+5xwCs4o8THmozi3ktn0ma5hlg2RjP19tdslr39I47L9RMPnis+SYIE -Qzdol+wV0VhQmBt7yot+EnPgPqz1zxhGmeji+wImGgV+1acBV++YaDYimI8Ux1uG -Z4faczDrhpAG8TaECr5PCcieFQKBgQDDs/MzI0hVs+xzgLlcTrA7jgZnCVxtAVBa -NAEN0tJ1AC2lL5nYlcfd0x2ebRmluRCGmS8HfZ/3lTTARTE+HED/Vf2C0svStSwx -aDEu9zFYgxCI5ZYzwxcubvlpoEUaLS9jJPAiW/rSuImAinA3hDDq92VJwcr4qFu0 -WrB7iMlzWwKBgQCwkEZvmI42jnLoe1ZU2dK+4O87uByCmbEhQaq/qH7psPjUxDh+ -Q0i1b/VZIr+2k5WXMUGADjqEPZWkQtwzVBJ1aeC5Hrulz/FtTLvgDKJdYBxeYELd -3lN8mUxIvCHt1donqRjFIgFnyMGytBnjGF5PibpvU1YMHxo2MJbNNV+57QKBgQCo -nly2O/kwNqVNY6TSHs6Dkbx8fLlRBmfIQLSDx5kjzDKH+DqTPYKG40bK4O/PNWRC -xKubxabV+I4J99QU0t1B40JZvOx3MTjRnRd7gurWe578hOxkzvwjOuTVGI1Rn4sL -3qC0yhGUDAIVabKEcvZ/DQgNg9cxZkYVYGpdFh+UrwKBgGGb0yr7dBuvzVaJ5fLj -ITwJr6kqD41JVd0MKpGzIDGubMaGTtdc6N6GjIyNzgJAQ9VDv0l45BUYfjKtNp90 -al8RIfH0xUdPGHT/7JBgyEWZqBF88dC9Kn4JVfKzoaQK89a2RM554MxKuQOKw2Yr -q6EnyW8xKHg3z06lzZeFF51C ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh-indexer/opensearch-node1.yml b/production_cluster/wazuh-indexer/opensearch-node1.yml index 3ef82d19..aba06f5c 100644 --- a/production_cluster/wazuh-indexer/opensearch-node1.yml +++ b/production_cluster/wazuh-indexer/opensearch-node1.yml @@ -1,8 +1,14 @@ network.host: wazuh-indexer node.name: wazuh-indexer -cluster.initial_master_nodes: wazuh-indexer,wazuh-indexer-2,wazuh-indexer-3 +cluster.initial_master_nodes: + - wazuh-indexer + - wazuh-indexer-2 + - wazuh-indexer-3 cluster.name: "wazuh-cluster" -discovery.seed_hosts: wazuh-indexer,wazuh-indexer-2,wazuh-indexer-3 +discovery.seed_hosts: + - wazuh-indexer + - wazuh-indexer-2 + - wazuh-indexer-3 http.port: 9700-9799 transport.tcp.port: 9800-9899 node.max_local_storage_nodes: "3" @@ -36,5 +42,7 @@ plugins.security.nodes_dn: plugins.security.restapi.roles_enabled: - "all_access" - "security_rest_api_access" -plugins.security.system_indices.enabled: true -plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opensearch-observability", ".opendistro-asynchronous-search-response*", ".replication-metadata-store"] +plugins.security.allow_default_init_securityindex: true +cluster.routing.allocation.disk.threshold_enabled: false +opendistro_security.audit.config.disabled_rest_categories: NONE +opendistro_security.audit.config.disabled_transport_categories: NONE diff --git a/production_cluster/wazuh-indexer/opensearch-node2 copy.yml b/production_cluster/wazuh-indexer/opensearch-node2 copy.yml deleted file mode 100644 index 3a57f906..00000000 --- a/production_cluster/wazuh-indexer/opensearch-node2 copy.yml +++ /dev/null @@ -1,40 +0,0 @@ -network.host: wazuh-indexer-2 -node.name: wazuh-indexer-2 -cluster.initial_master_nodes: wazuh-indexer,wazuh-indexer-2,wazuh-indexer-3 -cluster.name: "wazuh-cluster" -discovery.seed_hosts: wazuh-indexer,wazuh-indexer-2,wazuh-indexer-3 -http.port: 9700-9799 -transport.tcp.port: 9800-9899 -node.max_local_storage_nodes: "3" -path.data: /var/lib/wazuh-indexer -path.logs: /var/log/wazuh-indexer -############################################################################### -# # -# WARNING: Insecure demo certificates set up in this file. # -# Please change on production cluster! # -# # -############################################################################### -plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/wazuh-indexer-2.pem -plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/wazuh-indexer-2.key -plugins.security.ssl.http.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem -plugins.security.ssl.transport.pemcert_filepath: /etc/wazuh-indexer/certs/wazuh-indexer-2.pem -plugins.security.ssl.transport.pemkey_filepath: /etc/wazuh-indexer/certs/wazuh-indexer-2.key -plugins.security.ssl.transport.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem -plugins.security.ssl.http.enabled: true -plugins.security.ssl.transport.enforce_hostname_verification: false -plugins.security.ssl.transport.resolve_hostname: false -plugins.security.audit.type: internal_opensearch -plugins.security.authcz.admin_dn: -- 'CN=admin,OU=Ops,O=Example\, Inc.,DC=example,DC=com' -plugins.security.check_snapshot_restore_write_privileges: true -plugins.security.enable_snapshot_restore_privilege: true -plugins.security.nodes_dn: -- 'CN=wazuh-indexer,OU=Ops,O=Example\, Inc.,DC=example,DC=com' -- 'CN=wazuh-indexer-2,OU=Ops,O=Example\, Inc.,DC=example,DC=com' -- 'CN=wazuh-indexer-3,OU=Ops,O=Example\, Inc.,DC=example,DC=com' -- 'CN=filebeat,OU=Ops,O=Example\, Inc.,DC=example,DC=com' -plugins.security.restapi.roles_enabled: -- "all_access" -- "security_rest_api_access" -plugins.security.system_indices.enabled: true -plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opensearch-observability", ".opendistro-asynchronous-search-response*", ".replication-metadata-store"] diff --git a/production_cluster/wazuh-indexer/opensearch-node2.yml b/production_cluster/wazuh-indexer/opensearch-node2.yml index a20cbf57..7e4e1db7 100644 --- a/production_cluster/wazuh-indexer/opensearch-node2.yml +++ b/production_cluster/wazuh-indexer/opensearch-node2.yml @@ -1,8 +1,14 @@ network.host: wazuh-indexer-2 node.name: wazuh-indexer-2 -cluster.initial_master_nodes: wazuh-indexer,wazuh-indexer-2,wazuh-indexer-3 +cluster.initial_master_nodes: + - wazuh-indexer + - wazuh-indexer-2 + - wazuh-indexer-3 cluster.name: "wazuh-cluster" -discovery.seed_hosts: wazuh-indexer,wazuh-indexer-2,wazuh-indexer-3 +discovery.seed_hosts: + - wazuh-indexer + - wazuh-indexer-2 + - wazuh-indexer-3 http.port: 9700-9799 transport.tcp.port: 9800-9899 node.max_local_storage_nodes: "3" @@ -36,5 +42,7 @@ plugins.security.nodes_dn: plugins.security.restapi.roles_enabled: - "all_access" - "security_rest_api_access" -plugins.security.system_indices.enabled: true -plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opensearch-observability", ".opendistro-asynchronous-search-response*", ".replication-metadata-store"] +plugins.security.allow_default_init_securityindex: true +cluster.routing.allocation.disk.threshold_enabled: false +opendistro_security.audit.config.disabled_rest_categories: NONE +opendistro_security.audit.config.disabled_transport_categories: NONE \ No newline at end of file diff --git a/production_cluster/wazuh-indexer/opensearch-node3.yml b/production_cluster/wazuh-indexer/opensearch-node3.yml index 49257c7f..96d840e9 100644 --- a/production_cluster/wazuh-indexer/opensearch-node3.yml +++ b/production_cluster/wazuh-indexer/opensearch-node3.yml @@ -1,8 +1,14 @@ network.host: wazuh-indexer-3 node.name: wazuh-indexer-3 -cluster.initial_master_nodes: wazuh-indexer,wazuh-indexer-2,wazuh-indexer-3 +cluster.initial_master_nodes: + - wazuh-indexer + - wazuh-indexer-2 + - wazuh-indexer-3 cluster.name: "wazuh-cluster" -discovery.seed_hosts: wazuh-indexer,wazuh-indexer-2,wazuh-indexer-3 +discovery.seed_hosts: + - wazuh-indexer + - wazuh-indexer-2 + - wazuh-indexer-3 http.port: 9700-9799 transport.tcp.port: 9800-9899 node.max_local_storage_nodes: "3" @@ -36,5 +42,7 @@ plugins.security.nodes_dn: plugins.security.restapi.roles_enabled: - "all_access" - "security_rest_api_access" -plugins.security.system_indices.enabled: true -plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opensearch-observability", ".opendistro-asynchronous-search-response*", ".replication-metadata-store"] +plugins.security.allow_default_init_securityindex: true +cluster.routing.allocation.disk.threshold_enabled: false +opendistro_security.audit.config.disabled_rest_categories: NONE +opendistro_security.audit.config.disabled_transport_categories: NONE \ No newline at end of file diff --git a/test-cluster.yml.yml b/test-cluster.yml.yml new file mode 100644 index 00000000..7069fae0 --- /dev/null +++ b/test-cluster.yml.yml @@ -0,0 +1,209 @@ +# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2) +version: '3.7' + +services: + wazuh-master: + image: wazuh/wazuh-odfe:4.3.0 + hostname: wazuh-master + restart: always + ports: + - "1515:1515" + - "514:514/udp" + - "55000:55000" + environment: + - ELASTICSEARCH_URL=https://wazuh-indexer:9700 + - ELASTIC_USERNAME=admin + - ELASTIC_PASSWORD=admin + - FILEBEAT_SSL_VERIFICATION_MODE=full + - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem + - SSL_CERTIFICATE=/etc/ssl/filebeat.pem + - SSL_KEY=/etc/ssl/filebeat.key + - API_USERNAME=acme-user + - API_PASSWORD=MyS3cr37P450r.*- + volumes: + - ossec-api-configuration:/var/ossec/api/configuration + - ossec-etc:/var/ossec/etc + - ossec-logs:/var/ossec/logs + - ossec-queue:/var/ossec/queue + - ossec-var-multigroups:/var/ossec/var/multigroups + - ossec-integrations:/var/ossec/integrations + - ossec-active-response:/var/ossec/active-response/bin + - ossec-agentless:/var/ossec/agentless + - ossec-wodles:/var/ossec/wodles + - filebeat-etc:/etc/filebeat + - filebeat-var:/var/lib/filebeat + - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem + - ./production_cluster/wazuh_indexer_ssl_certs/filebeat.pem:/etc/ssl/filebeat.pem + - ./production_cluster/wazuh_indexer_ssl_certs/filebeat.key:/etc/ssl/filebeat.key + - ./production_cluster/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf + + wazuh-worker: + image: wazuh/wazuh-odfe:4.3.0 + hostname: wazuh-worker + restart: always + environment: + - ELASTICSEARCH_URL=https://wazuh-indexer:9700 + - ELASTIC_USERNAME=admin + - ELASTIC_PASSWORD=admin + - FILEBEAT_SSL_VERIFICATION_MODE=full + - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem + - SSL_CERTIFICATE=/etc/ssl/filebeat.pem + - SSL_KEY=/etc/ssl/filebeat.key + volumes: + - worker-ossec-api-configuration:/var/ossec/api/configuration + - worker-ossec-etc:/var/ossec/etc + - worker-ossec-logs:/var/ossec/logs + - worker-ossec-queue:/var/ossec/queue + - worker-ossec-var-multigroups:/var/ossec/var/multigroups + - worker-ossec-integrations:/var/ossec/integrations + - worker-ossec-active-response:/var/ossec/active-response/bin + - worker-ossec-agentless:/var/ossec/agentless + - worker-ossec-wodles:/var/ossec/wodles + - worker-filebeat-etc:/etc/filebeat + - worker-filebeat-var:/var/lib/filebeat + - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem + - ./production_cluster/wazuh_indexer_ssl_certs/filebeat.pem:/etc/ssl/filebeat.pem + - ./production_cluster/wazuh_indexer_ssl_certs/filebeat.key:/etc/ssl/filebeat.key + - ./production_cluster/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf + + wazuh-indexer: + image: test-indexer + hostname: wazuh-indexer + restart: always + ports: + - "9700:9700" + environment: + - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g" + - "bootstrap.memory_lock=true" + ulimits: + memlock: + soft: -1 + hard: -1 + nofile: + soft: 65536 + hard: 65536 + volumes: + - wazuh-indexer-data-1:/var/lib/wazuh-indexer + - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer.key:/etc/wazuh-indexer/certs/wazuh-indexer.key + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer.pem:/etc/wazuh-indexer/certs/wazuh-indexer.pem + - ./production_cluster/wazuh_indexer_ssl_certs/admin.pem:/etc/wazuh-indexer/certs/admin.pem + - ./production_cluster/wazuh_indexer_ssl_certs/admin.key:/etc/wazuh-indexer/certs/admin-key.pem + - ./production_cluster/wazuh-indexer/opensearch-node1.yml:/etc/wazuh-indexer/opensearch.yml + - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml + + wazuh-indexer-2: + image: test-indexer + hostname: wazuh-indexer-2 + restart: always + environment: + - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g" + - "bootstrap.memory_lock=true" + ulimits: + memlock: + soft: -1 + hard: -1 + nofile: + soft: 65536 + hard: 65536 + volumes: + - wazuh-indexer-data-2:/var/lib/wazuh-indexer + - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-2.key:/etc/wazuh-indexer/certs/wazuh-indexer-2.key + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-2.pem:/etc/wazuh-indexer/certs/wazuh-indexer-2.pem + - ./production_cluster/wazuh-indexer/opensearch-node2.yml:/etc/wazuh-indexer/opensearch.yml + - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml + + wazuh-indexer-3: + image: test-indexer + hostname: wazuh-indexer-3 + restart: always + environment: + - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g" + - "bootstrap.memory_lock=true" + ulimits: + memlock: + soft: -1 + hard: -1 + nofile: + soft: 65536 + hard: 65536 + volumes: + - wazuh-indexer-data-3:/var/lib/wazuh-indexer + - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-3.key:/etc/wazuh-indexer/certs/wazuh-indexer-3.key + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-3.pem:/etc/wazuh-indexer/certs/wazuh-indexer-3.pem + - ./production_cluster/wazuh-indexer/opensearch-node3.yml:/etc/wazuh-indexer/opensearch.yml + - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml + + kibana: + image: wazuh/wazuh-dashboard:4.3.0 + hostname: kibana + restart: always + ports: + - 5601:5601 + environment: + - ELASTICSEARCH_USERNAME=admin + - ELASTICSEARCH_PASSWORD=admin + - SERVER_SSL_ENABLED=true + - SERVER_SSL_CERTIFICATE=/etc/wazuh-dashboard/certs/cert.pem + - SERVER_SSL_KEY=/etc/wazuh-dashboard/certs/key.pem + - WAZUH_API_URL="https://wazuh-master" + - API_USERNAME=acme-user + - API_PASSWORD=MyS3cr37P450r.*- + volumes: + - ./production_cluster/wazuh_dashboard_ssl/cert.pem:/etc/wazuh-dashboard/certs/cert.pem + - ./production_cluster/wazuh_dashboard_ssl/key.pem:/etc/wazuh-dashboard/certs/key.pem + + depends_on: + - wazuh-indexer + links: + - wazuh-indexer:wazuh-indexer + - wazuh-master:wazuh-master + + nginx: + image: nginx:stable + hostname: nginx + restart: always + ports: + - "80:80" + - "443:443" + - "1514:1514" + depends_on: + - wazuh-master + - wazuh-worker + - kibana + links: + - wazuh-master:wazuh-master + - wazuh-worker:wazuh-worker + - kibana:kibana + volumes: + - ./production_cluster/nginx/nginx.conf:/etc/nginx/nginx.conf:ro + - ./production_cluster/nginx/ssl:/etc/nginx/ssl:ro + +volumes: + ossec-api-configuration: + ossec-etc: + ossec-logs: + ossec-queue: + ossec-var-multigroups: + ossec-integrations: + ossec-active-response: + ossec-agentless: + ossec-wodles: + filebeat-etc: + filebeat-var: + worker-ossec-api-configuration: + worker-ossec-etc: + worker-ossec-logs: + worker-ossec-queue: + worker-ossec-var-multigroups: + worker-ossec-integrations: + worker-ossec-active-response: + worker-ossec-agentless: + worker-ossec-wodles: + worker-filebeat-etc: + worker-filebeat-var: + wazuh-indexer-data-1: + wazuh-indexer-data-2: + wazuh-indexer-data-3: diff --git a/wazuh-dashboard/config/entrypoint.sh b/wazuh-dashboard/config/entrypoint.sh index 0169fb29..c0d98a53 100644 --- a/wazuh-dashboard/config/entrypoint.sh +++ b/wazuh-dashboard/config/entrypoint.sh @@ -5,7 +5,7 @@ # Start Wazuh dashboard ############################################################################## -sed -i 's/:9700/wazuh-indexer:9700/' /etc/wazuh-dashboard/dashboard.yml +sed -i 's/localhost:9700/wazuh-indexer:9700/' /etc/wazuh-dashboard/dashboard.yml sed -i 's//0.0.0.0/' /etc/wazuh-dashboard/dashboard.yml sed -i '/logging.dest:/d' /etc/wazuh-dashboard/dashboard.yml diff --git a/wazuh-dashboard/config/entrypoint_prueba.sh b/wazuh-dashboard/config/entrypoint_prueba.sh deleted file mode 100644 index 91e44dc1..00000000 --- a/wazuh-dashboard/config/entrypoint_prueba.sh +++ /dev/null @@ -1,59 +0,0 @@ -#!/bin/bash -# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) - -set -e - -############################################################################## -# Waiting for indexer -############################################################################## - -if [ "x${ELASTICSEARCH_URL}" == "x" ]; then - if [[ ${ENABLED_SECURITY} == "false" ]]; then - export el_url="http://elasticsearch:9200" - else - export el_url="https://elasticsearch:9200" - fi -else - export el_url="${ELASTICSEARCH_URL}" -fi - -if [[ ${ENABLED_SECURITY} == "false" || "x${ELASTICSEARCH_USERNAME}" == "x" || "x${ELASTICSEARCH_PASSWORD}" == "x" ]]; then - auth="" - # remove security plugin from kibana if elasticsearch is not using it either - /usr/share/kibana/bin/kibana-plugin remove opendistro_security -else - export auth="--user ${ELASTICSEARCH_USERNAME}:${ELASTICSEARCH_PASSWORD} -k" -fi - -until curl -XGET $el_url ${auth}; do - >&2 echo "Elastic is unavailable - sleeping" - sleep 5 -done - -sleep 2 - ->&2 echo "Elasticsearch is up." - - -############################################################################## -# Waiting for wazuh alerts template -############################################################################## - -strlen=0 - -while [[ $strlen -eq 0 ]] -do - template=$(curl ${auth} $el_url/_cat/templates/wazuh -s) - strlen=${#template} - >&2 echo "Wazuh alerts template not loaded - sleeping." - sleep 2 -done - -chown wazuh-dashboard:wazuh-dashboard /etc/wazuh-dashboard/certs/* - -sleep 5 - -./wazuh_app_config.sh - - -while true; do sleep 1000; done diff --git a/wazuh-dashboard/config/wazuh-dashboard.yml b/wazuh-dashboard/config/wazuh-dashboard.yml deleted file mode 100644 index 8786ea4c..00000000 --- a/wazuh-dashboard/config/wazuh-dashboard.yml +++ /dev/null @@ -1,14 +0,0 @@ -server.host: 0.0.0.0 -server.port: 443 -opensearch.hosts: https://localhost:9700 -opensearch.ssl.verificationMode: certificate -opensearch.username: kibanaserver -opensearch.password: kibanaserver -opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"] -opensearch_security.multitenancy.enabled: false -opensearch_security.readonly_mode.roles: ["kibana_read_only"] -server.ssl.enabled: true -server.ssl.key: "/etc/wazuh-dashboard/certs/wazuh-dashboard-key.pem" -server.ssl.certificate: "/etc/wazuh-dashboard/certs/wazuh-dashboard.pem" -opensearch.ssl.certificateAuthorities: ["/etc/wazuh-dashboard/certs/root-ca.pem"] -logging.dest: "/var/log/wazuh-dashboard/wazuh-dashboard.log" \ No newline at end of file diff --git a/wazuh-indexer/Dockerfile_new b/wazuh-indexer/Dockerfile_new index 63276d9b..cbfe2087 100644 --- a/wazuh-indexer/Dockerfile_new +++ b/wazuh-indexer/Dockerfile_new @@ -1,8 +1,8 @@ -FROM centos:7 AS builder +FROM ubuntu:focal AS builder ENV tini_bin="tini-amd64" -RUN yum install initscripts curl -y +RUN apt-get update -y && apt-get install curl -y RUN curl --retry 8 -S -L -O https://github.com/krallin/tini/releases/download/v0.19.0/${tini_bin} RUN curl --retry 8 -S -L -O https://github.com/krallin/tini/releases/download/v0.19.0/${tini_bin}.sha256sum @@ -19,8 +19,10 @@ RUN sha256sum -c ${tini_bin}.sha256sum && \ #RUN chmod 0775 config config/jvm.options.d data logs #COPY config/opensearch.yml config/log4j2.properties config/ #RUN chmod 0660 config/opensearch.yml config/log4j2.properties -COPY config/config.sh . -RUN bash config.sh +COPY config/unattended_installer.tar.gz / +COPY config/config2.sh . +RUN tar -xzvf /unattended_installer.tar.gz +RUN bash config2.sh ################################################################################ # Build stage 1 (the actual OpenSearch image): @@ -28,15 +30,48 @@ RUN bash config.sh # Copy opensearch from stage 0 # Add entrypoint ################################################################################ -FROM alpine +FROM ubuntu:focal + ENV USER="wazuh-indexer" \ GROUP="wazuh-indexer" \ NAME="wazuh-indexer" \ INSTALL_DIR="/usr/share/wazuh-indexer" -RUN addgroup --system --gid 1000 $GROUP && \ - adduser -u 1000 -G $GROUP -D -h $INSTALL_DIR $USER && \ - chmod 0775 $INSTALL_DIR - #chown -R 1000:0 $INSTALL_DIR + +RUN getent group $GROUP || groupadd -r -g 1000 $GROUP + +RUN useradd --system \ + --uid 1000 \ + --no-create-home \ + --home-dir $INSTALL_DIR \ + --gid $GROUP \ + --shell /sbin/nologin \ + --comment "$USER user" \ + $USER + WORKDIR $INSTALL_DIR -COPY --from=builder --chown=1000:0 /usr/share/wazuh-indexer /usr/share/wazuh-indexer -COPY --from=builder --chown=0:0 /tini /tini \ No newline at end of file + +COPY config/entrypoint_OS.sh / + +RUN chmod 700 /entrypoint_OS.sh + +COPY --from=builder --chown=1000:1000 /debian/wazuh-indexer/usr/share/wazuh-indexer /usr/share/wazuh-indexer +COPY --from=builder --chown=0:0 /tini /tini +COPY --from=builder --chown=0:0 /debian/wazuh-indexer/etc/init.d/wazuh-indexer /etc/init.d/wazuh-indexer +COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/systemd /usr/lib/systemd +COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/sysctl.d /usr/lib/sysctl.d +COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/tmpfiles.d /usr/lib/tmpfiles.d +COPY --from=builder --chown=1000:10000 /debian/wazuh-indexer/etc/wazuh-indexer /etc/wazuh-indexer + +RUN mkdir -p /var/lib/wazuh-indexer && chown 1000:1000 /var/lib/wazuh-indexer && \ + mkdir -p /usr/share/wazuh-indexer/logs && chown 1000:1000 /usr/share/wazuh-indexer/logs && \ + mkdir -p /run/wazuh-indexer && chown 1000:1000 /run/wazuh-indexer && \ + mkdir -p /var/log/wazuh-indexer && chown 1000:1000 /var/log/wazuh-indexer + +# Services ports +EXPOSE 9700 + +#ENTRYPOINT [ "/entrypoint.sh" ] + +ENTRYPOINT ["/tini", "--", "/entrypoint_OS.sh"] +# Dummy overridable parameter parsed by entrypoint +CMD ["opensearchwrapper"] \ No newline at end of file diff --git a/wazuh-indexer/config/config.sh b/wazuh-indexer/config/config.sh index 93bb459a..d803a536 100644 --- a/wazuh-indexer/config/config.sh +++ b/wazuh-indexer/config/config.sh @@ -26,44 +26,46 @@ if ! id $USER &> /dev/null; then fi # Create directories -mkdir -p ${RPM_BUILD_ROOT}${INSTALL_DIR} -mkdir -p ${RPM_BUILD_ROOT}/etc -mkdir -p ${RPM_BUILD_ROOT}${LOG_DIR} -mkdir -p ${RPM_BUILD_ROOT}${LIB_DIR} -mkdir -p ${RPM_BUILD_ROOT}${SYS_DIR} +mkdir -p ${INSTALL_DIR} +mkdir -p /etc +mkdir -p ${LOG_DIR} +mkdir -p ${LIB_DIR} +mkdir -p ${SYS_DIR} # Download required sources curl -kOL https://s3.amazonaws.com/warehouse.wazuh.com/stack/indexer/wazuh-indexer-base-linux-x64.tar.gz tar -xzf wazuh-indexer-*.tar.gz && rm -f wazuh-indexer-*.tar.gz chown -R ${USER}:${GROUP} wazuh-indexer-*/* -# Copy base files into RPM_BUILD_ROOT directory -mv wazuh-indexer-*/etc/ ${RPM_BUILD_ROOT}/etc/ -cp -r wazuh-indexer-*${SYS_DIR}/* ${RPM_BUILD_ROOT}${SYS_DIR}/ -rm -rf wazuh-indexer-*/etc -rm -rf wazuh-indexer-*/usr -cp -pr wazuh-indexer-*/* ${RPM_BUILD_ROOT}${INSTALL_DIR}/ +# Copy base files into directories +cp -rf wazuh-indexer-*/etc/wazuh.indexer /etc/ +cp -rf wazuh-indexer-*/etc/init.d/* /etc/init.d/ +cp -rf wazuh-indexer-*/etc/sysconfig/* /etc/sysconfig/ +cp -rf wazuh-indexer-*${SYS_DIR}/* ${SYS_DIR}/ +#rm -rf wazuh-indexer-*/etc +#rm -rf wazuh-indexer-*/usr +cp -pr wazuh-indexer-*/* ${INSTALL_DIR}/ # Download demo certificates curl -kOL https://s3.amazonaws.com/warehouse.wazuh.com/stack/demo-certs.tar.gz tar xzf demo-certs.tar.gz && rm -f demo-certs.tar.gz chown -R ${USER}:${GROUP} certs -mkdir -p ${RPM_BUILD_ROOT}${CONFIG_DIR}/certs/ -cp certs/admin.pem ${RPM_BUILD_ROOT}${CONFIG_DIR}/certs/ -cp certs/admin-key.pem ${RPM_BUILD_ROOT}${CONFIG_DIR}/certs/ -cp certs/demo-indexer.pem ${RPM_BUILD_ROOT}${CONFIG_DIR}/certs/ -cp certs/demo-indexer-key.pem ${RPM_BUILD_ROOT}${CONFIG_DIR}/certs/ -cp certs/root-ca.pem ${RPM_BUILD_ROOT}${CONFIG_DIR}/certs/ +mkdir -p ${CONFIG_DIR}/certs/ +cp certs/admin.pem ${CONFIG_DIR}/certs/ +cp certs/admin-key.pem ${CONFIG_DIR}/certs/ +cp certs/demo-indexer.pem ${CONFIG_DIR}/certs/ +cp certs/demo-indexer-key.pem ${CONFIG_DIR}/certs/ +cp certs/root-ca.pem ${CONFIG_DIR}/certs/ -#cp ${REPO_DIR}/install_functions/wazuh-cert-tool.sh ${RPM_BUILD_ROOT}${INSTALL_DIR}/plugins/opensearch-security/tools/ -#cp ${REPO_DIR}/install_functions/wazuh-passwords-tool.sh ${RPM_BUILD_ROOT}${INSTALL_DIR}/plugins/opensearch-security/tools/ -#cp ${REPO_DIR}/config/opensearch/certificate/config_aio.yml ${RPM_BUILD_ROOT}${INSTALL_DIR}/plugins/opensearch-security/tools/config.yml +#cp ${REPO_DIR}/install_functions/wazuh-cert-tool.sh ${INSTALL_DIR}/plugins/opensearch-security/tools/ +#cp ${REPO_DIR}/install_functions/wazuh-passwords-tool.sh ${INSTALL_DIR}/plugins/opensearch-security/tools/ +#cp ${REPO_DIR}/config/opensearch/certificate/config_aio.yml ${INSTALL_DIR}/plugins/opensearch-security/tools/config.yml -#cp ${REPO_DIR}/config/opensearch/roles/internal_users.yml ${RPM_BUILD_ROOT}${INSTALL_DIR}/plugins/opensearch-security/securityconfig/ -#cp ${REPO_DIR}/config/opensearch/roles/roles.yml ${RPM_BUILD_ROOT}${INSTALL_DIR}/plugins/opensearch-security/securityconfig/ -#cp ${REPO_DIR}/config/opensearch/roles/roles_mapping.yml ${RPM_BUILD_ROOT}${INSTALL_DIR}/plugins/opensearch-security/securityconfig/ +#cp ${REPO_DIR}/config/opensearch/roles/internal_users.yml ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/ +#cp ${REPO_DIR}/config/opensearch/roles/roles.yml ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/ +#cp ${REPO_DIR}/config/opensearch/roles/roles_mapping.yml ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/ -#chmod 0660 "/etc/sysconfig/${NAME}" && chown root:${GROUP} "/etc/sysconfig/${NAME}" +chmod 0660 "/etc/sysconfig/${NAME}" && chown root:${GROUP} "/etc/sysconfig/${NAME}" chmod 400 ${CONFIG_DIR}/certs/admin.pem && chown ${USER}:${GROUP} ${CONFIG_DIR}/certs/admin.pem chmod 400 ${CONFIG_DIR}/certs/admin-key.pem && chown ${USER}:${GROUP} ${CONFIG_DIR}/certs/admin-key.pem chmod 400 ${CONFIG_DIR}/certs/demo-indexer.pem && chown ${USER}:${GROUP} ${CONFIG_DIR}/certs/demo-indexer.pem diff --git a/wazuh-indexer/config/config2.sh b/wazuh-indexer/config/config2.sh new file mode 100644 index 00000000..93aa41ee --- /dev/null +++ b/wazuh-indexer/config/config2.sh @@ -0,0 +1,53 @@ +# This has to be exported to make some magic below work. +export DH_OPTIONS + +export NAME=wazuh-indexer +export TARGET_DIR=${CURDIR}/debian/${NAME} + +# Package build options +export USER=${NAME} +export GROUP=${NAME} +export CONFIG_DIR=/etc/${NAME} +export LOG_DIR=/var/log/${NAME} +export LIB_DIR=/var/lib/${NAME} +export PID_DIR=/run/${NAME} +export INSTALLATION_DIR=/usr/share/${NAME} +export BASE_DIR=${NAME}-* +export INDEXER_FILE=wazuh-indexer-base-linux-x64.tar.gz +export REPO_DIR=/unattended_installer + + +rm -rf ${INSTALLATION_DIR}/ + +curl -o ${INDEXER_FILE} https://s3.amazonaws.com/warehouse.wazuh.com/indexer/${INDEXER_FILE} +tar -zvxf ${INDEXER_FILE} + +# copy to target +mkdir -p ${TARGET_DIR}${INSTALLATION_DIR} +mkdir -p ${TARGET_DIR}${CONFIG_DIR} +mkdir -p ${TARGET_DIR}${LIB_DIR} +mkdir -p ${TARGET_DIR}${LOG_DIR} +mkdir -p ${TARGET_DIR}/etc/init.d +mkdir -p ${TARGET_DIR}/etc/default +mkdir -p ${TARGET_DIR}/usr/lib/tmpfiles.d +mkdir -p ${TARGET_DIR}/usr/lib/sysctl.d +mkdir -p ${TARGET_DIR}/usr/lib/systemd/system +# Move configuration files for wazuh-indexer +mv -f ${BASE_DIR}/etc/init.d/${NAME} ${TARGET_DIR}/etc/init.d/${NAME} +mv -f ${BASE_DIR}/etc/wazuh-indexer/* ${TARGET_DIR}${CONFIG_DIR} +mv -f ${BASE_DIR}/etc/sysconfig/${NAME} ${TARGET_DIR}/etc/default/ +mv -f ${BASE_DIR}/usr/lib/tmpfiles.d/* ${TARGET_DIR}/usr/lib/tmpfiles.d/ +mv -f ${BASE_DIR}/usr/lib/sysctl.d/* ${TARGET_DIR}/usr/lib/sysctl.d/ +mv -f ${BASE_DIR}/usr/lib/systemd/system/* ${TARGET_DIR}/usr/lib/systemd/system/ +rm -rf ${BASE_DIR}/etc +rm -rf ${BASE_DIR}/usr +# Copy installation files to final location +cp -pr ${BASE_DIR}/* ${TARGET_DIR}${INSTALLATION_DIR} +# Copy the security tools +cp ${REPO_DIR}/install_functions/wazuh-cert-tool.sh ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/ +cp ${REPO_DIR}/install_functions/wazuh-passwords-tool.sh ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/ +cp ${REPO_DIR}/config/opensearch/certificate/config_aio.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/config.yml +# Copy Wazuh's config files for the security plugin +cp -pr ${REPO_DIR}/config/opensearch/roles/roles_mapping.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ +cp -pr ${REPO_DIR}/config/opensearch/roles/roles.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ +cp -pr ${REPO_DIR}/config/opensearch/roles/internal_users.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ diff --git a/wazuh-indexer/config/entrypoint.sh b/wazuh-indexer/config/entrypoint.sh index 9b0ec833..30bccb0b 100644 --- a/wazuh-indexer/config/entrypoint.sh +++ b/wazuh-indexer/config/entrypoint.sh @@ -6,16 +6,18 @@ ############################################################################## export USER=wazuh-indexer -export OPENSEARCH_PATH_CONF=/etc/wazuh-indexer export INSTALLATION_DIR=/usr/share/wazuh-indexer +export OPENSEARCH_PATH_CONF=/etc/wazuh-indexer export JAVA_HOME=${INSTALLATION_DIR}/jdk export FILE=${INSTALLATION_DIR}/start +sed -i '/path.logs:/d' /etc/wazuh-indexer/opensearch.yml + if [ -f $FILE ] then echo "second or more start" else - if [ $NODE_TYPE == "worker" ] + if [ "$NODE_TYPE" == "worker" ] then echo "node_type start" echo $NODE_TYPE @@ -31,24 +33,21 @@ if [ -f $FILE ] echo "node_type start" echo $NODE_TYPE echo "node_type end" - service wazuh-indexer start - sleep 5 - service wazuh-indexer status - sleep 55 - /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig -icl -p 9800 -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig -nhnv -cacert /etc/wazuh-indexer/certs/root-ca.pem -cert /etc/wazuh-indexer/certs/admin.pem -key /etc/wazuh-indexer/certs/admin-key.pem -h $HOSTNAME + runuser wazuh-indexer --shell="/bin/bash" --command="/usr/share/wazuh-indexer/bin/opensearch -p /run/wazuh-indexer/wazuh-indexer.pid -d" + sleep 60 + bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig -icl -p 9800 -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig -nhnv -cacert /etc/wazuh-indexer/certs/root-ca.pem -cert /etc/wazuh-indexer/certs/admin.pem -key /etc/wazuh-indexer/certs/admin-key.pem -h $HOSTNAME + tail -100f /usr/share/wazuh-indexer/logs/wazuh-cluster.log touch $FILE fi fi -sed -i '/path.logs:/d' /etc/wazuh-indexer/opensearch.yml +#sed -i '/path.logs:/d' /etc/wazuh-indexer/opensearch.yml -service wazuh-indexer stop -service wazuh-indexer start #CLK_TK=`getconf CLK_TCK` runuser ${USER} --shell="/bin/bash" --command="${INSTALLATION_DIR}/bin/opensearch" -if [ -f /var/log/wazuh-indexer/wazuh-cluster.log ] +if [ -f /var/log/wazuh-indexer/wazuh-cluster.log ] then tail -f /var/log/wazuh-indexer/wazuh-cluster.log else diff --git a/wazuh-indexer/config/entrypoint_OS.sh b/wazuh-indexer/config/entrypoint_OS.sh new file mode 100644 index 00000000..69736c1e --- /dev/null +++ b/wazuh-indexer/config/entrypoint_OS.sh @@ -0,0 +1,89 @@ +#!/usr/bin/env bash +set -e + +# Files created by Elasticsearch should always be group writable too +umask 0002 + +export USER=wazuh-indexer +export INSTALLATION_DIR=/usr/share/wazuh-indexer +export OPENSEARCH_PATH_CONF=/etc/wazuh-indexer +export JAVA_HOME=${INSTALLATION_DIR}/jdk +export FILE=${INSTALLATION_DIR}/start + +run_as_other_user_if_needed() { + if [[ "$(id -u)" == "0" ]]; then + # If running as root, drop to specified UID and run command + exec chroot --userspec=1000:0 / "${@}" + else + # Either we are running in Openshift with random uid and are a member of the root group + # or with a custom --user + exec "${@}" + fi +} + +# Allow user specify custom CMD, maybe bin/opensearch itself +# for example to directly specify `-E` style parameters for opensearch on k8s +# or simply to run /bin/bash to check the image +if [[ "$1" != "opensearchwrapper" ]]; then + if [[ "$(id -u)" == "0" && $(basename "$1") == "opensearch" ]]; then + # centos:7 chroot doesn't have the `--skip-chdir` option and + # changes our CWD. + # Rewrite CMD args to replace $1 with `opensearch` explicitly, + # so that we are backwards compatible with the docs + # from the previous Elasticsearch versions<6 + # and configuration option D: + # https://www.elastic.co/guide/en/elasticsearch/reference/5.6/docker.html#_d_override_the_image_8217_s_default_ulink_url_https_docs_docker_com_engine_reference_run_cmd_default_command_or_options_cmd_ulink + # Without this, user could specify `opensearch -E x.y=z` but + # `bin/opensearch -E x.y=z` would not work. + set -- "opensearch" "${@:2}" + # Use chroot to switch to UID 1000 / GID 0 + exec chroot --userspec=1000:0 / "$@" + else + # User probably wants to run something else, like /bin/bash, with another uid forced (Openshift?) + exec "$@" + fi +fi + +# Allow environment variables to be set by creating a file with the +# contents, and setting an environment variable with the suffix _FILE to +# point to it. This can be used to provide secrets to a container, without +# the values being specified explicitly when running the container. +# +# This is also sourced in opensearch-env, and is only needed here +# as well because we use ELASTIC_PASSWORD below. Sourcing this script +# is idempotent. +source /usr/share/wazuh-indexer/bin/opensearch-env-from-file + +if [[ -f bin/opensearch-users ]]; then + # Check for the ELASTIC_PASSWORD environment variable to set the + # bootstrap password for Security. + # + # This is only required for the first node in a cluster with Security + # enabled, but we have no way of knowing which node we are yet. We'll just + # honor the variable if it's present. + if [[ -n "$ELASTIC_PASSWORD" ]]; then + [[ -f /usr/share/wazuh-indexer/config/opensearch.keystore ]] || (run_as_other_user_if_needed opensearch-keystore create) + if ! (run_as_other_user_if_needed opensearch-keystore has-passwd --silent) ; then + # keystore is unencrypted + if ! (run_as_other_user_if_needed opensearch-keystore list | grep -q '^bootstrap.password$'); then + (run_as_other_user_if_needed echo "$ELASTIC_PASSWORD" | opensearch-keystore add -x 'bootstrap.password') + fi + else + # keystore requires password + if ! (run_as_other_user_if_needed echo "$KEYSTORE_PASSWORD" \ + | opensearch-keystore list | grep -q '^bootstrap.password$') ; then + COMMANDS="$(printf "%s\n%s" "$KEYSTORE_PASSWORD" "$ELASTIC_PASSWORD")" + (run_as_other_user_if_needed echo "$COMMANDS" | opensearch-keystore add -x 'bootstrap.password') + fi + fi + fi +fi + +if [[ "$(id -u)" == "0" ]]; then + # If requested and running as root, mutate the ownership of bind-mounts + if [[ -n "$TAKE_FILE_OWNERSHIP" ]]; then + chown -R 1000:0 /usr/share/wazuh-indexer/{data,logs} + fi +fi + +run_as_other_user_if_needed /usr/share/wazuh-indexer/bin/opensearch <<<"$KEYSTORE_PASSWORD" \ No newline at end of file diff --git a/wazuh-indexer/config/entrypoint_odfe.sh b/wazuh-indexer/config/entrypoint_odfe.sh deleted file mode 100644 index 0519f90c..00000000 --- a/wazuh-indexer/config/entrypoint_odfe.sh +++ /dev/null @@ -1,103 +0,0 @@ -#!/bin/bash -set -e - -# Files created by OpenDistroForElasticsearch should always be group writable too -umask 0002 - -run_as_other_user_if_needed() { - if [[ "$(id -u)" == "0" ]]; then - # If running as root, drop to specified UID and run command - exec chroot --userspec=1000 / "${@}" - else - # Either we are running in Openshift with random uid and are a member of the root group - # or with a custom --user - exec "${@}" - fi -} - -# Allow user specify custom CMD, maybe bin/elasticsearch itself -# for example to directly specify `-E` style parameters for elasticsearch on k8s -# or simply to run /bin/bash to check the image -if [[ "$1" != "eswrapper" ]]; then - if [[ "$(id -u)" == "0" && $(basename "$1") == "elasticsearch" ]]; then - # centos:7 chroot doesn't have the `--skip-chdir` option and - # changes our CWD. - # Rewrite CMD args to replace $1 with `elasticsearch` explicitly, - # so that we are backwards compatible with the docs - # from the previous Elasticsearch versions<6 - # and configuration option D: - # https://www.elastic.co/guide/en/elasticsearch/reference/5.6/docker.html#_d_override_the_image_8217_s_default_ulink_url_https_docs_docker_com_engine_reference_run_cmd_default_command_or_options_cmd_ulink - # Without this, user could specify `elasticsearch -E x.y=z` but - # `bin/elasticsearch -E x.y=z` would not work. - set -- "elasticsearch" "${@:2}" - # Use chroot to switch to UID 1000 - exec chroot --userspec=1000 / "$@" - else - # User probably wants to run something else, like /bin/bash, with another uid forced (Openshift?) - exec "$@" - fi -fi - -# Parse Docker env vars to customize Elasticsearch -# -# e.g. Setting the env var cluster.name=testcluster -# -# will cause Elasticsearch to be invoked with -Ecluster.name=testcluster -# -# see https://www.elastic.co/guide/en/elasticsearch/reference/current/settings.html#_setting_default_settings - -declare -a es_opts - -while IFS='=' read -r envvar_key envvar_value -do - # Elasticsearch settings need to have at least two dot separated lowercase - # words, e.g. `cluster.name`, except for `processors` which we handle - # specially - if [[ "$envvar_key" =~ ^[a-z0-9_]+\.[a-z0-9_]+ || "$envvar_key" == "processors" ]]; then - if [[ ! -z $envvar_value ]]; then - es_opt="-E${envvar_key}=${envvar_value}" - es_opts+=("${es_opt}") - fi - fi -done < <(env) - -# The virtual file /proc/self/cgroup should list the current cgroup -# membership. For each hierarchy, you can follow the cgroup path from -# this file to the cgroup filesystem (usually /sys/fs/cgroup/) and -# introspect the statistics for the cgroup for the given -# hierarchy. Alas, Docker breaks this by mounting the container -# statistics at the root while leaving the cgroup paths as the actual -# paths. Therefore, Elasticsearch provides a mechanism to override -# reading the cgroup path from /proc/self/cgroup and instead uses the -# cgroup path defined the JVM system property -# es.cgroups.hierarchy.override. Therefore, we set this value here so -# that cgroup statistics are available for the container this process -# will run in. -export ES_JAVA_OPTS="-Des.cgroups.hierarchy.override=/ $ES_JAVA_OPTS" - -if [[ "$(id -u)" == "0" ]]; then - # If requested and running as root, mutate the ownership of bind-mounts - if [[ -n "$TAKE_FILE_OWNERSHIP" ]]; then - chown -R 1000:0 /usr/share/elasticsearch/{data,logs} - fi -fi - -if [[ -d "/usr/share/elasticsearch/plugins/opendistro_security" && "$DISABLE_INSTALL_DEMO_CONFIG" != "true" ]]; then - # Install Demo certifactes for Security Plugin and update the elasticsearch.yml - # file to use those certificates. - /usr/share/elasticsearch/plugins/opendistro_security/tools/install_demo_configuration.sh -y -i -s -fi - -if [[ -d "/usr/share/elasticsearch/plugins/opendistro-performance-analyzer" ]]; then - CLK_TCK=`/usr/bin/getconf CLK_TCK` - ES_JAVA_OPTS="-Dclk.tck=$CLK_TCK -Djdk.attach.allowAttachSelf=true $ES_JAVA_OPTS" - if [[ -d "/usr/share/elasticsearch/performance-analyzer-rca" ]]; then - ES_JAVA_OPTS="-Djava.security.policy=file:///usr/share/elasticsearch/performance-analyzer-rca/pa_config/es_security.policy $ES_JAVA_OPTS" - /usr/bin/supervisord -c /usr/share/elasticsearch/performance-analyzer-rca/pa_config/supervisord.conf - else - ES_JAVA_OPTS="-Djava.security.policy=file:///usr/share/elasticsearch/plugins/opendistro-performance-analyzer/pa_config/es_security.policy $ES_JAVA_OPTS" - /usr/bin/supervisord -c /usr/share/elasticsearch/plugins/opendistro-performance-analyzer/pa_config/supervisord.conf - fi -fi - -run_as_other_user_if_needed /usr/share/elasticsearch/bin/elasticsearch "${es_opts[@]}" \ No newline at end of file diff --git a/wazuh-indexer/config/tarball.sh b/wazuh-indexer/config/tarball.sh deleted file mode 100644 index 2cb1dd64..00000000 --- a/wazuh-indexer/config/tarball.sh +++ /dev/null @@ -1,33 +0,0 @@ -export NAME=wazuh-indexer -export VERSION=4.3.0 -export RELEASE=1 -export USER=$NAME -export GROUP=$NAME -export CONFIG_DIR=/etc/$NAME -export LOG_DIR=/var/log/$NAME -export LIB_DIR=/var/lib/$NAME -export SYS_DIR=/usr/lib -export INSTALL_DIR=/usr/share/$NAME -export REPO_DIR=/root/unattended_installer - -mkdir -p ${INSTALL_DIR} -mkdir -p /etc -mkdir -p ${LOG_DIR} -mkdir -p ${LIB_DIR} -mkdir -p ${SYS_DIR} - -curl -kOL https://artifacts.opensearch.org/releases/bundle/opensearch/1.2.4/opensearch-${1}-linux-x64.tar.gz -tar zxf opensearch-${1}-linux-x64.tar.gz && rm -f opensearch-${1}.tar.gz -chown -R ${USER}:${GROUP} opensearch-${1}/* -mkdir -p /etc/wazuh-indexer && chown -R ${USER}:${GROUP} /etc/wazuh-indexer && cp opensearch-${1}/config/* /etc/wazuh-indexer/ -#etc/init.d directory not found -#etc/sysconfig directory not found -#usr directory not found -cp -pr opensearch-*/LICENSE.txt ${RPM_BUILD_ROOT}${INSTALL_DIR}/ -cp -pr opensearch-*/NOTICE.txt ${RPM_BUILD_ROOT}${INSTALL_DIR}/ -cp -pr opensearch-*/jdk ${RPM_BUILD_ROOT}${INSTALL_DIR}/ -cp -pr opensearch-*/plugins ${RPM_BUILD_ROOT}${INSTALL_DIR}/ -cp -pr opensearch-*/performance-analyzer-rca ${RPM_BUILD_ROOT}${INSTALL_DIR}/ -cp -pr opensearch-*/modules ${RPM_BUILD_ROOT}${INSTALL_DIR}/ -cp -pr opensearch-*/lib ${RPM_BUILD_ROOT}${INSTALL_DIR}/ -cp -pr opensearch-*/bin ${RPM_BUILD_ROOT}${INSTALL_DIR}/ diff --git a/wazuh-indexer/config/unattended_installer.tar.gz b/wazuh-indexer/config/unattended_installer.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..e3b05292cc06a0d9c7a55602dc9e47e5fceb71dc GIT binary patch literal 8865 zcmV;SB3|7eiwFP!000001MEF}U)#pA`Sr zZl4A`>+5Uyx4FL7NdA@2gXU^;eZAFcJzjkTV#wPWs6Bf3c zRsRotLY4eY*Xi25J5z)C<^OnfwRJE5Z}Ci%zdNFiPYuuPf0-)GE&o zls^nUu)DTt1ay8~m|y-YjkT3~`G1S&7V_t{ZNqkJm%~8`94O$&k5>!j-&$SE$baqe z`sxGH`0As7@c&-^j%!hWqe2KB7=B=zT;5nfh+_=tM!JHP+oKKAY^~QC@Lv;3CdO6R zZ~N36Q_oL!?b-v{p+=zWbzyf5$4EBkC5py>HIx3uPs#c3xdZCo)(e>5{x{c~_x}Gk zdFGNo`?ozbMkCwll{EejX4?N&3!MFo{co+W-`oFh@#wl<`JNm&BjyqD4Tp3nK_#FT30!gnT0(YgKk!^~O3l!-gG<7C)d2D_^@g_Z z+pYu9U5~Z4cw+(CqlD{Q=m9|65q&|sDwXz-25gB4E=RCHXsk-;p9aOk6~T1}Fl>-k z1yJtLuI*5A>4u)bA$pKLh!9#}lcAfgt5iVs+lFaUpDke?W$T#*iYEfVTz%cS5@1 zU_dxT2HznJB3nf*GO#ZwNR!JEiva7u?SY#6{qiG|J)kpRmfHxfe1F~v`)HYAac@D^ zLc7fJ`>(Q7|+!0Cx z3cN5YUf!BFhR%X5HfMygci*-w>J(8$-hae4I7!8Op6ijm=I|4o;_W=dn6AA1?~E*| z3`!FIY76=Ae&$;LZ6`pJGGGGpOFIBF*8i22od37Bit(TO_5bTXeEolei$DAimklXo zHcyFV1V#s}1ZzY|AC?3%HU=TZ<_77Q-sLFZ#pojl@1RE=>KOs7MiV>elhGjT*-kxh z-GN`nwl%+>U)&{Prd*{~_Y|pqW_f32u&hgSig*D_wPjSBt?FBId#BfL9qwE-)?e-& zHoQ-Jo!7N3Yqj~u+mrgc7cb4;{-|-b=lE+ccP@wHTJ6ozo~AN?bNB^}F76kIl`Cn4 z^F*$0nZ2!G<@4m|H^bUm^Vd3qSC8p<<;l_SJBR(@5%qUncV&g12i_m8!^S)BY-PWu zBvL^~5_Os!&&`wa^5yC8hut^sd)r#+#Wd|MBv)uy6@tLCJ7GXYY$5vH1oD_JHnns`OIEZp6)Uo0r9e26 z0g@p}$0^N_uzA`)Ssko~&res*#%oWGjn?H_tr`9row4|etH$r{ z+b4dnf7&X~kl6oH(kZJ+-UCXLY0%Y6b8;b6S~jcL8JHX_~mZT+G}okzr5XT9KHVh)_&0ql@qm$ zGnJSSzP`rXTK4 z?6)V*sUI|JgX4qN>qc$w_!bpkfgv&}#_T)vAQ<0bR@TxW1e#x|Y6KYnNo>?;GUD)S00 zFfbk0@GNL0qx@pCj7vlt`zp4U!snD`fSl}}z9C!32Qv17w4xgd#IQ(|;rn*aA^wP( zcvdBdi~}WR-*9?7HWI<~X%N^>4_#l+4SRi7D-qQyu?d2aw~djl3=v6cS$M`5cmW|} z$Ix|bSV;UwxYz(L#ugq?Ghng>eue!3A~-V&5r9mB+$GYpDBc$eyDhji2Y;8bEejW_0E-G-5XYuh4QoqvnThKs&B`;a42__H|S_0$(3M!EAoV?ThF~Rf)*Ys7O4RJ5Z8o#F@aX zfX*|VaAeKd!=eK^Uyo9gI4hAN6=A-XJ8=ds{5YW_7nekj|K;wzgL?Z_v__z*OEe{w zC)ceMLu9WZc;t0C;`#W(3i-QkVNB6x6Fp+rS7lO+aK7;-`rVSfe-EjkL6CAtn*+)I zuVM@oY%FUP6kW@j2Sr!cX#rnQw0VoK zqlpSc-^OX#zyqB+8aLtJsW&mqY_j;LrDR*=Q!5zub^L1u!??RK{{gj%03KXaa$n7R zd3dca^D_o(06;YU-W^DQgbcx#29b1aIGS^*?3|-6aUP2KGL3KSwClE7aG~$oF!!xqS zl28WZIP45;6FR>F2grdnU{M@ukk%47H)MqMejhxY&L!*o;`9Y9EiaI!Q$Z8-e>x z76`Agya3FV-PG!1!>hxu%nacZ1j@CFMLS`yjTM{PvuC7wE&AS&*0Ud)TE*^?_e6Jy zR$VmRA#MtYJ|>spa7iN{pCUmHTkQNxzm119n;O(<6*^FNyt*908d%tuS7V-KAp~O- z=-^rvf)Mo#M%S)XxUL+FkuNThYu17N6JxmM&A_bOqyaNm0c2`p?k}|aE>gJn|NHSq zi`rPOfGM8@?9?3ONS#xa$BBG`52Q64Wy&kkO@dhY#)%elCANtfY;t0dKmVL+Fjd+o zZ`q|3uZRooz}l=X_B=Wwnk0KeBXt^>bqOeXVX|II0r8AYF#J(ZqNz~;S@OMJuX@H! zx*aALK$}HW<^`szF)^gJtUXE)M-~JuEV)_GmTpjI3+Y`-W1?o?Wy}POz?Wy!Mw&KZ zc;at(!6|3}_zgspO|_(urErsiWpY(2Q9`2o2YVqS}R+3rXF`jjNPi&*{pqrPIt9q#c@j`2Y;Z_nAf`3`J=(z6Sb)i2AlYbmh1D7iW zOSXWug%4{X^n*&)?t^JZZwp`Zy5^9v!jl7N{<8{4S)l`^vu-GRl?zsSzy>6zQW=yzpS z^0bsz*^=y0>9WE%_;O9=Ky%ub#WklE-x6w}1}9i?RcZrvHQkxIDr*}CZm)-DCa{JR z9Xx#)wBx1l5IOcQL8}-Hx@P!-z9W0d_>agcDLA%y zVok_L?qjEFF6bqzDToK)Vbd12Gg$^{vMLeb5U)v(?!F(LVjs`NMq%l)@ zSR9n!KOsZl3*MabLI-1#9>6Zp7-kA24QH^oh-pZL(RgqKLugNl<)(Ek5jsJOz_%<) z)dI|Z;BPjwj9@X5+%#m3OH3O~>+acO>WE8*F6DEF0VoemQfl23SC|&-8cOHt>Vimbo^W(tsOjuo0xIsBGRd; z;vf*P!g!WaEXdi)Auh-g9d$1iqfG2Ee%m@ZJUHA-n_@nSA2%1P*Nm8(r39@GRkPzb z&4c*vuAD2$6{-{?V-9^yj!fmoOl4LnG^&>zKFeh`V2QG7TGk*&%FGoyQpV}5%`sM3 zG+CTFK*=h%j1`tuY*=$GcNmE!9)c_Zsr*csHyVnzfk$-9BwPBqp7R#N zuXi&=k_u+SC=yPpjU}R!*DMVwaX2nNZX`AX{QN?jitqH@;nDHw!D%_1?~jh(92^~< zew+?;XZLjbYTS0V#|!I<=2KQSREHVgqh6gDE5 ziDU-!F3jJ!ySP}0U#SW>EID0>A#EKfUD>gY*jOXzKg+i{$4n;?g^!|b1iKQ+zP;hH z%k99~vSgWDJJ6y0*>l4HR0K_hp7;c4c?uZ-OejH8xyebuDM`^qL=if*MMR;;dsl=J zfTh*SQ8#APfeG$_uFb%I+Q%$gL}|Li5#}|@{U7}dE)SCw5H<>fve>%}JNs^1q(ICF z;!b@QJLJqxr}>~I!xB(sU+mIs9?4*EXTaPwO#W30w)_Eu`^K1xugkgK&Y9bf3rRm6A$LeTX>&3`c_T} zTKh~@`mhw1(o#i3@soKia%nxJ0nl}^@A`>g$icCUM(KTzXbx{v!>@pClnXL(cjRz? zGu>IliU7Wb8`*ljdblrkWRc7KUhHu()Y)KPkZmZ!KL}#rn#KU(rX2EwPZy8KaVIb& zyzoJOTzF{J9}epe-;sy=8xLP^JUkU)N)y&=Qf=aNiSTGT)zWV0kf%}Yo}3(=Y@|0A zL+bnBR>0s|>58XM696Y_fMOGL3y{l7cn60sjtYS_mB6TPn6b)KfoY`5pur#B6+HET zQt&|%iExbTL&J8E-Gt;K-OXstZTM!5W4T<<$fn^FhrLfvTd{Enq#Cd-vfNGn1vD3l4yC6lsd4KxqC zfN&Y;yaV|1z4RdFaf6;wT0Es$g7s6^|ASoKKDknJ%TxOM;nQRF1d9^(`&B>j{!59N$io|LZrpAt9< zK%tGzf=j|m@3Uefm^chgw2cqT66P{_MM+Zz};rJiin! zVkrQCa+2U$E3`G5X^E@}C^B8oqh=6AEsn2DvhZPRkwu<9_{%J+1b;tFeuRIcfDydE zj}D>QAM}q{yY%CS^92&k`lWa`E0T-^vKyW!(wy&5iA9DmVZvDmcx=re0-y}ARVoJ} zp(Go7+o+t0OY%HS#*Tj~$p~1KY0vCLx^?orDb*=i5g$2L{u9e0H7R@?13$_V{FWy| zf@M)27(YxPe%SE?Z;@16k4WZguVnX)DWup1)zGd_q@cRY?FhKkOLjD}REa=9yepX8xn znx5Ptt{;wYqeQJu`SF4HDSHqcThnavQi23!h{<#b%ZjpE9?=^5lz8DWspw zJ-Ae+MZ{3d!jxbz4O4uMAmy~qmGhUCw<4`7%bB7ytIQzO*WJ3d{51RK;!?Uaq5Mmg zzk!0}Zw6*KF(n%?Jyez`km{O`8RXdz^-8Ihy60W!R#LV8{+bp2$|;jHu-CBwP}FgQ zq?Nr+^E}-!8%IsJtC_{$Ppw1xb6Ae~=df>;t|VW?2b2{zC*zzYjwb%C>005^)JQE& zjU~OASoxxLiLXhKvy;55q)IAU95LDcNhl-XzaPkQ^8=|Z^L%Bix|CNBp7_Wcn883^ zh$7Wy%@>!V6q$t)+IbVQs@Ki`-lUTY8NQiGS-AxC)XK=g3P|bOTM6%ZI+O6jSj8M- zZZkHiS@mi&X45~KHzdQJ&tjaO38Rb#iyP@;o}}CUdl)01*_)v(c?@EWz#d7?ApV6T z4;H@ADR+rLnzzhueoB7yE7!0vLob;<;tR9sr;?=2*_XDL@5ESsqeN@dx*KZ$PMO%- zkv6d}T(bO=}Q-49j_V;Av3g>#-9N_F9bliusP z{QsGT#9ubRTQ&=cfaJo0nk$n;_N`3!A}9aX-u3^cu_N)HuYZM)$7!Jn1VUQ9mxjCM zDA7f)mqZsuCtb)xTUeUC2MfnS(zMC{elugQ*WUGhg;dp3sFcF4zs%U<@z^u|*qJ%A zPy7Zsj^3z+zMzqray%S^+Y(L*Llbxo0^ZrnhX8Y$6dT8yr*Z8!mRGRvuCk5 zzXqKrBQsd_{mU)Pf5cBA{5PE2ib228CmsK-^QO~^-v4{h>Ac+k@?Aa={I?5% z$_83Y#x|2V5pJ~miax>#nuEIuk)eY#iBNF+e?%xa#aWE;`UsGE8=2SSb3{BDyGtI^ zU&HN)DHw(5rh!GhKqwIx?{IiIwM=m>6G1}}@S1uCR)&A*wn7q4T{w~nqYg{sh8?~z zuYEmRF5UA z2@-Mf5=UZ08eVLW;#Yp=AKzK8UIiMCji!$6p>s&t8`4Z;y(jqnFU^s^lqNAg)0Qo1 z8U5w7Tt<|EGC8G_umQ`+1^F5yrQlQ_HU|a{;6abe%a75$qpuOXK)NQ(pBgqpgy}&` zqTsYV6sRAQk1bI`%TcFEDeWaL_q)aA%H|K|1L^M<^MSt0z~xYg1m;=#Hfzk+tDHi) z-#Yj?S-yjE7r&4EpJ5^Gp<9z(^#4g!gg?+=%~c)fz{T%Sk~ilU**5Ol?BehJ#^pbb z+l|hL{$)1prm+;KcSdp9BJ3oylw(D&g??Dcdt{N%2Dc!P2tdp8@y8_sO_ z&czGZKCj6v8ItAD#p;If7cvj_-_ZF2c0B>1Lx#J~5c25jJEGiNQpidVGGATFpC938 zC}Z;RIXwQih$RqDuHX^MU0Bi?JQ-@#QC1^IBt zyRPrAm7q50D0kEYPFG8t4j%%M$A>4!A20hd4P?9`Mc0KU{p`ZrbLoDD#m{=_>_R_z z|8f@Vu}hM$i;4T*$X(omAqiFQ(lyxX6Im<{KWDT$p03V#*Sxo(Bautrz@~f`@_BmE zY-7W?i&uX_nUXeO1RXDIK19Q#Uskm(An%f8wXPiDQQ_`Vq?^ed8=ubch`jq1>8!e7 zmEW#gjbCoQwRbyDgJ$;ks+byG|HIj(1OVFCOSBtbj~oBNJmJ>{=6~CMQeM{nb_hlD z-#6d(cc1Dz)e5V}ch!)7ldsp%x?wM1>xy4ibw6+WmT6&uIRn2s2n;o?b9}JYM2Wp|Gg58E{Z(DlBu;RDn=4 zPcGUbMO`$9vx`b*h*N`$O?`!<=57XC?Oh%m9~^wbd|DJNM#v@WCXINO7Pct}+T{7GVOxaa;!&UO%S} zNTVi)4oJ(Mtpn0?Ka&o~Ci(m8fK-~YbwG}GETaRGhbMn;9;AFTu;>sKTZl@wTw_z* zc)szVjF-blqx$?ghoQ0l9OKWJFMHr6WP7F&mqO(CA8KY|vd36jlReu6n=TexoLLcf z6Phrx1DP>qF_US;8U_ZJl9Izi>*$O$)RFo&Ua(mgY~E=*dR9tTMOtce#H+Z+SE61C z1RH8z1gx3p?m^*q)U*^3YY?0WL)yL*hY^mGp|Ng4vymli z1ILD=%NTT+0cD0#Z31O8;{=qt$UTnP9RYlHGY>IYgv4y^6iNbzU1@4!vAt=OCGNB*Q6roav6Q@yU+Wku= zEO9C?LRT34oJLrD$0M06gB_JZkTxeO!!5r^WlDekzR%SUIoc!)3zM_CYECWeCCvE` z_H3%IK}WEpTr8c5`z1iW;?Ml9b$xy4FQBT!o151byN3tTuQ|jg6F+c{zJFXT*?VRU zTAhR7h`Tc;E3M)`{x+yp{XzZkanOFOuz}Wx4K)S)y&u%8{$bU>9#pKGL9O|EP^Yi( zx(fNL6MwLee>#tgyhZU+j0Iqv)gu)`H&vd%3ub)_Mb<-KKI_WEjP3f~eyHs4aOdEf zC%S=DRplK9o7U(gFr|V9$Fl-1T}FxN;Q_xZJ}Bkp=}8?bwV=vQ9rCn-u%)o-Zl&^0 z)Y5IeW9|_z7ryQ6Kx#-(yYuR`p!9mJGOX0~Bja>#b5g7P#m9f$0el%$1|IrEttyuZ ztFn9N?GoGoP!h7o3wpA22@3~OGz@PNcuGaEsA1aTn;X?yD5gx$qWWGbZIYLyTVpB3 zgjau!9e)@p1H&R7Np>xNFDXTLZ_lc;7&%Fs#YM=8lwlwzo+5#q*cMk2I)cmw0+d&> z=IoAf7aMeoyGZX8cagtK3KF815GN%1K1XL1q(EeiS1n&8b%TL>45QpcAcHb8q%uer zr;K9&)VS(l7HAyLiXD}Tx*Z-VcH_^rY6}%AqLI|U;os|O>*n2PXXlCa&pt455!dJm zs>GQmBg#O+v?kgVv>~@%OgZe2A*P$4V0`0A-9!^8C-dkN**5E<%xy3ZMQzS@s{gk% z<7uT9W<3_7zpXA$@J4T&^RitY=X)zXZuTmcX4qIe znH{V_mVT-TR&vtpP9}JEZN>djICysq^Ih-r)Cp?#LU&4Dnh_wg1kJGG z{<2u+5kl6kr-G1322Z^JlP~NhPF%7mRAii-Cay6q=w|4&6ys}LNN>k jbkdC2%!!^P{O{#h`pf6#^YVH5Z2I{>Z6H%z0LTCUs=+KJ literal 0 HcmV?d00001 From d5bda0896ac53df9b2901c6b069806557152a017 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Mon, 7 Feb 2022 17:48:26 -0300 Subject: [PATCH 020/163] Change services names and build certs generator --- generate-indexer-certs.yml | 8 +- indexer_certs_creator/Dockerfile | 21 +- indexer_certs_creator/config/entrypoint.sh | 5 +- .../config/unattended_installer.tar.gz | Bin 0 -> 5699 bytes .../opensearch/certificate/config_aio.yml | 10 + .../opensearch/roles/internal_users.yml | 74 ++ .../config/opensearch/roles/roles.yml | 163 +++ .../config/opensearch/roles/roles_mapping.yml | 71 ++ .../install_functions/wazuh-cert-tool.sh | 433 +++++++ ...pensearch-node1.yml => wazuh1.indexer.yml} | 30 +- ...pensearch-node2.yml => wazuh2.indexer.yml} | 30 +- ...pensearch-node3.yml => wazuh3.indexer.yml} | 30 +- .../wazuh_indexer_ssl_certs/admin-key.pem | 28 + .../wazuh_indexer_ssl_certs/admin.pem | 19 + .../wazuh_indexer_ssl_certs/certs.yml | 55 +- .../wazuh_indexer_ssl_certs/root-ca.key | 28 + .../wazuh_indexer_ssl_certs/root-ca.pem | 20 + .../wazuh.dashboard-key.pem | 28 + .../wazuh.dashboard.pem | 21 + .../wazuh.master-key.pem | 28 + .../wazuh_indexer_ssl_certs/wazuh.master.pem | 21 + .../wazuh.worker-key.pem | 28 + .../wazuh_indexer_ssl_certs/wazuh.worker.pem | 21 + .../wazuh1.indexer-key.pem | 28 + .../wazuh1.indexer.pem | 21 + .../wazuh2.indexer-key.pem | 28 + .../wazuh2.indexer.pem | 21 + .../wazuh3.indexer-key.pem | 28 + .../wazuh3.indexer.pem | 21 + test-cluster.yml.yml => test-cluster.yml | 80 +- wazuh-indexer/{Dockerfile_new => Dockerfile} | 10 +- wazuh-indexer/Dockerfile_centos | 23 - wazuh-indexer/Dockerfile_ubuntu | 20 - wazuh-indexer/config/config.sh | 1006 +---------------- wazuh-indexer/config/config2.sh | 53 - wazuh-indexer/config/entrypoint.sh | 127 ++- wazuh-indexer/config/entrypoint_OS.sh | 89 -- wazuh-indexer/config/wazuh.repo | 7 - 38 files changed, 1396 insertions(+), 1338 deletions(-) create mode 100644 indexer_certs_creator/config/unattended_installer.tar.gz create mode 100755 indexer_certs_creator/config/unattended_installer/config/opensearch/certificate/config_aio.yml create mode 100755 indexer_certs_creator/config/unattended_installer/config/opensearch/roles/internal_users.yml create mode 100755 indexer_certs_creator/config/unattended_installer/config/opensearch/roles/roles.yml create mode 100755 indexer_certs_creator/config/unattended_installer/config/opensearch/roles/roles_mapping.yml create mode 100755 indexer_certs_creator/config/unattended_installer/install_functions/wazuh-cert-tool.sh rename production_cluster/wazuh-indexer/{opensearch-node1.yml => wazuh1.indexer.yml} (80%) rename production_cluster/wazuh-indexer/{opensearch-node2.yml => wazuh2.indexer.yml} (80%) rename production_cluster/wazuh-indexer/{opensearch-node3.yml => wazuh3.indexer.yml} (80%) create mode 100644 production_cluster/wazuh_indexer_ssl_certs/admin-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/admin.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/root-ca.key create mode 100644 production_cluster/wazuh_indexer_ssl_certs/root-ca.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem rename test-cluster.yml.yml => test-cluster.yml (72%) rename wazuh-indexer/{Dockerfile_new => Dockerfile} (94%) delete mode 100644 wazuh-indexer/Dockerfile_centos delete mode 100644 wazuh-indexer/Dockerfile_ubuntu delete mode 100644 wazuh-indexer/config/config2.sh delete mode 100644 wazuh-indexer/config/entrypoint_OS.sh delete mode 100644 wazuh-indexer/config/wazuh.repo diff --git a/generate-indexer-certs.yml b/generate-indexer-certs.yml index 01503c55..62386d62 100644 --- a/generate-indexer-certs.yml +++ b/generate-indexer-certs.yml @@ -3,8 +3,8 @@ version: '3' services: generator: - image: wazuh/opendistro-certs-generator:0.1 - hostname: opendistro-certs-generator + image: wazuh/wazuh-certs-generator:0.0.1 + hostname: wazuh-certs-generator volumes: - - ./production_cluster/wazuh_indexer_ssl_certs/certs.yml:/usr/src/config/myconf.yml - - ./production_cluster/wazuh_indexer_ssl_certs/:/usr/src/certs/out/ \ No newline at end of file + - ./production_cluster/wazuh_indexer_ssl_certs/certs.yml:/unattended_installer/install_functions/config.yml + - ./production_cluster/wazuh_indexer_ssl_certs/:/unattended_installer/install_functions/certificates/ \ No newline at end of file diff --git a/indexer_certs_creator/Dockerfile b/indexer_certs_creator/Dockerfile index bd770c39..1a1d00dd 100644 --- a/indexer_certs_creator/Dockerfile +++ b/indexer_certs_creator/Dockerfile @@ -1,21 +1,16 @@ # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) -FROM ubuntu:20.04 +FROM wazuh/wazuh-indexer:4.3.0 -ARG WAZUH_VERSION=4.3.0-1 +RUN apt-get update && apt-get install openssl -y -RUN apt-get update && apt install curl -y +WORKDIR / -RUN curl https://packages-dev.wazuh.com/pre-release/apt/pool/main/w/wazuh-indexer/wazuh-indexer_${WAZUH_VERSION}_amd64.deb --output wazuh-indexer_${WAZUH_VERSION}_amd64.deb && \ - dpkg -i wazuh-indexer_${WAZUH_VERSION}_amd64.deb - -WORKDIR /usr/share/wazuh-indexer/plugins/opensearch-security/tools/ - -RUN rm wazuh-cert-tool.sh && \ - curl -sO https://packages-dev.wazuh.com/resources/4.3/install_functions/opendistro/wazuh-cert-tool.sh &&\ - chmod 750 wazuh-cert-tool.sh +COPY config/unattended_installer.tar.gz / COPY config/entrypoint.sh / -RUN chmod 700 /entrypoint.sh +RUN tar -xzvf /unattended_installer.tar.gz -ENTRYPOINT [ "/entrypoint.sh" ] \ No newline at end of file +RUN chmod 700 /entrypoint.sh && chmod -R 700 unattended_installer + +ENTRYPOINT ["/entrypoint.sh"] \ No newline at end of file diff --git a/indexer_certs_creator/config/entrypoint.sh b/indexer_certs_creator/config/entrypoint.sh index 9f24ba39..5dbd5576 100644 --- a/indexer_certs_creator/config/entrypoint.sh +++ b/indexer_certs_creator/config/entrypoint.sh @@ -5,4 +5,7 @@ # Start Wazuh indexer ############################################################################## -/usr/share/wazuh-indexer/plugins/opensearch-security/tools/wazuh-cert-tool.sh +/unattended_installer/install_functions/wazuh-cert-tool.sh +mkdir -p /unattended_installer/install_functions/certificates/ +cp /unattended_installer/install_functions/certs/* /unattended_installer/install_functions/certificates/ +chmod -R 664 /unattended_installer/install_functions/certificates/* diff --git a/indexer_certs_creator/config/unattended_installer.tar.gz b/indexer_certs_creator/config/unattended_installer.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..04d24f9e211d67946787a9846b239eba0b9493f3 GIT binary patch literal 5699 zcmV-J7QE>niwFP!000001MNL|f7>?C{rB~!;M8=EyZFx0ruE*rIok9{vbgEiHhKJ$ zCEDg9ORf&PZkzA^f~0Oyw(J~xwpYxW*dz#m00@AGG)I?h8|x}oyF|BaS<|pteQ>*_ z24$yKqkro=TamwBc~IZ1@9Z=hjqOdSuW!}2>krV@E%PBP4h-5v=)pw6Cf1!)xJB*% z(Bg>nuNZot3~tQ~me>FGW@9_o|9zBs`ZvZ{x3Fv~!<(7H()w@Iwzjr%{ohB)sDBu| zP5MNUZM?iKEU*7&t+|uy|31nJ`sb}(nHZJXNXtNDk^UQ-TQU7_ZErUppxT{}{=xry z{p*H`t=$4bSd%TAC|uvP0wG-<;oWEht0&`KRB!B5YVcEsnyLKF8FnpfPOxc(yY`8O zdsw!Gy{<@4*5xobuMq(M-9q{omyGk@G&F3jnguNH|LZ%oJpaF!vXuVW@9sz*kBL6W z==>in)PJL~*@*l9#`bpZ|L>!e%jLpDbfhDDNG#^CkprIG+CV*7xdOvrI!CguqM>2g z7E)v#^)RAFfK_B0=me|;?Gwv34b;JkV-kCYSg#6TKE>vUSQasKz;2ifTIIklW)mZB zZ;lBFiSG6V>naqwBW$w}Vb8`8ASBl0+Mfi~ZYo0K4p7)djRKI|$9G&3C2rQ!BK zLr@_=P>_)kZ7USO^t-a6V2gz?6SH`xLJ*TR3qy@7k1p#*LCQ#y)e+GtBM?LtlZ|NxKlZe}zW=v7v(KN&{GWCll{o=e5dWLaME4na+ygJcfG`?DNI(-= zb1(&$QBN^vW1Cmg9Kp>F23W_YY(q4f5_^conlm7J)iw;xs#4gBHB1I~k1#W?Owm2U zsuc_GtPaAu=T0eIpt9DG*XoV656a&DVAwd`zpCxLetBFo|9aVbS81!8^)DaJsvi$u zD}z_#+WAY}+Iqb|8%-*e_a`qUk^5UBFJOG}yugiIVJDnqa&T@&GY7~ijYYGA7Ro_c1$D5%InviKaczG zjp?_Yb7#x8|Lo(BWBl=;CY$ZOi89qrUv%sj^~1`$qn&>3{OPC7{g-=E=3p947s3%5 zqJnLkr03Y!-COX#*MU7|i*+g5(C``>v4*DC&`eQ|Cjd_%;lwE_5U1W5o^5KI&Wld- ze6scQRBp_+Ds|^~=hF-GlRY}_e|ga)@2Zu*-q!v!K0LJs!%ic+K!W^B$fwtgk{M8x zO&M>_l-5u;#@UD*IQom;(J5(dH3}LIqW;aiJB#u3QY*~{TeC^e^CX=Ctra@I)JIz zL5;ehL3yQVC@{lzqGZb=107jotkAP6m&stGL>bEZfbWg?I4x}3L?6)9 z*EF2LkhOY*DuuuW!N|MvmckX zuC$hr?_&zfwhKjw-3A&GOt02O{kZ6Ulj(RdwNpFj>Hr1XI(H)*nzC+gh6fH7|Gy#_OXo_PcYHwC&T2k3?%Dl)HXQW9nCVe>QSu{y>Dbt zNvMZs?Mw8@I+4{XAOA8mU}bS-&6|RrjVDDPGj>8xgMD&aa<#5 zCc<(pW2$Qgd^y8ogN8(t|K;huPVM$iti~l%^~hv2orRCf5L|A&p?)ih_rF6c)FF6!h`Iw${CDCE1Y*qU6$D+gx(7j5L+`41 z1Qxhb@2p-Xx3*YDZq0NBmU+72SY@8w#PgL9M3+O{jU@^Q-A~f8OAmCa)VaC&op=$$ z+$P)qRE1*mb83OW?k2w$2#lv2%O6mS7~q?WLg|ZT?;T#3AM-N?RRbgv|J>I+gb0lw zmj;#e3D(r0R;Vd=Kb_*Ru`cVjfWz4KCoe1A9{2}HfqmiL&i~3UZ1`UpQ_D!~@7{3x zFDt_RU-whjbB-(D{NyFu{m(|N*4Wu@HX8K#kDYogzyEn3C8PfNB&SaSl<6sc#TqU_ zgXw>3%hPx4?`Eyutb6*e*K3<}|G!?p@B9CzVc7HF7PbFF%fp|lJ&3eDncm2Fh)zvo zV9Fz!0(f^g*p7JU`40=}n8tS5oUt37e^ApvuF0^CV!*R!jAtep3~jW&S3-?ieQU!7 zJkpg);h}fuWbD#omr432#>g`I_Ea|UGkV2?oh(2OLURCiN{EOJT_JI<0_BmRlKu>; zkOKy6GDaabjVxsJ*_W5c=jbIHhK5d^o<k=2m$7h^3-v8g5HM)&|;&k6bht|KBMwCB&~g?cVuX699~Q4@)<>-vk>Lix1_ao zm9Pt$0KZN{oJRC3RPMvqnpA=x*1P_2;@&D0t2Q5(g~nhtOoLm(ceDBZMa) zV#yrQ;Y69{JLMI{GNBtrRs6S4jiN!zg}K2IFw?A>FXOX@%8_4o zZX!p={FdQs@d{$eJq^DCyY;I0Ky_+=_3PxgrbBw0JO-f}emk>vPynKhFw#f^Em9dv zr9^Fr--ENWle1k(2x1LM-xE{3JbNafHJwlEkM`N|(ecaMqNWa0$VKHW#<)DSG-4qw z-wLV6DKez-V!#|){rbid#Fni16{?|QZ!XY3u_^dHG(>8F=*JJV?i*#i@#mkTO$R#F zh05AWG4l>te?(`3nZTGt&u za~EEOZ&Rliitur_?z%1tZ(1@c8;+gPcQ$I9Ptv`xhj)CXSWi%y9-DzS(hYtswLGb#(-#Nj&Z~C4+}uCtEaqM0@{=5!_zO_MQ$)Kg#y6KL3ytNT zY%4=lww&Hys94==op-8lTYIubKnyyOt0yg%K2=Z7TloTI(A2!N)+Wku%0+H0o_--Dvf0L3?1Eo>6tt85MB#@6-%p)88L zp6%`hX6rpg#Im!%hM@`liX;Ig>Wo;TAfe~a%jn?b(4R1$nTjv{?~tdCz@SAXd9`}!Ur6*5qhO!;IM47%M!vCCD%`28r)f>beuo0qe5X*9~>BEAqh_VMGwN07mOul>V-NW|V&VdgD9nY!ngEo~6 z2;@l}GJxf*W8w|alYWNBj!Kv{Y*63>T_NKktPgEdIRarWVB7 zKkm%KDwn^t%b#e!;A5HM*sfoP8rT1K7tr(Xm){#3*QH<9BvdN+aor2LbQJORPKu-h zjZjIu--?vSWn{gIyjdSD$~MR;Bi{lGxj(iu$r8qL-@*(fM)8#sy)8H(6HFh7r0D~{ zfv6gE&jJ=xBNk)X6DhI|(-g_7YSO!bhKXcEhmy9)5{90G@QV?`8ze#OVL9U3_lJ>p zD0JyN7r4{-{M+RR3| zC=rTVxF{9+jzjm&DD&M$F>el@R=iqZ2L0)RXB8uOUS;5FuT zU+gvJ_r61~v6$`q_Zo9~TI@A4$Z{30v2ZfKVUIE-rn2u5yy@&d@^Hg>%&CQEaOwmW z5?pQOCQ*4)Hr#UOb5+PjhDj>yw|I7@bi2c8Ifv2vpO0c@7Ei=^V!PA0J>NWT60pxe zfFL)~CTaRqrBWA7RKbkkrm^C@h-h~K4AWk8x6#{E^!6Ad8;`{~`iV)(eucGhX!DpZ z@945jihezAzdMLkd1^>rGeBkZj@|g-FDGDzOQ{+C=$W*8;>(j9#Tbo2p}K8Vq`9ng zJ|3T(c8)sP+4+2O`u^zTxN|ul@%}+)@9cP4$OicMkul*{X=9%J% zjHSl)W%%MAVG(1=-I8>+1WDB#h9a>sG~KeB)I#geuKP@S$RLy8wxw`=I+jfc{WE!_ zg%_j>tS`qV?vt-AdN3ENwOYl`pLeY>5Zk@Hbe|mJO;c#{&tbdKw!Y;Z?f&+|HqmdW zcu{L^y0-`E>o;g3Cs{xKbFsc=U6gizT-1L^=pv%oau@=BPcKSq*6y11`9dmQUaVIh zUzFHKXkLTulGJL4hJ*UO>gKE>fuAPqBDdF0Ze{Q)t~I*(^by znzwlvkZwuRGnY!M_6(8d94~zO(V2O{0Av@y{)U}W&GSqg^75nUIfmKRL0SZ>d5G=C4>V-|!n2KW;yTZ=)t z5yld5zV#IDNUxCN(b%5FwvB?+*_}Rq3)_TQTMuSXf|u}FHG@t&7iz7exrn@*5NvCw z8^c0xnfzdrsAyHwAX?RGv4j!~rEPgH$50H5fT1Kr3PXt(%c&oG|@Iuk^WrhMM~SCj>vKAX&wBON>TR)SRaPTaa1f&F1QlnJ3%zp3+_8( zjb#gJY!8fLV{ZcwZz71jVO%iGK<0{tp7Gp@P<%vlMB>BTf-H=neky!7rXZwpld&(Q zeV@JgbM*G?mh}7dA!Hlr&Zq|lYxL75G<&@^x(`f zGt+!VF3t4X`g+PmNMHP@3_~lGGL0_eKzt9%Ia|f;r^Mb{2u=b=pNP=Qx%j#F=8p{& zz3|1Z_VlU6R$|*Msb{V958WT4hrMX+xBUOvmzTWcB`dC5y&@{*Ul "${base_path}/certs/${1}.conf" <<- EOF + [ req ] + prompt = no + default_bits = 2048 + default_md = sha256 + distinguished_name = req_distinguished_name + x509_extensions = v3_req + + [req_distinguished_name] + C = US + L = California + O = Wazuh + OU = Docu + CN = cname + + [ v3_req ] + authorityKeyIdentifier=keyid,issuer + basicConstraints = CA:FALSE + keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment + subjectAltName = @alt_names + + [alt_names] + IP.1 = cip + EOF + + conf="$(awk '{sub("CN = cname", "CN = '${1}'")}1' "${base_path}/certs/${1}.conf")" + echo "${conf}" > "${base_path}/certs/${1}.conf" + + isIP=$(echo "${2}" | grep -P "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$") + isDNS=$(echo "${2}" | grep -P "^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9](?:\.[a-zA-Z]{2,})+$" ) + + if [[ -n "${isIP}" ]]; then + conf="$(awk '{sub("IP.1 = cip", "IP.1 = '${2}'")}1' "${base_path}/certs/${1}.conf")" + echo "${conf}" > "${base_path}/certs/${1}.conf" + elif [[ -n "${isDNS}" ]]; then + conf="$(awk '{sub("CN = cname", "CN = '${2}'")}1' "${base_path}/certs/${1}.conf")" + echo "${conf}" > "${base_path}/certs/${1}.conf" + conf="$(awk '{sub("IP.1 = cip", "DNS.1 = '${2}'")}1' "${base_path}/certs/${1}.conf")" + echo "${conf}" > "${base_path}/certs/${1}.conf" + else + logger_cert -e "The given information does not match with an IP address or a DNS." + exit 1 + fi + +} + +function generateElasticsearchcertificates() { + + if [ ${#elasticsearch_node_names[@]} -gt 0 ]; then + logger_cert "Creating the Elasticsearch certificates." + + for i in "${!elasticsearch_node_names[@]}"; do + generateCertificateconfiguration "${elasticsearch_node_names[i]}" "${elasticsearch_node_ips[i]}" + eval "openssl req -new -nodes -newkey rsa:2048 -keyout ${base_path}/certs/${elasticsearch_node_names[i]}-key.pem -out ${base_path}/certs/${elasticsearch_node_names[i]}.csr -config ${base_path}/certs/${elasticsearch_node_names[i]}.conf -days 3650 ${debug_cert}" + eval "openssl x509 -req -in ${base_path}/certs/${elasticsearch_node_names[i]}.csr -CA ${base_path}/certs/root-ca.pem -CAkey ${base_path}/certs/root-ca.key -CAcreateserial -out ${base_path}/certs/${elasticsearch_node_names[i]}.pem -extfile ${base_path}/certs/${elasticsearch_node_names[i]}.conf -extensions v3_req -days 3650 ${debug_cert}" + eval "chmod 444 ${base_path}/certs/${elasticsearch_node_names[i]}-key.pem ${debug_cert}" + done + fi + +} + +function generateFilebeatcertificates() { + + if [ ${#wazuh_servers_node_names[@]} -gt 0 ]; then + logger_cert "Creating the Wazuh server certificates." + + for i in "${!wazuh_servers_node_names[@]}"; do + generateCertificateconfiguration "${wazuh_servers_node_names[i]}" "${wazuh_servers_node_ips[i]}" + eval "openssl req -new -nodes -newkey rsa:2048 -keyout ${base_path}/certs/${wazuh_servers_node_names[i]}-key.pem -out ${base_path}/certs/${wazuh_servers_node_names[i]}.csr -config ${base_path}/certs/${wazuh_servers_node_names[i]}.conf -days 3650 ${debug_cert}" + eval "openssl x509 -req -in ${base_path}/certs/${wazuh_servers_node_names[i]}.csr -CA ${base_path}/certs/root-ca.pem -CAkey ${base_path}/certs/root-ca.key -CAcreateserial -out ${base_path}/certs/${wazuh_servers_node_names[i]}.pem -extfile ${base_path}/certs/${wazuh_servers_node_names[i]}.conf -extensions v3_req -days 3650 ${debug_cert}" + done + fi + +} + +function generateKibanacertificates() { + + if [ ${#kibana_node_names[@]} -gt 0 ]; then + logger_cert "Creating the Kibana certificate." + + for i in "${!kibana_node_names[@]}"; do + generateCertificateconfiguration "${kibana_node_names[i]}" "${kibana_node_ips[i]}" + eval "openssl req -new -nodes -newkey rsa:2048 -keyout ${base_path}/certs/${kibana_node_names[i]}-key.pem -out ${base_path}/certs/${kibana_node_names[i]}.csr -config ${base_path}/certs/${kibana_node_names[i]}.conf -days 3650 ${debug_cert}" + eval "openssl x509 -req -in ${base_path}/certs/${kibana_node_names[i]}.csr -CA ${base_path}/certs/root-ca.pem -CAkey ${base_path}/certs/root-ca.key -CAcreateserial -out ${base_path}/certs/${kibana_node_names[i]}.pem -extfile ${base_path}/certs/${kibana_node_names[i]}.conf -extensions v3_req -days 3650 ${debug_cert}" + eval "chmod 444 ${base_path}/certs/${kibana_node_names[i]}-key.pem ${debug_cert}" + done + fi + +} + +function generateRootCAcertificate() { + + logger_cert "Creating the root certificate." + + eval "openssl req -x509 -new -nodes -newkey rsa:2048 -keyout ${base_path}/certs/root-ca.key -out ${base_path}/certs/root-ca.pem -batch -subj '/OU=Docu/O=Wazuh/L=California/' -days 3650 ${debug_cert}" + +} + +function getHelp() { + + echo -e "" + echo -e "NAME" + echo -e " wazuh-cert-tool.sh - Manages the creation of certificates of the Wazuh components." + echo -e "" + echo -e "SYNOPSIS" + echo -e " wazuh-cert-tool.sh [OPTIONS]" + echo -e "" + echo -e "DESCRIPTION" + echo -e " -a, --admin-certificates" + echo -e " Creates the admin certificates." + echo -e "" + echo -e " -ca, --root-ca-certificates" + echo -e " Creates the root-ca certificates." + echo -e "" + echo -e " -e, --elasticsearch-certificates" + echo -e " Creates the Elasticsearch certificates." + echo -e "" + echo -e " -k, --kibana-certificates" + echo -e " Creates the Kibana certificates." + echo -e "" + echo -e " -v, --verbose" + echo -e " Enables verbose mode." + echo -e "" + echo -e " -w, --wazuh-certificates" + echo -e " Creates the Wazuh server certificates." + + exit 1 + +} + +function main() { + + if [ "$EUID" -ne 0 ]; then + logger_cert -e "This script must be run as root." + exit 1 + fi + + checkOpenSSL + + if [[ -d ${base_path}/certs ]]; then + logger_cert -e "Folder ${base_path}/certs already exists. Please, remove the /certs folder to create new certificates." + exit 1 + else + mkdir "${base_path}/certs" + fi + + if [ -n "${1}" ]; then + while [ -n "${1}" ] + do + case "${1}" in + "-a"|"--admin-certificates") + cadmin=1 + shift 1 + ;; + "-ca"|"--root-ca-certificate") + ca=1 + shift 1 + ;; + "-e"|"--elasticsearch-certificates") + celasticsearch=1 + shift 1 + ;; + "-w"|"--wazuh-certificates") + cwazuh=1 + shift 1 + ;; + "-k"|"--kibana-certificates") + ckibana=1 + shift 1 + ;; + "-v"|"--verbose") + debugEnabled=1 + shift 1 + ;; + "-h"|"--help") + getHelp + ;; + *) + getHelp + esac + done + + readConfig + + if [ -n "${debugEnabled}" ]; then + debug_cert="2>&1 | tee -a ${logfile}" + fi + + if [[ -n "${cadmin}" ]]; then + generateAdmincertificate + logger_cert "Admin certificates created." + fi + + if [[ -n "${ca}" ]]; then + generateRootCAcertificate + logger_cert "Authority certificates created." + fi + + if [[ -n "${celasticsearch}" ]]; then + generateElasticsearchcertificates + logger_cert "Elasticsearch certificates created." + fi + + if [[ -n "${cwazuh}" ]]; then + generateFilebeatcertificates + logger_cert "Wazuh server certificates created." + fi + + if [[ -n "${ckibana}" ]]; then + generateKibanacertificates + logger_cert "Kibana certificates created." + fi + + else + readConfig + generateRootCAcertificate + generateAdmincertificate + generateElasticsearchcertificates + generateFilebeatcertificates + generateKibanacertificates + cleanFiles + fi + +} + +function parse_yaml() { + + local prefix=${2} + local s='[[:space:]]*' + local w='[a-zA-Z0-9_]*' + local fs=$(echo @|tr @ '\034') + sed -ne "s|^\($s\):|\1|" \ + -e "s|^\($s\)\($w\)$s:$s[\"']\(.*\)[\"']$s\$|\1$fs\2$fs\3|p" \ + -e "s|^\($s\)\($w\)$s:$s\(.*\)$s\$|\1$fs\2$fs\3|p" ${1} | + awk -F$fs '{ + indent = length($1)/2; + vname[indent] = $2; + for (i in vname) {if (i > indent) {delete vname[i]}} + if (length($3) > 0) { + vn=""; for (i=0; i /dev/null; then - useradd --system \ - --uid 1000 \ - --no-create-home \ - --home-dir $INSTALL_DIR \ - --gid $GROUP \ - --shell /sbin/nologin \ - --comment "$USER user" \ - $USER -fi +curl -o ${INDEXER_FILE} https://s3.amazonaws.com/warehouse.wazuh.com/indexer/${INDEXER_FILE} +tar -zvxf ${INDEXER_FILE} -# Create directories -mkdir -p ${INSTALL_DIR} -mkdir -p /etc -mkdir -p ${LOG_DIR} -mkdir -p ${LIB_DIR} -mkdir -p ${SYS_DIR} - -# Download required sources -curl -kOL https://s3.amazonaws.com/warehouse.wazuh.com/stack/indexer/wazuh-indexer-base-linux-x64.tar.gz -tar -xzf wazuh-indexer-*.tar.gz && rm -f wazuh-indexer-*.tar.gz -chown -R ${USER}:${GROUP} wazuh-indexer-*/* - -# Copy base files into directories -cp -rf wazuh-indexer-*/etc/wazuh.indexer /etc/ -cp -rf wazuh-indexer-*/etc/init.d/* /etc/init.d/ -cp -rf wazuh-indexer-*/etc/sysconfig/* /etc/sysconfig/ -cp -rf wazuh-indexer-*${SYS_DIR}/* ${SYS_DIR}/ -#rm -rf wazuh-indexer-*/etc -#rm -rf wazuh-indexer-*/usr -cp -pr wazuh-indexer-*/* ${INSTALL_DIR}/ - -# Download demo certificates -curl -kOL https://s3.amazonaws.com/warehouse.wazuh.com/stack/demo-certs.tar.gz -tar xzf demo-certs.tar.gz && rm -f demo-certs.tar.gz -chown -R ${USER}:${GROUP} certs -mkdir -p ${CONFIG_DIR}/certs/ -cp certs/admin.pem ${CONFIG_DIR}/certs/ -cp certs/admin-key.pem ${CONFIG_DIR}/certs/ -cp certs/demo-indexer.pem ${CONFIG_DIR}/certs/ -cp certs/demo-indexer-key.pem ${CONFIG_DIR}/certs/ -cp certs/root-ca.pem ${CONFIG_DIR}/certs/ - -#cp ${REPO_DIR}/install_functions/wazuh-cert-tool.sh ${INSTALL_DIR}/plugins/opensearch-security/tools/ -#cp ${REPO_DIR}/install_functions/wazuh-passwords-tool.sh ${INSTALL_DIR}/plugins/opensearch-security/tools/ -#cp ${REPO_DIR}/config/opensearch/certificate/config_aio.yml ${INSTALL_DIR}/plugins/opensearch-security/tools/config.yml - -#cp ${REPO_DIR}/config/opensearch/roles/internal_users.yml ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/ -#cp ${REPO_DIR}/config/opensearch/roles/roles.yml ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/ -#cp ${REPO_DIR}/config/opensearch/roles/roles_mapping.yml ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/ - -chmod 0660 "/etc/sysconfig/${NAME}" && chown root:${GROUP} "/etc/sysconfig/${NAME}" -chmod 400 ${CONFIG_DIR}/certs/admin.pem && chown ${USER}:${GROUP} ${CONFIG_DIR}/certs/admin.pem -chmod 400 ${CONFIG_DIR}/certs/admin-key.pem && chown ${USER}:${GROUP} ${CONFIG_DIR}/certs/admin-key.pem -chmod 400 ${CONFIG_DIR}/certs/demo-indexer.pem && chown ${USER}:${GROUP} ${CONFIG_DIR}/certs/demo-indexer.pem -chmod 400 ${CONFIG_DIR}/certs/demo-indexer-key.pem && chown ${USER}:${GROUP} ${CONFIG_DIR}/certs/demo-indexer-key.pem -chmod 400 ${CONFIG_DIR}/certs/root-ca.pem && chown ${USER}:${GROUP} ${CONFIG_DIR}/certs/root-ca.pem -chmod 660 ${CONFIG_DIR}/jvm.options && chown ${USER}:${GROUP} ${CONFIG_DIR}/jvm.options -chmod 660 ${CONFIG_DIR}/opensearch.yml && chown ${USER}:${GROUP} ${CONFIG_DIR}/opensearch.yml -chmod 660 ${CONFIG_DIR}/log4j2.properties && chown ${USER}:${GROUP} ${CONFIG_DIR}/log4j2.properties -chmod 750 ${CONFIG_DIR} && chown ${USER}:${GROUP} ${CONFIG_DIR} -chmod 750 ${LIB_DIR} && chown ${USER}:${GROUP} ${LIB_DIR} -chmod 750 ${LOG_DIR} && chown ${USER}:${GROUP} ${LOG_DIR} -chmod 750 ${INSTALL_DIR}/performance-analyzer-rca/lib && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib -chmod 750 ${INSTALL_DIR} && chown ${USER}:${GROUP} ${INSTALL_DIR} -chmod 750 ${INSTALL_DIR}/performance-analyzer-rca && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca -chmod 750 ${INSTALL_DIR}/performance-analyzer-rca/bin && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/bin -chmod 750 ${INSTALL_DIR}/performance-analyzer-rca/pa_bin && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/pa_bin -chmod 750 ${INSTALL_DIR}/performance-analyzer-rca/pa_config && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/pa_config -chmod 750 ${INSTALL_DIR}/bin && chown ${USER}:${GROUP} ${INSTALL_DIR}/bin -chmod 750 ${INSTALL_DIR}/lib && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib -chmod 750 ${INSTALL_DIR}/lib/tools && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/tools -chmod 750 ${INSTALL_DIR}/lib/tools/plugin-cli && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/tools/plugin-cli -chmod 750 ${INSTALL_DIR}/lib/tools/upgrade-cli && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/tools/upgrade-cli -chmod 750 ${INSTALL_DIR}/lib/tools/keystore-cli && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/tools/keystore-cli -chmod 750 ${CONFIG_DIR}/certs && chown ${USER}:${GROUP} ${CONFIG_DIR}/certs -chmod 750 ${CONFIG_DIR}/opensearch-observability && chown ${USER}:${GROUP} ${CONFIG_DIR}/opensearch-observability -chmod 750 ${CONFIG_DIR}/opensearch-reports-scheduler && chown ${USER}:${GROUP} ${CONFIG_DIR}/opensearch-reports-scheduler -chmod 750 ${CONFIG_DIR}/jvm.options.d && chown ${USER}:${GROUP} ${CONFIG_DIR}/jvm.options.d -chmod 750 ${INSTALL_DIR}/plugins && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins -chmod 750 ${INSTALL_DIR}/plugins/opensearch-observability && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-observability -chmod 750 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler -chmod 750 ${INSTALL_DIR}/plugins/opensearch-sql && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql -chmod 750 ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication -chmod 750 ${INSTALL_DIR}/plugins/opensearch-knn && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn -chmod 750 ${INSTALL_DIR}/plugins/opensearch-knn/knnlib && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/knnlib -chmod 750 ${INSTALL_DIR}/plugins/opensearch-index-management && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management -chmod 750 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer -chmod 750 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_bin && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_bin -chmod 750 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config -chmod 750 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/extensions && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/extensions -chmod 750 ${INSTALL_DIR}/plugins/opensearch-job-scheduler && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-job-scheduler -chmod 750 ${INSTALL_DIR}/plugins/opensearch-security && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security -chmod 750 ${INSTALL_DIR}/plugins/opensearch-security/securityconfig && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/securityconfig -chmod 750 ${INSTALL_DIR}/plugins/opensearch-security/tools && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/tools -chmod 750 ${INSTALL_DIR}/plugins/opensearch-asynchronous-search && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-asynchronous-search -chmod 750 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection -chmod 750 ${INSTALL_DIR}/plugins/opensearch-alerting && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting -chmod 750 ${INSTALL_DIR}/modules && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules -chmod 750 ${INSTALL_DIR}/modules/ingest-common && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-common -chmod 750 ${INSTALL_DIR}/modules/geo && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/geo -chmod 750 ${INSTALL_DIR}/modules/ingest-geoip && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-geoip -chmod 750 ${INSTALL_DIR}/modules/percolator && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/percolator -chmod 750 ${INSTALL_DIR}/modules/analysis-common && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/analysis-common -chmod 750 ${INSTALL_DIR}/modules/aggs-matrix-stats && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/aggs-matrix-stats -chmod 750 ${INSTALL_DIR}/modules/repository-url && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/repository-url -chmod 750 ${INSTALL_DIR}/modules/lang-mustache && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-mustache -chmod 750 ${INSTALL_DIR}/modules/systemd && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/systemd -chmod 750 ${INSTALL_DIR}/modules/transport-netty4 && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/transport-netty4 -chmod 750 ${INSTALL_DIR}/modules/lang-expression && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-expression -chmod 750 ${INSTALL_DIR}/modules/lang-painless && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-painless -chmod 750 ${INSTALL_DIR}/modules/rank-eval && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/rank-eval -chmod 750 ${INSTALL_DIR}/modules/opensearch-dashboards && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/opensearch-dashboards -chmod 750 ${INSTALL_DIR}/modules/ingest-user-agent && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-user-agent -chmod 750 ${INSTALL_DIR}/modules/mapper-extras && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/mapper-extras -chmod 750 ${INSTALL_DIR}/modules/parent-join && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/parent-join -chmod 750 ${INSTALL_DIR}/modules/reindex && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/reindex -chmod 750 ${INSTALL_DIR}/jdk && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk -chmod 750 ${INSTALL_DIR}/jdk/man && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man -chmod 750 ${INSTALL_DIR}/jdk/man/man1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1 -chmod 750 ${INSTALL_DIR}/jdk/bin && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin -chmod 750 ${INSTALL_DIR}/jdk/legal && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal -chmod 750 ${INSTALL_DIR}/jdk/legal/java.base && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.base -chmod 750 ${INSTALL_DIR}/jdk/legal/java.security.sasl && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.security.sasl -chmod 750 ${INSTALL_DIR}/jdk/legal/java.scripting && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.scripting -chmod 750 ${INSTALL_DIR}/jdk/legal/java.management && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.management -chmod 750 ${INSTALL_DIR}/jdk/legal/java.xml && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.xml -chmod 750 ${INSTALL_DIR}/jdk/legal/java.smartcardio && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.smartcardio -chmod 750 ${INSTALL_DIR}/jdk/legal/java.transaction.xa && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.transaction.xa -chmod 750 ${INSTALL_DIR}/jdk/legal/java.prefs && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.prefs -chmod 750 ${INSTALL_DIR}/jdk/legal/java.compiler && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.compiler -chmod 750 ${INSTALL_DIR}/jdk/legal/java.logging && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.logging -chmod 750 ${INSTALL_DIR}/jdk/legal/java.xml.crypto && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.xml.crypto -chmod 750 ${INSTALL_DIR}/jdk/legal/java.sql.rowset && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.sql.rowset -chmod 750 ${INSTALL_DIR}/jdk/legal/java.net.http && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.net.http -chmod 750 ${INSTALL_DIR}/jdk/legal/java.rmi && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.rmi -chmod 750 ${INSTALL_DIR}/jdk/legal/java.sql && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.sql -chmod 750 ${INSTALL_DIR}/jdk/legal/java.naming && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.naming -chmod 750 ${INSTALL_DIR}/jdk/legal/java.datatransfer && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.datatransfer -chmod 750 ${INSTALL_DIR}/jdk/legal/java.instrument && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.instrument -chmod 750 ${INSTALL_DIR}/jdk/legal/java.management.rmi && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.management.rmi -chmod 750 ${INSTALL_DIR}/jdk/legal/java.desktop && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.desktop -chmod 750 ${INSTALL_DIR}/jdk/lib && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib -chmod 750 ${INSTALL_DIR}/jdk/lib/server && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/server -chmod 750 ${INSTALL_DIR}/jdk/lib/jfr && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/jfr -chmod 750 ${INSTALL_DIR}/jdk/lib/security && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/security -chmod 750 ${INSTALL_DIR}/jdk/include && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/include -chmod 750 ${INSTALL_DIR}/jdk/include/linux && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/include/linux -chmod 750 ${INSTALL_DIR}/jdk/conf && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf -chmod 750 ${INSTALL_DIR}/jdk/conf/sdp && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/sdp -chmod 750 ${INSTALL_DIR}/jdk/conf/management && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/management -chmod 750 ${INSTALL_DIR}/jdk/conf/security && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/security -chmod 750 ${INSTALL_DIR}/jdk/conf/security/policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/security/policy -chmod 750 ${INSTALL_DIR}/jdk/conf/security/policy/limited && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/security/policy/limited -chmod 750 ${INSTALL_DIR}/jdk/conf/security/policy/unlimited && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/security/policy/unlimited -chmod 750 ${INSTALL_DIR}/jdk/jmods && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods -chmod 0750 /etc/init.d/${NAME} && chown root:root /etc/init.d/${NAME} -chmod 0640 ${SYS_DIR}/sysctl.d/${NAME}.conf && chown root:root ${SYS_DIR}/sysctl.d/${NAME}.conf -chmod 0640 ${SYS_DIR}/systemd/system/${NAME}.service && chown root:root ${SYS_DIR}/systemd/system/${NAME}.service -chmod 0640 ${SYS_DIR}/systemd/system/${NAME}-performance-analyzer.service && chown root:root ${SYS_DIR}/systemd/system/${NAME}-performance-analyzer.service -chmod 0640 ${SYS_DIR}/tmpfiles.d/${NAME}.conf && chown root:root ${SYS_DIR}/tmpfiles.d/${NAME}.conf -chmod 750 ${INSTALL_DIR}/performance-analyzer-rca/bin/performance-analyzer-rca && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/bin/performance-analyzer-rca -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/performance-analyzer-rca-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/performance-analyzer-rca-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/error_prone_annotations-2.3.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/error_prone_annotations-2.3.4.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/sqlite-jdbc-3.32.3.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/sqlite-jdbc-3.32.3.2.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-stub-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-stub-1.28.0.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/log4j-api-2.17.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/log4j-api-2.17.1.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/bcpkix-jdk15on-1.68.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/bcpkix-jdk15on-1.68.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/bcprov-jdk15on-1.68.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/bcprov-jdk15on-1.68.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/jackson-databind-2.11.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/jackson-databind-2.11.4.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/protobuf-java-3.11.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/protobuf-java-3.11.0.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/gson-2.8.6.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/gson-2.8.6.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/j2objc-annotations-1.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/j2objc-annotations-1.3.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/commons-lang3-3.9.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/commons-lang3-3.9.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/jsr305-3.0.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/jsr305-3.0.2.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/log4j-core-2.17.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/log4j-core-2.17.1.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/perfmark-api-0.19.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/perfmark-api-0.19.0.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/guava-28.2-jre.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/guava-28.2-jre.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-core-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-core-1.28.0.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-netty-shaded-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-netty-shaded-1.28.0.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-context-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-context-1.28.0.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/annotations-4.1.1.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/annotations-4.1.1.4.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/animal-sniffer-annotations-1.18.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/animal-sniffer-annotations-1.18.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/jackson-annotations-2.11.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/jackson-annotations-2.11.4.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/proto-google-common-protos-1.17.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/proto-google-common-protos-1.17.0.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/javax.annotation-api-1.3.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/javax.annotation-api-1.3.2.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/checker-qual-2.10.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/checker-qual-2.10.0.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/commons-io-2.7.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/commons-io-2.7.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/jooq-3.10.8.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/jooq-3.10.8.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/jackson-core-2.11.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/jackson-core-2.11.4.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-protobuf-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-protobuf-1.28.0.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-protobuf-lite-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-protobuf-lite-1.28.0.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-api-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/grpc-api-1.28.0.jar -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/lib/failureaccess-1.0.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/lib/failureaccess-1.0.1.jar -chmod 750 ${INSTALL_DIR}/performance-analyzer-rca/pa_bin/performance-analyzer-agent && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/pa_bin/performance-analyzer-agent -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/pa_config/agent-stats-metadata && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/pa_config/agent-stats-metadata -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/pa_config/plugin-stats-metadata && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/pa_config/plugin-stats-metadata -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/pa_config/performance-analyzer.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/pa_config/performance-analyzer.properties -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/pa_config/rca_master.conf && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/pa_config/rca_master.conf -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/pa_config/rca.conf && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/pa_config/rca.conf -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/pa_config/opensearch_security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/pa_config/opensearch_security.policy -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/pa_config/log4j2.xml && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/pa_config/log4j2.xml -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/pa_config/rca_idle_master.conf && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/pa_config/rca_idle_master.conf -chmod 640 ${INSTALL_DIR}/performance-analyzer-rca/pa_config/supervisord.conf && chown ${USER}:${GROUP} ${INSTALL_DIR}/performance-analyzer-rca/pa_config/supervisord.conf -chmod 750 ${INSTALL_DIR}/bin/opensearch-shard && chown ${USER}:${GROUP} ${INSTALL_DIR}/bin/opensearch-shard -chmod 750 ${INSTALL_DIR}/bin/opensearch-node && chown ${USER}:${GROUP} ${INSTALL_DIR}/bin/opensearch-node -chmod 750 ${INSTALL_DIR}/bin/opensearch-keystore && chown ${USER}:${GROUP} ${INSTALL_DIR}/bin/opensearch-keystore -chmod 750 ${INSTALL_DIR}/bin/opensearch-plugin && chown ${USER}:${GROUP} ${INSTALL_DIR}/bin/opensearch-plugin -chmod 750 ${INSTALL_DIR}/bin/opensearch && chown ${USER}:${GROUP} ${INSTALL_DIR}/bin/opensearch -chmod 750 ${INSTALL_DIR}/bin/opensearch-cli && chown ${USER}:${GROUP} ${INSTALL_DIR}/bin/opensearch-cli -chmod 750 ${INSTALL_DIR}/bin/opensearch-env && chown ${USER}:${GROUP} ${INSTALL_DIR}/bin/opensearch-env -chmod 750 ${INSTALL_DIR}/bin/performance-analyzer-agent-cli && chown ${USER}:${GROUP} ${INSTALL_DIR}/bin/performance-analyzer-agent-cli -chmod 750 ${INSTALL_DIR}/bin/opensearch-env-from-file && chown ${USER}:${GROUP} ${INSTALL_DIR}/bin/opensearch-env-from-file -chmod 750 ${INSTALL_DIR}/bin/opensearch-upgrade && chown ${USER}:${GROUP} ${INSTALL_DIR}/bin/opensearch-upgrade -chmod 750 ${INSTALL_DIR}/bin/systemd-entrypoint && chown ${USER}:${GROUP} ${INSTALL_DIR}/bin/systemd-entrypoint -chmod 640 ${INSTALL_DIR}/lib/hppc-0.8.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/hppc-0.8.1.jar -chmod 640 ${INSTALL_DIR}/lib/lucene-highlighter-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-highlighter-8.10.1.jar -chmod 640 ${INSTALL_DIR}/lib/opensearch-geo-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/opensearch-geo-1.2.4.jar -chmod 640 ${INSTALL_DIR}/lib/lucene-spatial-extras-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-spatial-extras-8.10.1.jar -chmod 640 ${INSTALL_DIR}/lib/opensearch-cli-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/opensearch-cli-1.2.4.jar -chmod 640 ${INSTALL_DIR}/lib/java-version-checker-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/java-version-checker-1.2.4.jar -chmod 640 ${INSTALL_DIR}/lib/lucene-memory-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-memory-8.10.1.jar -chmod 640 ${INSTALL_DIR}/lib/log4j-api-2.17.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/log4j-api-2.17.1.jar -chmod 640 ${INSTALL_DIR}/lib/lucene-analyzers-common-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-analyzers-common-8.10.1.jar -chmod 640 ${INSTALL_DIR}/lib/snakeyaml-1.26.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/snakeyaml-1.26.jar -chmod 640 ${INSTALL_DIR}/lib/joda-time-2.10.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/joda-time-2.10.4.jar -chmod 640 ${INSTALL_DIR}/lib/opensearch-x-content-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/opensearch-x-content-1.2.4.jar -chmod 640 ${INSTALL_DIR}/lib/lucene-join-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-join-8.10.1.jar -chmod 640 ${INSTALL_DIR}/lib/opensearch-plugin-classloader-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/opensearch-plugin-classloader-1.2.4.jar -chmod 640 ${INSTALL_DIR}/lib/jna-5.5.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/jna-5.5.0.jar -chmod 640 ${INSTALL_DIR}/lib/jackson-dataformat-smile-2.12.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/jackson-dataformat-smile-2.12.5.jar -chmod 640 ${INSTALL_DIR}/lib/log4j-core-2.17.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/log4j-core-2.17.1.jar -chmod 640 ${INSTALL_DIR}/lib/lucene-suggest-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-suggest-8.10.1.jar -chmod 640 ${INSTALL_DIR}/lib/opensearch-launchers-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/opensearch-launchers-1.2.4.jar -chmod 640 ${INSTALL_DIR}/lib/jackson-dataformat-yaml-2.12.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/jackson-dataformat-yaml-2.12.5.jar -chmod 640 ${INSTALL_DIR}/lib/HdrHistogram-2.1.9.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/HdrHistogram-2.1.9.jar -chmod 640 ${INSTALL_DIR}/lib/lucene-core-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-core-8.10.1.jar -chmod 640 ${INSTALL_DIR}/lib/lucene-queries-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-queries-8.10.1.jar -chmod 640 ${INSTALL_DIR}/lib/opensearch-secure-sm-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/opensearch-secure-sm-1.2.4.jar -chmod 640 ${INSTALL_DIR}/lib/tools/plugin-cli/bcpg-fips-1.0.5.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/tools/plugin-cli/bcpg-fips-1.0.5.1.jar -chmod 640 ${INSTALL_DIR}/lib/tools/plugin-cli/opensearch-plugin-cli-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/tools/plugin-cli/opensearch-plugin-cli-1.2.4.jar -chmod 640 ${INSTALL_DIR}/lib/tools/plugin-cli/bc-fips-1.0.2.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/tools/plugin-cli/bc-fips-1.0.2.1.jar -chmod 640 ${INSTALL_DIR}/lib/tools/upgrade-cli/jackson-annotations-2.12.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/tools/upgrade-cli/jackson-annotations-2.12.5.jar -chmod 640 ${INSTALL_DIR}/lib/tools/upgrade-cli/jackson-databind-2.12.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/tools/upgrade-cli/jackson-databind-2.12.5.jar -chmod 640 ${INSTALL_DIR}/lib/tools/upgrade-cli/jackson-core-2.12.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/tools/upgrade-cli/jackson-core-2.12.5.jar -chmod 640 ${INSTALL_DIR}/lib/tools/upgrade-cli/opensearch-upgrade-cli-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/tools/upgrade-cli/opensearch-upgrade-cli-1.2.4.jar -chmod 640 ${INSTALL_DIR}/lib/tools/keystore-cli/keystore-cli-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/tools/keystore-cli/keystore-cli-1.2.4.jar -chmod 640 ${INSTALL_DIR}/lib/lucene-queryparser-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-queryparser-8.10.1.jar -chmod 640 ${INSTALL_DIR}/lib/lucene-sandbox-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-sandbox-8.10.1.jar -chmod 640 ${INSTALL_DIR}/lib/jts-core-1.15.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/jts-core-1.15.0.jar -chmod 640 ${INSTALL_DIR}/lib/jackson-dataformat-cbor-2.12.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/jackson-dataformat-cbor-2.12.5.jar -chmod 640 ${INSTALL_DIR}/lib/opensearch-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/opensearch-1.2.4.jar -chmod 640 ${INSTALL_DIR}/lib/lucene-grouping-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-grouping-8.10.1.jar -chmod 640 ${INSTALL_DIR}/lib/lucene-misc-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-misc-8.10.1.jar -chmod 640 ${INSTALL_DIR}/lib/jackson-core-2.12.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/jackson-core-2.12.5.jar -chmod 640 ${INSTALL_DIR}/lib/t-digest-3.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/t-digest-3.2.jar -chmod 640 ${INSTALL_DIR}/lib/opensearch-core-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/opensearch-core-1.2.4.jar -chmod 640 ${INSTALL_DIR}/lib/lucene-backward-codecs-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-backward-codecs-8.10.1.jar -chmod 640 ${INSTALL_DIR}/lib/spatial4j-0.7.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/spatial4j-0.7.jar -chmod 640 ${INSTALL_DIR}/lib/jopt-simple-5.0.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/jopt-simple-5.0.2.jar -chmod 640 ${INSTALL_DIR}/lib/lucene-spatial3d-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/lib/lucene-spatial3d-8.10.1.jar -chmod 660 ${CONFIG_DIR}/opensearch-observability/observability.yml && chown ${USER}:${GROUP} ${CONFIG_DIR}/opensearch-observability/observability.yml -chmod 660 ${CONFIG_DIR}/opensearch-reports-scheduler/reports-scheduler.yml && chown ${USER}:${GROUP} ${CONFIG_DIR}/opensearch-reports-scheduler/reports-scheduler.yml -chmod 640 ${INSTALL_DIR}/NOTICE.txt && chown ${USER}:${GROUP} ${INSTALL_DIR}/NOTICE.txt -chmod 640 ${INSTALL_DIR}/LICENSE.txt && chown ${USER}:${GROUP} ${INSTALL_DIR}/LICENSE.txt -chmod 640 ${INSTALL_DIR}/plugins/opensearch-observability/opensearch-observability-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-observability/opensearch-observability-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-observability/common-utils-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-observability/common-utils-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-observability/kotlin-stdlib-1.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-observability/kotlin-stdlib-1.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-observability/annotations-13.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-observability/annotations-13.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-observability/kotlinx-coroutines-core-jvm-1.3.9.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-observability/kotlinx-coroutines-core-jvm-1.3.9.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-observability/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-observability/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/plugins/opensearch-observability/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-observability/plugin-security.policy -chmod 640 ${INSTALL_DIR}/plugins/opensearch-observability/kotlin-stdlib-common-1.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-observability/kotlin-stdlib-common-1.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-observability/guava-15.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-observability/guava-15.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/jsoup-1.14.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/jsoup-1.14.3.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/minimal-json-0.9.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/minimal-json-0.9.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/json-flattener-0.1.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/json-flattener-0.1.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/common-utils-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/common-utils-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/kotlin-stdlib-1.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/kotlin-stdlib-1.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/annotations-13.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/annotations-13.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/json-20180813.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/json-20180813.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/kotlinx-coroutines-core-jvm-1.3.9.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/kotlinx-coroutines-core-jvm-1.3.9.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/plugin-security.policy -chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/kotlin-stdlib-common-1.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/kotlin-stdlib-common-1.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/opensearch-reports-scheduler-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/opensearch-reports-scheduler-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/guava-15.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-reports-scheduler/guava-15.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/spring-beans-5.2.5.RELEASE.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/spring-beans-5.2.5.RELEASE.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/resilience4j-core-1.5.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/resilience4j-core-1.5.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/error_prone_annotations-2.3.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/error_prone_annotations-2.3.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/core-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/core-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/spring-expression-5.2.5.RELEASE.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/spring-expression-5.2.5.RELEASE.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/httpcore-nio-4.4.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/httpcore-nio-4.4.12.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/httpasyncclient-4.1.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/httpasyncclient-4.1.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/spring-aop-5.2.5.RELEASE.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/spring-aop-5.2.5.RELEASE.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/guava-29.0-jre.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/guava-29.0-jre.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/protocol-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/protocol-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/spring-context-5.2.5.RELEASE.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/spring-context-5.2.5.RELEASE.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/slf4j-api-1.7.30.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/slf4j-api-1.7.30.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/druid-1.0.15.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/druid-1.0.15.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/sql-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/sql-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/opensearch-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/opensearch-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/commons-lang3-3.10.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/commons-lang3-3.10.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/jackson-databind-2.11.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/jackson-databind-2.11.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/checker-qual-2.11.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/checker-qual-2.11.1.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/reindex-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/reindex-client-1.2.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/gson-2.8.9.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/gson-2.8.9.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/j2objc-annotations-1.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/j2objc-annotations-1.3.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/jsr305-3.0.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/jsr305-3.0.2.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/spring-core-5.2.5.RELEASE.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/spring-core-5.2.5.RELEASE.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/antlr4-runtime-4.7.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/antlr4-runtime-4.7.1.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/json-20180813.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/json-20180813.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/NOTICE.txt && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/NOTICE.txt -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/resilience4j-retry-1.5.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/resilience4j-retry-1.5.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/spring-jcl-5.2.5.RELEASE.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/spring-jcl-5.2.5.RELEASE.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/LICENSE.txt && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/LICENSE.txt -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/jackson-annotations-2.11.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/jackson-annotations-2.11.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/vavr-match-0.10.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/vavr-match-0.10.2.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/parent-join-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/parent-join-client-1.2.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/vavr-0.10.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/vavr-0.10.2.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/presto-matching-0.240.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/presto-matching-0.240.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/opensearch-rest-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/opensearch-rest-client-1.2.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/plugin-security.policy -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/httpclient-4.5.13.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/httpclient-4.5.13.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/legacy-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/legacy-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/opensearch-ssl-config-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/opensearch-ssl-config-1.2.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/commons-codec-1.13.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/commons-codec-1.13.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/opensearch-sql-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/opensearch-sql-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/commons-math3-3.6.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/commons-math3-3.6.1.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/ppl-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/ppl-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/httpcore-4.4.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/httpcore-4.4.12.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/failureaccess-1.0.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/failureaccess-1.0.1.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-sql/common-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-sql/common-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/ipaddress-5.3.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/ipaddress-5.3.3.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/common-utils-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/common-utils-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/annotations-13.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/annotations-13.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/kotlinx-coroutines-core-1.3.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/kotlinx-coroutines-core-1.3.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/opensearch-cross-cluster-replication-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/opensearch-cross-cluster-replication-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/kotlin-stdlib-common-1.3.72.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/kotlin-stdlib-common-1.3.72.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/kotlin-stdlib-jdk7-1.3.72.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/kotlin-stdlib-jdk7-1.3.72.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/kotlin-stdlib-1.3.72.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/kotlin-stdlib-1.3.72.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/kotlin-stdlib-jdk8-1.3.72.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-cross-cluster-replication/kotlin-stdlib-jdk8-1.3.72.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/commons-lang-2.6.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/commons-lang-2.6.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/error_prone_annotations-2.3.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/error_prone_annotations-2.3.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/guava-29.0-jre.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/guava-29.0-jre.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/opensearch-knn-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/opensearch-knn-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/checker-qual-2.11.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/checker-qual-2.11.1.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/j2objc-annotations-1.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/j2objc-annotations-1.3.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/jsr305-3.0.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/jsr305-3.0.2.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/knnlib/libopensearchknn_common.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/knnlib/libopensearchknn_common.so -chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/knnlib/libgomp.so.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/knnlib/libgomp.so.1 -chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/knnlib/libopensearchknn_nmslib.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/knnlib/libopensearchknn_nmslib.so -chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/knnlib/libopensearchknn_faiss.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/knnlib/libopensearchknn_faiss.so -chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/plugin-security.policy -chmod 640 ${INSTALL_DIR}/plugins/opensearch-knn/failureaccess-1.0.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-knn/failureaccess-1.0.1.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-index-management/ipaddress-5.3.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management/ipaddress-5.3.3.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-index-management/common-utils-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management/common-utils-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-index-management/kotlin-stdlib-1.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management/kotlin-stdlib-1.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-index-management/annotations-13.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management/annotations-13.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-index-management/kotlinx-coroutines-core-jvm-1.3.9.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management/kotlinx-coroutines-core-jvm-1.3.9.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-index-management/notification-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management/notification-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-index-management/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/plugins/opensearch-index-management/kotlin-stdlib-jdk8-1.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management/kotlin-stdlib-jdk8-1.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-index-management/opensearch-index-management-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management/opensearch-index-management-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-index-management/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management/plugin-security.policy -chmod 640 ${INSTALL_DIR}/plugins/opensearch-index-management/kotlin-stdlib-common-1.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management/kotlin-stdlib-common-1.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-index-management/kotlin-stdlib-jdk7-1.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-index-management/kotlin-stdlib-jdk7-1.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/error_prone_annotations-2.3.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/error_prone_annotations-2.3.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/sqlite-jdbc-3.32.3.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/sqlite-jdbc-3.32.3.2.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-stub-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-stub-1.28.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/bcpkix-jdk15on-1.68.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/bcpkix-jdk15on-1.68.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/bcprov-jdk15on-1.68.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/bcprov-jdk15on-1.68.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/jackson-databind-2.11.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/jackson-databind-2.11.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/protobuf-java-3.11.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/protobuf-java-3.11.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/paranamer-2.8.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/paranamer-2.8.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/jackson-module-paranamer-2.11.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/jackson-module-paranamer-2.11.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/gson-2.8.6.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/gson-2.8.6.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/j2objc-annotations-1.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/j2objc-annotations-1.3.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/commons-lang3-3.9.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/commons-lang3-3.9.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/jsr305-3.0.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/jsr305-3.0.2.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/perfmark-api-0.19.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/perfmark-api-0.19.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/opensearch-performance-analyzer-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/opensearch-performance-analyzer-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/guava-28.2-jre.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/guava-28.2-jre.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-core-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-core-1.28.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-netty-shaded-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-netty-shaded-1.28.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-context-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-context-1.28.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/annotations-4.1.1.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/annotations-4.1.1.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/animal-sniffer-annotations-1.18.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/animal-sniffer-annotations-1.18.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/jackson-annotations-2.11.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/jackson-annotations-2.11.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_bin/performance-analyzer-agent && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_bin/performance-analyzer-agent -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/performance-analyzer.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/performance-analyzer.properties -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/rca_master.conf && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/rca_master.conf -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/rca.conf && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/rca.conf -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/agent-stats-metadata && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/agent-stats-metadata -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/plugin-stats-metadata && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/plugin-stats-metadata -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/opensearch_security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/opensearch_security.policy -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/log4j2.xml && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/log4j2.xml -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/rca_idle_master.conf && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/rca_idle_master.conf -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/supervisord.conf && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/pa_config/supervisord.conf -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/performanceanalyzer-rca-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/performanceanalyzer-rca-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/proto-google-common-protos-1.17.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/proto-google-common-protos-1.17.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/plugin-security.policy -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/javax.annotation-api-1.3.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/javax.annotation-api-1.3.2.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/checker-qual-2.10.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/checker-qual-2.10.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/commons-io-2.7.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/commons-io-2.7.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/jooq-3.10.8.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/jooq-3.10.8.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-protobuf-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-protobuf-1.28.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-protobuf-lite-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-protobuf-lite-1.28.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/extensions/performance-analyzer-agent && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/extensions/performance-analyzer-agent -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-api-1.28.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/grpc-api-1.28.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/failureaccess-1.0.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-performance-analyzer/failureaccess-1.0.1.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-job-scheduler/opensearch-job-scheduler-spi-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-job-scheduler/opensearch-job-scheduler-spi-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-job-scheduler/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-job-scheduler/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/plugins/opensearch-job-scheduler/opensearch-job-scheduler-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-job-scheduler/opensearch-job-scheduler-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensaml-saml-api-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensaml-saml-api-3.4.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/commons-codec-1.14.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/commons-codec-1.14.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/java-saml-2.5.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/java-saml-2.5.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/slf4j-api-1.7.25.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/slf4j-api-1.7.25.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/minimal-json-0.9.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/minimal-json-0.9.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensaml-security-api-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensaml-security-api-3.4.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jakarta.jws-api-2.1.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jakarta.jws-api-2.1.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/netty-codec-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/netty-codec-4.1.72.Final.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jackson-databind-2.11.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jackson-databind-2.11.2.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jakarta.activation-1.2.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jakarta.activation-1.2.2.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/commons-logging-1.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/commons-logging-1.2.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/json-path-2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/json-path-2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/aggs-matrix-stats-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/aggs-matrix-stats-client-1.2.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/httpcore-nio-4.4.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/httpcore-nio-4.4.12.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/httpasyncclient-4.1.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/httpasyncclient-4.1.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/lang-mustache-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/lang-mustache-client-1.2.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/bcprov-jdk15on-1.67.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/bcprov-jdk15on-1.67.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/json-flattener-0.5.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/json-flattener-0.5.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/cxf-rt-rs-json-basic-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/cxf-rt-rs-json-basic-3.4.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/snappy-java-1.1.7.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/snappy-java-1.1.7.3.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/netty-common-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/netty-common-4.1.72.Final.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensaml-xmlsec-impl-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensaml-xmlsec-impl-3.4.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/txw2-2.3.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/txw2-2.3.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/cxf-core-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/cxf-core-3.4.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jackson-annotations-2.11.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jackson-annotations-2.11.2.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/metrics-core-3.1.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/metrics-core-3.1.2.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensaml-soap-impl-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensaml-soap-impl-3.4.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/j2objc-annotations-1.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/j2objc-annotations-1.1.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jsr305-3.0.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jsr305-3.0.2.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensaml-messaging-api-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensaml-messaging-api-3.4.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensaml-storage-api-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensaml-storage-api-3.4.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/commons-lang-2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/commons-lang-2.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/mapper-extras-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/mapper-extras-client-1.2.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jakarta.xml.bind-api-2.3.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jakarta.xml.bind-api-2.3.3.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensaml-saml-impl-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensaml-saml-impl-3.4.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/java-saml-core-2.5.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/java-saml-core-2.5.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/cryptacular-1.1.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/cryptacular-1.1.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensaml-core-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensaml-core-3.4.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/commons-cli-1.3.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/commons-cli-1.3.1.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jjwt-api-0.10.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jjwt-api-0.10.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/log4j-slf4j-impl-2.17.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/log4j-slf4j-impl-2.17.1.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/commons-lang3-3.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/commons-lang3-3.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/lz4-java-1.7.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/lz4-java-1.7.1.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/rank-eval-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/rank-eval-client-1.2.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/ldaptive-1.2.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/ldaptive-1.2.3.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jakarta.xml.soap-api-1.4.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jakarta.xml.soap-api-1.4.2.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensearch-security-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensearch-security-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jjwt-jackson-0.10.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jjwt-jackson-0.10.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/whitelist.yml && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/whitelist.yml -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/tenants.yml && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/tenants.yml -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/nodes_dn.yml && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/nodes_dn.yml -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/audit.yml && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/audit.yml -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/action_groups.yml && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/action_groups.yml -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/config.yml && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/config.yml -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/roles_mapping.yml && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/roles_mapping.yml -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/roles.yml && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/roles.yml -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/opensearch.yml.example && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/opensearch.yml.example -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/internal_users.yml && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/securityconfig/internal_users.yml -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/woodstox-core-6.2.6.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/woodstox-core-6.2.6.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/eventbus-3.2.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/eventbus-3.2.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/istack-commons-runtime-3.0.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/istack-commons-runtime-3.0.12.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/asm-9.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/asm-9.1.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/parent-join-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/parent-join-client-1.2.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jjwt-impl-0.10.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jjwt-impl-0.10.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/json-smart-2.4.7.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/json-smart-2.4.7.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/xmlsec-2.2.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/xmlsec-2.2.3.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/tools/config.yml && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/tools/config.yml -chmod 740 ${INSTALL_DIR}/plugins/opensearch-security/tools/hash.sh && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/tools/hash.sh -chmod 740 ${INSTALL_DIR}/plugins/opensearch-security/tools/securityadmin.sh && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/tools/securityadmin.sh -chmod 740 ${INSTALL_DIR}/plugins/opensearch-security/tools/audit_config_migrater.sh && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/tools/audit_config_migrater.sh -chmod 740 ${INSTALL_DIR}/plugins/opensearch-security/tools/wazuh-cert-tool.sh && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/tools/wazuh-cert-tool.sh -chmod 740 ${INSTALL_DIR}/plugins/opensearch-security/tools/wazuh-passwords-tool.sh && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/tools/wazuh-passwords-tool.sh -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jakarta.xml.ws-api-2.3.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jakarta.xml.ws-api-2.3.3.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/xmlschema-core-2.2.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/xmlschema-core-2.2.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/httpclient-cache-4.5.13.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/httpclient-cache-4.5.13.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/velocity-1.7.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/velocity-1.7.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/error_prone_annotations-2.1.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/error_prone_annotations-2.1.3.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/netty-resolver-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/netty-resolver-4.1.72.Final.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/transport-netty4-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/transport-netty4-client-1.2.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/animal-sniffer-annotations-1.14.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/animal-sniffer-annotations-1.14.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/stax-ex-1.8.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/stax-ex-1.8.3.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensearch-rest-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensearch-rest-client-1.2.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/compiler-0.9.6.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/compiler-0.9.6.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/plugin-security.policy -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/guava-25.1-jre.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/guava-25.1-jre.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensaml-xmlsec-api-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensaml-xmlsec-api-3.4.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/httpclient-4.5.13.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/httpclient-4.5.13.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/zjsonpatch-0.4.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/zjsonpatch-0.4.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/accessors-smart-2.4.7.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/accessors-smart-2.4.7.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensearch-rest-high-level-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensearch-rest-high-level-client-1.2.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/cxf-rt-security-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/cxf-rt-security-3.4.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/java-support-7.5.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/java-support-7.5.1.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/netty-transport-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/netty-transport-4.1.72.Final.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/kafka-clients-2.5.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/kafka-clients-2.5.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/stax2-api-4.2.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/stax2-api-4.2.1.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/cxf-rt-rs-security-jose-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/cxf-rt-rs-security-jose-3.4.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensaml-profile-api-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensaml-profile-api-3.4.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jaxb-runtime-2.3.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jaxb-runtime-2.3.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensaml-security-impl-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensaml-security-impl-3.4.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/commons-collections-3.2.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/commons-collections-3.2.2.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/netty-buffer-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/netty-buffer-4.1.72.Final.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/saaj-impl-1.5.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/saaj-impl-1.5.3.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/commons-text-1.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/commons-text-1.2.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/zstd-jni-1.4.4-7.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/zstd-jni-1.4.4-7.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/jakarta.annotation-api-1.3.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/jakarta.annotation-api-1.3.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/geronimo-jta_1.1_spec-1.1.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/geronimo-jta_1.1_spec-1.1.1.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/checker-qual-2.0.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/checker-qual-2.0.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/netty-codec-http-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/netty-codec-http-4.1.72.Final.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/httpcore-4.4.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/httpcore-4.4.12.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/opensaml-soap-api-3.4.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/opensaml-soap-api-3.4.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-security/netty-handler-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-security/netty-handler-4.1.72.Final.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-asynchronous-search/opensearch-asynchronous-search-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-asynchronous-search/opensearch-asynchronous-search-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-asynchronous-search/common-utils-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-asynchronous-search/common-utils-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-asynchronous-search/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-asynchronous-search/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/plugins/opensearch-asynchronous-search/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-asynchronous-search/plugin-security.policy -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/commons-lang3-3.12.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/commons-lang3-3.12.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/commons-lang-2.6.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/commons-lang-2.6.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/org.jacoco.report-0.8.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/org.jacoco.report-0.8.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/slf4j-api-1.7.25.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/slf4j-api-1.7.25.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/error_prone_annotations-2.3.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/error_prone_annotations-2.3.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/httpcore-nio-4.4.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/httpcore-nio-4.4.12.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/httpasyncclient-4.1.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/httpasyncclient-4.1.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/guava-29.0-jre.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/guava-29.0-jre.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/randomcutforest-core-2.0.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/randomcutforest-core-2.0.1.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/randomcutforest-serialization-2.0.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/randomcutforest-serialization-2.0.1.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/jackson-databind-2.11.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/jackson-databind-2.11.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/checker-qual-2.11.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/checker-qual-2.11.1.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/randomcutforest-parkservices-2.0.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/randomcutforest-parkservices-2.0.1.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/gson-2.8.9.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/gson-2.8.9.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/protostuff-collectionschema-1.7.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/protostuff-collectionschema-1.7.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/j2objc-annotations-1.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/j2objc-annotations-1.3.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/common-utils-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/common-utils-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/opensearch-anomaly-detection-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/opensearch-anomaly-detection-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/jsr305-3.0.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/jsr305-3.0.2.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/org.jacoco.ant-0.8.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/org.jacoco.ant-0.8.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/commons-pool2-2.10.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/commons-pool2-2.10.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/sketches-core-0.13.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/sketches-core-0.13.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/org.jacoco.core-0.8.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/org.jacoco.core-0.8.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/org.jacoco.agent-0.8.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/org.jacoco.agent-0.8.5.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/protostuff-api-1.7.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/protostuff-api-1.7.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/memory-0.12.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/memory-0.12.2.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/jackson-annotations-2.11.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/jackson-annotations-2.11.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/protostuff-runtime-1.7.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/protostuff-runtime-1.7.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/protostuff-core-1.7.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/protostuff-core-1.7.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/commons-logging-1.1.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/commons-logging-1.1.3.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/opensearch-rest-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/opensearch-rest-client-1.2.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/plugin-security.policy -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/httpclient-4.5.13.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/httpclient-4.5.13.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/commons-codec-1.13.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/commons-codec-1.13.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/commons-math3-3.6.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/commons-math3-3.6.1.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/httpcore-4.4.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/httpcore-4.4.12.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/failureaccess-1.0.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-anomaly-detection/failureaccess-1.0.1.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/error_prone_annotations-2.3.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/error_prone_annotations-2.3.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/httpcore-nio-4.4.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/httpcore-nio-4.4.12.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/httpasyncclient-4.1.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/httpasyncclient-4.1.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/cron-utils-9.1.6.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/cron-utils-9.1.6.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/javax.mail-1.6.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/javax.mail-1.6.2.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/slf4j-api-1.7.30.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/slf4j-api-1.7.30.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/ipaddress-5.3.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/ipaddress-5.3.3.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/j2objc-annotations-1.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/j2objc-annotations-1.3.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/common-utils-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/common-utils-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/jsr305-3.0.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/jsr305-3.0.2.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/javax.el-3.0.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/javax.el-3.0.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/javassist-3.27.0-GA.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/javassist-3.27.0-GA.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/kotlinx-coroutines-core-1.1.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/kotlinx-coroutines-core-1.1.1.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/annotations-13.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/annotations-13.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/guava-30.0-jre.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/guava-30.0-jre.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/activation-1.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/activation-1.1.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/alerting-core-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/alerting-core-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/google-java-format-1.10.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/google-java-format-1.10.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/alerting-notification-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/alerting-notification-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/kotlin-stdlib-common-1.3.72.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/kotlin-stdlib-common-1.3.72.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/commons-logging-1.1.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/commons-logging-1.1.3.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/kotlin-stdlib-jdk7-1.3.72.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/kotlin-stdlib-jdk7-1.3.72.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/checker-qual-3.5.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/checker-qual-3.5.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/opensearch-rest-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/opensearch-rest-client-1.2.4.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/plugin-security.policy -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/httpclient-4.5.13.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/httpclient-4.5.13.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/opensearch-alerting-1.2.4.0.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/opensearch-alerting-1.2.4.0.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/kotlinx-coroutines-core-common-1.1.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/kotlinx-coroutines-core-common-1.1.1.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/kotlin-stdlib-1.3.72.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/kotlin-stdlib-1.3.72.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/commons-codec-1.13.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/commons-codec-1.13.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/kotlin-stdlib-jdk8-1.3.72.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/kotlin-stdlib-jdk8-1.3.72.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/httpcore-4.4.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/httpcore-4.4.12.jar -chmod 640 ${INSTALL_DIR}/plugins/opensearch-alerting/failureaccess-1.0.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/plugins/opensearch-alerting/failureaccess-1.0.1.jar -chmod 640 ${INSTALL_DIR}/modules/ingest-common/jcodings-1.0.44.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-common/jcodings-1.0.44.jar -chmod 640 ${INSTALL_DIR}/modules/ingest-common/joni-2.1.29.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-common/joni-2.1.29.jar -chmod 640 ${INSTALL_DIR}/modules/ingest-common/opensearch-grok-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-common/opensearch-grok-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/ingest-common/opensearch-dissect-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-common/opensearch-dissect-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/ingest-common/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-common/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/modules/ingest-common/ingest-common-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-common/ingest-common-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/geo/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/geo/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/modules/geo/geo-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/geo/geo-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/ingest-geoip/GeoLite2-Country.mmdb && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-geoip/GeoLite2-Country.mmdb -chmod 640 ${INSTALL_DIR}/modules/ingest-geoip/GeoLite2-City.mmdb && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-geoip/GeoLite2-City.mmdb -chmod 640 ${INSTALL_DIR}/modules/ingest-geoip/geoip2-2.13.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-geoip/geoip2-2.13.1.jar -chmod 640 ${INSTALL_DIR}/modules/ingest-geoip/maxmind-db-1.3.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-geoip/maxmind-db-1.3.1.jar -chmod 640 ${INSTALL_DIR}/modules/ingest-geoip/jackson-annotations-2.12.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-geoip/jackson-annotations-2.12.5.jar -chmod 640 ${INSTALL_DIR}/modules/ingest-geoip/jackson-databind-2.12.5.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-geoip/jackson-databind-2.12.5.jar -chmod 640 ${INSTALL_DIR}/modules/ingest-geoip/ingest-geoip-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-geoip/ingest-geoip-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/ingest-geoip/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-geoip/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/modules/ingest-geoip/GeoLite2-ASN.mmdb && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-geoip/GeoLite2-ASN.mmdb -chmod 640 ${INSTALL_DIR}/modules/ingest-geoip/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-geoip/plugin-security.policy -chmod 640 ${INSTALL_DIR}/modules/percolator/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/percolator/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/modules/percolator/percolator-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/percolator/percolator-client-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/analysis-common/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/analysis-common/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/modules/analysis-common/analysis-common-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/analysis-common/analysis-common-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/aggs-matrix-stats/aggs-matrix-stats-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/aggs-matrix-stats/aggs-matrix-stats-client-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/aggs-matrix-stats/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/aggs-matrix-stats/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/modules/repository-url/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/repository-url/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/modules/repository-url/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/repository-url/plugin-security.policy -chmod 640 ${INSTALL_DIR}/modules/repository-url/repository-url-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/repository-url/repository-url-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/lang-mustache/lang-mustache-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-mustache/lang-mustache-client-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/lang-mustache/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-mustache/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/modules/lang-mustache/compiler-0.9.6.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-mustache/compiler-0.9.6.jar -chmod 640 ${INSTALL_DIR}/modules/lang-mustache/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-mustache/plugin-security.policy -chmod 640 ${INSTALL_DIR}/modules/systemd/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/systemd/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/modules/systemd/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/systemd/plugin-security.policy -chmod 640 ${INSTALL_DIR}/modules/systemd/systemd-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/systemd/systemd-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/transport-netty4/netty-codec-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/transport-netty4/netty-codec-4.1.72.Final.jar -chmod 640 ${INSTALL_DIR}/modules/transport-netty4/netty-common-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/transport-netty4/netty-common-4.1.72.Final.jar -chmod 640 ${INSTALL_DIR}/modules/transport-netty4/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/transport-netty4/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/modules/transport-netty4/netty-resolver-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/transport-netty4/netty-resolver-4.1.72.Final.jar -chmod 640 ${INSTALL_DIR}/modules/transport-netty4/transport-netty4-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/transport-netty4/transport-netty4-client-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/transport-netty4/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/transport-netty4/plugin-security.policy -chmod 640 ${INSTALL_DIR}/modules/transport-netty4/netty-transport-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/transport-netty4/netty-transport-4.1.72.Final.jar -chmod 640 ${INSTALL_DIR}/modules/transport-netty4/netty-buffer-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/transport-netty4/netty-buffer-4.1.72.Final.jar -chmod 640 ${INSTALL_DIR}/modules/transport-netty4/netty-codec-http-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/transport-netty4/netty-codec-http-4.1.72.Final.jar -chmod 640 ${INSTALL_DIR}/modules/transport-netty4/netty-handler-4.1.72.Final.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/transport-netty4/netty-handler-4.1.72.Final.jar -chmod 640 ${INSTALL_DIR}/modules/lang-expression/lucene-expressions-8.10.1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-expression/lucene-expressions-8.10.1.jar -chmod 640 ${INSTALL_DIR}/modules/lang-expression/lang-expression-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-expression/lang-expression-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/lang-expression/antlr4-runtime-4.5.1-1.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-expression/antlr4-runtime-4.5.1-1.jar -chmod 640 ${INSTALL_DIR}/modules/lang-expression/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-expression/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/modules/lang-expression/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-expression/plugin-security.policy -chmod 640 ${INSTALL_DIR}/modules/lang-expression/asm-5.0.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-expression/asm-5.0.4.jar -chmod 640 ${INSTALL_DIR}/modules/lang-expression/asm-commons-5.0.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-expression/asm-commons-5.0.4.jar -chmod 640 ${INSTALL_DIR}/modules/lang-expression/asm-tree-5.0.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-expression/asm-tree-5.0.4.jar -chmod 640 ${INSTALL_DIR}/modules/lang-painless/asm-7.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-painless/asm-7.2.jar -chmod 640 ${INSTALL_DIR}/modules/lang-painless/antlr4-runtime-4.5.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-painless/antlr4-runtime-4.5.3.jar -chmod 640 ${INSTALL_DIR}/modules/lang-painless/asm-tree-7.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-painless/asm-tree-7.2.jar -chmod 640 ${INSTALL_DIR}/modules/lang-painless/asm-util-7.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-painless/asm-util-7.2.jar -chmod 640 ${INSTALL_DIR}/modules/lang-painless/asm-analysis-7.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-painless/asm-analysis-7.2.jar -chmod 640 ${INSTALL_DIR}/modules/lang-painless/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-painless/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/modules/lang-painless/asm-commons-7.2.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-painless/asm-commons-7.2.jar -chmod 640 ${INSTALL_DIR}/modules/lang-painless/lang-painless-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-painless/lang-painless-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/lang-painless/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-painless/plugin-security.policy -chmod 640 ${INSTALL_DIR}/modules/lang-painless/opensearch-scripting-painless-spi-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/lang-painless/opensearch-scripting-painless-spi-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/rank-eval/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/rank-eval/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/modules/rank-eval/rank-eval-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/rank-eval/rank-eval-client-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/opensearch-dashboards/httpcore-nio-4.4.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/opensearch-dashboards/httpcore-nio-4.4.12.jar -chmod 640 ${INSTALL_DIR}/modules/opensearch-dashboards/httpasyncclient-4.1.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/opensearch-dashboards/httpasyncclient-4.1.4.jar -chmod 640 ${INSTALL_DIR}/modules/opensearch-dashboards/reindex-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/opensearch-dashboards/reindex-client-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/opensearch-dashboards/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/opensearch-dashboards/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/modules/opensearch-dashboards/commons-logging-1.1.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/opensearch-dashboards/commons-logging-1.1.3.jar -chmod 640 ${INSTALL_DIR}/modules/opensearch-dashboards/opensearch-rest-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/opensearch-dashboards/opensearch-rest-client-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/opensearch-dashboards/httpclient-4.5.13.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/opensearch-dashboards/httpclient-4.5.13.jar -chmod 640 ${INSTALL_DIR}/modules/opensearch-dashboards/opensearch-dashboards-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/opensearch-dashboards/opensearch-dashboards-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/opensearch-dashboards/opensearch-ssl-config-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/opensearch-dashboards/opensearch-ssl-config-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/opensearch-dashboards/commons-codec-1.13.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/opensearch-dashboards/commons-codec-1.13.jar -chmod 640 ${INSTALL_DIR}/modules/opensearch-dashboards/httpcore-4.4.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/opensearch-dashboards/httpcore-4.4.12.jar -chmod 640 ${INSTALL_DIR}/modules/ingest-user-agent/ingest-user-agent-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-user-agent/ingest-user-agent-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/ingest-user-agent/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/ingest-user-agent/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/modules/mapper-extras/mapper-extras-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/mapper-extras/mapper-extras-client-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/mapper-extras/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/mapper-extras/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/modules/parent-join/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/parent-join/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/modules/parent-join/parent-join-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/parent-join/parent-join-client-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/reindex/httpcore-nio-4.4.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/reindex/httpcore-nio-4.4.12.jar -chmod 640 ${INSTALL_DIR}/modules/reindex/httpasyncclient-4.1.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/reindex/httpasyncclient-4.1.4.jar -chmod 640 ${INSTALL_DIR}/modules/reindex/reindex-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/reindex/reindex-client-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/reindex/plugin-descriptor.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/reindex/plugin-descriptor.properties -chmod 640 ${INSTALL_DIR}/modules/reindex/commons-logging-1.1.3.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/reindex/commons-logging-1.1.3.jar -chmod 640 ${INSTALL_DIR}/modules/reindex/opensearch-rest-client-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/reindex/opensearch-rest-client-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/reindex/plugin-security.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/reindex/plugin-security.policy -chmod 640 ${INSTALL_DIR}/modules/reindex/httpclient-4.5.13.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/reindex/httpclient-4.5.13.jar -chmod 640 ${INSTALL_DIR}/modules/reindex/opensearch-ssl-config-1.2.4.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/reindex/opensearch-ssl-config-1.2.4.jar -chmod 640 ${INSTALL_DIR}/modules/reindex/commons-codec-1.13.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/reindex/commons-codec-1.13.jar -chmod 640 ${INSTALL_DIR}/modules/reindex/httpcore-4.4.12.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/modules/reindex/httpcore-4.4.12.jar -chmod 640 ${INSTALL_DIR}/jdk/man/man1/jrunscript.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jrunscript.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/jcmd.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jcmd.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/java.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/java.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/jdeprscan.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jdeprscan.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/javadoc.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/javadoc.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/rmid.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/rmid.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/jar.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jar.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/jdb.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jdb.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/jpackage.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jpackage.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/jstatd.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jstatd.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/serialver.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/serialver.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/keytool.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/keytool.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/jconsole.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jconsole.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/jlink.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jlink.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/jhsdb.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jhsdb.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/jaotc.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jaotc.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/jshell.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jshell.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/rmiregistry.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/rmiregistry.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/javac.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/javac.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/jstack.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jstack.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/jfr.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jfr.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/jps.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jps.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/jarsigner.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jarsigner.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/jmod.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jmod.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/jstat.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jstat.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/jinfo.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jinfo.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/jmap.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jmap.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/jdeps.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/jdeps.1 -chmod 640 ${INSTALL_DIR}/jdk/man/man1/javap.1 && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/man/man1/javap.1 -chmod 750 ${INSTALL_DIR}/jdk/bin/jdeps && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jdeps -chmod 750 ${INSTALL_DIR}/jdk/bin/rmiregistry && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/rmiregistry -chmod 750 ${INSTALL_DIR}/jdk/bin/jrunscript && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jrunscript -chmod 750 ${INSTALL_DIR}/jdk/bin/jdeprscan && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jdeprscan -chmod 750 ${INSTALL_DIR}/jdk/bin/jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jar -chmod 750 ${INSTALL_DIR}/jdk/bin/jmap && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jmap -chmod 750 ${INSTALL_DIR}/jdk/bin/jps && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jps -chmod 750 ${INSTALL_DIR}/jdk/bin/jstatd && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jstatd -chmod 750 ${INSTALL_DIR}/jdk/bin/rmid && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/rmid -chmod 750 ${INSTALL_DIR}/jdk/bin/java && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/java -chmod 750 ${INSTALL_DIR}/jdk/bin/jdb && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jdb -chmod 750 ${INSTALL_DIR}/jdk/bin/jimage && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jimage -chmod 750 ${INSTALL_DIR}/jdk/bin/javadoc && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/javadoc -chmod 750 ${INSTALL_DIR}/jdk/bin/jconsole && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jconsole -chmod 750 ${INSTALL_DIR}/jdk/bin/jcmd && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jcmd -chmod 750 ${INSTALL_DIR}/jdk/bin/jstack && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jstack -chmod 750 ${INSTALL_DIR}/jdk/bin/jinfo && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jinfo -chmod 750 ${INSTALL_DIR}/jdk/bin/jpackage && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jpackage -chmod 750 ${INSTALL_DIR}/jdk/bin/serialver && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/serialver -chmod 750 ${INSTALL_DIR}/jdk/bin/javap && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/javap -chmod 750 ${INSTALL_DIR}/jdk/bin/keytool && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/keytool -chmod 750 ${INSTALL_DIR}/jdk/bin/jaotc && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jaotc -chmod 750 ${INSTALL_DIR}/jdk/bin/jarsigner && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jarsigner -chmod 750 ${INSTALL_DIR}/jdk/bin/jhsdb && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jhsdb -chmod 750 ${INSTALL_DIR}/jdk/bin/jlink && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jlink -chmod 750 ${INSTALL_DIR}/jdk/bin/jfr && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jfr -chmod 750 ${INSTALL_DIR}/jdk/bin/jstat && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jstat -chmod 750 ${INSTALL_DIR}/jdk/bin/javac && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/javac -chmod 750 ${INSTALL_DIR}/jdk/bin/jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jmod -chmod 750 ${INSTALL_DIR}/jdk/bin/jshell && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/bin/jshell -chmod 640 ${INSTALL_DIR}/jdk/release && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/release -chmod 640 ${INSTALL_DIR}/jdk/legal/java.base/LICENSE && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.base/LICENSE -chmod 640 ${INSTALL_DIR}/jdk/legal/java.base/ADDITIONAL_LICENSE_INFO && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.base/ADDITIONAL_LICENSE_INFO -chmod 640 ${INSTALL_DIR}/jdk/legal/java.base/icu.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.base/icu.md -chmod 640 ${INSTALL_DIR}/jdk/legal/java.base/c-libutl.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.base/c-libutl.md -chmod 640 ${INSTALL_DIR}/jdk/legal/java.base/public_suffix.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.base/public_suffix.md -chmod 640 ${INSTALL_DIR}/jdk/legal/java.base/cldr.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.base/cldr.md -chmod 640 ${INSTALL_DIR}/jdk/legal/java.base/aes.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.base/aes.md -chmod 640 ${INSTALL_DIR}/jdk/legal/java.base/ASSEMBLY_EXCEPTION && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.base/ASSEMBLY_EXCEPTION -chmod 640 ${INSTALL_DIR}/jdk/legal/java.base/asm.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.base/asm.md -chmod 640 ${INSTALL_DIR}/jdk/legal/java.base/unicode.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.base/unicode.md -chmod 640 ${INSTALL_DIR}/jdk/legal/jdk.dynalink/dynalink.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/jdk.dynalink/dynalink.md -chmod 640 ${INSTALL_DIR}/jdk/legal/jdk.javadoc/jqueryUI.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/jdk.javadoc/jqueryUI.md -chmod 640 ${INSTALL_DIR}/jdk/legal/jdk.javadoc/jquery.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/jdk.javadoc/jquery.md -chmod 640 ${INSTALL_DIR}/jdk/legal/java.xml/xalan.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.xml/xalan.md -chmod 640 ${INSTALL_DIR}/jdk/legal/java.xml/xerces.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.xml/xerces.md -chmod 640 ${INSTALL_DIR}/jdk/legal/java.xml/jcup.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.xml/jcup.md -chmod 640 ${INSTALL_DIR}/jdk/legal/java.xml/bcel.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.xml/bcel.md -chmod 640 ${INSTALL_DIR}/jdk/legal/java.xml/dom.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.xml/dom.md -chmod 640 ${INSTALL_DIR}/jdk/legal/java.smartcardio/pcsclite.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.smartcardio/pcsclite.md -chmod 640 ${INSTALL_DIR}/jdk/legal/jdk.internal.opt/jopt-simple.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/jdk.internal.opt/jopt-simple.md -chmod 640 ${INSTALL_DIR}/jdk/legal/java.xml.crypto/santuario.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.xml.crypto/santuario.md -chmod 640 ${INSTALL_DIR}/jdk/legal/jdk.localedata/thaidict.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/jdk.localedata/thaidict.md -chmod 640 ${INSTALL_DIR}/jdk/legal/jdk.internal.le/jline.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/jdk.internal.le/jline.md -chmod 640 ${INSTALL_DIR}/jdk/legal/jdk.crypto.cryptoki/pkcs11cryptotoken.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/jdk.crypto.cryptoki/pkcs11cryptotoken.md -chmod 640 ${INSTALL_DIR}/jdk/legal/jdk.crypto.cryptoki/pkcs11wrapper.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/jdk.crypto.cryptoki/pkcs11wrapper.md -chmod 640 ${INSTALL_DIR}/jdk/legal/java.desktop/xwd.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.desktop/xwd.md -chmod 640 ${INSTALL_DIR}/jdk/legal/java.desktop/mesa3d.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.desktop/mesa3d.md -chmod 640 ${INSTALL_DIR}/jdk/legal/java.desktop/harfbuzz.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.desktop/harfbuzz.md -chmod 640 ${INSTALL_DIR}/jdk/legal/java.desktop/lcms.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.desktop/lcms.md -chmod 640 ${INSTALL_DIR}/jdk/legal/java.desktop/freetype.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.desktop/freetype.md -chmod 640 ${INSTALL_DIR}/jdk/legal/java.desktop/giflib.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.desktop/giflib.md -chmod 640 ${INSTALL_DIR}/jdk/legal/java.desktop/jpeg.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.desktop/jpeg.md -chmod 640 ${INSTALL_DIR}/jdk/legal/java.desktop/colorimaging.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.desktop/colorimaging.md -chmod 640 ${INSTALL_DIR}/jdk/legal/java.desktop/libpng.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/java.desktop/libpng.md -chmod 640 ${INSTALL_DIR}/jdk/legal/jdk.crypto.ec/ecc.md && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/legal/jdk.crypto.ec/ecc.md -chmod 640 ${INSTALL_DIR}/jdk/lib/server/libjsig.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/server/libjsig.so -chmod 640 ${INSTALL_DIR}/jdk/lib/server/classes.jsa && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/server/classes.jsa -chmod 640 ${INSTALL_DIR}/jdk/lib/server/classes_nocoops.jsa && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/server/classes_nocoops.jsa -chmod 640 ${INSTALL_DIR}/jdk/lib/server/libjvm.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/server/libjvm.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libawt.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libawt.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libawt_headless.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libawt_headless.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libsplashscreen.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libsplashscreen.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libnio.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libnio.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libjdwp.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libjdwp.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libj2pcsc.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libj2pcsc.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libjli.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libjli.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libsctp.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libsctp.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libjimage.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libjimage.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libjsig.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libjsig.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libjava.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libjava.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libsunec.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libsunec.so -chmod 640 ${INSTALL_DIR}/jdk/lib/liblcms.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/liblcms.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libawt_xawt.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libawt_xawt.so -chmod 640 ${INSTALL_DIR}/jdk/lib/jexec && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/jexec -chmod 640 ${INSTALL_DIR}/jdk/lib/libverify.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libverify.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libmanagement_agent.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libmanagement_agent.so -chmod 640 ${INSTALL_DIR}/jdk/lib/psfont.properties.ja && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/psfont.properties.ja -chmod 640 ${INSTALL_DIR}/jdk/lib/libprefs.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libprefs.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libzip.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libzip.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libjaas.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libjaas.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libjsound.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libjsound.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libextnet.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libextnet.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libj2gss.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libj2gss.so -chmod 640 ${INSTALL_DIR}/jdk/lib/tzdb.dat && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/tzdb.dat -chmod 640 ${INSTALL_DIR}/jdk/lib/libdt_socket.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libdt_socket.so -chmod 640 ${INSTALL_DIR}/jdk/lib/psfontj2d.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/psfontj2d.properties -chmod 640 ${INSTALL_DIR}/jdk/lib/jvm.cfg && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/jvm.cfg -chmod 640 ${INSTALL_DIR}/jdk/lib/ct.sym && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/ct.sym -chmod 640 ${INSTALL_DIR}/jdk/lib/libj2pkcs11.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libj2pkcs11.so -chmod 640 ${INSTALL_DIR}/jdk/lib/jfr/default.jfc && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/jfr/default.jfc -chmod 640 ${INSTALL_DIR}/jdk/lib/jfr/profile.jfc && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/jfr/profile.jfc -chmod 640 ${INSTALL_DIR}/jdk/lib/libmanagement_ext.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libmanagement_ext.so -chmod 640 ${INSTALL_DIR}/jdk/lib/classlist && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/classlist -chmod 640 ${INSTALL_DIR}/jdk/lib/libnet.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libnet.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libjavajpeg.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libjavajpeg.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libfontmanager.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libfontmanager.so -chmod 640 ${INSTALL_DIR}/jdk/lib/modules && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/modules -chmod 640 ${INSTALL_DIR}/jdk/lib/libinstrument.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libinstrument.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libmanagement.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libmanagement.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libjawt.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libjawt.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libsaproc.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libsaproc.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libmlib_image.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libmlib_image.so -chmod 640 ${INSTALL_DIR}/jdk/lib/security/cacerts && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/security/cacerts -chmod 640 ${INSTALL_DIR}/jdk/lib/security/blacklisted.certs && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/security/blacklisted.certs -chmod 640 ${INSTALL_DIR}/jdk/lib/security/public_suffix_list.dat && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/security/public_suffix_list.dat -chmod 640 ${INSTALL_DIR}/jdk/lib/security/default.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/security/default.policy -chmod 640 ${INSTALL_DIR}/jdk/lib/librmi.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/librmi.so -chmod 750 ${INSTALL_DIR}/jdk/lib/jspawnhelper && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/jspawnhelper -chmod 640 ${INSTALL_DIR}/jdk/lib/jrt-fs.jar && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/jrt-fs.jar -chmod 640 ${INSTALL_DIR}/jdk/lib/libattach.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libattach.so -chmod 640 ${INSTALL_DIR}/jdk/lib/libfreetype.so && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/lib/libfreetype.so -chmod 640 ${INSTALL_DIR}/jdk/include/jvmti.h && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/include/jvmti.h -chmod 640 ${INSTALL_DIR}/jdk/include/classfile_constants.h && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/include/classfile_constants.h -chmod 640 ${INSTALL_DIR}/jdk/include/jdwpTransport.h && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/include/jdwpTransport.h -chmod 640 ${INSTALL_DIR}/jdk/include/jawt.h && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/include/jawt.h -chmod 640 ${INSTALL_DIR}/jdk/include/jni.h && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/include/jni.h -chmod 640 ${INSTALL_DIR}/jdk/include/jvmticmlr.h && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/include/jvmticmlr.h -chmod 640 ${INSTALL_DIR}/jdk/include/linux/jawt_md.h && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/include/linux/jawt_md.h -chmod 640 ${INSTALL_DIR}/jdk/include/linux/jni_md.h && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/include/linux/jni_md.h -chmod 640 ${INSTALL_DIR}/jdk/conf/net.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/net.properties -chmod 640 ${INSTALL_DIR}/jdk/conf/sound.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/sound.properties -chmod 640 ${INSTALL_DIR}/jdk/conf/sdp/sdp.conf.template && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/sdp/sdp.conf.template -chmod 640 ${INSTALL_DIR}/jdk/conf/management/management.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/management/management.properties -chmod 640 ${INSTALL_DIR}/jdk/conf/management/jmxremote.access && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/management/jmxremote.access -chmod 640 ${INSTALL_DIR}/jdk/conf/management/jmxremote.password.template && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/management/jmxremote.password.template -chmod 640 ${INSTALL_DIR}/jdk/conf/logging.properties && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/logging.properties -chmod 640 ${INSTALL_DIR}/jdk/conf/security/java.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/security/java.policy -chmod 640 ${INSTALL_DIR}/jdk/conf/security/policy/limited/default_US_export.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/security/policy/limited/default_US_export.policy -chmod 640 ${INSTALL_DIR}/jdk/conf/security/policy/limited/exempt_local.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/security/policy/limited/exempt_local.policy -chmod 640 ${INSTALL_DIR}/jdk/conf/security/policy/limited/default_local.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/security/policy/limited/default_local.policy -chmod 640 ${INSTALL_DIR}/jdk/conf/security/policy/unlimited/default_US_export.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/security/policy/unlimited/default_US_export.policy -chmod 640 ${INSTALL_DIR}/jdk/conf/security/policy/unlimited/default_local.policy && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/security/policy/unlimited/default_local.policy -chmod 640 ${INSTALL_DIR}/jdk/conf/security/policy/README.txt && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/security/policy/README.txt -chmod 640 ${INSTALL_DIR}/jdk/conf/security/java.security && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/conf/security/java.security -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.unsupported.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.unsupported.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/java.transaction.xa.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.transaction.xa.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.crypto.cryptoki.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.crypto.cryptoki.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/java.rmi.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.rmi.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.attach.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.attach.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.jshell.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.jshell.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.xml.dom.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.xml.dom.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/java.se.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.se.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.internal.ed.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.internal.ed.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.jartool.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.jartool.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.compiler.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.compiler.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/java.base.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.base.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/java.smartcardio.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.smartcardio.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.security.auth.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.security.auth.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.unsupported.desktop.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.unsupported.desktop.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/java.security.sasl.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.security.sasl.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.incubator.foreign.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.incubator.foreign.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/java.management.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.management.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.management.agent.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.management.agent.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/java.xml.crypto.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.xml.crypto.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.internal.vm.ci.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.internal.vm.ci.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/java.prefs.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.prefs.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.crypto.ec.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.crypto.ec.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.internal.jvmstat.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.internal.jvmstat.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/java.sql.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.sql.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.incubator.jpackage.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.incubator.jpackage.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/java.xml.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.xml.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/java.security.jgss.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.security.jgss.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/java.compiler.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.compiler.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.sctp.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.sctp.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.charsets.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.charsets.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.management.jfr.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.management.jfr.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.jlink.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.jlink.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.localedata.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.localedata.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.jsobject.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.jsobject.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.net.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.net.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.hotspot.agent.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.hotspot.agent.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.jstatd.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.jstatd.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.dynalink.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.dynalink.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.jfr.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.jfr.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/java.naming.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.naming.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.internal.le.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.internal.le.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.jcmd.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.jcmd.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.management.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.management.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/java.net.http.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.net.http.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/java.logging.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.logging.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.accessibility.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.accessibility.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.internal.opt.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.internal.opt.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/java.management.rmi.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.management.rmi.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.security.jgss.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.security.jgss.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/java.desktop.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.desktop.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.nio.mapmode.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.nio.mapmode.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.internal.vm.compiler.management.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.internal.vm.compiler.management.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.jdwp.agent.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.jdwp.agent.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.jdi.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.jdi.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.javadoc.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.javadoc.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.naming.rmi.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.naming.rmi.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.naming.dns.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.naming.dns.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.editpad.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.editpad.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.jdeps.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.jdeps.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.internal.vm.compiler.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.internal.vm.compiler.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/java.sql.rowset.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.sql.rowset.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/java.scripting.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.scripting.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/java.datatransfer.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.datatransfer.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.httpserver.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.httpserver.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.zipfs.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.zipfs.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.aot.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.aot.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/jdk.jconsole.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/jdk.jconsole.jmod -chmod 640 ${INSTALL_DIR}/jdk/jmods/java.instrument.jmod && chown ${USER}:${GROUP} ${INSTALL_DIR}/jdk/jmods/java.instrument.jmod \ No newline at end of file +# copy to target +mkdir -p ${TARGET_DIR}${INSTALLATION_DIR} +mkdir -p ${TARGET_DIR}${CONFIG_DIR} +mkdir -p ${TARGET_DIR}${LIB_DIR} +mkdir -p ${TARGET_DIR}${LOG_DIR} +mkdir -p ${TARGET_DIR}/etc/init.d +mkdir -p ${TARGET_DIR}/etc/default +mkdir -p ${TARGET_DIR}/usr/lib/tmpfiles.d +mkdir -p ${TARGET_DIR}/usr/lib/sysctl.d +mkdir -p ${TARGET_DIR}/usr/lib/systemd/system +# Move configuration files for wazuh-indexer +mv -f ${BASE_DIR}/etc/init.d/${NAME} ${TARGET_DIR}/etc/init.d/${NAME} +mv -f ${BASE_DIR}/etc/wazuh-indexer/* ${TARGET_DIR}${CONFIG_DIR} +mv -f ${BASE_DIR}/etc/sysconfig/${NAME} ${TARGET_DIR}/etc/default/ +mv -f ${BASE_DIR}/usr/lib/tmpfiles.d/* ${TARGET_DIR}/usr/lib/tmpfiles.d/ +mv -f ${BASE_DIR}/usr/lib/sysctl.d/* ${TARGET_DIR}/usr/lib/sysctl.d/ +mv -f ${BASE_DIR}/usr/lib/systemd/system/* ${TARGET_DIR}/usr/lib/systemd/system/ +rm -rf ${BASE_DIR}/etc +rm -rf ${BASE_DIR}/usr +# Copy installation files to final location +cp -pr ${BASE_DIR}/* ${TARGET_DIR}${INSTALLATION_DIR} +# Copy the security tools +cp ${REPO_DIR}/install_functions/wazuh-cert-tool.sh ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/ +cp ${REPO_DIR}/install_functions/wazuh-passwords-tool.sh ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/ +cp ${REPO_DIR}/config/opensearch/certificate/config_aio.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/config.yml +# Copy Wazuh's config files for the security plugin +cp -pr ${REPO_DIR}/config/opensearch/roles/roles_mapping.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ +cp -pr ${REPO_DIR}/config/opensearch/roles/roles.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ +cp -pr ${REPO_DIR}/config/opensearch/roles/internal_users.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ diff --git a/wazuh-indexer/config/config2.sh b/wazuh-indexer/config/config2.sh deleted file mode 100644 index 93aa41ee..00000000 --- a/wazuh-indexer/config/config2.sh +++ /dev/null @@ -1,53 +0,0 @@ -# This has to be exported to make some magic below work. -export DH_OPTIONS - -export NAME=wazuh-indexer -export TARGET_DIR=${CURDIR}/debian/${NAME} - -# Package build options -export USER=${NAME} -export GROUP=${NAME} -export CONFIG_DIR=/etc/${NAME} -export LOG_DIR=/var/log/${NAME} -export LIB_DIR=/var/lib/${NAME} -export PID_DIR=/run/${NAME} -export INSTALLATION_DIR=/usr/share/${NAME} -export BASE_DIR=${NAME}-* -export INDEXER_FILE=wazuh-indexer-base-linux-x64.tar.gz -export REPO_DIR=/unattended_installer - - -rm -rf ${INSTALLATION_DIR}/ - -curl -o ${INDEXER_FILE} https://s3.amazonaws.com/warehouse.wazuh.com/indexer/${INDEXER_FILE} -tar -zvxf ${INDEXER_FILE} - -# copy to target -mkdir -p ${TARGET_DIR}${INSTALLATION_DIR} -mkdir -p ${TARGET_DIR}${CONFIG_DIR} -mkdir -p ${TARGET_DIR}${LIB_DIR} -mkdir -p ${TARGET_DIR}${LOG_DIR} -mkdir -p ${TARGET_DIR}/etc/init.d -mkdir -p ${TARGET_DIR}/etc/default -mkdir -p ${TARGET_DIR}/usr/lib/tmpfiles.d -mkdir -p ${TARGET_DIR}/usr/lib/sysctl.d -mkdir -p ${TARGET_DIR}/usr/lib/systemd/system -# Move configuration files for wazuh-indexer -mv -f ${BASE_DIR}/etc/init.d/${NAME} ${TARGET_DIR}/etc/init.d/${NAME} -mv -f ${BASE_DIR}/etc/wazuh-indexer/* ${TARGET_DIR}${CONFIG_DIR} -mv -f ${BASE_DIR}/etc/sysconfig/${NAME} ${TARGET_DIR}/etc/default/ -mv -f ${BASE_DIR}/usr/lib/tmpfiles.d/* ${TARGET_DIR}/usr/lib/tmpfiles.d/ -mv -f ${BASE_DIR}/usr/lib/sysctl.d/* ${TARGET_DIR}/usr/lib/sysctl.d/ -mv -f ${BASE_DIR}/usr/lib/systemd/system/* ${TARGET_DIR}/usr/lib/systemd/system/ -rm -rf ${BASE_DIR}/etc -rm -rf ${BASE_DIR}/usr -# Copy installation files to final location -cp -pr ${BASE_DIR}/* ${TARGET_DIR}${INSTALLATION_DIR} -# Copy the security tools -cp ${REPO_DIR}/install_functions/wazuh-cert-tool.sh ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/ -cp ${REPO_DIR}/install_functions/wazuh-passwords-tool.sh ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/ -cp ${REPO_DIR}/config/opensearch/certificate/config_aio.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/config.yml -# Copy Wazuh's config files for the security plugin -cp -pr ${REPO_DIR}/config/opensearch/roles/roles_mapping.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ -cp -pr ${REPO_DIR}/config/opensearch/roles/roles.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ -cp -pr ${REPO_DIR}/config/opensearch/roles/internal_users.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ diff --git a/wazuh-indexer/config/entrypoint.sh b/wazuh-indexer/config/entrypoint.sh index 30bccb0b..69736c1e 100644 --- a/wazuh-indexer/config/entrypoint.sh +++ b/wazuh-indexer/config/entrypoint.sh @@ -1,56 +1,89 @@ -#!/bin/bash -# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) +#!/usr/bin/env bash +set -e -############################################################################## -# Start Wazuh indexer -############################################################################## +# Files created by Elasticsearch should always be group writable too +umask 0002 export USER=wazuh-indexer export INSTALLATION_DIR=/usr/share/wazuh-indexer -export OPENSEARCH_PATH_CONF=/etc/wazuh-indexer +export OPENSEARCH_PATH_CONF=/etc/wazuh-indexer export JAVA_HOME=${INSTALLATION_DIR}/jdk export FILE=${INSTALLATION_DIR}/start -sed -i '/path.logs:/d' /etc/wazuh-indexer/opensearch.yml - -if [ -f $FILE ] - then - echo "second or more start" - else - if [ "$NODE_TYPE" == "worker" ] - then - echo "node_type start" - echo $NODE_TYPE - echo "node_type end" - rm -rf /var/lib/wazuh-indexer/* - sleep 70 - echo "worker restart" - touch $FILE - else - echo "hostname start" - echo $HOSTNAME - echo "hostname end" - echo "node_type start" - echo $NODE_TYPE - echo "node_type end" - runuser wazuh-indexer --shell="/bin/bash" --command="/usr/share/wazuh-indexer/bin/opensearch -p /run/wazuh-indexer/wazuh-indexer.pid -d" - sleep 60 - bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig -icl -p 9800 -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig -nhnv -cacert /etc/wazuh-indexer/certs/root-ca.pem -cert /etc/wazuh-indexer/certs/admin.pem -key /etc/wazuh-indexer/certs/admin-key.pem -h $HOSTNAME - tail -100f /usr/share/wazuh-indexer/logs/wazuh-cluster.log - touch $FILE - fi -fi - - - -#sed -i '/path.logs:/d' /etc/wazuh-indexer/opensearch.yml - -#CLK_TK=`getconf CLK_TCK` runuser ${USER} --shell="/bin/bash" --command="${INSTALLATION_DIR}/bin/opensearch" - -if [ -f /var/log/wazuh-indexer/wazuh-cluster.log ] - then - tail -f /var/log/wazuh-indexer/wazuh-cluster.log +run_as_other_user_if_needed() { + if [[ "$(id -u)" == "0" ]]; then + # If running as root, drop to specified UID and run command + exec chroot --userspec=1000:0 / "${@}" else - while true; do sleep 1000; done + # Either we are running in Openshift with random uid and are a member of the root group + # or with a custom --user + exec "${@}" + fi +} + +# Allow user specify custom CMD, maybe bin/opensearch itself +# for example to directly specify `-E` style parameters for opensearch on k8s +# or simply to run /bin/bash to check the image +if [[ "$1" != "opensearchwrapper" ]]; then + if [[ "$(id -u)" == "0" && $(basename "$1") == "opensearch" ]]; then + # centos:7 chroot doesn't have the `--skip-chdir` option and + # changes our CWD. + # Rewrite CMD args to replace $1 with `opensearch` explicitly, + # so that we are backwards compatible with the docs + # from the previous Elasticsearch versions<6 + # and configuration option D: + # https://www.elastic.co/guide/en/elasticsearch/reference/5.6/docker.html#_d_override_the_image_8217_s_default_ulink_url_https_docs_docker_com_engine_reference_run_cmd_default_command_or_options_cmd_ulink + # Without this, user could specify `opensearch -E x.y=z` but + # `bin/opensearch -E x.y=z` would not work. + set -- "opensearch" "${@:2}" + # Use chroot to switch to UID 1000 / GID 0 + exec chroot --userspec=1000:0 / "$@" + else + # User probably wants to run something else, like /bin/bash, with another uid forced (Openshift?) + exec "$@" + fi fi - + +# Allow environment variables to be set by creating a file with the +# contents, and setting an environment variable with the suffix _FILE to +# point to it. This can be used to provide secrets to a container, without +# the values being specified explicitly when running the container. +# +# This is also sourced in opensearch-env, and is only needed here +# as well because we use ELASTIC_PASSWORD below. Sourcing this script +# is idempotent. +source /usr/share/wazuh-indexer/bin/opensearch-env-from-file + +if [[ -f bin/opensearch-users ]]; then + # Check for the ELASTIC_PASSWORD environment variable to set the + # bootstrap password for Security. + # + # This is only required for the first node in a cluster with Security + # enabled, but we have no way of knowing which node we are yet. We'll just + # honor the variable if it's present. + if [[ -n "$ELASTIC_PASSWORD" ]]; then + [[ -f /usr/share/wazuh-indexer/config/opensearch.keystore ]] || (run_as_other_user_if_needed opensearch-keystore create) + if ! (run_as_other_user_if_needed opensearch-keystore has-passwd --silent) ; then + # keystore is unencrypted + if ! (run_as_other_user_if_needed opensearch-keystore list | grep -q '^bootstrap.password$'); then + (run_as_other_user_if_needed echo "$ELASTIC_PASSWORD" | opensearch-keystore add -x 'bootstrap.password') + fi + else + # keystore requires password + if ! (run_as_other_user_if_needed echo "$KEYSTORE_PASSWORD" \ + | opensearch-keystore list | grep -q '^bootstrap.password$') ; then + COMMANDS="$(printf "%s\n%s" "$KEYSTORE_PASSWORD" "$ELASTIC_PASSWORD")" + (run_as_other_user_if_needed echo "$COMMANDS" | opensearch-keystore add -x 'bootstrap.password') + fi + fi + fi +fi + +if [[ "$(id -u)" == "0" ]]; then + # If requested and running as root, mutate the ownership of bind-mounts + if [[ -n "$TAKE_FILE_OWNERSHIP" ]]; then + chown -R 1000:0 /usr/share/wazuh-indexer/{data,logs} + fi +fi + +run_as_other_user_if_needed /usr/share/wazuh-indexer/bin/opensearch <<<"$KEYSTORE_PASSWORD" \ No newline at end of file diff --git a/wazuh-indexer/config/entrypoint_OS.sh b/wazuh-indexer/config/entrypoint_OS.sh deleted file mode 100644 index 69736c1e..00000000 --- a/wazuh-indexer/config/entrypoint_OS.sh +++ /dev/null @@ -1,89 +0,0 @@ -#!/usr/bin/env bash -set -e - -# Files created by Elasticsearch should always be group writable too -umask 0002 - -export USER=wazuh-indexer -export INSTALLATION_DIR=/usr/share/wazuh-indexer -export OPENSEARCH_PATH_CONF=/etc/wazuh-indexer -export JAVA_HOME=${INSTALLATION_DIR}/jdk -export FILE=${INSTALLATION_DIR}/start - -run_as_other_user_if_needed() { - if [[ "$(id -u)" == "0" ]]; then - # If running as root, drop to specified UID and run command - exec chroot --userspec=1000:0 / "${@}" - else - # Either we are running in Openshift with random uid and are a member of the root group - # or with a custom --user - exec "${@}" - fi -} - -# Allow user specify custom CMD, maybe bin/opensearch itself -# for example to directly specify `-E` style parameters for opensearch on k8s -# or simply to run /bin/bash to check the image -if [[ "$1" != "opensearchwrapper" ]]; then - if [[ "$(id -u)" == "0" && $(basename "$1") == "opensearch" ]]; then - # centos:7 chroot doesn't have the `--skip-chdir` option and - # changes our CWD. - # Rewrite CMD args to replace $1 with `opensearch` explicitly, - # so that we are backwards compatible with the docs - # from the previous Elasticsearch versions<6 - # and configuration option D: - # https://www.elastic.co/guide/en/elasticsearch/reference/5.6/docker.html#_d_override_the_image_8217_s_default_ulink_url_https_docs_docker_com_engine_reference_run_cmd_default_command_or_options_cmd_ulink - # Without this, user could specify `opensearch -E x.y=z` but - # `bin/opensearch -E x.y=z` would not work. - set -- "opensearch" "${@:2}" - # Use chroot to switch to UID 1000 / GID 0 - exec chroot --userspec=1000:0 / "$@" - else - # User probably wants to run something else, like /bin/bash, with another uid forced (Openshift?) - exec "$@" - fi -fi - -# Allow environment variables to be set by creating a file with the -# contents, and setting an environment variable with the suffix _FILE to -# point to it. This can be used to provide secrets to a container, without -# the values being specified explicitly when running the container. -# -# This is also sourced in opensearch-env, and is only needed here -# as well because we use ELASTIC_PASSWORD below. Sourcing this script -# is idempotent. -source /usr/share/wazuh-indexer/bin/opensearch-env-from-file - -if [[ -f bin/opensearch-users ]]; then - # Check for the ELASTIC_PASSWORD environment variable to set the - # bootstrap password for Security. - # - # This is only required for the first node in a cluster with Security - # enabled, but we have no way of knowing which node we are yet. We'll just - # honor the variable if it's present. - if [[ -n "$ELASTIC_PASSWORD" ]]; then - [[ -f /usr/share/wazuh-indexer/config/opensearch.keystore ]] || (run_as_other_user_if_needed opensearch-keystore create) - if ! (run_as_other_user_if_needed opensearch-keystore has-passwd --silent) ; then - # keystore is unencrypted - if ! (run_as_other_user_if_needed opensearch-keystore list | grep -q '^bootstrap.password$'); then - (run_as_other_user_if_needed echo "$ELASTIC_PASSWORD" | opensearch-keystore add -x 'bootstrap.password') - fi - else - # keystore requires password - if ! (run_as_other_user_if_needed echo "$KEYSTORE_PASSWORD" \ - | opensearch-keystore list | grep -q '^bootstrap.password$') ; then - COMMANDS="$(printf "%s\n%s" "$KEYSTORE_PASSWORD" "$ELASTIC_PASSWORD")" - (run_as_other_user_if_needed echo "$COMMANDS" | opensearch-keystore add -x 'bootstrap.password') - fi - fi - fi -fi - -if [[ "$(id -u)" == "0" ]]; then - # If requested and running as root, mutate the ownership of bind-mounts - if [[ -n "$TAKE_FILE_OWNERSHIP" ]]; then - chown -R 1000:0 /usr/share/wazuh-indexer/{data,logs} - fi -fi - -run_as_other_user_if_needed /usr/share/wazuh-indexer/bin/opensearch <<<"$KEYSTORE_PASSWORD" \ No newline at end of file diff --git a/wazuh-indexer/config/wazuh.repo b/wazuh-indexer/config/wazuh.repo deleted file mode 100644 index 163fb67f..00000000 --- a/wazuh-indexer/config/wazuh.repo +++ /dev/null @@ -1,7 +0,0 @@ -[wazuh_repo] -gpgcheck=1 -gpgkey=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH -enabled=1 -name=Wazuh repository -baseurl=https://packages-dev.wazuh.com/trash/yum/ -protect=1 From e140acd2828c438616a009f7e67fd568698f9a31 Mon Sep 17 00:00:00 2001 From: Manuel Date: Wed, 9 Feb 2022 10:07:13 +0100 Subject: [PATCH 021/163] Update create_user script to create the RBAC database --- wazuh-odfe/config/create_user.py | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/wazuh-odfe/config/create_user.py b/wazuh-odfe/config/create_user.py index 40a1e04d..cc492398 100644 --- a/wazuh-odfe/config/create_user.py +++ b/wazuh-odfe/config/create_user.py @@ -13,6 +13,7 @@ SPECIAL_CHARS = "@$!%*?&-_" try: + from wazuh.rbac.orm import create_rbac_db from wazuh.security import ( create_user, get_users, @@ -66,6 +67,10 @@ if __name__ == "__main__": # abort if no user file detected sys.exit(0) username, password = read_user_file() + + # create RBAC database + create_rbac_db() + initial_users = db_users() if username not in initial_users: # create a new user From ac86b6652e8f31cdaac0cffbbd210cb5a7275537 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 11 Feb 2022 16:50:33 -0300 Subject: [PATCH 022/163] fix securityadmin.sh for wazuh-indexer --- docker-compose.yml | 25 ++++------ kibana-odfe/Dockerfile | 2 +- kibana/Dockerfile | 2 +- production_cluster/nginx/nginx.conf | 6 +-- production_cluster/nginx/ssl/cert.pem | 21 ++++++++ production_cluster/nginx/ssl/key.pem | 28 +++++++++++ .../wazuh-indexer/opensearch.yml | 36 ++++++++++++++ .../wazuh-indexer/wazuh1.indexer.yml | 31 ++++++------ .../wazuh-indexer/wazuh2.indexer.yml | 33 ++++++------- .../wazuh-indexer/wazuh3.indexer.yml | 33 ++++++------- .../wazuh_dashboard/dashboard.yml | 14 ++++++ .../wazuh/config/wazuh-registry.json | 1 + .../wazuh_dashboard/wazuh/config/wazuh.yml | 8 ++++ .../wazuh/logs/wazuhapp-plain.log | 38 +++++++++++++++ .../wazuh_dashboard/wazuh/logs/wazuhapp.log | 38 +++++++++++++++ .../wazuh_indexer_ssl_certs/admin-key.pem | 0 .../wazuh_indexer_ssl_certs/admin.pem | 0 .../wazuh_indexer_ssl_certs/certs.yml | 0 .../wazuh_indexer_ssl_certs/root-ca.key | 0 .../wazuh_indexer_ssl_certs/root-ca.pem | 0 .../wazuh.dashboard-key.pem | 0 .../wazuh.dashboard.pem | 0 .../wazuh.master-key.pem | 0 .../wazuh_indexer_ssl_certs/wazuh.master.pem | 0 .../wazuh.worker-key.pem | 0 .../wazuh_indexer_ssl_certs/wazuh.worker.pem | 0 .../wazuh1.indexer-key.pem | 0 .../wazuh1.indexer.pem | 0 .../wazuh2.indexer-key.pem | 0 .../wazuh2.indexer.pem | 0 .../wazuh3.indexer-key.pem | 0 .../wazuh3.indexer.pem | 0 test-cluster.yml | 36 +++++++------- wazuh-dashboard/Dockerfile | 8 ++++ wazuh-dashboard/config/dashboard.yml | 14 ++++++ wazuh-dashboard/config/entrypoint.sh | 4 +- wazuh-dashboard/config/wazuh_app_config.sh | 48 +------------------ wazuh-indexer/Dockerfile | 9 ++-- wazuh-indexer/config/entrypoint.sh | 12 +++-- wazuh-indexer/config/opensearch.yml | 36 ++++++++++++++ wazuh-indexer/config/securityadmin.sh | 2 + wazuh-odfe/Dockerfile | 4 +- wazuh-odfe/config/create_user.py | 5 ++ wazuh-odfe/config/wazuh.repo | 4 +- 44 files changed, 350 insertions(+), 148 deletions(-) create mode 100644 production_cluster/nginx/ssl/cert.pem create mode 100644 production_cluster/nginx/ssl/key.pem create mode 100644 production_cluster/wazuh-indexer/opensearch.yml create mode 100644 production_cluster/wazuh_dashboard/dashboard.yml create mode 100644 production_cluster/wazuh_dashboard/wazuh/config/wazuh-registry.json create mode 100644 production_cluster/wazuh_dashboard/wazuh/config/wazuh.yml create mode 100644 production_cluster/wazuh_dashboard/wazuh/logs/wazuhapp-plain.log create mode 100644 production_cluster/wazuh_dashboard/wazuh/logs/wazuhapp.log mode change 100644 => 100755 production_cluster/wazuh_indexer_ssl_certs/admin-key.pem mode change 100644 => 100755 production_cluster/wazuh_indexer_ssl_certs/admin.pem mode change 100644 => 100755 production_cluster/wazuh_indexer_ssl_certs/certs.yml mode change 100644 => 100755 production_cluster/wazuh_indexer_ssl_certs/root-ca.key mode change 100644 => 100755 production_cluster/wazuh_indexer_ssl_certs/root-ca.pem mode change 100644 => 100755 production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem mode change 100644 => 100755 production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem mode change 100644 => 100755 production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem mode change 100644 => 100755 production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem mode change 100644 => 100755 production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem mode change 100644 => 100755 production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem mode change 100644 => 100755 production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem mode change 100644 => 100755 production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem mode change 100644 => 100755 production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem mode change 100644 => 100755 production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem mode change 100644 => 100755 production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem mode change 100644 => 100755 production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem create mode 100644 wazuh-dashboard/config/dashboard.yml create mode 100644 wazuh-indexer/config/opensearch.yml create mode 100644 wazuh-indexer/config/securityadmin.sh diff --git a/docker-compose.yml b/docker-compose.yml index 58513581..5ce264b9 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -12,7 +12,7 @@ services: - "514:514/udp" - "55000:55000" environment: - - ELASTICSEARCH_URL=https://wazuh-indexer:9700 + - ELASTICSEARCH_URL=https://wazuh1.indexer:9700 - ELASTIC_USERNAME=admin - ELASTIC_PASSWORD=admin - FILEBEAT_SSL_VERIFICATION_MODE=none @@ -29,19 +29,14 @@ services: - filebeat_etc:/etc/filebeat - filebeat_var:/var/lib/filebeat - wazuh-indexer: - image: test-indexer - hostname: node1 + wazuh1.indexer: + image: wazuh/wazuh-indexer:4.3.0 + hostname: wazuh1.indexer restart: always ports: - "9700:9700" environment: - - discovery.type=single-node - - cluster.name=wazuh-cluster - - network.host=0.0.0.0 - - plugins.security.allow_default_init_securityindex=true - "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m" - - bootstrap.memory_lock=true ulimits: memlock: soft: -1 @@ -50,9 +45,9 @@ services: soft: 65536 hard: 65536 - kibana: + wazuh.dashboard: image: wazuh/wazuh-dashboard:4.3.0 - hostname: kibana + hostname: wazuh.dashboard restart: always ports: - 5601:5601 @@ -61,12 +56,8 @@ services: - ELASTICSEARCH_USERNAME=admin - ELASTICSEARCH_PASSWORD=admin - SERVER_SSL_ENABLED=false - - depends_on: - - wazuh-indexer - links: - - wazuh-indexer:wazuh-indexer - - wazuh:wazuh + #volumes: + # - ./production_cluster/wazuh_dashboard/dashboard.yml:/etc/wazuh-dashboard/dashboard.yml volumes: ossec_api_configuration: diff --git a/kibana-odfe/Dockerfile b/kibana-odfe/Dockerfile index 3cad99ba..23f897d8 100644 --- a/kibana-odfe/Dockerfile +++ b/kibana-odfe/Dockerfile @@ -6,7 +6,7 @@ ARG WAZUH_VERSION=4.2.5 ARG WAZUH_APP_VERSION="${WAZUH_VERSION}_${ELASTIC_VERSION}" WORKDIR /usr/share/kibana -RUN ./bin/kibana-plugin install https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana-${WAZUH_APP_VERSION}-1.zip +RUN ./bin/kibana-plugin install https://packages-dev.wazuh.com/pre-release/ui/kibana/wazuh_kibana-${WAZUH_APP_VERSION}-1.zip WORKDIR / USER root diff --git a/kibana/Dockerfile b/kibana/Dockerfile index d98443ae..76f39d0d 100644 --- a/kibana/Dockerfile +++ b/kibana/Dockerfile @@ -6,7 +6,7 @@ ARG WAZUH_VERSION=4.3.0 ARG WAZUH_APP_VERSION="${WAZUH_VERSION}_${ELASTIC_VERSION}" WORKDIR /usr/share/kibana -RUN ./bin/kibana-plugin install https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana-${WAZUH_APP_VERSION}-1.zip +RUN ./bin/kibana-plugin install https://packages-dev.wazuh.com/pre-release/ui/kibana/wazuh_kibana-${WAZUH_APP_VERSION}-1.zip ENV PATTERN="" \ CHECKS_PATTERN="" \ diff --git a/production_cluster/nginx/nginx.conf b/production_cluster/nginx/nginx.conf index 8cd13ca2..c68c6f2d 100644 --- a/production_cluster/nginx/nginx.conf +++ b/production_cluster/nginx/nginx.conf @@ -41,7 +41,7 @@ http { ssl_certificate /etc/nginx/ssl/cert.pem; ssl_certificate_key /etc/nginx/ssl/key.pem; location / { - proxy_pass https://kibana:5601/; + proxy_pass https://wazuh.dashboard:5601/; proxy_ssl_verify off; proxy_buffer_size 128k; proxy_buffers 4 256k; @@ -57,8 +57,8 @@ http { stream { upstream mycluster { hash $remote_addr consistent; - server wazuh-master:1514; - server wazuh-worker:1514; + server wazuh.master:1514; + server wazuh.worker:1514; } server { listen 1514; diff --git a/production_cluster/nginx/ssl/cert.pem b/production_cluster/nginx/ssl/cert.pem new file mode 100644 index 00000000..d5bbb656 --- /dev/null +++ b/production_cluster/nginx/ssl/cert.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDazCCAlOgAwIBAgIUASe6vu/ElSX7Znaz3NfI/zM6QCEwDQYJKoZIhvcNAQEL +BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM +GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMjAyMDgxMjMxNDlaFw0yMzAy +MDgxMjMxNDlaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw +HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB +AQUAA4IBDwAwggEKAoIBAQC36B2fAApuF7OjzvGDGfhOSDoKsemyCCRfQ7ErJXhJ +/aaFyBFmnRpwHWKRm/a+rcjFc2EEFxW6rkwHScoMCkpPPJMuxOw3xd1YKy/hy//e +4L67iAdc2yNlXmkANMUPQldJn2RFf7JSVEMGMLhvEQsIKQ0AKqBaytS+2Cr7ciHv +g1VxNAXvJkyYruEPIuHr9WvZ/BgmxCcI5IM4yLXSLbpbUqajQCAWa/HlDEO0729t +kF8dSJYLrz9kt2dnCgupw4iHCwYH+VjUEOAfAucF8Uj5u13GdovaodRxwftHG3TV +quZCYK77V/lJNOq0eUmZ33r1VvH1VZsAhThX4GV5auULAgMBAAGjUzBRMB0GA1Ud +DgQWBBRAa37ztZ4A+bZ+rO2DmUp5Ew7Q2TAfBgNVHSMEGDAWgBRAa37ztZ4A+bZ+ +rO2DmUp5Ew7Q2TAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQB0 +9qCMnym11g3NUNksnCtrHOo8r5DKU9KPISFOtG03Syxe7K9xi3oOYqaiZPJezoSl +7Z9O6Sobwgah+MtwZ5/9+jsxPgmEcpE6SWYx6KcG44TrC7RToIX7JyILxJujqJT2 +LODBmHO2IMGi9htaV8WDqwDKTqtBsmi9VdSOVy1WOsP9lcJoO2Di4cPS5RJjdDAW +sJNAFK+tGv0ZcUZ5bunjIGTEUIAElSPE/LTzuox2R4gVdWx0QYnKLn945C7Blr5d +tPR6EOI/4n5X7nq4XnX60dTAVS8ybZcUHTmHV9bz+KBu08jFn6Aum8mhYm1iFKKL +3P6t5XsQAQMTR37HAhLW +-----END CERTIFICATE----- diff --git a/production_cluster/nginx/ssl/key.pem b/production_cluster/nginx/ssl/key.pem new file mode 100644 index 00000000..5dc0986b --- /dev/null +++ b/production_cluster/nginx/ssl/key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC36B2fAApuF7Oj +zvGDGfhOSDoKsemyCCRfQ7ErJXhJ/aaFyBFmnRpwHWKRm/a+rcjFc2EEFxW6rkwH +ScoMCkpPPJMuxOw3xd1YKy/hy//e4L67iAdc2yNlXmkANMUPQldJn2RFf7JSVEMG +MLhvEQsIKQ0AKqBaytS+2Cr7ciHvg1VxNAXvJkyYruEPIuHr9WvZ/BgmxCcI5IM4 +yLXSLbpbUqajQCAWa/HlDEO0729tkF8dSJYLrz9kt2dnCgupw4iHCwYH+VjUEOAf +AucF8Uj5u13GdovaodRxwftHG3TVquZCYK77V/lJNOq0eUmZ33r1VvH1VZsAhThX +4GV5auULAgMBAAECggEAScmo8N28UZXS7tueTULDPO1/1EC0Ckl4Bn0LfctH6zAJ +e03dpXVNYUR5AwE3zCPAFXEIsPJuNnuuZ5I0rgYG8KnWSAKc4HfUKocRbCBEpnE4 +NdgLVDdciVSK/pkto8Szbwez3KqyqpPCXJ55sZ599aU64SE5O5R8LaJgBIkzknxK +J2cS6W7M15nwpgmhS5NlXDnykaDa8lPTccqqPF2b1HAgup2Lfg/HIq5U6kB6O87R +mQGd1ZZ13CxNJP6qWfSK34B1novabkOhy6vlfE2HT8uggxjR7B1u++Lr/jccduNY +Mvm9kILWwxrmPNOqt9OJLZYxlKTcsaIZvDuin47hSQKBgQDixjQXGD9bcMyy1z9k +7I98HcEoy3CbXq1zNxaZw4N4zEttVUHexbBs/UDYGXU+O4hRYxmPChKHdTQ4KzWx +RPTNnnzPTsHl6W+a2XS8MnoiF1yMUuE0IwThkS4OlEVakS1I+pyOEQxh0R93KBrW +LFRkBjMDAv7uB+TtXJNpNfRVLwKBgQDPm515DVjO1+MwzGni4TD8EvZl0KWkHASO +VLh8eDOTe+1dPdlHJp98+eOCp+BzfiKFYXDXmeoaZ+wBbyNxRr6ofPGVtHEGp4zp +pWp8BQ8Uw1LojpZB8uji2+LaX+qb7W+dFR8kbWbjTQkuWYU2jjk7WqreUdTnxRtb +sc/nE6fu5QKBgEgiwkkiZm0A6axt+fVxpobVtC703+IccNI4kNDit3yCh+/Ecgqa +Ge/hc3IKTxg3uboh6uxsSM6cArtnS1ITXEfYBV2wcM9gvSaly5Nd/ym/AqqEZqy+ +Avx5wQvUMGeJzLztM0WhuK2Y5whxUnAUc9fJfQqVNmCjVDgI/b828XzzAoGBAL0N +CR41sDxTTZifXID07eVt4yCeGmhR9zghIAqAbv8Lp//zlUt8eVmWOL4+315sa0Uo +kVhT2WGIZtp7eTvq3y2Q8XGQ6ifUJbaSImCjPrN6lqIdTejqKXaEI5UWKQ8q7SuP +E1fZpAqymPyzGmKuqqFJFDX1MLqJvDsItbjIJnGdAoGAWnLU4S2CzgtiOeFiKKU9 +P+nhTplGV/DH0dMnVa5hZeIP3UDpzR19aQ9OXdRv30M3eSQnIRcL3A/Gci8fSmx/ +/5nJp1hoEwL2oawyRcEU6A5djT7zZ0m2+gteu9QLBiq3YlqmJUVKaviIUC4Se7ZP +TrRYjCtxO5XdtyZGZxVrTQk= +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh-indexer/opensearch.yml b/production_cluster/wazuh-indexer/opensearch.yml new file mode 100644 index 00000000..bfd2aba6 --- /dev/null +++ b/production_cluster/wazuh-indexer/opensearch.yml @@ -0,0 +1,36 @@ +network.host: "0.0.0.0" +node.name: "wazuh1.indexer" +http.port: 9700-9799 +transport.tcp.port: 9800-9899 +path.data: /var/lib/wazuh-indexer +path.logs: /var/log/wazuh-indexer +discovery.type: single-node +compatibility.override_main_response_version: true +############################################################################### +# # +# WARNING: Insecure demo certificates set up in this file. # +# Please change on production cluster! # +# # +############################################################################### +plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/admin.pem +plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/admin-key.pem +plugins.security.ssl.http.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem +plugins.security.ssl.transport.pemcert_filepath: /etc/wazuh-indexer/certs/admin.pem +plugins.security.ssl.transport.pemkey_filepath: /etc/wazuh-indexer/certs/admin-key.pem +plugins.security.ssl.transport.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem +plugins.security.ssl.http.enabled: true +plugins.security.ssl.transport.enforce_hostname_verification: false +plugins.security.ssl.transport.resolve_hostname: false +plugins.security.audit.type: internal_opensearch +plugins.security.authcz.admin_dn: +- "CN=admin,OU=Demo,O=Wazuh,L=California,C=US" +plugins.security.check_snapshot_restore_write_privileges: true +plugins.security.enable_snapshot_restore_privilege: true +plugins.security.nodes_dn: +- "CN=demo-indexer,OU=Demo,O=Wazuh,L=California,C=US" +plugins.security.restapi.roles_enabled: +- "all_access" +- "security_rest_api_access" +plugins.security.system_indices.enabled: true +plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opensearch-observability", ".opendistro-asynchronous-search-response*", ".replication-metadata-store"] + diff --git a/production_cluster/wazuh-indexer/wazuh1.indexer.yml b/production_cluster/wazuh-indexer/wazuh1.indexer.yml index 35241b9a..d4860983 100644 --- a/production_cluster/wazuh-indexer/wazuh1.indexer.yml +++ b/production_cluster/wazuh-indexer/wazuh1.indexer.yml @@ -1,14 +1,14 @@ -network.host: wazuh1-indexer -node.name: wazuh1-indexer +network.host: wazuh1.indexer +node.name: wazuh1.indexer cluster.initial_master_nodes: - - wazuh1-indexer - - wazuh2-indexer - - wazuh3-indexer + - wazuh1.indexer + - wazuh2.indexer + - wazuh3.indexer cluster.name: "wazuh-cluster" discovery.seed_hosts: - - wazuh1-indexer - - wazuh2-indexer - - wazuh3-indexer + - wazuh1.indexer + - wazuh2.indexer + - wazuh3.indexer http.port: 9700-9799 transport.tcp.port: 9800-9899 node.max_local_storage_nodes: "3" @@ -20,11 +20,11 @@ path.logs: /var/log/wazuh-indexer # Please change on production cluster! # # # ############################################################################### -plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/wazuh1-indexer.pem -plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/wazuh1-indexer.key +plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/wazuh1.indexer.pem +plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/wazuh1.indexer.key plugins.security.ssl.http.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem -plugins.security.ssl.transport.pemcert_filepath: /etc/wazuh-indexer/certs/wazuh1-indexer.pem -plugins.security.ssl.transport.pemkey_filepath: /etc/wazuh-indexer/certs/wazuh1-indexer.key +plugins.security.ssl.transport.pemcert_filepath: /etc/wazuh-indexer/certs/wazuh1.indexer.pem +plugins.security.ssl.transport.pemkey_filepath: /etc/wazuh-indexer/certs/wazuh1.indexer.key plugins.security.ssl.transport.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem plugins.security.ssl.http.enabled: true plugins.security.ssl.transport.enforce_hostname_verification: false @@ -35,9 +35,9 @@ plugins.security.authcz.admin_dn: plugins.security.check_snapshot_restore_write_privileges: true plugins.security.enable_snapshot_restore_privilege: true plugins.security.nodes_dn: -- "CN=wazuh1-indexer,OU=Docu,O=Wazuh,L=California,C=US" -- "CN=wazuh2-indexer,OU=Docu,O=Wazuh,L=California,C=US" -- "CN=wazuh3-indexer,OU=Docu,O=Wazuh,L=California,C=US" +- "CN=wazuh1.indexer,OU=Docu,O=Wazuh,L=California,C=US" +- "CN=wazuh2.indexer,OU=Docu,O=Wazuh,L=California,C=US" +- "CN=wazuh3.indexer,OU=Docu,O=Wazuh,L=California,C=US" - "CN=filebeat,OU=Docu,O=Wazuh,L=California,C=US" plugins.security.restapi.roles_enabled: - "all_access" @@ -46,3 +46,4 @@ plugins.security.allow_default_init_securityindex: true cluster.routing.allocation.disk.threshold_enabled: false opendistro_security.audit.config.disabled_rest_categories: NONE opendistro_security.audit.config.disabled_transport_categories: NONE +compatibility.override_main_response_version: true diff --git a/production_cluster/wazuh-indexer/wazuh2.indexer.yml b/production_cluster/wazuh-indexer/wazuh2.indexer.yml index 988b3d0e..a9d4aff3 100644 --- a/production_cluster/wazuh-indexer/wazuh2.indexer.yml +++ b/production_cluster/wazuh-indexer/wazuh2.indexer.yml @@ -1,14 +1,14 @@ -network.host: wazuh2-indexer -node.name: wazuh2-indexer +network.host: wazuh2.indexer +node.name: wazuh2.indexer cluster.initial_master_nodes: - - wazuh1-indexer - - wazuh2-indexer - - wazuh3-indexer + - wazuh1.indexer + - wazuh2.indexer + - wazuh3.indexer cluster.name: "wazuh-cluster" discovery.seed_hosts: - - wazuh1-indexer - - wazuh2-indexer - - wazuh3-indexer + - wazuh1.indexer + - wazuh2.indexer + - wazuh3.indexer http.port: 9700-9799 transport.tcp.port: 9800-9899 node.max_local_storage_nodes: "3" @@ -20,11 +20,11 @@ path.logs: /var/log/wazuh-indexer # Please change on production cluster! # # # ############################################################################### -plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/wazuh2-indexer.pem -plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/wazuh2-indexer.key +plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/wazuh2.indexer.pem +plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/wazuh2.indexer.key plugins.security.ssl.http.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem -plugins.security.ssl.transport.pemcert_filepath: /etc/wazuh-indexer/certs/wazuh2-indexer.pem -plugins.security.ssl.transport.pemkey_filepath: /etc/wazuh-indexer/certs/wazuh2-indexer.key +plugins.security.ssl.transport.pemcert_filepath: /etc/wazuh-indexer/certs/wazuh2.indexer.pem +plugins.security.ssl.transport.pemkey_filepath: /etc/wazuh-indexer/certs/wazuh2.indexer.key plugins.security.ssl.transport.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem plugins.security.ssl.http.enabled: true plugins.security.ssl.transport.enforce_hostname_verification: false @@ -35,9 +35,9 @@ plugins.security.authcz.admin_dn: plugins.security.check_snapshot_restore_write_privileges: true plugins.security.enable_snapshot_restore_privilege: true plugins.security.nodes_dn: -- "CN=wazuh1-indexer,OU=Docu,O=Wazuh,L=California,C=US" -- "CN=wazuh2-indexer,OU=Docu,O=Wazuh,L=California,C=US" -- "CN=wazuh3-indexer,OU=Docu,O=Wazuh,L=California,C=US" +- "CN=wazuh1.indexer,OU=Docu,O=Wazuh,L=California,C=US" +- "CN=wazuh2.indexer,OU=Docu,O=Wazuh,L=California,C=US" +- "CN=wazuh3.indexer,OU=Docu,O=Wazuh,L=California,C=US" - "CN=filebeat,OU=Docu,O=Wazuh,L=California,C=US" plugins.security.restapi.roles_enabled: - "all_access" @@ -45,4 +45,5 @@ plugins.security.restapi.roles_enabled: plugins.security.allow_default_init_securityindex: true cluster.routing.allocation.disk.threshold_enabled: false opendistro_security.audit.config.disabled_rest_categories: NONE -opendistro_security.audit.config.disabled_transport_categories: NONE \ No newline at end of file +opendistro_security.audit.config.disabled_transport_categories: NONE +compatibility.override_main_response_version: true \ No newline at end of file diff --git a/production_cluster/wazuh-indexer/wazuh3.indexer.yml b/production_cluster/wazuh-indexer/wazuh3.indexer.yml index 7024a8da..57e92e55 100644 --- a/production_cluster/wazuh-indexer/wazuh3.indexer.yml +++ b/production_cluster/wazuh-indexer/wazuh3.indexer.yml @@ -1,14 +1,14 @@ -network.host: wazuh3-indexer -node.name: wazuh3-indexer +network.host: wazuh3.indexer +node.name: wazuh3.indexer cluster.initial_master_nodes: - - wazuh1-indexer - - wazuh2-indexer - - wazuh3-indexer + - wazuh1.indexer + - wazuh2.indexer + - wazuh3.indexer cluster.name: "wazuh-cluster" discovery.seed_hosts: - - wazuh1-indexer - - wazuh2-indexer - - wazuh3-indexer + - wazuh1.indexer + - wazuh2.indexer + - wazuh3.indexer http.port: 9700-9799 transport.tcp.port: 9800-9899 node.max_local_storage_nodes: "3" @@ -20,11 +20,11 @@ path.logs: /var/log/wazuh-indexer # Please change on production cluster! # # # ############################################################################### -plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/wazuh3-indexer.pem -plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/wazuh3-indexer.key +plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/wazuh3.indexer.pem +plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/wazuh3.indexer.key plugins.security.ssl.http.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem -plugins.security.ssl.transport.pemcert_filepath: /etc/wazuh-indexer/certs/wazuh3-indexer.pem -plugins.security.ssl.transport.pemkey_filepath: /etc/wazuh-indexer/certs/wazuh3-indexer.key +plugins.security.ssl.transport.pemcert_filepath: /etc/wazuh-indexer/certs/wazuh3.indexer.pem +plugins.security.ssl.transport.pemkey_filepath: /etc/wazuh-indexer/certs/wazuh3.indexer.key plugins.security.ssl.transport.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem plugins.security.ssl.http.enabled: true plugins.security.ssl.transport.enforce_hostname_verification: false @@ -35,9 +35,9 @@ plugins.security.authcz.admin_dn: plugins.security.check_snapshot_restore_write_privileges: true plugins.security.enable_snapshot_restore_privilege: true plugins.security.nodes_dn: -- "CN=wazuh1-indexer,OU=Docu,O=Wazuh,L=California,C=US" -- "CN=wazuh2-indexer,OU=Docu,O=Wazuh,L=California,C=US" -- "CN=wazuh3-indexer,OU=Docu,O=Wazuh,L=California,C=US" +- "CN=wazuh1.indexer,OU=Docu,O=Wazuh,L=California,C=US" +- "CN=wazuh2.indexer,OU=Docu,O=Wazuh,L=California,C=US" +- "CN=wazuh3.indexer,OU=Docu,O=Wazuh,L=California,C=US" - "CN=filebeat,OU=Docu,O=Wazuh,L=California,C=US" plugins.security.restapi.roles_enabled: - "all_access" @@ -45,4 +45,5 @@ plugins.security.restapi.roles_enabled: plugins.security.allow_default_init_securityindex: true cluster.routing.allocation.disk.threshold_enabled: false opendistro_security.audit.config.disabled_rest_categories: NONE -opendistro_security.audit.config.disabled_transport_categories: NONE \ No newline at end of file +opendistro_security.audit.config.disabled_transport_categories: NONE +compatibility.override_main_response_version: true \ No newline at end of file diff --git a/production_cluster/wazuh_dashboard/dashboard.yml b/production_cluster/wazuh_dashboard/dashboard.yml new file mode 100644 index 00000000..8b0c332b --- /dev/null +++ b/production_cluster/wazuh_dashboard/dashboard.yml @@ -0,0 +1,14 @@ +server.host: 0.0.0.0 +server.port: 5601 +opensearch.hosts: https://wazuh1.indexer:9700 +opensearch.ssl.verificationMode: certificate +opensearch.username: kibanaserver +opensearch.password: kibanaserver +opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"] +opensearch_security.multitenancy.enabled: false +opensearch_security.readonly_mode.roles: ["kibana_read_only"] +server.ssl.enabled: true +server.ssl.key: "/etc/wazuh-dashboard/certs/wazuh-dashboard-key.pem" +server.ssl.certificate: "/etc/wazuh-dashboard/certs/wazuh-dashboard.pem" +opensearch.ssl.certificateAuthorities: ["/etc/wazuh-dashboard/certs/root-ca.pem"] +uiSettings.overrides.defaultRoute: /app/wazuh?security_tenant=global diff --git a/production_cluster/wazuh_dashboard/wazuh/config/wazuh-registry.json b/production_cluster/wazuh_dashboard/wazuh/config/wazuh-registry.json new file mode 100644 index 00000000..5c393051 --- /dev/null +++ b/production_cluster/wazuh_dashboard/wazuh/config/wazuh-registry.json @@ -0,0 +1 @@ +{"name":"Wazuh App","app-version":"4.3.0","revision":"4301-0","installationDate":"2022-02-10T13:49:45.182Z","lastRestart":"2022-02-10T13:49:45.182Z","hosts":{"default":{"cluster_info":{"status":"enabled","manager":"wazuh.master","node":"manager","cluster":"wazuh"},"extensions":{"pci":true,"gdpr":true,"hipaa":true,"nist":true,"tsc":true,"audit":true,"oscap":false,"ciscat":false,"aws":false,"office":false,"github":false,"gcp":false,"virustotal":false,"osquery":false,"docker":false}}}} \ No newline at end of file diff --git a/production_cluster/wazuh_dashboard/wazuh/config/wazuh.yml b/production_cluster/wazuh_dashboard/wazuh/config/wazuh.yml new file mode 100644 index 00000000..f37a7aca --- /dev/null +++ b/production_cluster/wazuh_dashboard/wazuh/config/wazuh.yml @@ -0,0 +1,8 @@ +hosts: + - default: + url: https://wazuh.master + port: 55000 + username: acme-user + password: MyS3cr37P450r.*- + run_as: false + diff --git a/production_cluster/wazuh_dashboard/wazuh/logs/wazuhapp-plain.log b/production_cluster/wazuh_dashboard/wazuh/logs/wazuhapp-plain.log new file mode 100644 index 00000000..67e659fb --- /dev/null +++ b/production_cluster/wazuh_dashboard/wazuh/logs/wazuhapp-plain.log @@ -0,0 +1,38 @@ +info: 2022/02/10 13:49:44: initialize: Kibana index: .kibana +info: 2022/02/10 13:49:44: initialize: App revision: 4301-0 +info: 2022/02/10 13:49:44: initialize: Total RAM: 11928MB +error: 2022/02/10 13:49:45: initialize:checkKibanaStatus: Could not check if the index .wazuh exists due to no permissions for create, delete or check +error: 2022/02/10 13:55:0: cron-scheduler|SaveDocument: resource_already_exists_exception +info: 2022/02/10 18:35:47: initialize: Kibana index: .kibana +info: 2022/02/10 18:35:47: initialize: App revision: 4301-0 +info: 2022/02/10 18:35:47: initialize: Total RAM: 11928MB +error: 2022/02/10 18:35:47: initialize:checkKibanaStatus: Could not check if the index .wazuh exists due to no permissions for create, delete or check +error: 2022/02/10 18:40:0: cron-scheduler|SaveDocument: resource_already_exists_exception +info: 2022/02/10 18:42:13: initialize: Kibana index: .kibana +info: 2022/02/10 18:42:13: initialize: App revision: 4301-0 +info: 2022/02/10 18:42:13: initialize: Total RAM: 11928MB +error: 2022/02/10 18:42:14: initialize:checkKibanaStatus: Could not check if the index .wazuh exists due to no permissions for create, delete or check +error: 2022/02/10 18:45:0: cron-scheduler|SaveDocument: resource_already_exists_exception +info: 2022/02/10 20:23:3: initialize: Kibana index: .kibana +info: 2022/02/10 20:23:3: initialize: App revision: 4301-0 +info: 2022/02/10 20:23:3: initialize: Total RAM: 11928MB +error: 2022/02/10 20:23:4: initialize:checkKibanaStatus: Could not check if the index .wazuh exists due to no permissions for create, delete or check +error: 2022/02/10 20:25:0: cron-scheduler|SaveDocument: resource_already_exists_exception +info: 2022/02/11 18:48:39: initialize: Kibana index: .kibana +info: 2022/02/11 18:48:39: initialize: App revision: 4301-0 +info: 2022/02/11 18:48:39: initialize: Total RAM: 11928MB +error: 2022/02/11 18:48:40: initialize:checkKibanaStatus: Could not check if the index .wazuh exists due to no permissions for create, delete or check +error: 2022/02/11 18:50:1: cron-scheduler|SaveDocument: resource_already_exists_exception +info: 2022/02/11 19:23:22: initialize: Kibana index: .kibana +info: 2022/02/11 19:23:22: initialize: App revision: 4301-0 +info: 2022/02/11 19:23:22: initialize: Total RAM: 11928MB +error: 2022/02/11 19:23:23: initialize:checkKibanaStatus: Could not check if the index .wazuh exists due to no permissions for create, delete or check +error: 2022/02/11 19:25:0: cron-scheduler|SaveDocument: resource_already_exists_exception +info: 2022/02/11 19:27:28: initialize: Kibana index: .kibana +info: 2022/02/11 19:27:28: initialize: App revision: 4301-0 +info: 2022/02/11 19:27:28: initialize: Total RAM: 11928MB +error: 2022/02/11 19:27:28: initialize:checkKibanaStatus: Could not check if the index .wazuh exists due to no permissions for create, delete or check +info: 2022/02/11 19:31:58: initialize: Kibana index: .kibana +info: 2022/02/11 19:31:58: initialize: App revision: 4301-0 +info: 2022/02/11 19:31:58: initialize: Total RAM: 11928MB +error: 2022/02/11 19:31:59: initialize:checkKibanaStatus: Could not check if the index .wazuh exists due to no permissions for create, delete or check diff --git a/production_cluster/wazuh_dashboard/wazuh/logs/wazuhapp.log b/production_cluster/wazuh_dashboard/wazuh/logs/wazuhapp.log new file mode 100644 index 00000000..fffe806c --- /dev/null +++ b/production_cluster/wazuh_dashboard/wazuh/logs/wazuhapp.log @@ -0,0 +1,38 @@ +{"date":"2022-02-10T13:49:44.661Z","level":"info","location":"initialize","message":"Kibana index: .kibana"} +{"date":"2022-02-10T13:49:44.661Z","level":"info","location":"initialize","message":"App revision: 4301-0"} +{"date":"2022-02-10T13:49:44.661Z","level":"info","location":"initialize","message":"Total RAM: 11928MB"} +{"date":"2022-02-10T13:49:45.077Z","level":"error","location":"initialize:checkKibanaStatus","message":"Could not check if the index .wazuh exists due to no permissions for create, delete or check"} +{"date":"2022-02-10T13:55:00.999Z","level":"error","location":"cron-scheduler|SaveDocument","message":"resource_already_exists_exception"} +{"date":"2022-02-10T18:35:47.009Z","level":"info","location":"initialize","message":"Kibana index: .kibana"} +{"date":"2022-02-10T18:35:47.010Z","level":"info","location":"initialize","message":"App revision: 4301-0"} +{"date":"2022-02-10T18:35:47.010Z","level":"info","location":"initialize","message":"Total RAM: 11928MB"} +{"date":"2022-02-10T18:35:47.242Z","level":"error","location":"initialize:checkKibanaStatus","message":"Could not check if the index .wazuh exists due to no permissions for create, delete or check"} +{"date":"2022-02-10T18:40:00.559Z","level":"error","location":"cron-scheduler|SaveDocument","message":"resource_already_exists_exception"} +{"date":"2022-02-10T18:42:13.894Z","level":"info","location":"initialize","message":"Kibana index: .kibana"} +{"date":"2022-02-10T18:42:13.894Z","level":"info","location":"initialize","message":"App revision: 4301-0"} +{"date":"2022-02-10T18:42:13.894Z","level":"info","location":"initialize","message":"Total RAM: 11928MB"} +{"date":"2022-02-10T18:42:14.231Z","level":"error","location":"initialize:checkKibanaStatus","message":"Could not check if the index .wazuh exists due to no permissions for create, delete or check"} +{"date":"2022-02-10T18:45:00.330Z","level":"error","location":"cron-scheduler|SaveDocument","message":"resource_already_exists_exception"} +{"date":"2022-02-10T20:23:03.443Z","level":"info","location":"initialize","message":"Kibana index: .kibana"} +{"date":"2022-02-10T20:23:03.443Z","level":"info","location":"initialize","message":"App revision: 4301-0"} +{"date":"2022-02-10T20:23:03.443Z","level":"info","location":"initialize","message":"Total RAM: 11928MB"} +{"date":"2022-02-10T20:23:04.136Z","level":"error","location":"initialize:checkKibanaStatus","message":"Could not check if the index .wazuh exists due to no permissions for create, delete or check"} +{"date":"2022-02-10T20:25:00.975Z","level":"error","location":"cron-scheduler|SaveDocument","message":"resource_already_exists_exception"} +{"date":"2022-02-11T18:48:39.186Z","level":"info","location":"initialize","message":"Kibana index: .kibana"} +{"date":"2022-02-11T18:48:39.187Z","level":"info","location":"initialize","message":"App revision: 4301-0"} +{"date":"2022-02-11T18:48:39.187Z","level":"info","location":"initialize","message":"Total RAM: 11928MB"} +{"date":"2022-02-11T18:48:40.305Z","level":"error","location":"initialize:checkKibanaStatus","message":"Could not check if the index .wazuh exists due to no permissions for create, delete or check"} +{"date":"2022-02-11T18:50:01.075Z","level":"error","location":"cron-scheduler|SaveDocument","message":"resource_already_exists_exception"} +{"date":"2022-02-11T19:23:22.847Z","level":"info","location":"initialize","message":"Kibana index: .kibana"} +{"date":"2022-02-11T19:23:22.848Z","level":"info","location":"initialize","message":"App revision: 4301-0"} +{"date":"2022-02-11T19:23:22.848Z","level":"info","location":"initialize","message":"Total RAM: 11928MB"} +{"date":"2022-02-11T19:23:23.646Z","level":"error","location":"initialize:checkKibanaStatus","message":"Could not check if the index .wazuh exists due to no permissions for create, delete or check"} +{"date":"2022-02-11T19:25:00.244Z","level":"error","location":"cron-scheduler|SaveDocument","message":"resource_already_exists_exception"} +{"date":"2022-02-11T19:27:28.476Z","level":"info","location":"initialize","message":"Kibana index: .kibana"} +{"date":"2022-02-11T19:27:28.477Z","level":"info","location":"initialize","message":"App revision: 4301-0"} +{"date":"2022-02-11T19:27:28.477Z","level":"info","location":"initialize","message":"Total RAM: 11928MB"} +{"date":"2022-02-11T19:27:28.862Z","level":"error","location":"initialize:checkKibanaStatus","message":"Could not check if the index .wazuh exists due to no permissions for create, delete or check"} +{"date":"2022-02-11T19:31:58.941Z","level":"info","location":"initialize","message":"Kibana index: .kibana"} +{"date":"2022-02-11T19:31:58.942Z","level":"info","location":"initialize","message":"App revision: 4301-0"} +{"date":"2022-02-11T19:31:58.942Z","level":"info","location":"initialize","message":"Total RAM: 11928MB"} +{"date":"2022-02-11T19:31:59.543Z","level":"error","location":"initialize:checkKibanaStatus","message":"Could not check if the index .wazuh exists due to no permissions for create, delete or check"} diff --git a/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem b/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem old mode 100644 new mode 100755 diff --git a/production_cluster/wazuh_indexer_ssl_certs/admin.pem b/production_cluster/wazuh_indexer_ssl_certs/admin.pem old mode 100644 new mode 100755 diff --git a/production_cluster/wazuh_indexer_ssl_certs/certs.yml b/production_cluster/wazuh_indexer_ssl_certs/certs.yml old mode 100644 new mode 100755 diff --git a/production_cluster/wazuh_indexer_ssl_certs/root-ca.key b/production_cluster/wazuh_indexer_ssl_certs/root-ca.key old mode 100644 new mode 100755 diff --git a/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem b/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem old mode 100644 new mode 100755 diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem old mode 100644 new mode 100755 diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem old mode 100644 new mode 100755 diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem old mode 100644 new mode 100755 diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem old mode 100644 new mode 100755 diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem old mode 100644 new mode 100755 diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem old mode 100644 new mode 100755 diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem old mode 100644 new mode 100755 diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem old mode 100644 new mode 100755 diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem old mode 100644 new mode 100755 diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem old mode 100644 new mode 100755 diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem old mode 100644 new mode 100755 diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem old mode 100644 new mode 100755 diff --git a/test-cluster.yml b/test-cluster.yml index b61eebf7..c2f7f3bb 100644 --- a/test-cluster.yml +++ b/test-cluster.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.master: - image: wazuh/wazuh-odfe:4.3.0 + image: wazuh/wazuh-odfe:4.3.0-dev hostname: wazuh.master restart: always ports: @@ -11,9 +11,9 @@ services: - "514:514/udp" - "55000:55000" environment: - - ELASTICSEARCH_URL=https://wazuh.indexer:9700 + - ELASTICSEARCH_URL=https://wazuh1.indexer:9700 - ELASTIC_USERNAME=admin - - ELASTIC_PASSWORD=admin + - ELASTIC_PASSWORD=SecretPassword - FILEBEAT_SSL_VERIFICATION_MODE=full - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem - SSL_CERTIFICATE=/etc/ssl/filebeat.pem @@ -38,13 +38,13 @@ services: - ./production_cluster/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: - image: wazuh/wazuh-odfe:4.3.0 + image: wazuh/wazuh-odfe:4.3.0-dev hostname: wazuh.worker restart: always environment: - - ELASTICSEARCH_URL=https://wazuh.indexer:9700 + - ELASTICSEARCH_URL=https://wazuh1.indexer:9700 - ELASTIC_USERNAME=admin - - ELASTIC_PASSWORD=admin + - ELASTIC_PASSWORD=SecretPassword - FILEBEAT_SSL_VERIFICATION_MODE=full - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem - SSL_CERTIFICATE=/etc/ssl/filebeat.pem @@ -67,7 +67,7 @@ services: - ./production_cluster/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf wazuh1.indexer: - image: test-indexer + image: wazuh/wazuh-indexer:4.3.0 hostname: wazuh1.indexer restart: always ports: @@ -93,7 +93,7 @@ services: - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml wazuh2.indexer: - image: test-indexer + image: wazuh/wazuh-indexer:4.3.0 hostname: wazuh2.indexer restart: always environment: @@ -112,10 +112,10 @@ services: - ./production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem:/etc/wazuh-indexer/certs/wazuh2.indexer.key - ./production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem:/etc/wazuh-indexer/certs/wazuh2.indexer.pem - ./production_cluster/wazuh-indexer/wazuh2.indexer.yml:/etc/wazuh-indexer/opensearch.yml - - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml + - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml wazuh3.indexer: - image: test-indexer + image: wazuh/wazuh-indexer:4.3.0 hostname: wazuh3.indexer restart: always environment: @@ -134,7 +134,7 @@ services: - ./production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem:/etc/wazuh-indexer/certs/wazuh3.indexer.key - ./production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem:/etc/wazuh-indexer/certs/wazuh3.indexer.pem - ./production_cluster/wazuh-indexer/wazuh3.indexer.yml:/etc/wazuh-indexer/opensearch.yml - - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml + - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml wazuh.dashboard: image: wazuh/wazuh-dashboard:4.3.0 @@ -143,18 +143,16 @@ services: ports: - 5601:5601 environment: - - ELASTICSEARCH_USERNAME=admin - - ELASTICSEARCH_PASSWORD=admin - - SERVER_SSL_ENABLED=true - - SERVER_SSL_CERTIFICATE=/etc/wazuh-dashboard/certs/cert.pem - - SERVER_SSL_KEY=/etc/wazuh-dashboard/certs/key.pem + - OPENSEARCH_HOSTS="https://wazuh1.indexer:9700" - WAZUH_API_URL="https://wazuh.master" - API_USERNAME=acme-user - API_PASSWORD=MyS3cr37P450r.*- volumes: - - ./production_cluster/wazuh_dashboard_ssl/cert.pem:/etc/wazuh-dashboard/certs/cert.pem - - ./production_cluster/wazuh_dashboard_ssl/key.pem:/etc/wazuh-dashboard/certs/key.pem - + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/etc/wazuh-dashboard/certs/wazuh-dashboard.pem + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/etc/wazuh-dashboard/certs/wazuh-dashboard-key.pem + - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-dashboard/certs/root-ca.pem + - ./production_cluster/wazuh_dashboard/dashboard.yml:/etc/wazuh-dashboard/dashboard.yml + - ./production_cluster/wazuh_dashboard/wazuh:/usr/share/wazuh-dashboard/data/wazuh depends_on: - wazuh1.indexer links: diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index 97d72ab1..bf2c6443 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -13,8 +13,16 @@ RUN curl https://s3.us-west-1.amazonaws.com/packages-dev.wazuh.com/pre-release/a COPY config/entrypoint.sh / +COPY config/wazuh_app_config.sh / + +COPY config/dashboard.yml /etc/wazuh-dashboard/ + RUN chmod 700 /entrypoint.sh +RUN chmod 700 /wazuh_app_config.sh + +RUN chown 101:101 /etc/wazuh-dashboard/dashboard.yml && chmod 664 /etc/wazuh-dashboard/dashboard.yml + # Services ports EXPOSE 5601 diff --git a/wazuh-dashboard/config/dashboard.yml b/wazuh-dashboard/config/dashboard.yml new file mode 100644 index 00000000..7aec4657 --- /dev/null +++ b/wazuh-dashboard/config/dashboard.yml @@ -0,0 +1,14 @@ +server.host: 0.0.0.0 +server.port: 5601 +opensearch.hosts: https://wazuh1.indexer:9700 +opensearch.ssl.verificationMode: certificate +opensearch.username: kibanaserver +opensearch.password: kibanaserver +opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"] +opensearch_security.multitenancy.enabled: false +opensearch_security.readonly_mode.roles: ["kibana_read_only"] +server.ssl.enabled: false +server.ssl.key: "/etc/wazuh-dashboard/certs/demo-dashboard-key.pem" +server.ssl.certificate: "/etc/wazuh-dashboard/certs/demo-dashboard.pem" +opensearch.ssl.certificateAuthorities: ["/etc/wazuh-dashboard/certs/root-ca.pem"] +uiSettings.overrides.defaultRoute: /app/wazuh?security_tenant=global diff --git a/wazuh-dashboard/config/entrypoint.sh b/wazuh-dashboard/config/entrypoint.sh index c0d98a53..0294d4ca 100644 --- a/wazuh-dashboard/config/entrypoint.sh +++ b/wazuh-dashboard/config/entrypoint.sh @@ -5,8 +5,6 @@ # Start Wazuh dashboard ############################################################################## -sed -i 's/localhost:9700/wazuh-indexer:9700/' /etc/wazuh-dashboard/dashboard.yml -sed -i 's//0.0.0.0/' /etc/wazuh-dashboard/dashboard.yml -sed -i '/logging.dest:/d' /etc/wazuh-dashboard/dashboard.yml +#/wazuh_app_config.sh runuser wazuh-dashboard --shell="/bin/bash" --command="/usr/share/wazuh-dashboard/bin/opensearch-dashboards -c /etc/wazuh-dashboard/dashboard.yml" diff --git a/wazuh-dashboard/config/wazuh_app_config.sh b/wazuh-dashboard/config/wazuh_app_config.sh index ca6e1a6a..c63c55c9 100644 --- a/wazuh-dashboard/config/wazuh_app_config.sh +++ b/wazuh-dashboard/config/wazuh_app_config.sh @@ -6,51 +6,8 @@ wazuh_port="${API_PORT:-55000}" api_username="${API_USERNAME:-wazuh-wui}" api_password="${API_PASSWORD:-wazuh-wui}" -kibana_config_file="/etc/wazuh-dashboard/wazuh-dashboard.yml" +kibana_config_file="/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml" -sed 's/9700/9200/' /etc/wazuh-dashboard/wazuh-dashboard.yml - -declare -A CONFIG_MAP=( - [pattern]=$PATTERN - [checks.pattern]=$CHECKS_PATTERN - [checks.template]=$CHECKS_TEMPLATE - [checks.api]=$CHECKS_API - [checks.setup]=$CHECKS_SETUP - [extensions.pci]=$EXTENSIONS_PCI - [extensions.gdpr]=$EXTENSIONS_GDPR - [extensions.hipaa]=$EXTENSIONS_HIPAA - [extensions.nist]=$EXTENSIONS_NIST - [extensions.tsc]=$EXTENSIONS_TSC - [extensions.audit]=$EXTENSIONS_AUDIT - [extensions.oscap]=$EXTENSIONS_OSCAP - [extensions.ciscat]=$EXTENSIONS_CISCAT - [extensions.aws]=$EXTENSIONS_AWS - [extensions.gcp]=$EXTENSIONS_GCP - [extensions.virustotal]=$EXTENSIONS_VIRUSTOTAL - [extensions.osquery]=$EXTENSIONS_OSQUERY - [extensions.docker]=$EXTENSIONS_DOCKER - [timeout]=$APP_TIMEOUT - [api.selector]=$API_SELECTOR - [ip.selector]=$IP_SELECTOR - [ip.ignore]=$IP_IGNORE - [wazuh.monitoring.enabled]=$WAZUH_MONITORING_ENABLED - [wazuh.monitoring.creation]=$WAZUH_MONITORING_CREATION - [wazuh.monitoring.frequency]=$WAZUH_MONITORING_FREQUENCY - [wazuh.monitoring.shards]=$WAZUH_MONITORING_SHARDS - [wazuh.monitoring.replicas]=$WAZUH_MONITORING_REPLICAS - [admin]=$ADMIN_PRIVILEGES -) - -for i in "${!CONFIG_MAP[@]}" -do - if [ "${CONFIG_MAP[$i]}" != "" ]; then - sed -i 's/.*#'"$i"'.*/'"$i"': '"${CONFIG_MAP[$i]}"'/' $kibana_config_file - fi -done - -CONFIG_CODE=$(curl ${auth} -s -o /dev/null -w "%{http_code}" -XGET $el_url/.wazuh/_doc/1513629884013) - -if [[ "x$CONFIG_CODE" != "x200" ]] && ! grep -q 1513629884013 $kibana_config_file ; then cat << EOF >> $kibana_config_file hosts: - 1513629884013: @@ -59,6 +16,3 @@ hosts: username: $api_username password: $api_password EOF -else - echo "Wazuh APP already configured" -fi diff --git a/wazuh-indexer/Dockerfile b/wazuh-indexer/Dockerfile index 17243898..bb4d533b 100644 --- a/wazuh-indexer/Dockerfile +++ b/wazuh-indexer/Dockerfile @@ -52,7 +52,9 @@ WORKDIR $INSTALL_DIR COPY config/entrypoint.sh / -RUN chmod 700 /entrypoint.sh +COPY config/securityadmin.sh / + +RUN chmod 700 /entrypoint.sh && chmod 700 /securityadmin.sh COPY --from=builder --chown=1000:1000 /debian/wazuh-indexer/usr/share/wazuh-indexer /usr/share/wazuh-indexer COPY --from=builder --chown=0:0 /tini /tini @@ -60,7 +62,9 @@ COPY --from=builder --chown=0:0 /debian/wazuh-indexer/etc/init.d/wazuh-indexer / COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/systemd /usr/lib/systemd COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/sysctl.d /usr/lib/sysctl.d COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/tmpfiles.d /usr/lib/tmpfiles.d -COPY --from=builder --chown=1000:10000 /debian/wazuh-indexer/etc/wazuh-indexer /etc/wazuh-indexer +COPY --from=builder --chown=1000:1000 /debian/wazuh-indexer/etc/wazuh-indexer /etc/wazuh-indexer +COPY config/opensearch.yml /etc/wazuh-indexer/ +RUN chmod 660 /etc/wazuh-indexer/opensearch.yml && chown 1000:1000 /etc/wazuh-indexer/opensearch.yml RUN mkdir -p /var/lib/wazuh-indexer && chown 1000:1000 /var/lib/wazuh-indexer && \ mkdir -p /usr/share/wazuh-indexer/logs && chown 1000:1000 /usr/share/wazuh-indexer/logs && \ @@ -70,7 +74,6 @@ RUN mkdir -p /var/lib/wazuh-indexer && chown 1000:1000 /var/lib/wazuh-indexer && # Services ports EXPOSE 9700 -#ENTRYPOINT [ "/entrypoint.sh" ] ENTRYPOINT ["/tini", "--", "/entrypoint.sh"] # Dummy overridable parameter parsed by entrypoint diff --git a/wazuh-indexer/config/entrypoint.sh b/wazuh-indexer/config/entrypoint.sh index 69736c1e..81ca3188 100644 --- a/wazuh-indexer/config/entrypoint.sh +++ b/wazuh-indexer/config/entrypoint.sh @@ -8,7 +8,10 @@ export USER=wazuh-indexer export INSTALLATION_DIR=/usr/share/wazuh-indexer export OPENSEARCH_PATH_CONF=/etc/wazuh-indexer export JAVA_HOME=${INSTALLATION_DIR}/jdk -export FILE=${INSTALLATION_DIR}/start +export DISCOVERY=$(grep -oP "(?<=discovery.type: ).*" /etc/wazuh-indexer/opensearch.yml) +export CACERT=$(grep -oP "(?<=plugins.security.ssl.transport.pemtrustedcas_filepath: ).*" /etc/wazuh-indexer/opensearch.yml) +export CERT="/etc/wazuh-indexer/certs/admin.pem" +export KEY="/etc/wazuh-indexer/certs/admin-key.pem" run_as_other_user_if_needed() { if [[ "$(id -u)" == "0" ]]; then @@ -26,8 +29,6 @@ run_as_other_user_if_needed() { # or simply to run /bin/bash to check the image if [[ "$1" != "opensearchwrapper" ]]; then if [[ "$(id -u)" == "0" && $(basename "$1") == "opensearch" ]]; then - # centos:7 chroot doesn't have the `--skip-chdir` option and - # changes our CWD. # Rewrite CMD args to replace $1 with `opensearch` explicitly, # so that we are backwards compatible with the docs # from the previous Elasticsearch versions<6 @@ -86,4 +87,9 @@ if [[ "$(id -u)" == "0" ]]; then fi fi +if [[ "$DISCOVERY" == "single-node" ]]; then + # run securityadmin.sh for single node + nohup /securityadmin.sh & +fi + run_as_other_user_if_needed /usr/share/wazuh-indexer/bin/opensearch <<<"$KEYSTORE_PASSWORD" \ No newline at end of file diff --git a/wazuh-indexer/config/opensearch.yml b/wazuh-indexer/config/opensearch.yml new file mode 100644 index 00000000..9793012d --- /dev/null +++ b/wazuh-indexer/config/opensearch.yml @@ -0,0 +1,36 @@ +network.host: "0.0.0.0" +node.name: "wazuh1.indexer" +http.port: 9700-9799 +transport.tcp.port: 9800-9899 +path.data: /var/lib/wazuh-indexer +path.logs: /var/log/wazuh-indexer +discovery.type: single-node +compatibility.override_main_response_version: true +############################################################################### +# # +# WARNING: Insecure demo certificates set up in this file. # +# Please change on production cluster! # +# # +############################################################################### +plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/demo-indexer.pem +plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/demo-indexer-key.pem +plugins.security.ssl.http.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem +plugins.security.ssl.transport.pemcert_filepath: /etc/wazuh-indexer/certs/demo-indexer.pem +plugins.security.ssl.transport.pemkey_filepath: /etc/wazuh-indexer/certs/demo-indexer-key.pem +plugins.security.ssl.transport.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem +plugins.security.ssl.http.enabled: true +plugins.security.ssl.transport.enforce_hostname_verification: false +plugins.security.ssl.transport.resolve_hostname: false +plugins.security.audit.type: internal_opensearch +plugins.security.authcz.admin_dn: +- "CN=admin,OU=Demo,O=Wazuh,L=California,C=US" +plugins.security.check_snapshot_restore_write_privileges: true +plugins.security.enable_snapshot_restore_privilege: true +plugins.security.nodes_dn: +- "CN=demo-indexer,OU=Demo,O=Wazuh,L=California,C=US" +plugins.security.restapi.roles_enabled: +- "all_access" +- "security_rest_api_access" +plugins.security.system_indices.enabled: true +plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opensearch-observability", ".opendistro-asynchronous-search-response*", ".replication-metadata-store"] + diff --git a/wazuh-indexer/config/securityadmin.sh b/wazuh-indexer/config/securityadmin.sh new file mode 100644 index 00000000..1fe6af34 --- /dev/null +++ b/wazuh-indexer/config/securityadmin.sh @@ -0,0 +1,2 @@ +sleep 50 +bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/ -nhnv -cacert $CACERT -cert $CERT -key $KEY -p 9800 -icl \ No newline at end of file diff --git a/wazuh-odfe/Dockerfile b/wazuh-odfe/Dockerfile index 143e1e11..c7a9cf83 100644 --- a/wazuh-odfe/Dockerfile +++ b/wazuh-odfe/Dockerfile @@ -3,12 +3,12 @@ FROM centos:7 ARG FILEBEAT_CHANNEL=filebeat-oss ARG FILEBEAT_VERSION=7.10.2 -ARG WAZUH_VERSION=4.2.5-1 +ARG WAZUH_VERSION=4.3.0-1 ARG TEMPLATE_VERSION="master" ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" # Set repositories. -RUN rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH +RUN rpm --import https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH COPY config/wazuh.repo /etc/yum.repos.d/wazuh.repo diff --git a/wazuh-odfe/config/create_user.py b/wazuh-odfe/config/create_user.py index 40a1e04d..cc492398 100644 --- a/wazuh-odfe/config/create_user.py +++ b/wazuh-odfe/config/create_user.py @@ -13,6 +13,7 @@ SPECIAL_CHARS = "@$!%*?&-_" try: + from wazuh.rbac.orm import create_rbac_db from wazuh.security import ( create_user, get_users, @@ -66,6 +67,10 @@ if __name__ == "__main__": # abort if no user file detected sys.exit(0) username, password = read_user_file() + + # create RBAC database + create_rbac_db() + initial_users = db_users() if username not in initial_users: # create a new user diff --git a/wazuh-odfe/config/wazuh.repo b/wazuh-odfe/config/wazuh.repo index e230d6a9..4b673ff0 100644 --- a/wazuh-odfe/config/wazuh.repo +++ b/wazuh-odfe/config/wazuh.repo @@ -1,7 +1,7 @@ [wazuh_repo] gpgcheck=1 -gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH +gpgkey=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH enabled=1 name=Wazuh repository -baseurl=https://packages.wazuh.com/4.x/yum/ +baseurl=https://packages-dev.wazuh.com/pre-release/yum/ protect=1 From 166b6603225fd637882ddcc7373959488fe17741 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Mon, 14 Feb 2022 12:33:04 -0300 Subject: [PATCH 023/163] docker-compose.yml configuration fixes --- docker-compose.yml | 4 +- production-cluster.yml | 107 +++++++++--------- ...cluster.yml => production-cluster_odfe.yml | 107 +++++++++--------- .../wazuh/config/wazuh-registry.json | 1 - .../wazuh/logs/wazuhapp-plain.log | 38 ------- .../wazuh_dashboard/wazuh/logs/wazuhapp.log | 38 ------- .../wazuh_indexer_ssl_certs/admin-key.pem | 28 ----- .../wazuh_indexer_ssl_certs/admin.pem | 19 ---- .../wazuh_indexer_ssl_certs/root-ca.key | 28 ----- .../wazuh_indexer_ssl_certs/root-ca.pem | 20 ---- .../wazuh.dashboard-key.pem | 28 ----- .../wazuh.dashboard.pem | 21 ---- .../wazuh.master-key.pem | 28 ----- .../wazuh_indexer_ssl_certs/wazuh.master.pem | 21 ---- .../wazuh.worker-key.pem | 28 ----- .../wazuh_indexer_ssl_certs/wazuh.worker.pem | 21 ---- .../wazuh1.indexer-key.pem | 28 ----- .../wazuh1.indexer.pem | 21 ---- .../wazuh2.indexer-key.pem | 28 ----- .../wazuh2.indexer.pem | 21 ---- .../wazuh3.indexer-key.pem | 28 ----- .../wazuh3.indexer.pem | 21 ---- wazuh-dashboard/Dockerfile | 4 + wazuh-dashboard/config/dashboard.yml | 14 ++- wazuh-dashboard/config/wazuh.yml | 7 ++ wazuh-indexer/Dockerfile | 1 + wazuh-indexer/config/config.sh | 1 + wazuh-indexer/config/entrypoint.sh | 3 +- wazuh-indexer/config/securityadmin.sh | 3 +- 29 files changed, 134 insertions(+), 583 deletions(-) rename test-cluster.yml => production-cluster_odfe.yml (61%) delete mode 100644 production_cluster/wazuh_dashboard/wazuh/config/wazuh-registry.json delete mode 100644 production_cluster/wazuh_dashboard/wazuh/logs/wazuhapp-plain.log delete mode 100644 production_cluster/wazuh_dashboard/wazuh/logs/wazuhapp.log delete mode 100755 production_cluster/wazuh_indexer_ssl_certs/admin-key.pem delete mode 100755 production_cluster/wazuh_indexer_ssl_certs/admin.pem delete mode 100755 production_cluster/wazuh_indexer_ssl_certs/root-ca.key delete mode 100755 production_cluster/wazuh_indexer_ssl_certs/root-ca.pem delete mode 100755 production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem delete mode 100755 production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem delete mode 100755 production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem delete mode 100755 production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem delete mode 100755 production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem delete mode 100755 production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem delete mode 100755 production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem delete mode 100755 production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem delete mode 100755 production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem delete mode 100755 production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem delete mode 100755 production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem delete mode 100755 production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem create mode 100644 wazuh-dashboard/config/wazuh.yml diff --git a/docker-compose.yml b/docker-compose.yml index 5ce264b9..861ffd17 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -2,9 +2,9 @@ version: '3.7' services: - wazuh: + wazuh.manager: image: wazuh/wazuh-odfe:4.3.0 - hostname: wazuh-manager + hostname: wazuh.manager restart: always ports: - "1514:1514" diff --git a/production-cluster.yml b/production-cluster.yml index ae431ba2..c2f7f3bb 100644 --- a/production-cluster.yml +++ b/production-cluster.yml @@ -2,16 +2,16 @@ version: '3.7' services: - wazuh-master: - image: wazuh/wazuh-odfe:4.3.0 - hostname: wazuh-master + wazuh.master: + image: wazuh/wazuh-odfe:4.3.0-dev + hostname: wazuh.master restart: always ports: - "1515:1515" - "514:514/udp" - "55000:55000" environment: - - ELASTICSEARCH_URL=https://wazuh-indexer:9700 + - ELASTICSEARCH_URL=https://wazuh1.indexer:9700 - ELASTIC_USERNAME=admin - ELASTIC_PASSWORD=SecretPassword - FILEBEAT_SSL_VERIFICATION_MODE=full @@ -33,16 +33,16 @@ services: - filebeat-etc:/etc/filebeat - filebeat-var:/var/lib/filebeat - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem - - ./production_cluster/wazuh_indexer_ssl_certs/filebeat.pem:/etc/ssl/filebeat.pem - - ./production_cluster/wazuh_indexer_ssl_certs/filebeat.key:/etc/ssl/filebeat.key + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem:/etc/ssl/filebeat.pem + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem:/etc/ssl/filebeat.key - ./production_cluster/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf - wazuh-worker: - image: wazuh/wazuh-odfe:4.3.0 - hostname: wazuh-worker + wazuh.worker: + image: wazuh/wazuh-odfe:4.3.0-dev + hostname: wazuh.worker restart: always environment: - - ELASTICSEARCH_URL=https://wazuh-indexer:9700 + - ELASTICSEARCH_URL=https://wazuh1.indexer:9700 - ELASTIC_USERNAME=admin - ELASTIC_PASSWORD=SecretPassword - FILEBEAT_SSL_VERIFICATION_MODE=full @@ -62,19 +62,18 @@ services: - worker-filebeat-etc:/etc/filebeat - worker-filebeat-var:/var/lib/filebeat - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem - - ./production_cluster/wazuh_indexer_ssl_certs/filebeat.pem:/etc/ssl/filebeat.pem - - ./production_cluster/wazuh_indexer_ssl_certs/filebeat.key:/etc/ssl/filebeat.key + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem:/etc/ssl/filebeat.pem + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem:/etc/ssl/filebeat.key - ./production_cluster/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf - wazuh-indexer: - image: wazuh-indexer - hostname: wazuh-indexer + wazuh1.indexer: + image: wazuh/wazuh-indexer:4.3.0 + hostname: wazuh1.indexer restart: always ports: - "9700:9700" environment: - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g" - - "NODE_TYPE=master" - "bootstrap.memory_lock=true" ulimits: memlock: @@ -86,20 +85,19 @@ services: volumes: - wazuh-indexer-data-1:/var/lib/wazuh-indexer - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer.key:/etc/wazuh-indexer/certs/wazuh-indexer.key - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer.pem:/etc/wazuh-indexer/certs/wazuh-indexer.pem + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem:/etc/wazuh-indexer/certs/wazuh1.indexer.key + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem:/etc/wazuh-indexer/certs/wazuh1.indexer.pem - ./production_cluster/wazuh_indexer_ssl_certs/admin.pem:/etc/wazuh-indexer/certs/admin.pem - - ./production_cluster/wazuh_indexer_ssl_certs/admin.key:/etc/wazuh-indexer/certs/admin-key.pem - - ./production_cluster/wazuh-indexer/opensearch-node1.yml:/etc/wazuh-indexer/opensearch.yml + - ./production_cluster/wazuh_indexer_ssl_certs/admin-key.pem:/etc/wazuh-indexer/certs/admin-key.pem + - ./production_cluster/wazuh-indexer/wazuh1.indexer.yml:/etc/wazuh-indexer/opensearch.yml - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml - wazuh-indexer-2: - image: wazuh-indexer - hostname: wazuh-indexer-2 + wazuh2.indexer: + image: wazuh/wazuh-indexer:4.3.0 + hostname: wazuh2.indexer restart: always environment: - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g" - - "NODE_TYPE=worker" - "bootstrap.memory_lock=true" ulimits: memlock: @@ -111,18 +109,17 @@ services: volumes: - wazuh-indexer-data-2:/var/lib/wazuh-indexer - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-2.key:/etc/wazuh-indexer/certs/wazuh-indexer-2.key - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-2.pem:/etc/wazuh-indexer/certs/wazuh-indexer-2.pem - - ./production_cluster/wazuh-indexer/opensearch-node2.yml:/etc/wazuh-indexer/opensearch.yml - - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem:/etc/wazuh-indexer/certs/wazuh2.indexer.key + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem:/etc/wazuh-indexer/certs/wazuh2.indexer.pem + - ./production_cluster/wazuh-indexer/wazuh2.indexer.yml:/etc/wazuh-indexer/opensearch.yml + - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml - wazuh-indexer-3: - image: wazuh-indexer - hostname: wazuh-indexer-3 + wazuh3.indexer: + image: wazuh/wazuh-indexer:4.3.0 + hostname: wazuh3.indexer restart: always environment: - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g" - - "NODE_TYPE=worker" - "bootstrap.memory_lock=true" ulimits: memlock: @@ -134,35 +131,33 @@ services: volumes: - wazuh-indexer-data-3:/var/lib/wazuh-indexer - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-3.key:/etc/wazuh-indexer/certs/wazuh-indexer-3.key - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-3.pem:/etc/wazuh-indexer/certs/wazuh-indexer-3.pem - - ./production_cluster/wazuh-indexer/opensearch-node3.yml:/etc/wazuh-indexer/opensearch.yml - - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem:/etc/wazuh-indexer/certs/wazuh3.indexer.key + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem:/etc/wazuh-indexer/certs/wazuh3.indexer.pem + - ./production_cluster/wazuh-indexer/wazuh3.indexer.yml:/etc/wazuh-indexer/opensearch.yml + - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml - kibana: + wazuh.dashboard: image: wazuh/wazuh-dashboard:4.3.0 - hostname: kibana + hostname: wazuh.dashboard restart: always ports: - 5601:5601 environment: - - ELASTICSEARCH_USERNAME=admin - - ELASTICSEARCH_PASSWORD=SecretPassword - - SERVER_SSL_ENABLED=true - - SERVER_SSL_CERTIFICATE=/etc/wazuh-dashboard/certs/cert.pem - - SERVER_SSL_KEY=/etc/wazuh-dashboard/certs/key.pem - - WAZUH_API_URL="https://wazuh-master" + - OPENSEARCH_HOSTS="https://wazuh1.indexer:9700" + - WAZUH_API_URL="https://wazuh.master" - API_USERNAME=acme-user - API_PASSWORD=MyS3cr37P450r.*- volumes: - - ./production_cluster/kibana_ssl/cert.pem:/etc/wazuh-dashboard/certs/cert.pem - - ./production_cluster/kibana_ssl/key.pem:/etc/wazuh-dashboard/certs/key.pem - + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/etc/wazuh-dashboard/certs/wazuh-dashboard.pem + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/etc/wazuh-dashboard/certs/wazuh-dashboard-key.pem + - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-dashboard/certs/root-ca.pem + - ./production_cluster/wazuh_dashboard/dashboard.yml:/etc/wazuh-dashboard/dashboard.yml + - ./production_cluster/wazuh_dashboard/wazuh:/usr/share/wazuh-dashboard/data/wazuh depends_on: - - wazuh-indexer + - wazuh1.indexer links: - - wazuh-indexer:wazuh-indexer - - wazuh-master:wazuh-master + - wazuh1.indexer:wazuh1.indexer + - wazuh.master:wazuh.master nginx: image: nginx:stable @@ -173,13 +168,13 @@ services: - "443:443" - "1514:1514" depends_on: - - wazuh-master - - wazuh-worker - - kibana + - wazuh.master + - wazuh.worker + - wazuh.dashboard links: - - wazuh-master:wazuh-master - - wazuh-worker:wazuh-worker - - kibana:kibana + - wazuh.master:wazuh.master + - wazuh.worker:wazuh.worker + - wazuh.dashboard:wazuh.dashboard volumes: - ./production_cluster/nginx/nginx.conf:/etc/nginx/nginx.conf:ro - ./production_cluster/nginx/ssl:/etc/nginx/ssl:ro diff --git a/test-cluster.yml b/production-cluster_odfe.yml similarity index 61% rename from test-cluster.yml rename to production-cluster_odfe.yml index c2f7f3bb..ae431ba2 100644 --- a/test-cluster.yml +++ b/production-cluster_odfe.yml @@ -2,16 +2,16 @@ version: '3.7' services: - wazuh.master: - image: wazuh/wazuh-odfe:4.3.0-dev - hostname: wazuh.master + wazuh-master: + image: wazuh/wazuh-odfe:4.3.0 + hostname: wazuh-master restart: always ports: - "1515:1515" - "514:514/udp" - "55000:55000" environment: - - ELASTICSEARCH_URL=https://wazuh1.indexer:9700 + - ELASTICSEARCH_URL=https://wazuh-indexer:9700 - ELASTIC_USERNAME=admin - ELASTIC_PASSWORD=SecretPassword - FILEBEAT_SSL_VERIFICATION_MODE=full @@ -33,16 +33,16 @@ services: - filebeat-etc:/etc/filebeat - filebeat-var:/var/lib/filebeat - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem:/etc/ssl/filebeat.pem - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem:/etc/ssl/filebeat.key + - ./production_cluster/wazuh_indexer_ssl_certs/filebeat.pem:/etc/ssl/filebeat.pem + - ./production_cluster/wazuh_indexer_ssl_certs/filebeat.key:/etc/ssl/filebeat.key - ./production_cluster/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf - wazuh.worker: - image: wazuh/wazuh-odfe:4.3.0-dev - hostname: wazuh.worker + wazuh-worker: + image: wazuh/wazuh-odfe:4.3.0 + hostname: wazuh-worker restart: always environment: - - ELASTICSEARCH_URL=https://wazuh1.indexer:9700 + - ELASTICSEARCH_URL=https://wazuh-indexer:9700 - ELASTIC_USERNAME=admin - ELASTIC_PASSWORD=SecretPassword - FILEBEAT_SSL_VERIFICATION_MODE=full @@ -62,18 +62,19 @@ services: - worker-filebeat-etc:/etc/filebeat - worker-filebeat-var:/var/lib/filebeat - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem:/etc/ssl/filebeat.pem - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem:/etc/ssl/filebeat.key + - ./production_cluster/wazuh_indexer_ssl_certs/filebeat.pem:/etc/ssl/filebeat.pem + - ./production_cluster/wazuh_indexer_ssl_certs/filebeat.key:/etc/ssl/filebeat.key - ./production_cluster/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf - wazuh1.indexer: - image: wazuh/wazuh-indexer:4.3.0 - hostname: wazuh1.indexer + wazuh-indexer: + image: wazuh-indexer + hostname: wazuh-indexer restart: always ports: - "9700:9700" environment: - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g" + - "NODE_TYPE=master" - "bootstrap.memory_lock=true" ulimits: memlock: @@ -85,19 +86,20 @@ services: volumes: - wazuh-indexer-data-1:/var/lib/wazuh-indexer - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem:/etc/wazuh-indexer/certs/wazuh1.indexer.key - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem:/etc/wazuh-indexer/certs/wazuh1.indexer.pem + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer.key:/etc/wazuh-indexer/certs/wazuh-indexer.key + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer.pem:/etc/wazuh-indexer/certs/wazuh-indexer.pem - ./production_cluster/wazuh_indexer_ssl_certs/admin.pem:/etc/wazuh-indexer/certs/admin.pem - - ./production_cluster/wazuh_indexer_ssl_certs/admin-key.pem:/etc/wazuh-indexer/certs/admin-key.pem - - ./production_cluster/wazuh-indexer/wazuh1.indexer.yml:/etc/wazuh-indexer/opensearch.yml + - ./production_cluster/wazuh_indexer_ssl_certs/admin.key:/etc/wazuh-indexer/certs/admin-key.pem + - ./production_cluster/wazuh-indexer/opensearch-node1.yml:/etc/wazuh-indexer/opensearch.yml - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml - wazuh2.indexer: - image: wazuh/wazuh-indexer:4.3.0 - hostname: wazuh2.indexer + wazuh-indexer-2: + image: wazuh-indexer + hostname: wazuh-indexer-2 restart: always environment: - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g" + - "NODE_TYPE=worker" - "bootstrap.memory_lock=true" ulimits: memlock: @@ -109,17 +111,18 @@ services: volumes: - wazuh-indexer-data-2:/var/lib/wazuh-indexer - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem:/etc/wazuh-indexer/certs/wazuh2.indexer.key - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem:/etc/wazuh-indexer/certs/wazuh2.indexer.pem - - ./production_cluster/wazuh-indexer/wazuh2.indexer.yml:/etc/wazuh-indexer/opensearch.yml - - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-2.key:/etc/wazuh-indexer/certs/wazuh-indexer-2.key + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-2.pem:/etc/wazuh-indexer/certs/wazuh-indexer-2.pem + - ./production_cluster/wazuh-indexer/opensearch-node2.yml:/etc/wazuh-indexer/opensearch.yml + - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml - wazuh3.indexer: - image: wazuh/wazuh-indexer:4.3.0 - hostname: wazuh3.indexer + wazuh-indexer-3: + image: wazuh-indexer + hostname: wazuh-indexer-3 restart: always environment: - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g" + - "NODE_TYPE=worker" - "bootstrap.memory_lock=true" ulimits: memlock: @@ -131,33 +134,35 @@ services: volumes: - wazuh-indexer-data-3:/var/lib/wazuh-indexer - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem:/etc/wazuh-indexer/certs/wazuh3.indexer.key - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem:/etc/wazuh-indexer/certs/wazuh3.indexer.pem - - ./production_cluster/wazuh-indexer/wazuh3.indexer.yml:/etc/wazuh-indexer/opensearch.yml - - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-3.key:/etc/wazuh-indexer/certs/wazuh-indexer-3.key + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-3.pem:/etc/wazuh-indexer/certs/wazuh-indexer-3.pem + - ./production_cluster/wazuh-indexer/opensearch-node3.yml:/etc/wazuh-indexer/opensearch.yml + - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml - wazuh.dashboard: + kibana: image: wazuh/wazuh-dashboard:4.3.0 - hostname: wazuh.dashboard + hostname: kibana restart: always ports: - 5601:5601 environment: - - OPENSEARCH_HOSTS="https://wazuh1.indexer:9700" - - WAZUH_API_URL="https://wazuh.master" + - ELASTICSEARCH_USERNAME=admin + - ELASTICSEARCH_PASSWORD=SecretPassword + - SERVER_SSL_ENABLED=true + - SERVER_SSL_CERTIFICATE=/etc/wazuh-dashboard/certs/cert.pem + - SERVER_SSL_KEY=/etc/wazuh-dashboard/certs/key.pem + - WAZUH_API_URL="https://wazuh-master" - API_USERNAME=acme-user - API_PASSWORD=MyS3cr37P450r.*- volumes: - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/etc/wazuh-dashboard/certs/wazuh-dashboard.pem - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/etc/wazuh-dashboard/certs/wazuh-dashboard-key.pem - - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-dashboard/certs/root-ca.pem - - ./production_cluster/wazuh_dashboard/dashboard.yml:/etc/wazuh-dashboard/dashboard.yml - - ./production_cluster/wazuh_dashboard/wazuh:/usr/share/wazuh-dashboard/data/wazuh + - ./production_cluster/kibana_ssl/cert.pem:/etc/wazuh-dashboard/certs/cert.pem + - ./production_cluster/kibana_ssl/key.pem:/etc/wazuh-dashboard/certs/key.pem + depends_on: - - wazuh1.indexer + - wazuh-indexer links: - - wazuh1.indexer:wazuh1.indexer - - wazuh.master:wazuh.master + - wazuh-indexer:wazuh-indexer + - wazuh-master:wazuh-master nginx: image: nginx:stable @@ -168,13 +173,13 @@ services: - "443:443" - "1514:1514" depends_on: - - wazuh.master - - wazuh.worker - - wazuh.dashboard + - wazuh-master + - wazuh-worker + - kibana links: - - wazuh.master:wazuh.master - - wazuh.worker:wazuh.worker - - wazuh.dashboard:wazuh.dashboard + - wazuh-master:wazuh-master + - wazuh-worker:wazuh-worker + - kibana:kibana volumes: - ./production_cluster/nginx/nginx.conf:/etc/nginx/nginx.conf:ro - ./production_cluster/nginx/ssl:/etc/nginx/ssl:ro diff --git a/production_cluster/wazuh_dashboard/wazuh/config/wazuh-registry.json b/production_cluster/wazuh_dashboard/wazuh/config/wazuh-registry.json deleted file mode 100644 index 5c393051..00000000 --- a/production_cluster/wazuh_dashboard/wazuh/config/wazuh-registry.json +++ /dev/null @@ -1 +0,0 @@ -{"name":"Wazuh App","app-version":"4.3.0","revision":"4301-0","installationDate":"2022-02-10T13:49:45.182Z","lastRestart":"2022-02-10T13:49:45.182Z","hosts":{"default":{"cluster_info":{"status":"enabled","manager":"wazuh.master","node":"manager","cluster":"wazuh"},"extensions":{"pci":true,"gdpr":true,"hipaa":true,"nist":true,"tsc":true,"audit":true,"oscap":false,"ciscat":false,"aws":false,"office":false,"github":false,"gcp":false,"virustotal":false,"osquery":false,"docker":false}}}} \ No newline at end of file diff --git a/production_cluster/wazuh_dashboard/wazuh/logs/wazuhapp-plain.log b/production_cluster/wazuh_dashboard/wazuh/logs/wazuhapp-plain.log deleted file mode 100644 index 67e659fb..00000000 --- a/production_cluster/wazuh_dashboard/wazuh/logs/wazuhapp-plain.log +++ /dev/null @@ -1,38 +0,0 @@ -info: 2022/02/10 13:49:44: initialize: Kibana index: .kibana -info: 2022/02/10 13:49:44: initialize: App revision: 4301-0 -info: 2022/02/10 13:49:44: initialize: Total RAM: 11928MB -error: 2022/02/10 13:49:45: initialize:checkKibanaStatus: Could not check if the index .wazuh exists due to no permissions for create, delete or check -error: 2022/02/10 13:55:0: cron-scheduler|SaveDocument: resource_already_exists_exception -info: 2022/02/10 18:35:47: initialize: Kibana index: .kibana -info: 2022/02/10 18:35:47: initialize: App revision: 4301-0 -info: 2022/02/10 18:35:47: initialize: Total RAM: 11928MB -error: 2022/02/10 18:35:47: initialize:checkKibanaStatus: Could not check if the index .wazuh exists due to no permissions for create, delete or check -error: 2022/02/10 18:40:0: cron-scheduler|SaveDocument: resource_already_exists_exception -info: 2022/02/10 18:42:13: initialize: Kibana index: .kibana -info: 2022/02/10 18:42:13: initialize: App revision: 4301-0 -info: 2022/02/10 18:42:13: initialize: Total RAM: 11928MB -error: 2022/02/10 18:42:14: initialize:checkKibanaStatus: Could not check if the index .wazuh exists due to no permissions for create, delete or check -error: 2022/02/10 18:45:0: cron-scheduler|SaveDocument: resource_already_exists_exception -info: 2022/02/10 20:23:3: initialize: Kibana index: .kibana -info: 2022/02/10 20:23:3: initialize: App revision: 4301-0 -info: 2022/02/10 20:23:3: initialize: Total RAM: 11928MB -error: 2022/02/10 20:23:4: initialize:checkKibanaStatus: Could not check if the index .wazuh exists due to no permissions for create, delete or check -error: 2022/02/10 20:25:0: cron-scheduler|SaveDocument: resource_already_exists_exception -info: 2022/02/11 18:48:39: initialize: Kibana index: .kibana -info: 2022/02/11 18:48:39: initialize: App revision: 4301-0 -info: 2022/02/11 18:48:39: initialize: Total RAM: 11928MB -error: 2022/02/11 18:48:40: initialize:checkKibanaStatus: Could not check if the index .wazuh exists due to no permissions for create, delete or check -error: 2022/02/11 18:50:1: cron-scheduler|SaveDocument: resource_already_exists_exception -info: 2022/02/11 19:23:22: initialize: Kibana index: .kibana -info: 2022/02/11 19:23:22: initialize: App revision: 4301-0 -info: 2022/02/11 19:23:22: initialize: Total RAM: 11928MB -error: 2022/02/11 19:23:23: initialize:checkKibanaStatus: Could not check if the index .wazuh exists due to no permissions for create, delete or check -error: 2022/02/11 19:25:0: cron-scheduler|SaveDocument: resource_already_exists_exception -info: 2022/02/11 19:27:28: initialize: Kibana index: .kibana -info: 2022/02/11 19:27:28: initialize: App revision: 4301-0 -info: 2022/02/11 19:27:28: initialize: Total RAM: 11928MB -error: 2022/02/11 19:27:28: initialize:checkKibanaStatus: Could not check if the index .wazuh exists due to no permissions for create, delete or check -info: 2022/02/11 19:31:58: initialize: Kibana index: .kibana -info: 2022/02/11 19:31:58: initialize: App revision: 4301-0 -info: 2022/02/11 19:31:58: initialize: Total RAM: 11928MB -error: 2022/02/11 19:31:59: initialize:checkKibanaStatus: Could not check if the index .wazuh exists due to no permissions for create, delete or check diff --git a/production_cluster/wazuh_dashboard/wazuh/logs/wazuhapp.log b/production_cluster/wazuh_dashboard/wazuh/logs/wazuhapp.log deleted file mode 100644 index fffe806c..00000000 --- a/production_cluster/wazuh_dashboard/wazuh/logs/wazuhapp.log +++ /dev/null @@ -1,38 +0,0 @@ -{"date":"2022-02-10T13:49:44.661Z","level":"info","location":"initialize","message":"Kibana index: .kibana"} -{"date":"2022-02-10T13:49:44.661Z","level":"info","location":"initialize","message":"App revision: 4301-0"} -{"date":"2022-02-10T13:49:44.661Z","level":"info","location":"initialize","message":"Total RAM: 11928MB"} -{"date":"2022-02-10T13:49:45.077Z","level":"error","location":"initialize:checkKibanaStatus","message":"Could not check if the index .wazuh exists due to no permissions for create, delete or check"} -{"date":"2022-02-10T13:55:00.999Z","level":"error","location":"cron-scheduler|SaveDocument","message":"resource_already_exists_exception"} -{"date":"2022-02-10T18:35:47.009Z","level":"info","location":"initialize","message":"Kibana index: .kibana"} -{"date":"2022-02-10T18:35:47.010Z","level":"info","location":"initialize","message":"App revision: 4301-0"} -{"date":"2022-02-10T18:35:47.010Z","level":"info","location":"initialize","message":"Total RAM: 11928MB"} -{"date":"2022-02-10T18:35:47.242Z","level":"error","location":"initialize:checkKibanaStatus","message":"Could not check if the index .wazuh exists due to no permissions for create, delete or check"} -{"date":"2022-02-10T18:40:00.559Z","level":"error","location":"cron-scheduler|SaveDocument","message":"resource_already_exists_exception"} -{"date":"2022-02-10T18:42:13.894Z","level":"info","location":"initialize","message":"Kibana index: .kibana"} -{"date":"2022-02-10T18:42:13.894Z","level":"info","location":"initialize","message":"App revision: 4301-0"} -{"date":"2022-02-10T18:42:13.894Z","level":"info","location":"initialize","message":"Total RAM: 11928MB"} -{"date":"2022-02-10T18:42:14.231Z","level":"error","location":"initialize:checkKibanaStatus","message":"Could not check if the index .wazuh exists due to no permissions for create, delete or check"} -{"date":"2022-02-10T18:45:00.330Z","level":"error","location":"cron-scheduler|SaveDocument","message":"resource_already_exists_exception"} -{"date":"2022-02-10T20:23:03.443Z","level":"info","location":"initialize","message":"Kibana index: .kibana"} -{"date":"2022-02-10T20:23:03.443Z","level":"info","location":"initialize","message":"App revision: 4301-0"} -{"date":"2022-02-10T20:23:03.443Z","level":"info","location":"initialize","message":"Total RAM: 11928MB"} -{"date":"2022-02-10T20:23:04.136Z","level":"error","location":"initialize:checkKibanaStatus","message":"Could not check if the index .wazuh exists due to no permissions for create, delete or check"} -{"date":"2022-02-10T20:25:00.975Z","level":"error","location":"cron-scheduler|SaveDocument","message":"resource_already_exists_exception"} -{"date":"2022-02-11T18:48:39.186Z","level":"info","location":"initialize","message":"Kibana index: .kibana"} -{"date":"2022-02-11T18:48:39.187Z","level":"info","location":"initialize","message":"App revision: 4301-0"} -{"date":"2022-02-11T18:48:39.187Z","level":"info","location":"initialize","message":"Total RAM: 11928MB"} -{"date":"2022-02-11T18:48:40.305Z","level":"error","location":"initialize:checkKibanaStatus","message":"Could not check if the index .wazuh exists due to no permissions for create, delete or check"} -{"date":"2022-02-11T18:50:01.075Z","level":"error","location":"cron-scheduler|SaveDocument","message":"resource_already_exists_exception"} -{"date":"2022-02-11T19:23:22.847Z","level":"info","location":"initialize","message":"Kibana index: .kibana"} -{"date":"2022-02-11T19:23:22.848Z","level":"info","location":"initialize","message":"App revision: 4301-0"} -{"date":"2022-02-11T19:23:22.848Z","level":"info","location":"initialize","message":"Total RAM: 11928MB"} -{"date":"2022-02-11T19:23:23.646Z","level":"error","location":"initialize:checkKibanaStatus","message":"Could not check if the index .wazuh exists due to no permissions for create, delete or check"} -{"date":"2022-02-11T19:25:00.244Z","level":"error","location":"cron-scheduler|SaveDocument","message":"resource_already_exists_exception"} -{"date":"2022-02-11T19:27:28.476Z","level":"info","location":"initialize","message":"Kibana index: .kibana"} -{"date":"2022-02-11T19:27:28.477Z","level":"info","location":"initialize","message":"App revision: 4301-0"} -{"date":"2022-02-11T19:27:28.477Z","level":"info","location":"initialize","message":"Total RAM: 11928MB"} -{"date":"2022-02-11T19:27:28.862Z","level":"error","location":"initialize:checkKibanaStatus","message":"Could not check if the index .wazuh exists due to no permissions for create, delete or check"} -{"date":"2022-02-11T19:31:58.941Z","level":"info","location":"initialize","message":"Kibana index: .kibana"} -{"date":"2022-02-11T19:31:58.942Z","level":"info","location":"initialize","message":"App revision: 4301-0"} -{"date":"2022-02-11T19:31:58.942Z","level":"info","location":"initialize","message":"Total RAM: 11928MB"} -{"date":"2022-02-11T19:31:59.543Z","level":"error","location":"initialize:checkKibanaStatus","message":"Could not check if the index .wazuh exists due to no permissions for create, delete or check"} diff --git a/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem b/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem deleted file mode 100755 index 899e6c99..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCo1YF2VM0TNhlh -0u3N0nhXwNMb9K0w/HPqTB310WfBEkafjN18VtUevrXzYmq11+vaGFLvzPSr5O8u -tXCKYP6yeaU8JEjvtrj7N/xo1CIeCJmcGcq8jYCWKBp+PCqWu3KHaLgLLp3f7xd3 -s+7E2iJ/XAqRdMTHIjNWet+ka4AHsbpile+7VkvHNpCKwX84+Nh+wXlB4EQ6Glkl -qHgyAqqJvnGBESN0D0aGzfL8vmWUqUd2oxlZcA+cJAoEAhgr1wNQZ6K+N5qrqvOn -nvQsltHhqJu4nV9+KaeIORYUliEJKbVa0KvU1BvBY4W/63gtJ4NshXhSW1Mvh31/ -XfEt20olAgMBAAECggEAIdSGWHutjAfvFhb556Ag1RSiOJvSiFpNr8kIx9TqAVn0 -JMxJJT0Q/1QfiWFTGJTngZAWLk7XSApbkvRwVIoS/xg479AlfUMT1eLmBOtc2r/G -Z+0THq0L8wqeJGVR81okHNXy6uqwX8q83ROE6JT9DKAYzgSj2XMU7mM4pO2VffTf -eI39G20wUYqj6lroebs4kIRxqdAasMq80PZO63q/lzR4xya3Wq9ZS3aoNBGoSieN -4p6Dhyn/x8QRBWX9AXx/KrQpSgkBBtBuxllY15tuXZWTL+LENmceRZb/5WgalypN -wGnS5mt8bEvJ3KPqmWqvpYcgACYGE3OEgBB37jlekQKBgQDcxmH5oo7yxdAMAym3 -gjseyPd8y+ZATc4k3zaSODuHBKnQ2viwFA6UNjvnw2DfvAVVpzHijxJ+ljMIs+ky -9KX9mHn4jS94JRcyzkXseoHuSPisQfL87/q9JYc0+xssCRnFJ6Ix5FG814q5sQRl -aNrCT9jUy9b3JpyMewprgU1BGwKBgQDDxZSe9+fKkL5KupzzDoy1+Ohuz03oxPgc -9zykXJ7rpmAwInq7Pi+Pt0SKbh6qf9O+dXLPSB0FkKqTffehTrYd/Cv4DFZxSVYe -wfPAy6ci5PNK+wiAedgdDpxAJWktoEnbj5fWVokFekHKaY5FlQU6cNYD138DgG0W -OGV1AymVvwKBgBurqZ/2JeB7toWq59GeOvayzYIQtD0fA1VPvLE65wsXJImOyFiZ -SvJ8kamMrVmdYTXJDNGOiQzgmmje072VODC+qZrjZy2xyGSPwefPuvU4pCJC6ceV -9GE8kOOtDUzJnzc8rnF+Ylg+055Od3SWXcS46T5ShhDYAAsDaNzsidg9AoGARK9A -Slmtn/sSWEOKpxfWtE1ktuPScLUSW48+XmgEdabEnn6qUqEprKFe0bZ62dTJJEwu -gJzLWdV8kwyh4Z0s9e4wOvGRLmPNbDMd4ulQdUSgOxFB1VlqQh+LIFI/yXswDnEd -k1x+7EYNaQeJm84BrJRD8cscS801+JLGvbvjTh8CgYEA3FHIxw+ypuAonCbtjTO8 -KHV0k1pz1Y9OTJmtQLGz6miAgYCfgEKDTzLjtpAbdkE5k3mo3ohewNhYoJ2g+Vn8 -HXPjbT7cGfao92L2CiTCDmAGHdNB/6O00n7JM4t8C41xWqWBLB3LyPJnEqIzLDyZ -n9Rfm4m1kT+8hRHHkXrKEbM= ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/admin.pem b/production_cluster/wazuh_indexer_ssl_certs/admin.pem deleted file mode 100755 index ccbcd64e..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/admin.pem +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDDDCCAfQCFER31N2NjvzM7/qZfPeyucBce01CMA0GCSqGSIb3DQEBCwUAMDQx -DTALBgNVBAsMBERvY3UxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApDYWxpZm9y -bmlhMB4XDTIyMDIwNzIwMjg0NFoXDTMyMDIwNTIwMjg0NFowUTELMAkGA1UEBhMC -VVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ0wCwYDVQQL -DAREb2N1MQ4wDAYDVQQDDAVhZG1pbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC -AQoCggEBAKjVgXZUzRM2GWHS7c3SeFfA0xv0rTD8c+pMHfXRZ8ESRp+M3XxW1R6+ -tfNiarXX69oYUu/M9Kvk7y61cIpg/rJ5pTwkSO+2uPs3/GjUIh4ImZwZyryNgJYo -Gn48Kpa7codouAsund/vF3ez7sTaIn9cCpF0xMciM1Z636RrgAexumKV77tWS8c2 -kIrBfzj42H7BeUHgRDoaWSWoeDICqom+cYERI3QPRobN8vy+ZZSpR3ajGVlwD5wk -CgQCGCvXA1Bnor43mquq86ee9CyW0eGom7idX34pp4g5FhSWIQkptVrQq9TUG8Fj -hb/reC0ng2yFeFJbUy+HfX9d8S3bSiUCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEA -Rny6jig0H/r/ZxZ6Cd1sPYdKQM5NuBYRyY4sc0l6i0Y2o3tJdlLoYxuxgampTgOa -97t+4H1htfuN5LEZQqIF6sY0xX/3N6m9IMBmE2AYOKXlwInkULg+kg5WBYgqNqd6 -e55OasF8VXwsuIVX+mC4lKRlbXDMScC73BlxEtRuOLxPy3UulrvITP3EdptFHHoP -jn6rOvYRQnY9wR4SOAJBofYMhU6kV8zF/bqB3ioxEtnPZhkJeyIb89DkasJaP3FJ -rtjMJb8cyXd5FHGEy8nhIssyUKbTccfnNe29XGCJLfteP8BExFaXLyChMAzhreR/ -h6svqSo4iiviJKIuDcz5pQ== ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/root-ca.key b/production_cluster/wazuh_indexer_ssl_certs/root-ca.key deleted file mode 100755 index 2791e1e4..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/root-ca.key +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC55KbINhOX1rTi -vzO23qd8k1K89GBHtssv0J4q2IM2WTG7V4BmSWe+HiUsPSIzY+07O+sSHoTNkxqb -OcHEovx0ACVsZ9LlxXLu/GDz9p5N3JROQov3W3rjFUaIFJvOADIm/+0zhS6p6wdJ -zNAwf2rDrE58gXKunPU/njwoB4kkAjYYnYZi1t9aBUjJTIX6t9amqD+/Z7MM9Jt1 -Va3gdL9fkHu6ko2fW9rTnyBwtl/a3jW0dQBS6EPHOLbWsxmYIcKfeG4nIR6RJYbP -oMDWIUlTCaZ2FSpG8IsTR4BMAbDQp/M7UL5YPLevg6CcnQIYaxuth9CdVMVCn9Bc -TSA5nSPjAgMBAAECggEBAI1zlQmyRHR814XW8nYLtSzROds4pW7MhI5s035M5INd -mb8xlS3AW6XKcITaPAUY27MAJB7UhD+d2VgWugBz+WAXoGJ+GnfnKE78UpYxqkIb -P+rRLopZ3Qeg79uquuglNASDKC7VAC4h/pjEtgLBYi9lFRAevHJsUx5GvQXEvjFc -BNf9AXHF5O4LTzcGZ+mgYlAFxQjDrnbQuEQ6mhkESViuDbZcP9kExed5q0T+TcY3 -xlLgHoQMH1FnyxzYyNdgwO5t/j7WNYck/djFB3DT0FAp0QsENOH+2g95wfiASF60 -NRt4fsC6IZXj1LTR5qC9u32QpMbu0QBWnq8ZBLdi8tECgYEA50Wk9MDZTSe6VMwV -3GiyYM+hf8Em270mzQRBsIEd3uJQ2r6iZ4uBK+m39FARq8S60fCe/OgHJ4EbbkhV -b1nrVbtItUTOBAwa5mNkCsN/tKG9NEHO8CZOYv95+mrqCB+ZBb0s3m3w+mZ1RQcc -0up3xQHI8jQ5dT4MjWEH16Ldj+sCgYEAzcTmpVIYzjjiBieY5CnWIVYNm6P2ZlUM -o7DLjhoKe/NognaxyAlZFvepsLs7+NYKBxZlHdQHlsKqrS8QXKuuK/e5hrSakdG6 -OgL/N2+66JaySEz691CI9hddyohepRvKP4113B7WWeglChZOXfPC04ZuCnZ/LyXJ -FKNgkuyctekCgYEAn7Ihk7hO1M4oBkHenpHVCrCU7iir8nQMhOj5iy29OJjCCCo2 -7pUQHwiGM7fOW/O+pRUoU67MseSe0mo0RG2s6UgnjrPyJi1NreTXwe75EfvVMG54 -vK9W1VlgGyEUdYOMIMBeaUE1c1Koi3+70ZCCH5F59nVFb8Xm2QE1bxtRLv0CgYAE -a7aI1rqxs4cnmrIuNLfk/3RLY7pneGxNF/9HjkerYg9cvjATnB/N3oRGx78CGZcd -j92cRnHjS0tfbSNs2kNjrm7N9hNcDqVxmZ7iEgRx+srZws2hgplusBHTyBpAcdhm -hSODFyaDx/kDvnbwjcwhv0Gd9+3DlYw8ZUYt4ed8AQKBgQCt6/C+s1bUB981pYYf -0TDDxxQE2CIAJHHrAZ1SSnlj0smt79Xj+3RboClfDwtLLpFFbCfPY9LyLgeBbIq1 -9Tol1lnHkEfhuTI/0Uua6u2uNVbjhqZTXsogvPZjro3BwXiksN7nQp5w5LdqSMF5 -VNv0RDik3Sy2OmfoJ7dn+DJBWA== ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem b/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem deleted file mode 100755 index a8a28794..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDSTCCAjGgAwIBAgIUUZPpFmFeaHka2OJkT1JS1QIVAhIwDQYJKoZIhvcNAQEL -BQAwNDENMAsGA1UECwwERG9jdTEOMAwGA1UECgwFV2F6dWgxEzARBgNVBAcMCkNh -bGlmb3JuaWEwHhcNMjIwMjA3MjAyODQ0WhcNMzIwMjA1MjAyODQ0WjA0MQ0wCwYD -VQQLDAREb2N1MQ4wDAYDVQQKDAVXYXp1aDETMBEGA1UEBwwKQ2FsaWZvcm5pYTCC -ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALnkpsg2E5fWtOK/M7bep3yT -Urz0YEe2yy/QnirYgzZZMbtXgGZJZ74eJSw9IjNj7Ts76xIehM2TGps5wcSi/HQA -JWxn0uXFcu78YPP2nk3clE5Ci/dbeuMVRogUm84AMib/7TOFLqnrB0nM0DB/asOs -TnyBcq6c9T+ePCgHiSQCNhidhmLW31oFSMlMhfq31qaoP79nswz0m3VVreB0v1+Q -e7qSjZ9b2tOfIHC2X9reNbR1AFLoQ8c4ttazGZghwp94bichHpElhs+gwNYhSVMJ -pnYVKkbwixNHgEwBsNCn8ztQvlg8t6+DoJydAhhrG62H0J1UxUKf0FxNIDmdI+MC -AwEAAaNTMFEwHQYDVR0OBBYEFBHZ961QUsmPGJ+Jt0gfyZY4ShnSMB8GA1UdIwQY -MBaAFBHZ961QUsmPGJ+Jt0gfyZY4ShnSMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI -hvcNAQELBQADggEBAKKny1ai5hpd93ZMVO8ryVhDX3NiZTSR5cYwIFuHLcQsLkuc -Su4vhAOGtkm1bWhiu64VveOQXLy9M3qCXVL5q8YJIb9CUBh6emrGaykKFSLY6M8+ -ZuESTcJzdznq9dU8gLr0rsXUZFajMFtiLrNERg25GFQPutnu1t9E8uKnfoNV4EFe -eNpkrTMt+ioPh1Xpn7WjU//974E4wGtl+wnqM4hqPcjYY4F4X7GBtKnhvQSwqp4D -Po36mhNbqRwfQYq/QQRbQN+9wMU4DtssttY4C63a1nRUhXvnFMnkserXptq+g1yc -YJCNtUjb4xcj74+HRuQFKeK07QcRThw8YLYnLS0= ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem deleted file mode 100755 index 9296b786..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC17C9oygkP7enG -0t8902Zo5JjN9VbGEePZg1kLViPFOcX/TYkDUt74xJAE+vvdGiWfoTKJYKYj9p5z -MzTQYo/39/iRrLiOenVWjrZmN8VnPsuiEL4D+pLr3832+yG/JneVjERrqs/iD/Lm -QJbCjGG3ZwiaEpPE/tT77cAN0MwjHY0qoHa4/MJwN/6AZdTg683go1Bo3+lVtWK9 -jtO8eXKlPyypr/6NL6kagHBEzw2V7F7fRZ1wDvxcVcX6tsWBtBGJRdgJ4VLoD2wT -T0kNMc4vX9IMhCwfsr+8rGyXWCzX1298drulbQjFXzQlD69bloOmENS3h4V/jE+Y -YrsiACwlAgMBAAECggEAFYNWn+e0ZqPVz2NEbwU+yQyvXTu0BTw8W46CyypmlH4e -gfBjUXdNUtG7zjr36c+bv2LKnSBGxV32otzdU/8z0zkJtgBc2sx0b8X0n+XcfDca -0ZF1RvcsxKP0sU5FUVt1LMQnmyvZ5XvJV50vttXvAEc45y9nNhaEjT4yRe/5E/XJ -fmUzPuZSn8Z+c+HXvWTddMlSD8tqSTc2lkrsfaJSoamp/USVXPNJNac1l+M0YUlm -M4TDjkKLi2hLbRLgG+ZrvpcRpyrDQsw8hYZkrZvRywSQX+eTkLdGwOwNJIs8Y3pQ -Oz0d8iAbH1qFo9s16/I7YhTBAANY3jcsqMxhugemQQKBgQDntVP4K3ZkbQTBCv4E -W1FeMhNuo9kzm3oj0/UucFjEln9pMCaB8EGKdtIW7GFChgUwucL1Nj20cFxmlXQX -tky7/xMIt+EBVICSY4txi+asHsqBQkCoK2Q/qgt3Z7ORtvOeNn6aEbfuOr5r7qf/ -hvgundkUN12UibWqc9f1dTCSqQKBgQDI/rCo9oQBMEkIqR/RE1uUsISwYfJb/bMo -zBXjHYZ5/88JNUYDmSSeHOVGBLLjSqRGGP4HuKh1o9ZDzSuEaZxUYiLyQroDCkrk -doXd2ODrzFOq4vk12z2KCr2PweW2++/I5d3uNC0q8YCTahr+RuevmKFaeMDNskDI -KGfOg5t3HQKBgDh668/3kDFknZ8MteSL+eaTIEd86wn4YSpwlThPrGOnJ8GVOh28 -Wc2NryJlVkPn9UXuUgaBxULBjNR4o8bP6h59S795SwCO/5QvbaMs7fqQut4NL0OO -6C3Ynljpz0y6ouGy+ONHZGVOrnISx6Ky3LZIRcz2vfniI4U8Ha04drGZAoGAI4rO -KIK3IxKrx4lIpAsdRbTVMe+QEO5S8SLtt+SvtAElVkaCY/5/uCn57SDFlWXMmMyw -lyLzPyJCsGimilq2l0FnVpmwFPuL9Mx0rZ89XtUZ8n0CfqCPSErP7IzoFyyD4W2s -igPV/OMJzoeT0GUvcSC3X608wuMDi6GBgcZKBo0CgYEA3OCz4QJgP5rlxqhv4VhB -H71p/oalckrmIytq2V2j1/8EVf7jPWLOxsw0Q+8DL/2tdBI+QLSPA40LCLtNlb3J -Lbyrav+RyVAwa1C27NdqZ2yZ2xF5iSIbkENHB2QxNkmaVsoSDX2j5fyQhnM+CTEe -IRLfssBnG1/KgfL2PyO8drQ= ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem deleted file mode 100755 index 45106ff4..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDdDCCAlygAwIBAgIURHfU3Y2O/Mzv+pl897K5wFx7TUgwDQYJKoZIhvcNAQEL -BQAwNDENMAsGA1UECwwERG9jdTEOMAwGA1UECgwFV2F6dWgxEzARBgNVBAcMCkNh -bGlmb3JuaWEwHhcNMjIwMjA3MjAyODQ0WhcNMzIwMjA1MjAyODQ0WjBbMQswCQYD -VQQGEwJVUzETMBEGA1UEBwwKQ2FsaWZvcm5pYTEOMAwGA1UECgwFV2F6dWgxDTAL -BgNVBAsMBERvY3UxGDAWBgNVBAMMD3dhenVoLmRhc2hib2FyZDCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBALXsL2jKCQ/t6cbS3z3TZmjkmM31VsYR49mD -WQtWI8U5xf9NiQNS3vjEkAT6+90aJZ+hMolgpiP2nnMzNNBij/f3+JGsuI56dVaO -tmY3xWc+y6IQvgP6kuvfzfb7Ib8md5WMRGuqz+IP8uZAlsKMYbdnCJoSk8T+1Pvt -wA3QzCMdjSqgdrj8wnA3/oBl1ODrzeCjUGjf6VW1Yr2O07x5cqU/LKmv/o0vqRqA -cETPDZXsXt9FnXAO/FxVxfq2xYG0EYlF2AnhUugPbBNPSQ0xzi9f0gyELB+yv7ys -bJdYLNfXb3x2u6VtCMVfNCUPr1uWg6YQ1LeHhX+MT5hiuyIALCUCAwEAAaNXMFUw -HwYDVR0jBBgwFoAUEdn3rVBSyY8Yn4m3SB/JljhKGdIwCQYDVR0TBAIwADALBgNV -HQ8EBAMCBPAwGgYDVR0RBBMwEYIPd2F6dWguZGFzaGJvYXJkMA0GCSqGSIb3DQEB -CwUAA4IBAQAhcvVs5DRom/6Ci9VINgc1n3+NDAE3HdFZ7TKnMekR/MDeU5l5Kz6t -dzx+P7mO7MywOgRddKsH9BEIlU2jECVixUBvYXNgr8cflVv5qlFg5QjWuUhAM4W4 -qu1oEITnpSPBw7DbMTQbjK5fQP4VijDWKTjFGpHti4QXxrel9uer0B/dHWQLYIL+ -yh1qCUHp1q02IZFanAbhGi055bR/7r6123EtoyDx0so5qzhZlCm+86m/tO0vqXf2 -sWa2KmL71M2UYSoDrzF3/4LhKEFJ4MRGiB2s7C/1MpRAKKnC7PLOTtykKU/3x0MF -mk3Xp+GIZkzdbo0eHXYjpghsCp3Kwx6z ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem deleted file mode 100755 index 6c7d8b03..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC55JMOnYeiyco2 -VYu8+1QX5qA26FAmJgnnWmqqZvOoNoDuyLGlKzuUiKnV0xrHDlsqARQcmUf7hF63 -QQkbZlWR2LkhRKQWLiemIQKVqxyarQ0YD7+yxmk3oaB7BZdkxsZcx0K1FuZcxUqd -JTRhOvunrPkKuQAJqPxuAtamLS75u+q3YRTN31zRMCZNHqGizzzN1rpIw4gq8WUE -93UHUKL7r/2wbPiR6TsLk4/oygUEbLNtl06u9Mf19b73KWCoDr1xiJSuDbkC+/b3 -zKWDZmeejiR4CXqUMhm23YVPEmx/unklht3fXyVlRxR/QrBZvXidug+BfATX2TEW -5Q8+1uuHAgMBAAECggEBAIzNPTYMy/fZsHiHQ1jZZVDVNvVf8ZVzqny6V6DKajQ3 -VGGJUkUxAef3u+xiAh5UGWkvd/RRhdxU3wkfEa7XTGk0JsW0IDVMsGt9BWAoQ3pF -KW3YP/NBpeClY9DK42lJxmXv5+8ScVpDdcihrZMYAhV3RwuAJS8r+Ee7jqo//xzY -ljXa1eHhmEO2nxMz4v3yJIqMWHNJoXct5gbk8CBdvuhSgxqV9XxlJhlvRharX+TX -KnN+ql2OdejlDdvRoT4KzALCxf/csjBheP3KZ3aVr9/gUsPGiMOCnW6tOqc/Fg7z -zo2y37IWof9HNc1tHE2Sn//c0Az7XLpEFT0iFGydw8ECgYEA6RmsdlKD2E892Qr3 -ApViCC/rrkhKEw9LrSGFd8LdWFUBqdfsd97oK2lStUe4lb+Qz9u4yOgl+dBRAkbR -sJFoQNwMML00VQKF/P2S30aGehw1OfKvihGfkolJ4EkPE7XbvCwZ/cd0J+TVplag -UZ4nCaC1DhcPsjI3CBGIA8plI20CgYEAzCep6gpbbI0XdcNwaHW9Ozws9c61LFON -zbrf0hXMswqZJR3O7piLdzJBBYF/uN7VyVucRle9Ve1lFXgxvxuUkgzZTB81TP7V -O1+oxR5mhCa24tNxuK3ARvmz8SkyRR56iaSNW6yI0ZLg9pJm/gMslJoaAX0tcDME -ZVUd6dZLfkMCgYEAiH+RP0R4km1ssTE7jha97j9piogoYFrfnMV5a7T/et9kdvnL -LjKoz+sAFMmn7IDeIununi9bNZtoJKYl2nh7jSeON+hDwdgVcB1pKTgaPV1RSdq0 -Mmy5fczJJv6BRrCCuQE2QybN/SKCfcJSZRjwkTG7dEHK3jWLhj0F4fpeGU0CgYBG -qcPqOkOCwyNHo6oYvggNpLp7Kl0TRqhieThXYyxDHHv9mN+zPiGn1EElQrmOp7Kf -y5G/10a1o0HFuKCfYVB/bOsZqgOs7tengWjNMcSSIURUJpPKNHnFF1DtPDEmM3J+ -ifJTtNh2kbxEHFCBw19+4Af4U/eSSlZPLLL56S6gOQKBgD+NtBcAxggeJZAHONOF -9qcdERaiygXWPFWTGhtSpy7U8uSBD361UdIs5SeYB44v8r/cW9+9nj5VL/wprujr -ZhzdhwYaeX05DB7A5zO1sTt2wjoD/otlIvL5nY00NBeaJzRhLkef2peDHHuZ5lET -Jb0rNPLpp9FN2JWXF233eGzL ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem deleted file mode 100755 index 593c73ee..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDbjCCAlagAwIBAgIURHfU3Y2O/Mzv+pl897K5wFx7TUYwDQYJKoZIhvcNAQEL -BQAwNDENMAsGA1UECwwERG9jdTEOMAwGA1UECgwFV2F6dWgxEzARBgNVBAcMCkNh -bGlmb3JuaWEwHhcNMjIwMjA3MjAyODQ0WhcNMzIwMjA1MjAyODQ0WjBYMQswCQYD -VQQGEwJVUzETMBEGA1UEBwwKQ2FsaWZvcm5pYTEOMAwGA1UECgwFV2F6dWgxDTAL -BgNVBAsMBERvY3UxFTATBgNVBAMMDHdhenVoLm1hc3RlcjCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBALnkkw6dh6LJyjZVi7z7VBfmoDboUCYmCedaaqpm -86g2gO7IsaUrO5SIqdXTGscOWyoBFByZR/uEXrdBCRtmVZHYuSFEpBYuJ6YhApWr -HJqtDRgPv7LGaTehoHsFl2TGxlzHQrUW5lzFSp0lNGE6+6es+Qq5AAmo/G4C1qYt -Lvm76rdhFM3fXNEwJk0eoaLPPM3WukjDiCrxZQT3dQdQovuv/bBs+JHpOwuTj+jK -BQRss22XTq70x/X1vvcpYKgOvXGIlK4NuQL79vfMpYNmZ56OJHgJepQyGbbdhU8S -bH+6eSWG3d9fJWVHFH9CsFm9eJ26D4F8BNfZMRblDz7W64cCAwEAAaNUMFIwHwYD -VR0jBBgwFoAUEdn3rVBSyY8Yn4m3SB/JljhKGdIwCQYDVR0TBAIwADALBgNVHQ8E -BAMCBPAwFwYDVR0RBBAwDoIMd2F6dWgubWFzdGVyMA0GCSqGSIb3DQEBCwUAA4IB -AQAmCAiydzBHx8M7bUWcuxU0uB93TLsGzptpYebd9/Y4C+SrxHjjxQb5gji8D9qL -/aE3pg6RowBwhAnaCa5DCvFm7mz4sP8HO9Hz1I5w40jjkoIfwPw5kL/66t+pGonu -SbRzPH/s87vrtgowaF+2U7tNd3iiHFH2ANIJPmAki9XtYWjUgOEaY6R1UhpDOntB -UNvb6tTpdjkBTZNVDugO7BVQKjXWK1AKn5m08JepLK39cCX+Q120KK7NbRCtcR3u -CMaqKvZ4sMT/pGwmRbuTxYx11zWsf8tFeMJxv82RVjVwZktSPyEFuX1MzlZ/2ljl -tf1yaqMCS7yWFYjwzcDZ35Gh ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem deleted file mode 100755 index dce391b8..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDO2F9laXHl+CAB -0tLEdEq4CXciYnBpytAuwodoGk3wYn6ZBXxxKs+Mm/0jHSrvmK4qP2jQXS/6+u1s -2kFBaG1a0/GMVMG/wpJ7aJTT/jK+prc4npCdOLkIHV3CvptV0tJ8nPEAsydY8bBV -9swqknl+FDMK7yMSez3lbAo+PgPcsKDomt9+nSBnZHqmHpRcie/H6SNm6UgivfYW -i8LkAKL0uUmlU383ZrUNzso9zXdJhJyY+VEh3QGUppReH+YPP30FUtHuQRtPQxPp -epLxT2+tKIMremXyyb8KRJJTzhEWXddY9mVJmZeDCU40hCYhK4EPvrGPUH/oriQG -El+AHy//AgMBAAECggEBAJmM4Ix9EZOBdelEozg5iDpEtI7u+rpeV9tOh4yNcmxQ -AeEAxJeSC087gVhuz6/b7Pbp6Zo8g2DSpCxZfXXb2spBaiAdz1LWUz2PrmQNYYhM -ZNmARKSiNiHDAxaNvuygO6dMLlCxrjUF/jxioL+9yrkAr7+fNK8ElDda0+POz7kk -g8jBGhoaJ4NOpcfD3ifPYvGGsz3fKeEQjfnCGnIgwIin1ZN2C2XJ0Sdi0DTuUWAp -XLRCXcLbQfMQXWoN+MJza9fRa0ZhkDjsSkBeM8/f2rABmzS/HpHZRsp/xF+qJ/2p -zO0kKMiTjXwhIY5YQc++gSgg1uGMeaObW2n0O1atQgkCgYEA8gRFtkHmi0/NZyo/ -IAzICT8PLCXKZbZXU/jfBd5NzBJi24+9l1H+wZ52v8gxwUF6XaggHcFlyTdVenMK -UeOof5SAPg9/BeHE9z7CKkvQthppRnRbpeBHiTpL86UbnNcbzSCcqIwAWUv00tq8 -IBCIMQDts0dqjqIRaN8BFUaU3Z0CgYEA2sve0J6Jf/fat97vwEZncCVhjVwJ6rW4 -CSNqR1T1ZQCiU9H+CSGvn95ZvhwOrESXQxV/Z7S3CHfovPVKXNFBs9XFpKmCBBz/ -YxhIXAch8WM9jLIDqPY/VnbN307AufK1PLF2/StnUTEFLoNQpl2WWQa1LFeSXZvZ -0oj/+KTJX0sCgYEAz4tOZTA6jznOgiw+mjOb0CId1tRJr9QhK8f/Kj8sJFeYI4Yv -JneQq2ZDm9AIqxyF3Y9yi1HxAg/L5AiHzxYWx+IH4DDV06t7iDRvumnuAFzB70OV -3LhrYIl33Oe4uFXYZ58R+ZCmM+3pdHFUZ4MF6FBNiDM0dEEUAQVNHnu66hkCgYEA -msHG6UKpuQUEBDhA1nw138Hg/U6TiRtdf8E4BBpYtEc9ihInICheg7KPQYOw8TJW -11FWW3EcYXYG/dh1767nTR8we+aVmvkzvtDHJai53nY2a9Th99mtNSg1N/UJJr1A -ahyQMERKAMiuhJbHLdVWacPv09xhH6sD6AGVJDbSZH8CgYApvezqoBeDhS5PVt/I -s9rPy4M0dITb5Wb7gy2R7BtZOdMluPshN87S37j0B7iJB0RwvYNtDftAn4qKSA77 -JHEd/mI+rtUeCzgHginAyKR07yP5EALI21OWTRyyywlpWFAds2H0Kh0v0/P8YHQZ -W8Z3U7jEifGmclWgxTaZAcvaXA== ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem deleted file mode 100755 index 51caa4ba..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDbjCCAlagAwIBAgIURHfU3Y2O/Mzv+pl897K5wFx7TUcwDQYJKoZIhvcNAQEL -BQAwNDENMAsGA1UECwwERG9jdTEOMAwGA1UECgwFV2F6dWgxEzARBgNVBAcMCkNh -bGlmb3JuaWEwHhcNMjIwMjA3MjAyODQ0WhcNMzIwMjA1MjAyODQ0WjBYMQswCQYD -VQQGEwJVUzETMBEGA1UEBwwKQ2FsaWZvcm5pYTEOMAwGA1UECgwFV2F6dWgxDTAL -BgNVBAsMBERvY3UxFTATBgNVBAMMDHdhenVoLndvcmtlcjCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAM7YX2VpceX4IAHS0sR0SrgJdyJicGnK0C7Ch2ga -TfBifpkFfHEqz4yb/SMdKu+Yrio/aNBdL/r67WzaQUFobVrT8YxUwb/CkntolNP+ -Mr6mtziekJ04uQgdXcK+m1XS0nyc8QCzJ1jxsFX2zCqSeX4UMwrvIxJ7PeVsCj4+ -A9ywoOia336dIGdkeqYelFyJ78fpI2bpSCK99haLwuQAovS5SaVTfzdmtQ3Oyj3N -d0mEnJj5USHdAZSmlF4f5g8/fQVS0e5BG09DE+l6kvFPb60ogyt6ZfLJvwpEklPO -ERZd11j2ZUmZl4MJTjSEJiErgQ++sY9Qf+iuJAYSX4AfL/8CAwEAAaNUMFIwHwYD -VR0jBBgwFoAUEdn3rVBSyY8Yn4m3SB/JljhKGdIwCQYDVR0TBAIwADALBgNVHQ8E -BAMCBPAwFwYDVR0RBBAwDoIMd2F6dWgud29ya2VyMA0GCSqGSIb3DQEBCwUAA4IB -AQBQ/4NRC+7aH7DaFGYrr7/ITK0EmhL1e/BnolpesUF3R1uLaRs0rXqMPs1Z+VuX -jImhICY1Zfrab6dauApHfY4P8P5zg4FOwlNxWWc7GRfPf3Hqo/cfwcv5tcYCRFDW -5cxK6sQNNmqvBaQup40nXRUUuKPKbkmYEECa80BTriA8ueUE+HrDN2kDnezCwXN7 -25lsMuVYzsSa6qGHH8zCohiB5erEzpfqbA6cZi9nCoQPQyUJj+34uLYKeTjakOf5 -7AVdGRKUMoTMfoY3Azv8lsRAnVqWW9eQLf/z70UED89x5Cv/ZSEDYMWiu8O8DUuA -bLIFd/5qrrH+MymmldMHHz6p ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem deleted file mode 100755 index 27dcbe9b..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC839fpwnln76EE -5JlWxlowMEW+LKUrXkXNH68tul8vSRylxCYLpnsXqlNU0vwoyr8q/zTjkI70HxOG -lN3G1PVSzMEIim3GxV2yL5kDO7mKvfMF8Ed1/S3jShze5lSjH9wwb3nuk+FI/nEE -NuM95pu/N5roq4AftR2wyRNU/NvX2ulr4g17uWcWJMZ0hfcTia3IgVAR6uGsu6vY -I6HmvIrDWGTs8cND829BgvPZbvkuSDHisogFS1XKSNXN4J5uipROR0US96Cfsv+F -ACbbiHKvYNPbxd6mGf825LhaYsYWQl3WESX7gz1lRk9RHQa3eUoFTTSYOlr98AO+ -npjZNlKTAgMBAAECggEASfTkmLX70AT26fGRUXctzXy5cnQM4ORzNJTZhXBa4Ssh -uo8JzroLrQKWyroq3tY08OMplIoAT/rzLFmSVc8BmMBwPaXmwlR6EdGteqSiTH+A -b6zcbokKtNtKXsWWEqHhGF4uQotJRcnL+zh61rw79C4TzFOLQd8rlxPFLBwvAWAb -NxbAHAHJgbQ4bzcOVT560RkFNyoOJ2owsItRiBYhi8Kl5zIqpzen5EVLlXTritxB -Rf2RCSHvzI6To+++CSQws9Ge++oa3zf8AI2IU//qtnkrsvBq3eB72n5Stb4mf48g -R0oO8YHZR0hh0mNshFMXqrSJedfZJL2sw9mY0nh/AQKBgQD5y24ahginvLg+g5QC -WiYV6geRwKfWwkABDV4BoiKomvga+Un3PxaPesr42NoSHRKwwWnSUfmjRFYIbCs8 -VOvutvAoXJAnGB/V0WwxNwuMEwiXFzONFxPFq92M1dGWAeBRphLqLdKx1pxcpizf -Bf4f3mf7Tu+rvEFZXX8Wq/2D0wKBgQDBkP2fp2ar9htyLfZjxbDs4ypzy8rcS04d -zmIWG8iIvEGL9Bf8m4PMe9QDmAy+DHuDdj/18BopnCGG8nbQpL2S0QmNTfJAMfk+ -U37NTg4FsQklrsNht3PxFrpYEbyUjyZBCQtHmWiIHUMLzJWLoj3u24kvU50OJBDa -ScGMoXJ+QQKBgQCmvPX32nQ4ky5g/C92CnrVsevvjKv8HJngme2gJXwBE8B9MN4A -nioPCCYoSYf3A1UQi2p5q6J5KwpKgPmzQfRi2dYg+vh2QBIwBaS0jUu16paXVDNj -AH6AOiKe+bL28LWtiq+hhYjYkKq65WmaTUO+PhUmmSA+gGEWp+RHW/LTZQKBgGjW -xwe5+3oYCjWFf3X6lSE4yL1/G5jFkMHEDow68BpfHIFY68T91hzi1Ko9qGknCZ7i -ZTInoYP39JDKsl+/Wo4yeiH2ncb3Si/fuUYpiJ68jF/EkD5Uxo9F6BfbQ3CTN/zx -kRJunJdcgfvaCwVeEn1UmrDvcJlAH4CbgiFRMFoBAoGBAPD/C8dnvMBYSMH39/EX -Qt5/DC1DbuXl17AbhMqyE+Chye8965wD7aes0vHahEcBpmUuOYJXP9eQiZO6i7S9 -CHoEos0HEOvBtoL91sA/zeMspmAYcw3f+UuN6gV18FC9KYoDKLLC9iFs8d7KbGLX -rsawyTEQ5KjqIRjkwFrj+cCL ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem deleted file mode 100755 index 17b89577..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDcjCCAlqgAwIBAgIURHfU3Y2O/Mzv+pl897K5wFx7TUMwDQYJKoZIhvcNAQEL -BQAwNDENMAsGA1UECwwERG9jdTEOMAwGA1UECgwFV2F6dWgxEzARBgNVBAcMCkNh -bGlmb3JuaWEwHhcNMjIwMjA3MjAyODQ0WhcNMzIwMjA1MjAyODQ0WjBaMQswCQYD -VQQGEwJVUzETMBEGA1UEBwwKQ2FsaWZvcm5pYTEOMAwGA1UECgwFV2F6dWgxDTAL -BgNVBAsMBERvY3UxFzAVBgNVBAMMDndhenVoMS5pbmRleGVyMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvN/X6cJ5Z++hBOSZVsZaMDBFviylK15FzR+v -LbpfL0kcpcQmC6Z7F6pTVNL8KMq/Kv8045CO9B8ThpTdxtT1UszBCIptxsVdsi+Z -Azu5ir3zBfBHdf0t40oc3uZUox/cMG957pPhSP5xBDbjPeabvzea6KuAH7UdsMkT -VPzb19rpa+INe7lnFiTGdIX3E4mtyIFQEerhrLur2COh5ryKw1hk7PHDQ/NvQYLz -2W75Lkgx4rKIBUtVykjVzeCeboqUTkdFEvegn7L/hQAm24hyr2DT28Xephn/NuS4 -WmLGFkJd1hEl+4M9ZUZPUR0Gt3lKBU00mDpa/fADvp6Y2TZSkwIDAQABo1YwVDAf -BgNVHSMEGDAWgBQR2fetUFLJjxifibdIH8mWOEoZ0jAJBgNVHRMEAjAAMAsGA1Ud -DwQEAwIE8DAZBgNVHREEEjAQgg53YXp1aDEuaW5kZXhlcjANBgkqhkiG9w0BAQsF -AAOCAQEAGVQTOA082vVf49EeH5ewBRGonuK+FMNtt4woZErbKHkSQvYLBkOhgnSs -OHRSdU3OLU0Qdxwx0E4VppKNAAlcmwDBeyVkXPUkIu/pOkepp8fhbTDZSbW6mK2f -0PYd5uyxeHPW6AvpeWh8iUODYSUaceUD4Lu7BJZK2O29MLeAWXw/1tZMbqOHZ9iM -iIz/QNZLqm6qUBnXQg+a35N3tSDYPS7yF/yyKoIgn6GyXAdRJ/yyx3/N+g2rNsIZ -mGyeyl4Pnyl3W88YaC8SUjYRzzD+MBEvlZNTQJ4ORllGDIvJI7mMdvCLaXrDEW8A -axwv/8UwtZnKgmQ9gIKw+v1lFlACWQ== ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem deleted file mode 100755 index 0055463a..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDiI48jkYeNCC5s -1rutoWU7aAMdvAdy4HXhkaILBKbmkSJ3sxGjld4gnr8xXgkclx170gDulMAQL78l -OSKpejMYjVqFtzEy1vXzUnHg8JQOTwu/MDQxcm+vwjEkX9QJSMV+TZTFitbLsQoy -QKw+6UyDxaMLG0ACBqtHZ9vQ83vtr878oWSJZWOx23hpdgoImUjUdvbFNZ9AouKJ -ir6NuFgEzNzo6mS2UcW7268NWkoE0rscf8+8nlW8FXG/IbVbBGrAvc6sYLBYSQ8H -gcl8BEp+5neJ3x44aNwS/gwHaeP6MmYZy0p886RdWuqijc76DNQJN4PkbSm1jj2h -JTQCinp/AgMBAAECggEAGJlXo73b6ep+6lX9emi5E1pAJIbkpIloKU5nOx2ZbjFR -d4XiIFJYJGJAWAVrplGF4oc4lLtXnSskds8dRyRE1KHju/HuhyI9BOft/VMON/Q/ -Sd/bfZl+LrdIEzXdYdkpqpCT410z+lpaypagZgOI0Di6gKXJM684CH9yuOsTiwpF -byVlferSJPao+GohtoVytGlZtq3Qo43jdyr9oFmDVbTOkL3o1QVS1DGkzvcSKtfC -4QJmWktq7hcs93ywO46L/yd6x7GzSWbah0KI9mu3/e02nBb96ZIQzbebTkn1VMkm -EWZ4f6Gr869It2aHyO/eKJIzyVFoVquS+XfFS7Fl0QKBgQD5mOwa2ix0v5F1D+vr -2MuY8m9GfoC6N7H0j3XYuCxKg7cJavuokwXiZYwPD6z/d9KKfm1CdxDSB84QCMDk -pWmntRupeSOj7b/q+4EbLRfjUyrzvPcDnQ5yX9Feb/2RAXthdTBlPp04Je60lbXP -MGKitCKb7hQ8urECYYK2h8GaNwKBgQDn8JZ9htlEkBVM0XlhIoLX2v1gxWmwPAWK -gU0RYV/SyLhOwAZzWfs0VK2ZuITsitlGGYUXNjETLlT9SQJ9mwoP3fBuRSPgYyIe -VUrBKZa+X0qYeTctS6ugirCJnR+QGVbt20aw4i/xSPAqLOb3gwHPEVfUMXvOawNh -WONsXrbd+QKBgQDSNrVDuFSQz3cWfJ5aOHDhE+4cFRcdvyKlst2x9Qt4ho515CCn -zYu7LYNUfANb9fLgqbIjtFv6SJCIeJbc+2OM17/AcEJQIkDtC32lAcmIr9cRCSmR -ZYlxUrnnK7MHmZPsdOKZoq6PR4NPnHdPVJT+K3Cqm014CFRkiPOp/5RS6QKBgE7z -+fZvAeSx+14z7FKhcdLSy++2I70HIYe9biOddwYEp6C/AzMfDUEKFjI+upjexwly -xHhbTSdPXUT/JmblcO5nyWFwDb9jX4jd1d2dL6BMRdNTZ/H2UU0MCP4/SzA9P/cl -7pFl3ZYQExj4QgM9SE9ZgwFLeu6QRQ1NOdV5BFzZAoGBAIfYeUOo3D0dPfYhQMau -wUYR/dWyqWyXh27Bz7AbXLz4YxoIh/bPRthPqjit+9WSpIIvL94u68HDplhAiXWx -SLHDZlD2voMI3z26bzXfOYiWH7ULGIenPZKPnEAUCOXXzujFD+K2Rqw12Mji5C5C -Ic3JeVlln8v46SXgyrKqu6jj ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem deleted file mode 100755 index 54d7d377..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDcjCCAlqgAwIBAgIURHfU3Y2O/Mzv+pl897K5wFx7TUQwDQYJKoZIhvcNAQEL -BQAwNDENMAsGA1UECwwERG9jdTEOMAwGA1UECgwFV2F6dWgxEzARBgNVBAcMCkNh -bGlmb3JuaWEwHhcNMjIwMjA3MjAyODQ0WhcNMzIwMjA1MjAyODQ0WjBaMQswCQYD -VQQGEwJVUzETMBEGA1UEBwwKQ2FsaWZvcm5pYTEOMAwGA1UECgwFV2F6dWgxDTAL -BgNVBAsMBERvY3UxFzAVBgNVBAMMDndhenVoMi5pbmRleGVyMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4iOPI5GHjQgubNa7raFlO2gDHbwHcuB14ZGi -CwSm5pEid7MRo5XeIJ6/MV4JHJcde9IA7pTAEC+/JTkiqXozGI1ahbcxMtb181Jx -4PCUDk8LvzA0MXJvr8IxJF/UCUjFfk2UxYrWy7EKMkCsPulMg8WjCxtAAgarR2fb -0PN77a/O/KFkiWVjsdt4aXYKCJlI1Hb2xTWfQKLiiYq+jbhYBMzc6OpktlHFu9uv -DVpKBNK7HH/PvJ5VvBVxvyG1WwRqwL3OrGCwWEkPB4HJfARKfuZ3id8eOGjcEv4M -B2nj+jJmGctKfPOkXVrqoo3O+gzUCTeD5G0ptY49oSU0Aop6fwIDAQABo1YwVDAf -BgNVHSMEGDAWgBQR2fetUFLJjxifibdIH8mWOEoZ0jAJBgNVHRMEAjAAMAsGA1Ud -DwQEAwIE8DAZBgNVHREEEjAQgg53YXp1aDIuaW5kZXhlcjANBgkqhkiG9w0BAQsF -AAOCAQEAO55yywT1a1Bd7zAQOeyl5c+aMQpyuwipyiZ6kc+1EI84EmhYh59zalzl -pCb/aQxq/A4Bk0UZAKTBmtBMAMQGiTWTwDMhthEV30j+UgeNCqtMvw5WynZPaS/x -pWuHCPy0HXw2xAFJpMF7iPWyrQOyPsFQJ5WrNsDevLEOhBTj4Z/kgM7Jwpyjb7JU -oU7BOoTrxwWKu61lyXXQuddEHSqJhjWk9aa8HXhtU+fz6xqjfgOWw8sAbrtZktXf -jGgu0xHie6zqAzVeFY6oRe5TJFMr6G/sqgxXfr3Pyg3OaMLZFjkFwKz7NPGVdWva -XvCRx0USefxMjNBQ9hmtn1qqGt9tow== ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem deleted file mode 100755 index 729dce76..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCyBBUzH5lWIOeo -7IpeE83TwIpnv8vhEPZOD5rv7SUNMhPmATVhmX6oGfWuX5KKPGZHH0vMUZBQNha1 -G2VXqeHMk+xDoYDNpRptfv2VE97/tbwTlECiWKx99LEc0FskXY7AxXyK6agx5R6G -C7JWVoeHBsOQ4XWqA+Uu6KkCjHWEN4MiPJdqCDerNVWdcqzowRdkeJE4sbZed2OO -Yt3eCrWMZ4ttro9caoY8xkBiI6DEOD35we3IWkB+6qn/Uhd5avgMYaLI4Y6hE8Ov -w2h6tiu9YrVexLf1swd5C7L7bTUtAgenk+sFANx70hGHytL+P+80LJUSTw1JdLm4 -3EOnGcjNAgMBAAECggEANb/d1s3XspXE3NBvBvDb2O/t2l2i5ZYFiJRVp9PmuBFC -yNPclleOUptj/v6EdJDAIQFmFY8bD90FBjH7a3iz4N1ZHSKKjY0oaZ9KWdTiJDtv -SkodKee0TWOwho6ytkw5aiM284qRal9P1BF8C22dBjwYmIo6yNbcQEmnnkliwkSv -O1U3xUPyfgkQsS/ZSeKCuDWtcxBRA4lHz83PE36V/QsBwE/cUdyjj70VdR2TA2HI -z7nN+C3VRmsYOBA2FrcrH20DJyZuDA7UOU1VoYyPd98cvI/k9HLHOj9Ct2ntS25q -KjbY749qtUItwuDLmJGlze1MyMazAL85e6hlSsr3AQKBgQDpSzwbSRoaKBTSj2TH -idLD/vx76T7M0rNi+17MrVQQmWxlkff4xY+1tnhBz8G5edUUXilgX95zrGK/J40K -J2zXLsgPMV/Jm68Yw1ZvC2lNacx0mPMn62NVTtOzvI2cHc7ECiOFLufTip2iLKlJ -FIJHRK5juSdmWOFXPqbTaMytsQKBgQDDV4oYiEaOgV+O4E00Q9E8Osl6QxwhBbUO -K4yyoPx8VNMcMKnZlNL7a1XYP9smDJbbWC97HYClSINHEdN2R7rvXEdQk0t4TCyE -UUNvIBi+mVzApccxfcQH5iMhQvQHhmGBtIF8XhagCghboEklZlXRVwBoo/1tnAqi -3fSjEigH3QKBgQCKVaddkppcujmmpYqf23TT7YYvv54SfDoMzntnKLw5X5BsJgMB -S7yshneGprf70GduPWuRjydsNeMT8FLsm3Ypnr7Ya3GeLafFKkc9b2nQkpS+6tb8 -a9KqCiT0ZjEeSnqJum1Xkvm6cW6JdKwo/nVF5071KRxYzwlH34mywGjl8QKBgBZS -bYxqHi3wqLvJ8+iSC1nnmdhnzNIVNeBdp6FN9iw7ATjKcs5TTFzAojmo6mEJtT9x -b1ORRn8cryuy5MgyYDE0CU4y1r/zbG7eXmdXcpxtKAU3rHCCX6FLch496Wbmu0O4 -HcfZdJprKxNVWKZ2cD4QxBIxEyewWiLMXEU6MOrdAoGAQge11psrXgfmlewBbhSQ -rBl3Hqqf74O7gErhxJP+sXTL2aG1ytLJlQhB5FaN9OSGAXga0LLTVrXp/SzOXhHy -Ca/hcAhVV7buLbpawd/EDWXKOwn82YQW4Y08DnrLfVcT7xU3ZC6Qk/Q85+Mq8Qw7 -3x3sgnSDoQWstXmqeCD3NlY= ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem deleted file mode 100755 index 32f80686..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDcjCCAlqgAwIBAgIURHfU3Y2O/Mzv+pl897K5wFx7TUUwDQYJKoZIhvcNAQEL -BQAwNDENMAsGA1UECwwERG9jdTEOMAwGA1UECgwFV2F6dWgxEzARBgNVBAcMCkNh -bGlmb3JuaWEwHhcNMjIwMjA3MjAyODQ0WhcNMzIwMjA1MjAyODQ0WjBaMQswCQYD -VQQGEwJVUzETMBEGA1UEBwwKQ2FsaWZvcm5pYTEOMAwGA1UECgwFV2F6dWgxDTAL -BgNVBAsMBERvY3UxFzAVBgNVBAMMDndhenVoMy5pbmRleGVyMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgQVMx+ZViDnqOyKXhPN08CKZ7/L4RD2Tg+a -7+0lDTIT5gE1YZl+qBn1rl+SijxmRx9LzFGQUDYWtRtlV6nhzJPsQ6GAzaUabX79 -lRPe/7W8E5RAolisffSxHNBbJF2OwMV8iumoMeUehguyVlaHhwbDkOF1qgPlLuip -Aox1hDeDIjyXagg3qzVVnXKs6MEXZHiROLG2XndjjmLd3gq1jGeLba6PXGqGPMZA -YiOgxDg9+cHtyFpAfuqp/1IXeWr4DGGiyOGOoRPDr8NoerYrvWK1XsS39bMHeQuy -+201LQIHp5PrBQDce9IRh8rS/j/vNCyVEk8NSXS5uNxDpxnIzQIDAQABo1YwVDAf -BgNVHSMEGDAWgBQR2fetUFLJjxifibdIH8mWOEoZ0jAJBgNVHRMEAjAAMAsGA1Ud -DwQEAwIE8DAZBgNVHREEEjAQgg53YXp1aDMuaW5kZXhlcjANBgkqhkiG9w0BAQsF -AAOCAQEAnyLfdPMfYjP3su7tAtXzo3/yBM3X9h+90ziWU3Nt8FcECS1vkOxeyNWN -HjoQ62D1pVDNcX1ul5ue3p5IkGACQFWSvK8Ts/BCPkD7XLSg2NQ/ILOvknUcKM6m -JtCdPO/Y6E1nhTb51G58LQx6W7/U7kfiDYm/G/0fxfcQNlhkmii0btNMqR6yCNUb -dCeSuQEXT+gobUVyymXMN7DXzpe+dHG74Zs28v7sp0cdCONVab2PW1sD0/v5Nmcd -j+XxcKbnaxjiHEABd2c6U7eNjPbGo1Y2AqeLY8DWgOA3y/wA3+c292X9M5F3WBUM -CCjfJjwHLYvQVSWoNKaIDC196sZtgg== ------END CERTIFICATE----- diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index bf2c6443..adb545a5 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -17,12 +17,16 @@ COPY config/wazuh_app_config.sh / COPY config/dashboard.yml /etc/wazuh-dashboard/ +COPY config/wazuh.yml /usr/share/wazuh-dashboard/data/wazuh/config/ + RUN chmod 700 /entrypoint.sh RUN chmod 700 /wazuh_app_config.sh RUN chown 101:101 /etc/wazuh-dashboard/dashboard.yml && chmod 664 /etc/wazuh-dashboard/dashboard.yml +RUN chown -R 101:101 /usr/share/wazuh-dashboard/data/wazuh && chmod -R 775 /usr/share/wazuh-dashboard/data/wazuh + # Services ports EXPOSE 5601 diff --git a/wazuh-dashboard/config/dashboard.yml b/wazuh-dashboard/config/dashboard.yml index 7aec4657..31bdf8f7 100644 --- a/wazuh-dashboard/config/dashboard.yml +++ b/wazuh-dashboard/config/dashboard.yml @@ -1,14 +1,16 @@ server.host: 0.0.0.0 server.port: 5601 opensearch.hosts: https://wazuh1.indexer:9700 -opensearch.ssl.verificationMode: certificate -opensearch.username: kibanaserver -opensearch.password: kibanaserver -opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"] -opensearch_security.multitenancy.enabled: false +opensearch.ssl.verificationMode: none +opensearch.username: "kibanaserver" +opensearch.password: "kibanaserver" +opensearch.requestHeadersWhitelist: [ authorization,securitytenant ] +opensearch_security.multitenancy.enabled: true +opensearch_security.multitenancy.tenants.preferred: ["Private", "Global"] opensearch_security.readonly_mode.roles: ["kibana_read_only"] -server.ssl.enabled: false +server.ssl.enabled: true server.ssl.key: "/etc/wazuh-dashboard/certs/demo-dashboard-key.pem" server.ssl.certificate: "/etc/wazuh-dashboard/certs/demo-dashboard.pem" opensearch.ssl.certificateAuthorities: ["/etc/wazuh-dashboard/certs/root-ca.pem"] uiSettings.overrides.defaultRoute: /app/wazuh?security_tenant=global + diff --git a/wazuh-dashboard/config/wazuh.yml b/wazuh-dashboard/config/wazuh.yml new file mode 100644 index 00000000..62a72893 --- /dev/null +++ b/wazuh-dashboard/config/wazuh.yml @@ -0,0 +1,7 @@ +hosts: + - default: + url: https://wazuh.manager + port: 55000 + username: wazuh-wui + password: wazuh-wui + run_as: false diff --git a/wazuh-indexer/Dockerfile b/wazuh-indexer/Dockerfile index bb4d533b..04972402 100644 --- a/wazuh-indexer/Dockerfile +++ b/wazuh-indexer/Dockerfile @@ -1,3 +1,4 @@ +# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) FROM ubuntu:focal AS builder ENV tini_bin="tini-amd64" diff --git a/wazuh-indexer/config/config.sh b/wazuh-indexer/config/config.sh index 93aa41ee..59f8c1d4 100644 --- a/wazuh-indexer/config/config.sh +++ b/wazuh-indexer/config/config.sh @@ -1,3 +1,4 @@ +# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) # This has to be exported to make some magic below work. export DH_OPTIONS diff --git a/wazuh-indexer/config/entrypoint.sh b/wazuh-indexer/config/entrypoint.sh index 81ca3188..14062a13 100644 --- a/wazuh-indexer/config/entrypoint.sh +++ b/wazuh-indexer/config/entrypoint.sh @@ -1,4 +1,5 @@ #!/usr/bin/env bash +# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) set -e # Files created by Elasticsearch should always be group writable too @@ -88,7 +89,7 @@ if [[ "$(id -u)" == "0" ]]; then fi if [[ "$DISCOVERY" == "single-node" ]]; then - # run securityadmin.sh for single node + # run securityadmin.sh for single node with CACERT, CERT and KEY parameter nohup /securityadmin.sh & fi diff --git a/wazuh-indexer/config/securityadmin.sh b/wazuh-indexer/config/securityadmin.sh index 1fe6af34..0283ae8d 100644 --- a/wazuh-indexer/config/securityadmin.sh +++ b/wazuh-indexer/config/securityadmin.sh @@ -1,2 +1,3 @@ -sleep 50 +# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) +sleep 30 bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/ -nhnv -cacert $CACERT -cert $CERT -key $KEY -p 9800 -icl \ No newline at end of file From 1140e67c99082c98cded7183e9f591b4d3ca234b Mon Sep 17 00:00:00 2001 From: vcerenu Date: Mon, 14 Feb 2022 16:58:57 -0300 Subject: [PATCH 024/163] docker-compose.yml configuration fixes --- docker-compose.yml | 3 +- generate-indexer-certs.yml | 2 +- indexer_certs_creator/config/entrypoint.sh | 9 +- .../opensearch/certificate/config_aio.yml | 10 - .../opensearch/roles/internal_users.yml | 74 --- .../config/opensearch/roles/roles.yml | 163 ------- .../config/opensearch/roles/roles_mapping.yml | 71 --- .../install_functions/wazuh-cert-tool.sh | 433 ------------------ production-cluster.yml | 2 +- .../wazuh_indexer_ssl_certs/certs.yml | 0 wazuh-dashboard/Dockerfile | 4 +- wazuh-dashboard/config/entrypoint.sh | 2 +- wazuh-dashboard/config/wazuh_app_config.sh | 4 +- 13 files changed, 16 insertions(+), 761 deletions(-) delete mode 100755 indexer_certs_creator/config/unattended_installer/config/opensearch/certificate/config_aio.yml delete mode 100755 indexer_certs_creator/config/unattended_installer/config/opensearch/roles/internal_users.yml delete mode 100755 indexer_certs_creator/config/unattended_installer/config/opensearch/roles/roles.yml delete mode 100755 indexer_certs_creator/config/unattended_installer/config/opensearch/roles/roles_mapping.yml delete mode 100755 indexer_certs_creator/config/unattended_installer/install_functions/wazuh-cert-tool.sh mode change 100755 => 100644 production_cluster/wazuh_indexer_ssl_certs/certs.yml diff --git a/docker-compose.yml b/docker-compose.yml index 861ffd17..bc950aca 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -46,7 +46,7 @@ services: hard: 65536 wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.3.0 + image: wazuh/wazuh-dashboard-test:4.3.0 hostname: wazuh.dashboard restart: always ports: @@ -56,6 +56,7 @@ services: - ELASTICSEARCH_USERNAME=admin - ELASTICSEARCH_PASSWORD=admin - SERVER_SSL_ENABLED=false + - WAZUH_API_URL=https://wazuh.manager #volumes: # - ./production_cluster/wazuh_dashboard/dashboard.yml:/etc/wazuh-dashboard/dashboard.yml diff --git a/generate-indexer-certs.yml b/generate-indexer-certs.yml index 62386d62..b93dbfff 100644 --- a/generate-indexer-certs.yml +++ b/generate-indexer-certs.yml @@ -7,4 +7,4 @@ services: hostname: wazuh-certs-generator volumes: - ./production_cluster/wazuh_indexer_ssl_certs/certs.yml:/unattended_installer/install_functions/config.yml - - ./production_cluster/wazuh_indexer_ssl_certs/:/unattended_installer/install_functions/certificates/ \ No newline at end of file + - ./production_cluster/wazuh_indexer_ssl_certs/:/certificates/ \ No newline at end of file diff --git a/indexer_certs_creator/config/entrypoint.sh b/indexer_certs_creator/config/entrypoint.sh index 5dbd5576..0e86ce61 100644 --- a/indexer_certs_creator/config/entrypoint.sh +++ b/indexer_certs_creator/config/entrypoint.sh @@ -2,10 +2,11 @@ # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) ############################################################################## -# Start Wazuh indexer +# Creating Cluster certificates ############################################################################## /unattended_installer/install_functions/wazuh-cert-tool.sh -mkdir -p /unattended_installer/install_functions/certificates/ -cp /unattended_installer/install_functions/certs/* /unattended_installer/install_functions/certificates/ -chmod -R 664 /unattended_installer/install_functions/certificates/* +echo "Moving created certificates to destination directory" +cp /unattended_installer/install_functions/certs/* /certificates/ +echo "changing certificate permissions" +chmod -R 664 /certificates/* diff --git a/indexer_certs_creator/config/unattended_installer/config/opensearch/certificate/config_aio.yml b/indexer_certs_creator/config/unattended_installer/config/opensearch/certificate/config_aio.yml deleted file mode 100755 index 8c3e67a0..00000000 --- a/indexer_certs_creator/config/unattended_installer/config/opensearch/certificate/config_aio.yml +++ /dev/null @@ -1,10 +0,0 @@ -nodes: - elasticsearch: - name: elasticsearch - ip: 127.0.0.1 - wazuh_servers: - name: filebeat - ip: 127.0.0.1 - kibana: - name: kibana - ip: 127.0.0.1 diff --git a/indexer_certs_creator/config/unattended_installer/config/opensearch/roles/internal_users.yml b/indexer_certs_creator/config/unattended_installer/config/opensearch/roles/internal_users.yml deleted file mode 100755 index 40fcb9cd..00000000 --- a/indexer_certs_creator/config/unattended_installer/config/opensearch/roles/internal_users.yml +++ /dev/null @@ -1,74 +0,0 @@ ---- -# This is the internal user database -# The hash value is a bcrypt hash and can be generated with plugin/tools/hash.sh - -_meta: - type: "internalusers" - config_version: 2 - -# Define your internal users here - -## Demo users - -admin: - hash: "$2a$12$VcCDgh2NDk07JGN0rjGbM.Ad41qVR/YFJcgHp0UGns5JDymv..TOG" - reserved: true - backend_roles: - - "admin" - description: "Demo admin user" - -kibanaserver: - hash: "$2a$12$4AcgAt3xwOWadA5s5blL6ev39OXDNhmOesEoo33eZtrq2N0YrU3H." - reserved: true - description: "Demo kibanaserver user" - -kibanaro: - hash: "$2a$12$JJSXNfTowz7Uu5ttXfeYpeYE0arACvcwlPBStB1F.MI7f0U9Z4DGC" - reserved: false - backend_roles: - - "kibanauser" - - "readall" - attributes: - attribute1: "value1" - attribute2: "value2" - attribute3: "value3" - description: "Demo kibanaro user" - -logstash: - hash: "$2a$12$u1ShR4l4uBS3Uv59Pa2y5.1uQuZBrZtmNfqB3iM/.jL0XoV9sghS2" - reserved: false - backend_roles: - - "logstash" - description: "Demo logstash user" - -readall: - hash: "$2a$12$ae4ycwzwvLtZxwZ82RmiEunBbIPiAmGZduBAjKN0TXdwQFtCwARz2" - reserved: false - backend_roles: - - "readall" - description: "Demo readall user" - -snapshotrestore: - hash: "$2y$12$DpwmetHKwgYnorbgdvORCenv4NAK8cPUg8AI6pxLCuWf/ALc0.v7W" - reserved: false - backend_roles: - - "snapshotrestore" - description: "Demo snapshotrestore user" - -wazuh_admin: - hash: "$2y$12$d2awHiOYvZjI88VfsDON.u6buoBol0gYPJEgdG1ArKVE0OMxViFfu" - reserved: true - hidden: false - backend_roles: [] - attributes: {} - opendistro_security_roles: [] - static: false - -wazuh_user: - hash: "$2y$12$BQixeoQdRubZdVf/7sq1suHwiVRnSst1.lPI2M0.GPZms4bq2D9vO" - reserved: true - hidden: false - backend_roles: [] - attributes: {} - opendistro_security_roles: [] - static: false \ No newline at end of file diff --git a/indexer_certs_creator/config/unattended_installer/config/opensearch/roles/roles.yml b/indexer_certs_creator/config/unattended_installer/config/opensearch/roles/roles.yml deleted file mode 100755 index 3afa9ee4..00000000 --- a/indexer_certs_creator/config/unattended_installer/config/opensearch/roles/roles.yml +++ /dev/null @@ -1,163 +0,0 @@ -_meta: - type: "roles" - config_version: 2 - -# Restrict users so they can only view visualization and dashboard on kibana -kibana_read_only: - reserved: true - -# The security REST API access role is used to assign specific users access to change the security settings through the REST API. -security_rest_api_access: - reserved: true - -# Allows users to view monitors, destinations and alerts -alerting_read_access: - reserved: true - cluster_permissions: - - 'cluster:admin/opendistro/alerting/alerts/get' - - 'cluster:admin/opendistro/alerting/destination/get' - - 'cluster:admin/opendistro/alerting/monitor/get' - - 'cluster:admin/opendistro/alerting/monitor/search' - -# Allows users to view and acknowledge alerts -alerting_ack_alerts: - reserved: true - cluster_permissions: - - 'cluster:admin/opendistro/alerting/alerts/*' - -# Allows users to use all alerting functionality -alerting_full_access: - reserved: true - cluster_permissions: - - 'cluster_monitor' - - 'cluster:admin/opendistro/alerting/*' - index_permissions: - - index_patterns: - - '*' - allowed_actions: - - 'indices_monitor' - - 'indices:admin/aliases/get' - - 'indices:admin/mappings/get' - -# Allow users to read Anomaly Detection detectors and results -anomaly_read_access: - reserved: true - cluster_permissions: - - 'cluster:admin/opendistro/ad/detector/info' - - 'cluster:admin/opendistro/ad/detector/search' - - 'cluster:admin/opendistro/ad/detectors/get' - - 'cluster:admin/opendistro/ad/result/search' - - 'cluster:admin/opendistro/ad/tasks/search' - -# Allows users to use all Anomaly Detection functionality -anomaly_full_access: - reserved: true - cluster_permissions: - - 'cluster_monitor' - - 'cluster:admin/opendistro/ad/*' - index_permissions: - - index_patterns: - - '*' - allowed_actions: - - 'indices_monitor' - - 'indices:admin/aliases/get' - - 'indices:admin/mappings/get' - -# Allows users to read Notebooks -notebooks_read_access: - reserved: true - cluster_permissions: - - 'cluster:admin/opendistro/notebooks/list' - - 'cluster:admin/opendistro/notebooks/get' - -# Allows users to all Notebooks functionality -notebooks_full_access: - reserved: true - cluster_permissions: - - 'cluster:admin/opendistro/notebooks/create' - - 'cluster:admin/opendistro/notebooks/update' - - 'cluster:admin/opendistro/notebooks/delete' - - 'cluster:admin/opendistro/notebooks/get' - - 'cluster:admin/opendistro/notebooks/list' - -# Allows users to read and download Reports -reports_instances_read_access: - reserved: true - cluster_permissions: - - 'cluster:admin/opendistro/reports/instance/list' - - 'cluster:admin/opendistro/reports/instance/get' - - 'cluster:admin/opendistro/reports/menu/download' - -# Allows users to read and download Reports and Report-definitions -reports_read_access: - reserved: true - cluster_permissions: - - 'cluster:admin/opendistro/reports/definition/get' - - 'cluster:admin/opendistro/reports/definition/list' - - 'cluster:admin/opendistro/reports/instance/list' - - 'cluster:admin/opendistro/reports/instance/get' - - 'cluster:admin/opendistro/reports/menu/download' - -# Allows users to all Reports functionality -reports_full_access: - reserved: true - cluster_permissions: - - 'cluster:admin/opendistro/reports/definition/create' - - 'cluster:admin/opendistro/reports/definition/update' - - 'cluster:admin/opendistro/reports/definition/on_demand' - - 'cluster:admin/opendistro/reports/definition/delete' - - 'cluster:admin/opendistro/reports/definition/get' - - 'cluster:admin/opendistro/reports/definition/list' - - 'cluster:admin/opendistro/reports/instance/list' - - 'cluster:admin/opendistro/reports/instance/get' - - 'cluster:admin/opendistro/reports/menu/download' - -# Allows users to use all asynchronous-search functionality -asynchronous_search_full_access: - reserved: true - cluster_permissions: - - 'cluster:admin/opendistro/asynchronous_search/*' - index_permissions: - - index_patterns: - - '*' - allowed_actions: - - 'indices:data/read/search*' - -# Allows users to read stored asynchronous-search results -asynchronous_search_read_access: - reserved: true - cluster_permissions: - - 'cluster:admin/opendistro/asynchronous_search/get' - -wazuh_ui_user: - reserved: true - hidden: false - cluster_permissions: [] - index_permissions: - - index_patterns: - - "wazuh-*" - dls: "" - fls: [] - masked_fields: [] - allowed_actions: - - "read" - tenant_permissions: [] - static: false - -wazuh_ui_admin: - reserved: true - hidden: false - cluster_permissions: [] - index_permissions: - - index_patterns: - - "wazuh-*" - dls: "" - fls: [] - masked_fields: [] - allowed_actions: - - "read" - - "delete" - - "manage" - - "index" - tenant_permissions: [] - static: false \ No newline at end of file diff --git a/indexer_certs_creator/config/unattended_installer/config/opensearch/roles/roles_mapping.yml b/indexer_certs_creator/config/unattended_installer/config/opensearch/roles/roles_mapping.yml deleted file mode 100755 index 7d8429cb..00000000 --- a/indexer_certs_creator/config/unattended_installer/config/opensearch/roles/roles_mapping.yml +++ /dev/null @@ -1,71 +0,0 @@ ---- -# In this file users, backendroles and hosts can be mapped to Open Distro Security roles. -# Permissions for Opendistro roles are configured in roles.yml - -_meta: - type: "rolesmapping" - config_version: 2 - -# Define your roles mapping here - -## Demo roles mapping - -all_access: - reserved: false - backend_roles: - - "admin" - description: "Maps admin to all_access" - -own_index: - reserved: false - users: - - "*" - description: "Allow full access to an index named like the username" - -logstash: - reserved: false - backend_roles: - - "logstash" - -kibana_user: - reserved: false - backend_roles: - - "kibanauser" - users: - - "wazuh_user" - - "wazuh_admin" - description: "Maps kibanauser to kibana_user" - -readall: - reserved: false - backend_roles: - - "readall" - -manage_snapshots: - reserved: false - backend_roles: - - "snapshotrestore" - -kibana_server: - reserved: true - users: - - "kibanaserver" - -wazuh_ui_admin: - reserved: true - hidden: false - backend_roles: [] - hosts: [] - users: - - "wazuh_admin" - - "kibanaserver" - and_backend_roles: [] - -wazuh_ui_user: - reserved: true - hidden: false - backend_roles: [] - hosts: [] - users: - - "wazuh_user" - and_backend_roles: [] \ No newline at end of file diff --git a/indexer_certs_creator/config/unattended_installer/install_functions/wazuh-cert-tool.sh b/indexer_certs_creator/config/unattended_installer/install_functions/wazuh-cert-tool.sh deleted file mode 100755 index 1c7f7c23..00000000 --- a/indexer_certs_creator/config/unattended_installer/install_functions/wazuh-cert-tool.sh +++ /dev/null @@ -1,433 +0,0 @@ -#!/bin/bash - -# Program to generate the certificates necessary for Wazuh installation -# Copyright (C) 2015, Wazuh Inc. -# -# This program is a free software; you can redistribute it -# and/or modify it under the terms of the GNU General Public -# License (version 2) as published by the FSF - Free Software -# Foundation. - -if [ -z "${base_path}" ]; then - base_path="$(dirname "$(readlink -f "$0")")" - config_file="${base_path}/config.yml" -fi - -if [[ -z "${logfile}" ]]; then - logfile="/var/log/wazuh-cert-tool.log" -fi - -debug_cert=">> ${logfile} 2>&1" - -function cleanFiles() { - - eval "rm -f ${base_path}/certs/*.csr ${debug_cert}" - eval "rm -f ${base_path}/certs/*.srl ${debug_cert}" - eval "rm -f ${base_path}/certs/*.conf ${debug_cert}" - eval "rm -f ${base_path}/certs/admin-key-temp.pem ${debug_cert}" - -} - -function checkOpenSSL() { - if [ -z "$(command -v openssl)" ]; then - logger_cert -e "OpenSSL not installed." - exit 1 - fi -} - -function logger_cert() { - now=$(date +'%d/%m/%Y %H:%M:%S') - mtype="INFO:" - debugLogger= - disableHeader= - if [ -n "${1}" ]; then - while [ -n "${1}" ]; do - case ${1} in - "-e") - mtype="ERROR:" - shift 1 - ;; - "-w") - mtype="WARNING:" - shift 1 - ;; - "-dh") - disableHeader=1 - shift 1 - ;; - "-d") - debugLogger=1 - shift 1 - ;; - *) - message="${1}" - shift 1 - ;; - esac - done - fi - - if [ -z "${debugLogger}" ] || ( [ -n "${debugLogger}" ] && [ -n "${debugEnabled}" ] ); then - if [ -n "${disableHeader}" ]; then - echo "${message}" | tee -a ${logfile} - else - echo "${now} ${mtype} ${message}" | tee -a ${logfile} - fi - fi -} - -function generateAdmincertificate() { - - eval "openssl genrsa -out ${base_path}/certs/admin-key-temp.pem 2048 ${debug_cert}" - eval "openssl pkcs8 -inform PEM -outform PEM -in ${base_path}/certs/admin-key-temp.pem -topk8 -nocrypt -v1 PBE-SHA1-3DES -out ${base_path}/certs/admin-key.pem ${debug_cert}" - eval "openssl req -new -key ${base_path}/certs/admin-key.pem -out ${base_path}/certs/admin.csr -batch -subj '/C=US/L=California/O=Wazuh/OU=Docu/CN=admin' ${debug_cert}" - eval "openssl x509 -days 3650 -req -in ${base_path}/certs/admin.csr -CA ${base_path}/certs/root-ca.pem -CAkey ${base_path}/certs/root-ca.key -CAcreateserial -sha256 -out ${base_path}/certs/admin.pem ${debug_cert}" - -} - -function generateCertificateconfiguration() { - - cat > "${base_path}/certs/${1}.conf" <<- EOF - [ req ] - prompt = no - default_bits = 2048 - default_md = sha256 - distinguished_name = req_distinguished_name - x509_extensions = v3_req - - [req_distinguished_name] - C = US - L = California - O = Wazuh - OU = Docu - CN = cname - - [ v3_req ] - authorityKeyIdentifier=keyid,issuer - basicConstraints = CA:FALSE - keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment - subjectAltName = @alt_names - - [alt_names] - IP.1 = cip - EOF - - conf="$(awk '{sub("CN = cname", "CN = '${1}'")}1' "${base_path}/certs/${1}.conf")" - echo "${conf}" > "${base_path}/certs/${1}.conf" - - isIP=$(echo "${2}" | grep -P "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$") - isDNS=$(echo "${2}" | grep -P "^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9](?:\.[a-zA-Z]{2,})+$" ) - - if [[ -n "${isIP}" ]]; then - conf="$(awk '{sub("IP.1 = cip", "IP.1 = '${2}'")}1' "${base_path}/certs/${1}.conf")" - echo "${conf}" > "${base_path}/certs/${1}.conf" - elif [[ -n "${isDNS}" ]]; then - conf="$(awk '{sub("CN = cname", "CN = '${2}'")}1' "${base_path}/certs/${1}.conf")" - echo "${conf}" > "${base_path}/certs/${1}.conf" - conf="$(awk '{sub("IP.1 = cip", "DNS.1 = '${2}'")}1' "${base_path}/certs/${1}.conf")" - echo "${conf}" > "${base_path}/certs/${1}.conf" - else - logger_cert -e "The given information does not match with an IP address or a DNS." - exit 1 - fi - -} - -function generateElasticsearchcertificates() { - - if [ ${#elasticsearch_node_names[@]} -gt 0 ]; then - logger_cert "Creating the Elasticsearch certificates." - - for i in "${!elasticsearch_node_names[@]}"; do - generateCertificateconfiguration "${elasticsearch_node_names[i]}" "${elasticsearch_node_ips[i]}" - eval "openssl req -new -nodes -newkey rsa:2048 -keyout ${base_path}/certs/${elasticsearch_node_names[i]}-key.pem -out ${base_path}/certs/${elasticsearch_node_names[i]}.csr -config ${base_path}/certs/${elasticsearch_node_names[i]}.conf -days 3650 ${debug_cert}" - eval "openssl x509 -req -in ${base_path}/certs/${elasticsearch_node_names[i]}.csr -CA ${base_path}/certs/root-ca.pem -CAkey ${base_path}/certs/root-ca.key -CAcreateserial -out ${base_path}/certs/${elasticsearch_node_names[i]}.pem -extfile ${base_path}/certs/${elasticsearch_node_names[i]}.conf -extensions v3_req -days 3650 ${debug_cert}" - eval "chmod 444 ${base_path}/certs/${elasticsearch_node_names[i]}-key.pem ${debug_cert}" - done - fi - -} - -function generateFilebeatcertificates() { - - if [ ${#wazuh_servers_node_names[@]} -gt 0 ]; then - logger_cert "Creating the Wazuh server certificates." - - for i in "${!wazuh_servers_node_names[@]}"; do - generateCertificateconfiguration "${wazuh_servers_node_names[i]}" "${wazuh_servers_node_ips[i]}" - eval "openssl req -new -nodes -newkey rsa:2048 -keyout ${base_path}/certs/${wazuh_servers_node_names[i]}-key.pem -out ${base_path}/certs/${wazuh_servers_node_names[i]}.csr -config ${base_path}/certs/${wazuh_servers_node_names[i]}.conf -days 3650 ${debug_cert}" - eval "openssl x509 -req -in ${base_path}/certs/${wazuh_servers_node_names[i]}.csr -CA ${base_path}/certs/root-ca.pem -CAkey ${base_path}/certs/root-ca.key -CAcreateserial -out ${base_path}/certs/${wazuh_servers_node_names[i]}.pem -extfile ${base_path}/certs/${wazuh_servers_node_names[i]}.conf -extensions v3_req -days 3650 ${debug_cert}" - done - fi - -} - -function generateKibanacertificates() { - - if [ ${#kibana_node_names[@]} -gt 0 ]; then - logger_cert "Creating the Kibana certificate." - - for i in "${!kibana_node_names[@]}"; do - generateCertificateconfiguration "${kibana_node_names[i]}" "${kibana_node_ips[i]}" - eval "openssl req -new -nodes -newkey rsa:2048 -keyout ${base_path}/certs/${kibana_node_names[i]}-key.pem -out ${base_path}/certs/${kibana_node_names[i]}.csr -config ${base_path}/certs/${kibana_node_names[i]}.conf -days 3650 ${debug_cert}" - eval "openssl x509 -req -in ${base_path}/certs/${kibana_node_names[i]}.csr -CA ${base_path}/certs/root-ca.pem -CAkey ${base_path}/certs/root-ca.key -CAcreateserial -out ${base_path}/certs/${kibana_node_names[i]}.pem -extfile ${base_path}/certs/${kibana_node_names[i]}.conf -extensions v3_req -days 3650 ${debug_cert}" - eval "chmod 444 ${base_path}/certs/${kibana_node_names[i]}-key.pem ${debug_cert}" - done - fi - -} - -function generateRootCAcertificate() { - - logger_cert "Creating the root certificate." - - eval "openssl req -x509 -new -nodes -newkey rsa:2048 -keyout ${base_path}/certs/root-ca.key -out ${base_path}/certs/root-ca.pem -batch -subj '/OU=Docu/O=Wazuh/L=California/' -days 3650 ${debug_cert}" - -} - -function getHelp() { - - echo -e "" - echo -e "NAME" - echo -e " wazuh-cert-tool.sh - Manages the creation of certificates of the Wazuh components." - echo -e "" - echo -e "SYNOPSIS" - echo -e " wazuh-cert-tool.sh [OPTIONS]" - echo -e "" - echo -e "DESCRIPTION" - echo -e " -a, --admin-certificates" - echo -e " Creates the admin certificates." - echo -e "" - echo -e " -ca, --root-ca-certificates" - echo -e " Creates the root-ca certificates." - echo -e "" - echo -e " -e, --elasticsearch-certificates" - echo -e " Creates the Elasticsearch certificates." - echo -e "" - echo -e " -k, --kibana-certificates" - echo -e " Creates the Kibana certificates." - echo -e "" - echo -e " -v, --verbose" - echo -e " Enables verbose mode." - echo -e "" - echo -e " -w, --wazuh-certificates" - echo -e " Creates the Wazuh server certificates." - - exit 1 - -} - -function main() { - - if [ "$EUID" -ne 0 ]; then - logger_cert -e "This script must be run as root." - exit 1 - fi - - checkOpenSSL - - if [[ -d ${base_path}/certs ]]; then - logger_cert -e "Folder ${base_path}/certs already exists. Please, remove the /certs folder to create new certificates." - exit 1 - else - mkdir "${base_path}/certs" - fi - - if [ -n "${1}" ]; then - while [ -n "${1}" ] - do - case "${1}" in - "-a"|"--admin-certificates") - cadmin=1 - shift 1 - ;; - "-ca"|"--root-ca-certificate") - ca=1 - shift 1 - ;; - "-e"|"--elasticsearch-certificates") - celasticsearch=1 - shift 1 - ;; - "-w"|"--wazuh-certificates") - cwazuh=1 - shift 1 - ;; - "-k"|"--kibana-certificates") - ckibana=1 - shift 1 - ;; - "-v"|"--verbose") - debugEnabled=1 - shift 1 - ;; - "-h"|"--help") - getHelp - ;; - *) - getHelp - esac - done - - readConfig - - if [ -n "${debugEnabled}" ]; then - debug_cert="2>&1 | tee -a ${logfile}" - fi - - if [[ -n "${cadmin}" ]]; then - generateAdmincertificate - logger_cert "Admin certificates created." - fi - - if [[ -n "${ca}" ]]; then - generateRootCAcertificate - logger_cert "Authority certificates created." - fi - - if [[ -n "${celasticsearch}" ]]; then - generateElasticsearchcertificates - logger_cert "Elasticsearch certificates created." - fi - - if [[ -n "${cwazuh}" ]]; then - generateFilebeatcertificates - logger_cert "Wazuh server certificates created." - fi - - if [[ -n "${ckibana}" ]]; then - generateKibanacertificates - logger_cert "Kibana certificates created." - fi - - else - readConfig - generateRootCAcertificate - generateAdmincertificate - generateElasticsearchcertificates - generateFilebeatcertificates - generateKibanacertificates - cleanFiles - fi - -} - -function parse_yaml() { - - local prefix=${2} - local s='[[:space:]]*' - local w='[a-zA-Z0-9_]*' - local fs=$(echo @|tr @ '\034') - sed -ne "s|^\($s\):|\1|" \ - -e "s|^\($s\)\($w\)$s:$s[\"']\(.*\)[\"']$s\$|\1$fs\2$fs\3|p" \ - -e "s|^\($s\)\($w\)$s:$s\(.*\)$s\$|\1$fs\2$fs\3|p" ${1} | - awk -F$fs '{ - indent = length($1)/2; - vname[indent] = $2; - for (i in vname) {if (i > indent) {delete vname[i]}} - if (length($3) > 0) { - vn=""; for (i=0; i> $kibana_config_file +cat << EOF > $kibana_config_file hosts: - 1513629884013: url: $wazuh_url @@ -16,3 +16,5 @@ hosts: username: $api_username password: $api_password EOF + + From 55dd20306798910c271192ed92484e49d59fe047 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Mon, 14 Feb 2022 17:04:11 -0300 Subject: [PATCH 025/163] docker-compose.yml configuration fixes --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index bc950aca..f055f19d 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -46,7 +46,7 @@ services: hard: 65536 wazuh.dashboard: - image: wazuh/wazuh-dashboard-test:4.3.0 + image: wazuh/wazuh-dashboard:4.3.0 hostname: wazuh.dashboard restart: always ports: From b81c99be46adc2c7f831ca24715574e3d28ba70c Mon Sep 17 00:00:00 2001 From: vcerenu Date: Mon, 14 Feb 2022 17:21:43 -0300 Subject: [PATCH 026/163] docker-compose.yml configuration fixes --- production_cluster/nginx/ssl/cert.pem | 21 -------------------- production_cluster/nginx/ssl/key.pem | 28 --------------------------- 2 files changed, 49 deletions(-) delete mode 100644 production_cluster/nginx/ssl/cert.pem delete mode 100644 production_cluster/nginx/ssl/key.pem diff --git a/production_cluster/nginx/ssl/cert.pem b/production_cluster/nginx/ssl/cert.pem deleted file mode 100644 index d5bbb656..00000000 --- a/production_cluster/nginx/ssl/cert.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDazCCAlOgAwIBAgIUASe6vu/ElSX7Znaz3NfI/zM6QCEwDQYJKoZIhvcNAQEL -BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM -GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMjAyMDgxMjMxNDlaFw0yMzAy -MDgxMjMxNDlaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw -HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB -AQUAA4IBDwAwggEKAoIBAQC36B2fAApuF7OjzvGDGfhOSDoKsemyCCRfQ7ErJXhJ -/aaFyBFmnRpwHWKRm/a+rcjFc2EEFxW6rkwHScoMCkpPPJMuxOw3xd1YKy/hy//e -4L67iAdc2yNlXmkANMUPQldJn2RFf7JSVEMGMLhvEQsIKQ0AKqBaytS+2Cr7ciHv -g1VxNAXvJkyYruEPIuHr9WvZ/BgmxCcI5IM4yLXSLbpbUqajQCAWa/HlDEO0729t -kF8dSJYLrz9kt2dnCgupw4iHCwYH+VjUEOAfAucF8Uj5u13GdovaodRxwftHG3TV -quZCYK77V/lJNOq0eUmZ33r1VvH1VZsAhThX4GV5auULAgMBAAGjUzBRMB0GA1Ud -DgQWBBRAa37ztZ4A+bZ+rO2DmUp5Ew7Q2TAfBgNVHSMEGDAWgBRAa37ztZ4A+bZ+ -rO2DmUp5Ew7Q2TAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQB0 -9qCMnym11g3NUNksnCtrHOo8r5DKU9KPISFOtG03Syxe7K9xi3oOYqaiZPJezoSl -7Z9O6Sobwgah+MtwZ5/9+jsxPgmEcpE6SWYx6KcG44TrC7RToIX7JyILxJujqJT2 -LODBmHO2IMGi9htaV8WDqwDKTqtBsmi9VdSOVy1WOsP9lcJoO2Di4cPS5RJjdDAW -sJNAFK+tGv0ZcUZ5bunjIGTEUIAElSPE/LTzuox2R4gVdWx0QYnKLn945C7Blr5d -tPR6EOI/4n5X7nq4XnX60dTAVS8ybZcUHTmHV9bz+KBu08jFn6Aum8mhYm1iFKKL -3P6t5XsQAQMTR37HAhLW ------END CERTIFICATE----- diff --git a/production_cluster/nginx/ssl/key.pem b/production_cluster/nginx/ssl/key.pem deleted file mode 100644 index 5dc0986b..00000000 --- a/production_cluster/nginx/ssl/key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC36B2fAApuF7Oj -zvGDGfhOSDoKsemyCCRfQ7ErJXhJ/aaFyBFmnRpwHWKRm/a+rcjFc2EEFxW6rkwH -ScoMCkpPPJMuxOw3xd1YKy/hy//e4L67iAdc2yNlXmkANMUPQldJn2RFf7JSVEMG -MLhvEQsIKQ0AKqBaytS+2Cr7ciHvg1VxNAXvJkyYruEPIuHr9WvZ/BgmxCcI5IM4 -yLXSLbpbUqajQCAWa/HlDEO0729tkF8dSJYLrz9kt2dnCgupw4iHCwYH+VjUEOAf -AucF8Uj5u13GdovaodRxwftHG3TVquZCYK77V/lJNOq0eUmZ33r1VvH1VZsAhThX -4GV5auULAgMBAAECggEAScmo8N28UZXS7tueTULDPO1/1EC0Ckl4Bn0LfctH6zAJ -e03dpXVNYUR5AwE3zCPAFXEIsPJuNnuuZ5I0rgYG8KnWSAKc4HfUKocRbCBEpnE4 -NdgLVDdciVSK/pkto8Szbwez3KqyqpPCXJ55sZ599aU64SE5O5R8LaJgBIkzknxK -J2cS6W7M15nwpgmhS5NlXDnykaDa8lPTccqqPF2b1HAgup2Lfg/HIq5U6kB6O87R -mQGd1ZZ13CxNJP6qWfSK34B1novabkOhy6vlfE2HT8uggxjR7B1u++Lr/jccduNY -Mvm9kILWwxrmPNOqt9OJLZYxlKTcsaIZvDuin47hSQKBgQDixjQXGD9bcMyy1z9k -7I98HcEoy3CbXq1zNxaZw4N4zEttVUHexbBs/UDYGXU+O4hRYxmPChKHdTQ4KzWx -RPTNnnzPTsHl6W+a2XS8MnoiF1yMUuE0IwThkS4OlEVakS1I+pyOEQxh0R93KBrW -LFRkBjMDAv7uB+TtXJNpNfRVLwKBgQDPm515DVjO1+MwzGni4TD8EvZl0KWkHASO -VLh8eDOTe+1dPdlHJp98+eOCp+BzfiKFYXDXmeoaZ+wBbyNxRr6ofPGVtHEGp4zp -pWp8BQ8Uw1LojpZB8uji2+LaX+qb7W+dFR8kbWbjTQkuWYU2jjk7WqreUdTnxRtb -sc/nE6fu5QKBgEgiwkkiZm0A6axt+fVxpobVtC703+IccNI4kNDit3yCh+/Ecgqa -Ge/hc3IKTxg3uboh6uxsSM6cArtnS1ITXEfYBV2wcM9gvSaly5Nd/ym/AqqEZqy+ -Avx5wQvUMGeJzLztM0WhuK2Y5whxUnAUc9fJfQqVNmCjVDgI/b828XzzAoGBAL0N -CR41sDxTTZifXID07eVt4yCeGmhR9zghIAqAbv8Lp//zlUt8eVmWOL4+315sa0Uo -kVhT2WGIZtp7eTvq3y2Q8XGQ6ifUJbaSImCjPrN6lqIdTejqKXaEI5UWKQ8q7SuP -E1fZpAqymPyzGmKuqqFJFDX1MLqJvDsItbjIJnGdAoGAWnLU4S2CzgtiOeFiKKU9 -P+nhTplGV/DH0dMnVa5hZeIP3UDpzR19aQ9OXdRv30M3eSQnIRcL3A/Gci8fSmx/ -/5nJp1hoEwL2oawyRcEU6A5djT7zZ0m2+gteu9QLBiq3YlqmJUVKaviIUC4Se7ZP -TrRYjCtxO5XdtyZGZxVrTQk= ------END PRIVATE KEY----- From 803c9b70622bf8bf6a0aa68ed64f8865c7b526f1 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Mon, 14 Feb 2022 17:46:32 -0300 Subject: [PATCH 027/163] docker-compose.yml configuration fixes --- indexer_certs_creator/config/entrypoint.sh | 2 +- production_cluster/wazuh_cluster/wazuh_manager.conf | 1 - production_cluster/wazuh_cluster/wazuh_worker.conf | 1 - 3 files changed, 1 insertion(+), 3 deletions(-) diff --git a/indexer_certs_creator/config/entrypoint.sh b/indexer_certs_creator/config/entrypoint.sh index 0e86ce61..959f9e6d 100644 --- a/indexer_certs_creator/config/entrypoint.sh +++ b/indexer_certs_creator/config/entrypoint.sh @@ -9,4 +9,4 @@ echo "Moving created certificates to destination directory" cp /unattended_installer/install_functions/certs/* /certificates/ echo "changing certificate permissions" -chmod -R 664 /certificates/* +chmod -R 666 /certificates/* diff --git a/production_cluster/wazuh_cluster/wazuh_manager.conf b/production_cluster/wazuh_cluster/wazuh_manager.conf index 38a180d6..8b6c33cb 100644 --- a/production_cluster/wazuh_cluster/wazuh_manager.conf +++ b/production_cluster/wazuh_cluster/wazuh_manager.conf @@ -91,7 +91,6 @@ no 5m - 6h yes diff --git a/production_cluster/wazuh_cluster/wazuh_worker.conf b/production_cluster/wazuh_cluster/wazuh_worker.conf index bc0bbb8d..a91e6e16 100644 --- a/production_cluster/wazuh_cluster/wazuh_worker.conf +++ b/production_cluster/wazuh_cluster/wazuh_worker.conf @@ -91,7 +91,6 @@ no 5m - 6h yes From 5bc8693bbc4c20f928bc1d72c9dac813667f6ef5 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 15 Feb 2022 11:13:48 -0300 Subject: [PATCH 028/163] clean Dockerfile and docker-compose start script --- docker-compose.yml | 2 -- production-cluster.yml | 1 - .../wazuh_dashboard/wazuh/config/wazuh.yml | 8 -------- wazuh-indexer/Dockerfile | 16 ++++++---------- 4 files changed, 6 insertions(+), 21 deletions(-) delete mode 100644 production_cluster/wazuh_dashboard/wazuh/config/wazuh.yml diff --git a/docker-compose.yml b/docker-compose.yml index f055f19d..28b42f3d 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -57,8 +57,6 @@ services: - ELASTICSEARCH_PASSWORD=admin - SERVER_SSL_ENABLED=false - WAZUH_API_URL=https://wazuh.manager - #volumes: - # - ./production_cluster/wazuh_dashboard/dashboard.yml:/etc/wazuh-dashboard/dashboard.yml volumes: ossec_api_configuration: diff --git a/production-cluster.yml b/production-cluster.yml index cca353e7..3b1ef143 100644 --- a/production-cluster.yml +++ b/production-cluster.yml @@ -152,7 +152,6 @@ services: - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/etc/wazuh-dashboard/certs/wazuh-dashboard-key.pem - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-dashboard/certs/root-ca.pem - ./production_cluster/wazuh_dashboard/dashboard.yml:/etc/wazuh-dashboard/dashboard.yml - #- ./production_cluster/wazuh_dashboard/wazuh:/usr/share/wazuh-dashboard/data/wazuh depends_on: - wazuh1.indexer links: diff --git a/production_cluster/wazuh_dashboard/wazuh/config/wazuh.yml b/production_cluster/wazuh_dashboard/wazuh/config/wazuh.yml deleted file mode 100644 index f37a7aca..00000000 --- a/production_cluster/wazuh_dashboard/wazuh/config/wazuh.yml +++ /dev/null @@ -1,8 +0,0 @@ -hosts: - - default: - url: https://wazuh.master - port: 55000 - username: acme-user - password: MyS3cr37P450r.*- - run_as: false - diff --git a/wazuh-indexer/Dockerfile b/wazuh-indexer/Dockerfile index 04972402..cdb843b9 100644 --- a/wazuh-indexer/Dockerfile +++ b/wazuh-indexer/Dockerfile @@ -12,23 +12,19 @@ RUN sha256sum -c ${tini_bin}.sha256sum && \ rm ${tini_bin}.sha256sum && \ mv ${tini_bin} /tini && \ chmod +x /tini -#RUN mkdir /usr/share/wazuh-indexer -#WORKDIR /usr/share/opensearch -#RUN tar zxf /opt/opensearch.tar.gz --strip-components=1 -#RUN sed -i -e 's/OPENSEARCH_DISTRIBUTION_TYPE=tar/OPENSEARCH_DISTRIBUTION_TYPE=docker/' /usr/share/opensearch/bin/opensearch-env -#RUN mkdir -p config config/jvm.options.d data logs -#RUN chmod 0775 config config/jvm.options.d data logs -#COPY config/opensearch.yml config/log4j2.properties config/ -#RUN chmod 0660 config/opensearch.yml config/log4j2.properties + COPY config/unattended_installer.tar.gz / + COPY config/config.sh . + RUN tar -xzvf /unattended_installer.tar.gz + RUN bash config.sh ################################################################################ -# Build stage 1 (the actual OpenSearch image): +# Build stage 1 (the actual Wazuh indexer image): # -# Copy opensearch from stage 0 +# Copy wazuh-indexer from stage 0 # Add entrypoint ################################################################################ FROM ubuntu:focal From 2c24e12b4e96feb04aca852f179c82402b4e8b73 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 15 Feb 2022 11:37:23 -0300 Subject: [PATCH 029/163] clean Dockerfile and docker-compose start script --- kibana-odfe/Dockerfile | 2 +- kibana/Dockerfile | 2 +- wazuh-dashboard/Dockerfile | 2 +- wazuh-odfe/Dockerfile | 2 +- wazuh-odfe/config/wazuh.repo | 4 ++-- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/kibana-odfe/Dockerfile b/kibana-odfe/Dockerfile index 23f897d8..3cad99ba 100644 --- a/kibana-odfe/Dockerfile +++ b/kibana-odfe/Dockerfile @@ -6,7 +6,7 @@ ARG WAZUH_VERSION=4.2.5 ARG WAZUH_APP_VERSION="${WAZUH_VERSION}_${ELASTIC_VERSION}" WORKDIR /usr/share/kibana -RUN ./bin/kibana-plugin install https://packages-dev.wazuh.com/pre-release/ui/kibana/wazuh_kibana-${WAZUH_APP_VERSION}-1.zip +RUN ./bin/kibana-plugin install https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana-${WAZUH_APP_VERSION}-1.zip WORKDIR / USER root diff --git a/kibana/Dockerfile b/kibana/Dockerfile index 76f39d0d..d98443ae 100644 --- a/kibana/Dockerfile +++ b/kibana/Dockerfile @@ -6,7 +6,7 @@ ARG WAZUH_VERSION=4.3.0 ARG WAZUH_APP_VERSION="${WAZUH_VERSION}_${ELASTIC_VERSION}" WORKDIR /usr/share/kibana -RUN ./bin/kibana-plugin install https://packages-dev.wazuh.com/pre-release/ui/kibana/wazuh_kibana-${WAZUH_APP_VERSION}-1.zip +RUN ./bin/kibana-plugin install https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana-${WAZUH_APP_VERSION}-1.zip ENV PATTERN="" \ CHECKS_PATTERN="" \ diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index 1b833ff9..3a6dedeb 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -7,7 +7,7 @@ ARG WAZUH_VERSION=4.3.0-1 RUN apt-get update && apt install curl libcap2-bin -y #Download and install Wazuh Dashboard -RUN curl https://s3.us-west-1.amazonaws.com/packages-dev.wazuh.com/pre-release/apt/pool/main/w/wazuh-dashboard/wazuh-dashboard_${WAZUH_VERSION}_amd64.deb --output wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ +RUN curl https://s3.us-west-1.amazonaws.com/packages.wazuh.com/4.x/apt/pool/main/w/wazuh-dashboard/wazuh-dashboard_${WAZUH_VERSION}_amd64.deb --output wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ dpkg -i wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ apt-get clean -y && rm -rf wazuh-dashboard_${WAZUH_VERSION}_amd64.deb diff --git a/wazuh-odfe/Dockerfile b/wazuh-odfe/Dockerfile index c7a9cf83..5968d239 100644 --- a/wazuh-odfe/Dockerfile +++ b/wazuh-odfe/Dockerfile @@ -8,7 +8,7 @@ ARG TEMPLATE_VERSION="master" ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" # Set repositories. -RUN rpm --import https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH +RUN rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH COPY config/wazuh.repo /etc/yum.repos.d/wazuh.repo diff --git a/wazuh-odfe/config/wazuh.repo b/wazuh-odfe/config/wazuh.repo index 4b673ff0..e230d6a9 100644 --- a/wazuh-odfe/config/wazuh.repo +++ b/wazuh-odfe/config/wazuh.repo @@ -1,7 +1,7 @@ [wazuh_repo] gpgcheck=1 -gpgkey=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH +gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH enabled=1 name=Wazuh repository -baseurl=https://packages-dev.wazuh.com/pre-release/yum/ +baseurl=https://packages.wazuh.com/4.x/yum/ protect=1 From 1db1ab451478aeeff736c07d1fab28e2559e3a1f Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 15 Feb 2022 12:16:29 -0300 Subject: [PATCH 030/163] clean Dockerfile and docker-compose start script --- docker-compose.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docker-compose.yml b/docker-compose.yml index 28b42f3d..c4a212f0 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -57,6 +57,11 @@ services: - ELASTICSEARCH_PASSWORD=admin - SERVER_SSL_ENABLED=false - WAZUH_API_URL=https://wazuh.manager + depends_on: + - wazuh1.indexer + links: + - wazuh1.indexer:wazuh1.indexer + - wazuh.manager:wazuh.manager volumes: ossec_api_configuration: From b07bc5625e173997a8ae82a3e74d3d434467578d Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 15 Feb 2022 12:21:19 -0300 Subject: [PATCH 031/163] clean Dockerfile and docker-compose start script --- kibana-odfe/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kibana-odfe/Dockerfile b/kibana-odfe/Dockerfile index 3cad99ba..1d304341 100644 --- a/kibana-odfe/Dockerfile +++ b/kibana-odfe/Dockerfile @@ -2,7 +2,7 @@ FROM amazon/opendistro-for-elasticsearch-kibana:1.13.2 USER kibana ARG ELASTIC_VERSION=7.10.2 -ARG WAZUH_VERSION=4.2.5 +ARG WAZUH_VERSION=4.3.0 ARG WAZUH_APP_VERSION="${WAZUH_VERSION}_${ELASTIC_VERSION}" WORKDIR /usr/share/kibana From 82325914b3a303891494a11d9e075f7cd4d319e3 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 15 Feb 2022 12:39:27 -0300 Subject: [PATCH 032/163] clean Dockerfile and docker-compose start script --- production-cluster.yml | 8 +- production-cluster_odfe.yml | 112 +++++++++--------- production_cluster/nginx/nginx.conf | 6 +- production_cluster/nginx_wazuh/nginx.conf | 67 +++++++++++ .../ssl/generate-self-signed-cert.sh | 12 ++ 5 files changed, 139 insertions(+), 66 deletions(-) create mode 100644 production_cluster/nginx_wazuh/nginx.conf create mode 100644 production_cluster/nginx_wazuh/ssl/generate-self-signed-cert.sh diff --git a/production-cluster.yml b/production-cluster.yml index 3b1ef143..6161fbdd 100644 --- a/production-cluster.yml +++ b/production-cluster.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.master: - image: wazuh/wazuh-odfe:4.3.0-dev + image: wazuh/wazuh-odfe:4.3.0 hostname: wazuh.master restart: always ports: @@ -38,7 +38,7 @@ services: - ./production_cluster/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: - image: wazuh/wazuh-odfe:4.3.0-dev + image: wazuh/wazuh-odfe:4.3.0 hostname: wazuh.worker restart: always environment: @@ -175,8 +175,8 @@ services: - wazuh.worker:wazuh.worker - wazuh.dashboard:wazuh.dashboard volumes: - - ./production_cluster/nginx/nginx.conf:/etc/nginx/nginx.conf:ro - - ./production_cluster/nginx/ssl:/etc/nginx/ssl:ro + - ./production_cluster/nginx_wazuh/nginx.conf:/etc/nginx/nginx.conf:ro + - ./production_cluster/nginx_wazuh/ssl:/etc/nginx/ssl:ro volumes: ossec-api-configuration: diff --git a/production-cluster_odfe.yml b/production-cluster_odfe.yml index ae431ba2..2907bfbe 100644 --- a/production-cluster_odfe.yml +++ b/production-cluster_odfe.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh-master: - image: wazuh/wazuh-odfe:4.3.0 + image: wazuh/wazuh-odfe:4.4.0 hostname: wazuh-master restart: always ports: @@ -11,7 +11,7 @@ services: - "514:514/udp" - "55000:55000" environment: - - ELASTICSEARCH_URL=https://wazuh-indexer:9700 + - ELASTICSEARCH_URL=https://elasticsearch:9200 - ELASTIC_USERNAME=admin - ELASTIC_PASSWORD=SecretPassword - FILEBEAT_SSL_VERIFICATION_MODE=full @@ -32,17 +32,17 @@ services: - ossec-wodles:/var/ossec/wodles - filebeat-etc:/etc/filebeat - filebeat-var:/var/lib/filebeat - - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem - - ./production_cluster/wazuh_indexer_ssl_certs/filebeat.pem:/etc/ssl/filebeat.pem - - ./production_cluster/wazuh_indexer_ssl_certs/filebeat.key:/etc/ssl/filebeat.key + - ./production_cluster/ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem + - ./production_cluster/ssl_certs/filebeat.pem:/etc/ssl/filebeat.pem + - ./production_cluster/ssl_certs/filebeat.key:/etc/ssl/filebeat.key - ./production_cluster/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh-worker: - image: wazuh/wazuh-odfe:4.3.0 + image: wazuh/wazuh-odfe:4.4.0 hostname: wazuh-worker restart: always environment: - - ELASTICSEARCH_URL=https://wazuh-indexer:9700 + - ELASTICSEARCH_URL=https://elasticsearch:9200 - ELASTIC_USERNAME=admin - ELASTIC_PASSWORD=SecretPassword - FILEBEAT_SSL_VERIFICATION_MODE=full @@ -61,21 +61,19 @@ services: - worker-ossec-wodles:/var/ossec/wodles - worker-filebeat-etc:/etc/filebeat - worker-filebeat-var:/var/lib/filebeat - - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem - - ./production_cluster/wazuh_indexer_ssl_certs/filebeat.pem:/etc/ssl/filebeat.pem - - ./production_cluster/wazuh_indexer_ssl_certs/filebeat.key:/etc/ssl/filebeat.key + - ./production_cluster/ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem + - ./production_cluster/ssl_certs/filebeat.pem:/etc/ssl/filebeat.pem + - ./production_cluster/ssl_certs/filebeat.key:/etc/ssl/filebeat.key - ./production_cluster/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf - wazuh-indexer: - image: wazuh-indexer - hostname: wazuh-indexer + elasticsearch: + image: amazon/opendistro-for-elasticsearch:1.13.2 + hostname: elasticsearch restart: always ports: - - "9700:9700" + - "9200:9200" environment: - - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g" - - "NODE_TYPE=master" - - "bootstrap.memory_lock=true" + - "ES_JAVA_OPTS=-Xms512m -Xmx512m" ulimits: memlock: soft: -1 @@ -84,23 +82,21 @@ services: soft: 65536 hard: 65536 volumes: - - wazuh-indexer-data-1:/var/lib/wazuh-indexer - - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer.key:/etc/wazuh-indexer/certs/wazuh-indexer.key - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer.pem:/etc/wazuh-indexer/certs/wazuh-indexer.pem - - ./production_cluster/wazuh_indexer_ssl_certs/admin.pem:/etc/wazuh-indexer/certs/admin.pem - - ./production_cluster/wazuh_indexer_ssl_certs/admin.key:/etc/wazuh-indexer/certs/admin-key.pem - - ./production_cluster/wazuh-indexer/opensearch-node1.yml:/etc/wazuh-indexer/opensearch.yml - - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml + - elastic-data-1:/usr/share/elasticsearch/data + - ./production_cluster/ssl_certs/root-ca.pem:/usr/share/elasticsearch/config/root-ca.pem + - ./production_cluster/ssl_certs/node1.key:/usr/share/elasticsearch/config/node1.key + - ./production_cluster/ssl_certs/node1.pem:/usr/share/elasticsearch/config/node1.pem + - ./production_cluster/ssl_certs/admin.pem:/usr/share/elasticsearch/config/admin.pem + - ./production_cluster/ssl_certs/admin.key:/usr/share/elasticsearch/config/admin.key + - ./production_cluster/elastic_opendistro/elasticsearch-node1.yml:/usr/share/elasticsearch/config/elasticsearch.yml + - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml - wazuh-indexer-2: - image: wazuh-indexer - hostname: wazuh-indexer-2 + elasticsearch-2: + image: amazon/opendistro-for-elasticsearch:1.13.2 + hostname: elasticsearch-2 restart: always environment: - - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g" - - "NODE_TYPE=worker" - - "bootstrap.memory_lock=true" + - "ES_JAVA_OPTS=-Xms512m -Xmx512m" ulimits: memlock: soft: -1 @@ -109,21 +105,19 @@ services: soft: 65536 hard: 65536 volumes: - - wazuh-indexer-data-2:/var/lib/wazuh-indexer - - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-2.key:/etc/wazuh-indexer/certs/wazuh-indexer-2.key - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-2.pem:/etc/wazuh-indexer/certs/wazuh-indexer-2.pem - - ./production_cluster/wazuh-indexer/opensearch-node2.yml:/etc/wazuh-indexer/opensearch.yml - - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml + - elastic-data-2:/usr/share/elasticsearch/data + - ./production_cluster/ssl_certs/root-ca.pem:/usr/share/elasticsearch/config/root-ca.pem + - ./production_cluster/ssl_certs/node2.key:/usr/share/elasticsearch/config/node2.key + - ./production_cluster/ssl_certs/node2.pem:/usr/share/elasticsearch/config/node2.pem + - ./production_cluster/elastic_opendistro/elasticsearch-node2.yml:/usr/share/elasticsearch/config/elasticsearch.yml + - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml - wazuh-indexer-3: - image: wazuh-indexer - hostname: wazuh-indexer-3 + elasticsearch-3: + image: amazon/opendistro-for-elasticsearch:1.13.2 + hostname: elasticsearch-3 restart: always environment: - - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g" - - "NODE_TYPE=worker" - - "bootstrap.memory_lock=true" + - "ES_JAVA_OPTS=-Xms512m -Xmx512m" ulimits: memlock: soft: -1 @@ -132,15 +126,15 @@ services: soft: 65536 hard: 65536 volumes: - - wazuh-indexer-data-3:/var/lib/wazuh-indexer - - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-indexer/certs/root-ca.pem - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-3.key:/etc/wazuh-indexer/certs/wazuh-indexer-3.key - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh-indexer-3.pem:/etc/wazuh-indexer/certs/wazuh-indexer-3.pem - - ./production_cluster/wazuh-indexer/opensearch-node3.yml:/etc/wazuh-indexer/opensearch.yml - - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml + - elastic-data-3:/usr/share/elasticsearch/data + - ./production_cluster/ssl_certs/root-ca.pem:/usr/share/elasticsearch/config/root-ca.pem + - ./production_cluster/ssl_certs/node3.key:/usr/share/elasticsearch/config/node3.key + - ./production_cluster/ssl_certs/node3.pem:/usr/share/elasticsearch/config/node3.pem + - ./production_cluster/elastic_opendistro/elasticsearch-node3.yml:/usr/share/elasticsearch/config/elasticsearch.yml + - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml kibana: - image: wazuh/wazuh-dashboard:4.3.0 + image: wazuh/wazuh-kibana-odfe:4.4.0 hostname: kibana restart: always ports: @@ -149,19 +143,19 @@ services: - ELASTICSEARCH_USERNAME=admin - ELASTICSEARCH_PASSWORD=SecretPassword - SERVER_SSL_ENABLED=true - - SERVER_SSL_CERTIFICATE=/etc/wazuh-dashboard/certs/cert.pem - - SERVER_SSL_KEY=/etc/wazuh-dashboard/certs/key.pem + - SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/cert.pem + - SERVER_SSL_KEY=/usr/share/kibana/config/key.pem - WAZUH_API_URL="https://wazuh-master" - API_USERNAME=acme-user - API_PASSWORD=MyS3cr37P450r.*- volumes: - - ./production_cluster/kibana_ssl/cert.pem:/etc/wazuh-dashboard/certs/cert.pem - - ./production_cluster/kibana_ssl/key.pem:/etc/wazuh-dashboard/certs/key.pem + - ./production_cluster/kibana_ssl/cert.pem:/usr/share/kibana/config/cert.pem + - ./production_cluster/kibana_ssl/key.pem:/usr/share/kibana/config/key.pem depends_on: - - wazuh-indexer + - elasticsearch links: - - wazuh-indexer:wazuh-indexer + - elasticsearch:elasticsearch - wazuh-master:wazuh-master nginx: @@ -207,6 +201,6 @@ volumes: worker-ossec-wodles: worker-filebeat-etc: worker-filebeat-var: - wazuh-indexer-data-1: - wazuh-indexer-data-2: - wazuh-indexer-data-3: + elastic-data-1: + elastic-data-2: + elastic-data-3: \ No newline at end of file diff --git a/production_cluster/nginx/nginx.conf b/production_cluster/nginx/nginx.conf index c68c6f2d..8cd13ca2 100644 --- a/production_cluster/nginx/nginx.conf +++ b/production_cluster/nginx/nginx.conf @@ -41,7 +41,7 @@ http { ssl_certificate /etc/nginx/ssl/cert.pem; ssl_certificate_key /etc/nginx/ssl/key.pem; location / { - proxy_pass https://wazuh.dashboard:5601/; + proxy_pass https://kibana:5601/; proxy_ssl_verify off; proxy_buffer_size 128k; proxy_buffers 4 256k; @@ -57,8 +57,8 @@ http { stream { upstream mycluster { hash $remote_addr consistent; - server wazuh.master:1514; - server wazuh.worker:1514; + server wazuh-master:1514; + server wazuh-worker:1514; } server { listen 1514; diff --git a/production_cluster/nginx_wazuh/nginx.conf b/production_cluster/nginx_wazuh/nginx.conf new file mode 100644 index 00000000..c68c6f2d --- /dev/null +++ b/production_cluster/nginx_wazuh/nginx.conf @@ -0,0 +1,67 @@ +user nginx; +worker_processes 1; + +error_log /var/log/nginx/error.log warn; +pid /var/run/nginx.pid; + + +events { + worker_connections 1024; +} + + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + tcp_nopush on; + + keepalive_timeout 65; + + server_tokens off; + gzip on; + + # kibana UI + server { + listen 80; + listen [::]:80; + return 301 https://$host:443$request_uri; + } + + server { + listen 443 default_server ssl http2; + listen [::]:443 ssl http2; + ssl_certificate /etc/nginx/ssl/cert.pem; + ssl_certificate_key /etc/nginx/ssl/key.pem; + location / { + proxy_pass https://wazuh.dashboard:5601/; + proxy_ssl_verify off; + proxy_buffer_size 128k; + proxy_buffers 4 256k; + proxy_busy_buffers_size 256k; + } + } + +} + + + +# load balancer for Wazuh cluster +stream { + upstream mycluster { + hash $remote_addr consistent; + server wazuh.master:1514; + server wazuh.worker:1514; + } + server { + listen 1514; + proxy_pass mycluster; + } +} diff --git a/production_cluster/nginx_wazuh/ssl/generate-self-signed-cert.sh b/production_cluster/nginx_wazuh/ssl/generate-self-signed-cert.sh new file mode 100644 index 00000000..e006733f --- /dev/null +++ b/production_cluster/nginx_wazuh/ssl/generate-self-signed-cert.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" +cd $DIR + +if [ -s key.pem ] +then + echo "Certificate already exists" + exit +else + openssl req -x509 -batch -nodes -days 365 -newkey rsa:2048 -keyout key.pem -out cert.pem +fi From 01869e461704006ff2a6527de49249a9f6085417 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 15 Feb 2022 12:50:45 -0300 Subject: [PATCH 033/163] clean Dockerfile and docker-compose start script --- production-cluster_odfe.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/production-cluster_odfe.yml b/production-cluster_odfe.yml index 2907bfbe..21e44f99 100644 --- a/production-cluster_odfe.yml +++ b/production-cluster_odfe.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh-master: - image: wazuh/wazuh-odfe:4.4.0 + image: wazuh/wazuh-odfe:4.3.0 hostname: wazuh-master restart: always ports: @@ -38,7 +38,7 @@ services: - ./production_cluster/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh-worker: - image: wazuh/wazuh-odfe:4.4.0 + image: wazuh/wazuh-odfe:4.3.0 hostname: wazuh-worker restart: always environment: @@ -73,7 +73,7 @@ services: ports: - "9200:9200" environment: - - "ES_JAVA_OPTS=-Xms512m -Xmx512m" + - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Dlog4j2.formatMsgNoLookups=true" ulimits: memlock: soft: -1 @@ -96,7 +96,7 @@ services: hostname: elasticsearch-2 restart: always environment: - - "ES_JAVA_OPTS=-Xms512m -Xmx512m" + - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Dlog4j2.formatMsgNoLookups=true" ulimits: memlock: soft: -1 @@ -117,7 +117,7 @@ services: hostname: elasticsearch-3 restart: always environment: - - "ES_JAVA_OPTS=-Xms512m -Xmx512m" + - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Dlog4j2.formatMsgNoLookups=true" ulimits: memlock: soft: -1 @@ -134,7 +134,7 @@ services: - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml kibana: - image: wazuh/wazuh-kibana-odfe:4.4.0 + image: wazuh/wazuh-kibana-odfe:4.3.0 hostname: kibana restart: always ports: From 73f000f721f0e11f90d1f36c9ba0c89de099dee1 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 15 Feb 2022 16:37:34 -0300 Subject: [PATCH 034/163] clean Dockerfile and docker-compose start script --- ...from-sources.yml => build-wazuh-images.yml | 48 +- generate-opendistro-certs.yml | 10 - kibana-odfe/Dockerfile | 59 - .../custom_welcome/light_theme.style.css | 4349 ----------------- .../config/custom_welcome/template.js.hbs | 112 - .../custom_welcome/wazuh_logo_circle.svg | 1 - .../config/custom_welcome/wazuh_wazuh_bg.svg | 1 - kibana-odfe/config/entrypoint.sh | 65 - kibana-odfe/config/kibana_settings.sh | 58 - kibana-odfe/config/wazuh.yml | 162 - kibana-odfe/config/wazuh_app_config.sh | 62 - kibana-odfe/config/welcome_wazuh.sh | 14 - kibana/Dockerfile | 2 +- production-cluster.yml | 8 +- production-cluster_odfe.yml | 206 - production_cluster/nginx/nginx.conf | 6 +- production_cluster/nginx_wazuh/nginx.conf | 67 - .../ssl/generate-self-signed-cert.sh | 12 - wazuh-dashboard/Dockerfile | 4 +- {wazuh-odfe => wazuh-manager}/Dockerfile | 2 +- .../config/create_user.py | 0 .../config/etc/cont-init.d/0-wazuh-init | 0 .../config/etc/cont-init.d/1-config-filebeat | 0 .../config/etc/cont-init.d/2-manager | 0 .../config/etc/services.d/filebeat/finish | 0 .../config/etc/services.d/filebeat/run | 0 .../config/etc/services.d/ossec-logs/run | 0 .../config/filebeat.yml | 0 .../config/permanent_data.env | 0 .../config/permanent_data.sh | 0 wazuh-manager/config/wazuh.repo | 7 + wazuh-odfe/config/wazuh.repo | 7 - 32 files changed, 40 insertions(+), 5222 deletions(-) rename build-from-sources.yml => build-wazuh-images.yml (61%) delete mode 100644 generate-opendistro-certs.yml delete mode 100644 kibana-odfe/Dockerfile delete mode 100644 kibana-odfe/config/custom_welcome/light_theme.style.css delete mode 100644 kibana-odfe/config/custom_welcome/template.js.hbs delete mode 100644 kibana-odfe/config/custom_welcome/wazuh_logo_circle.svg delete mode 100644 kibana-odfe/config/custom_welcome/wazuh_wazuh_bg.svg delete mode 100644 kibana-odfe/config/entrypoint.sh delete mode 100644 kibana-odfe/config/kibana_settings.sh delete mode 100644 kibana-odfe/config/wazuh.yml delete mode 100644 kibana-odfe/config/wazuh_app_config.sh delete mode 100644 kibana-odfe/config/welcome_wazuh.sh delete mode 100644 production-cluster_odfe.yml delete mode 100644 production_cluster/nginx_wazuh/nginx.conf delete mode 100644 production_cluster/nginx_wazuh/ssl/generate-self-signed-cert.sh rename {wazuh-odfe => wazuh-manager}/Dockerfile (97%) rename {wazuh-odfe => wazuh-manager}/config/create_user.py (100%) rename {wazuh-odfe => wazuh-manager}/config/etc/cont-init.d/0-wazuh-init (100%) rename {wazuh-odfe => wazuh-manager}/config/etc/cont-init.d/1-config-filebeat (100%) rename {wazuh-odfe => wazuh-manager}/config/etc/cont-init.d/2-manager (100%) rename {wazuh-odfe => wazuh-manager}/config/etc/services.d/filebeat/finish (100%) rename {wazuh-odfe => wazuh-manager}/config/etc/services.d/filebeat/run (100%) rename {wazuh-odfe => wazuh-manager}/config/etc/services.d/ossec-logs/run (100%) rename {wazuh-odfe => wazuh-manager}/config/filebeat.yml (100%) rename {wazuh-odfe => wazuh-manager}/config/permanent_data.env (100%) rename {wazuh-odfe => wazuh-manager}/config/permanent_data.sh (100%) create mode 100644 wazuh-manager/config/wazuh.repo delete mode 100644 wazuh-odfe/config/wazuh.repo diff --git a/build-from-sources.yml b/build-wazuh-images.yml similarity index 61% rename from build-from-sources.yml rename to build-wazuh-images.yml index 637556e1..35eac251 100644 --- a/build-from-sources.yml +++ b/build-wazuh-images.yml @@ -2,10 +2,10 @@ version: '3.7' services: - wazuh: - build: wazuh-odfe/ - image: wazuh/wazuh-odfe:dev-version - hostname: wazuh-manager + wazuh.manager: + build: wazuh-manager/ + image: wazuh/wazuh-manager:4.3.0 + hostname: wazuh.manager restart: always ports: - "1514:1514" @@ -13,7 +13,7 @@ services: - "514:514/udp" - "55000:55000" environment: - - ELASTICSEARCH_URL=https://elasticsearch:9200 + - ELASTICSEARCH_URL=https://wazuh1.indexer:9700 - ELASTIC_USERNAME=admin - ELASTIC_PASSWORD=admin - FILEBEAT_SSL_VERIFICATION_MODE=none @@ -30,18 +30,15 @@ services: - filebeat_etc:/etc/filebeat - filebeat_var:/var/lib/filebeat - elasticsearch: - image: amazon/opendistro-for-elasticsearch:1.13.2 - hostname: elasticsearch + wazuh1.indexer: + build: wazuh-indexer/ + image: wazuh/wazuh-indexer:4.3.0 + hostname: wazuh1.indexer restart: always ports: - - "9200:9200" + - "9700:9700" environment: - - discovery.type=single-node - - cluster.name=wazuh-cluster - - network.host=0.0.0.0 - - "ES_JAVA_OPTS=-Xms512m -Xmx512m" - - bootstrap.memory_lock=true + - "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m" ulimits: memlock: soft: -1 @@ -50,25 +47,24 @@ services: soft: 65536 hard: 65536 - kibana: - build: kibana-odfe/ - image: wazuh/wazuh-kibana-odfe:dev-version - hostname: kibana + wazuh.dashboard: + build: wazuh-dashboard/ + image: wazuh/wazuh-dashboard:4.3.0 + hostname: wazuh.dashboard restart: always ports: - - 443:5601 + - 5601:5601 + - 443:443 environment: - ELASTICSEARCH_USERNAME=admin - ELASTICSEARCH_PASSWORD=admin - - SERVER_SSL_ENABLED=true - - SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/opendistroforelasticsearch.example.org.cert - - SERVER_SSL_KEY=/usr/share/kibana/config/opendistroforelasticsearch.example.org.key - + - SERVER_SSL_ENABLED=false + - WAZUH_API_URL=https://wazuh.manager depends_on: - - elasticsearch + - wazuh1.indexer links: - - elasticsearch:elasticsearch - - wazuh:wazuh + - wazuh1.indexer:wazuh1.indexer + - wazuh.manager:wazuh.manager volumes: ossec_api_configuration: diff --git a/generate-opendistro-certs.yml b/generate-opendistro-certs.yml deleted file mode 100644 index cd23e310..00000000 --- a/generate-opendistro-certs.yml +++ /dev/null @@ -1,10 +0,0 @@ -# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2) -version: '3' - -services: - generator: - image: wazuh/opendistro-certs-generator:0.1 - hostname: opendistro-certs-generator - volumes: - - ./production_cluster/ssl_certs/certs.yml:/usr/src/config/myconf.yml - - ./production_cluster/ssl_certs/:/usr/src/certs/out/ diff --git a/kibana-odfe/Dockerfile b/kibana-odfe/Dockerfile deleted file mode 100644 index 1d304341..00000000 --- a/kibana-odfe/Dockerfile +++ /dev/null @@ -1,59 +0,0 @@ -# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) -FROM amazon/opendistro-for-elasticsearch-kibana:1.13.2 -USER kibana -ARG ELASTIC_VERSION=7.10.2 -ARG WAZUH_VERSION=4.3.0 -ARG WAZUH_APP_VERSION="${WAZUH_VERSION}_${ELASTIC_VERSION}" - -WORKDIR /usr/share/kibana -RUN ./bin/kibana-plugin install https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana-${WAZUH_APP_VERSION}-1.zip - -WORKDIR / -USER root -COPY config/entrypoint.sh ./entrypoint.sh -RUN chmod 755 ./entrypoint.sh - -ENV PATTERN="" \ - CHECKS_PATTERN="" \ - CHECKS_TEMPLATE="" \ - CHECKS_API="" \ - CHECKS_SETUP="" \ - EXTENSIONS_PCI="" \ - EXTENSIONS_GDPR="" \ - EXTENSIONS_HIPAA="" \ - EXTENSIONS_NIST="" \ - EXTENSIONS_TSC="" \ - EXTENSIONS_AUDIT="" \ - EXTENSIONS_OSCAP="" \ - EXTENSIONS_CISCAT="" \ - EXTENSIONS_AWS="" \ - EXTENSIONS_GCP="" \ - EXTENSIONS_VIRUSTOTAL="" \ - EXTENSIONS_OSQUERY="" \ - EXTENSIONS_DOCKER="" \ - APP_TIMEOUT="" \ - API_SELECTOR="" \ - IP_SELECTOR="" \ - IP_IGNORE="" \ - WAZUH_MONITORING_ENABLED="" \ - WAZUH_MONITORING_FREQUENCY="" \ - WAZUH_MONITORING_SHARDS="" \ - WAZUH_MONITORING_REPLICAS="" \ - ADMIN_PRIVILEGES="" - -USER kibana - -COPY ./config/custom_welcome /tmp/custom_welcome -COPY --chown=kibana:kibana ./config/welcome_wazuh.sh ./ -RUN chmod +x ./welcome_wazuh.sh -ARG CHANGE_WELCOME="true" -RUN ./welcome_wazuh.sh - -COPY --chown=kibana:kibana ./config/wazuh.yml /usr/share/kibana/data/wazuh/config/wazuh.yml -COPY --chown=kibana:kibana ./config/wazuh_app_config.sh ./ -RUN chmod +x ./wazuh_app_config.sh - -COPY --chown=kibana:kibana ./config/kibana_settings.sh ./ -RUN chmod +x ./kibana_settings.sh - -ENTRYPOINT ./entrypoint.sh diff --git a/kibana-odfe/config/custom_welcome/light_theme.style.css b/kibana-odfe/config/custom_welcome/light_theme.style.css deleted file mode 100644 index a1256a82..00000000 --- a/kibana-odfe/config/custom_welcome/light_theme.style.css +++ /dev/null @@ -1,4349 +0,0 @@ -/*! - * Bootstrap v3.3.6 (http://getbootstrap.com) - * Copyright 2011-2015 Twitter, Inc. - * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE) - */ -/* @notice - * This product bundles bootstrap@3.3.6 which is available under a - * "MIT" license. - * - * The MIT License (MIT) - * - * Copyright (c) 2011-2015 Twitter, Inc - * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - */ -.container { - margin-right: auto; - margin-left: auto; - padding-left: 15px; - padding-right: 15px; -} -@media (min-width: 768px) { - .container { - width: 750px; - } -} -@media (min-width: 992px) { - .container { - width: 970px; - } -} -@media (min-width: 1200px) { - .container { - width: 1170px; - } -} -.container-fluid { - margin-right: auto; - margin-left: auto; - padding-left: 15px; - padding-right: 15px; -} -.row { - margin-left: -15px; - margin-right: -15px; -} -.col-xs-1, .col-sm-1, .col-md-1, .col-lg-1, .col-xs-2, .col-sm-2, .col-md-2, .col-lg-2, .col-xs-3, .col-sm-3, .col-md-3, .col-lg-3, .col-xs-4, .col-sm-4, .col-md-4, .col-lg-4, .col-xs-5, .col-sm-5, .col-md-5, .col-lg-5, .col-xs-6, .col-sm-6, .col-md-6, .col-lg-6, .col-xs-7, .col-sm-7, .col-md-7, .col-lg-7, .col-xs-8, .col-sm-8, .col-md-8, .col-lg-8, .col-xs-9, .col-sm-9, .col-md-9, .col-lg-9, .col-xs-10, .col-sm-10, .col-md-10, .col-lg-10, .col-xs-11, .col-sm-11, .col-md-11, .col-lg-11, .col-xs-12, .col-sm-12, .col-md-12, .col-lg-12 { - position: relative; - min-height: 1px; - padding-left: 15px; - padding-right: 15px; -} -.col-xs-1, .col-xs-2, .col-xs-3, .col-xs-4, .col-xs-5, .col-xs-6, .col-xs-7, .col-xs-8, .col-xs-9, .col-xs-10, .col-xs-11, .col-xs-12 { - float: left; -} -.col-xs-12 { - width: 100%; -} -.col-xs-11 { - width: 91.66666667%; -} -.col-xs-10 { - width: 83.33333333%; -} -.col-xs-9 { - width: 75%; -} -.col-xs-8 { - width: 66.66666667%; -} -.col-xs-7 { - width: 58.33333333%; -} -.col-xs-6 { - width: 50%; -} -.col-xs-5 { - width: 41.66666667%; -} -.col-xs-4 { - width: 33.33333333%; -} -.col-xs-3 { - width: 25%; -} -.col-xs-2 { - width: 16.66666667%; -} -.col-xs-1 { - width: 8.33333333%; -} -.col-xs-pull-12 { - right: 100%; -} -.col-xs-pull-11 { - right: 91.66666667%; -} -.col-xs-pull-10 { - right: 83.33333333%; -} -.col-xs-pull-9 { - right: 75%; -} -.col-xs-pull-8 { - right: 66.66666667%; -} -.col-xs-pull-7 { - right: 58.33333333%; -} -.col-xs-pull-6 { - right: 50%; -} -.col-xs-pull-5 { - right: 41.66666667%; -} -.col-xs-pull-4 { - right: 33.33333333%; -} -.col-xs-pull-3 { - right: 25%; -} -.col-xs-pull-2 { - right: 16.66666667%; -} -.col-xs-pull-1 { - right: 8.33333333%; -} -.col-xs-pull-0 { - right: auto; -} -.col-xs-push-12 { - left: 100%; -} -.col-xs-push-11 { - left: 91.66666667%; -} -.col-xs-push-10 { - left: 83.33333333%; -} -.col-xs-push-9 { - left: 75%; -} -.col-xs-push-8 { - left: 66.66666667%; -} -.col-xs-push-7 { - left: 58.33333333%; -} -.col-xs-push-6 { - left: 50%; -} -.col-xs-push-5 { - left: 41.66666667%; -} -.col-xs-push-4 { - left: 33.33333333%; -} -.col-xs-push-3 { - left: 25%; -} -.col-xs-push-2 { - left: 16.66666667%; -} -.col-xs-push-1 { - left: 8.33333333%; -} -.col-xs-push-0 { - left: auto; -} -.col-xs-offset-12 { - margin-left: 100%; -} -.col-xs-offset-11 { - margin-left: 91.66666667%; -} -.col-xs-offset-10 { - margin-left: 83.33333333%; -} -.col-xs-offset-9 { - margin-left: 75%; -} -.col-xs-offset-8 { - margin-left: 66.66666667%; -} -.col-xs-offset-7 { - margin-left: 58.33333333%; -} -.col-xs-offset-6 { - margin-left: 50%; -} -.col-xs-offset-5 { - margin-left: 41.66666667%; -} -.col-xs-offset-4 { - margin-left: 33.33333333%; -} -.col-xs-offset-3 { - margin-left: 25%; -} -.col-xs-offset-2 { - margin-left: 16.66666667%; -} -.col-xs-offset-1 { - margin-left: 8.33333333%; -} -.col-xs-offset-0 { - margin-left: 0%; -} -@media (min-width: 768px) { - .col-sm-1, .col-sm-2, .col-sm-3, .col-sm-4, .col-sm-5, .col-sm-6, .col-sm-7, .col-sm-8, .col-sm-9, .col-sm-10, .col-sm-11, .col-sm-12 { - float: left; - } - .col-sm-12 { - width: 100%; - } - .col-sm-11 { - width: 91.66666667%; - } - .col-sm-10 { - width: 83.33333333%; - } - .col-sm-9 { - width: 75%; - } - .col-sm-8 { - width: 66.66666667%; - } - .col-sm-7 { - width: 58.33333333%; - } - .col-sm-6 { - width: 50%; - } - .col-sm-5 { - width: 41.66666667%; - } - .col-sm-4 { - width: 33.33333333%; - } - .col-sm-3 { - width: 25%; - } - .col-sm-2 { - width: 16.66666667%; - } - .col-sm-1 { - width: 8.33333333%; - } - .col-sm-pull-12 { - right: 100%; - } - .col-sm-pull-11 { - right: 91.66666667%; - } - .col-sm-pull-10 { - right: 83.33333333%; - } - .col-sm-pull-9 { - right: 75%; - } - .col-sm-pull-8 { - right: 66.66666667%; - } - .col-sm-pull-7 { - right: 58.33333333%; - } - .col-sm-pull-6 { - right: 50%; - } - .col-sm-pull-5 { - right: 41.66666667%; - } - .col-sm-pull-4 { - right: 33.33333333%; - } - .col-sm-pull-3 { - right: 25%; - } - .col-sm-pull-2 { - right: 16.66666667%; - } - .col-sm-pull-1 { - right: 8.33333333%; - } - .col-sm-pull-0 { - right: auto; - } - .col-sm-push-12 { - left: 100%; - } - .col-sm-push-11 { - left: 91.66666667%; - } - .col-sm-push-10 { - left: 83.33333333%; - } - .col-sm-push-9 { - left: 75%; - } - .col-sm-push-8 { - left: 66.66666667%; - } - .col-sm-push-7 { - left: 58.33333333%; - } - .col-sm-push-6 { - left: 50%; - } - .col-sm-push-5 { - left: 41.66666667%; - } - .col-sm-push-4 { - left: 33.33333333%; - } - .col-sm-push-3 { - left: 25%; - } - .col-sm-push-2 { - left: 16.66666667%; - } - .col-sm-push-1 { - left: 8.33333333%; - } - .col-sm-push-0 { - left: auto; - } - .col-sm-offset-12 { - margin-left: 100%; - } - .col-sm-offset-11 { - margin-left: 91.66666667%; - } - .col-sm-offset-10 { - margin-left: 83.33333333%; - } - .col-sm-offset-9 { - margin-left: 75%; - } - .col-sm-offset-8 { - margin-left: 66.66666667%; - } - .col-sm-offset-7 { - margin-left: 58.33333333%; - } - .col-sm-offset-6 { - margin-left: 50%; - } - .col-sm-offset-5 { - margin-left: 41.66666667%; - } - .col-sm-offset-4 { - margin-left: 33.33333333%; - } - .col-sm-offset-3 { - margin-left: 25%; - } - .col-sm-offset-2 { - margin-left: 16.66666667%; - } - .col-sm-offset-1 { - margin-left: 8.33333333%; - } - .col-sm-offset-0 { - margin-left: 0%; - } -} -@media (min-width: 992px) { - .col-md-1, .col-md-2, .col-md-3, .col-md-4, .col-md-5, .col-md-6, .col-md-7, .col-md-8, .col-md-9, .col-md-10, .col-md-11, .col-md-12 { - float: left; - } - .col-md-12 { - width: 100%; - } - .col-md-11 { - width: 91.66666667%; - } - .col-md-10 { - width: 83.33333333%; - } - .col-md-9 { - width: 75%; - } - .col-md-8 { - width: 66.66666667%; - } - .col-md-7 { - width: 58.33333333%; - } - .col-md-6 { - width: 50%; - } - .col-md-5 { - width: 41.66666667%; - } - .col-md-4 { - width: 33.33333333%; - } - .col-md-3 { - width: 25%; - } - .col-md-2 { - width: 16.66666667%; - } - .col-md-1 { - width: 8.33333333%; - } - .col-md-pull-12 { - right: 100%; - } - .col-md-pull-11 { - right: 91.66666667%; - } - .col-md-pull-10 { - right: 83.33333333%; - } - .col-md-pull-9 { - right: 75%; - } - .col-md-pull-8 { - right: 66.66666667%; - } - .col-md-pull-7 { - right: 58.33333333%; - } - .col-md-pull-6 { - right: 50%; - } - .col-md-pull-5 { - right: 41.66666667%; - } - .col-md-pull-4 { - right: 33.33333333%; - } - .col-md-pull-3 { - right: 25%; - } - .col-md-pull-2 { - right: 16.66666667%; - } - .col-md-pull-1 { - right: 8.33333333%; - } - .col-md-pull-0 { - right: auto; - } - .col-md-push-12 { - left: 100%; - } - .col-md-push-11 { - left: 91.66666667%; - } - .col-md-push-10 { - left: 83.33333333%; - } - .col-md-push-9 { - left: 75%; - } - .col-md-push-8 { - left: 66.66666667%; - } - .col-md-push-7 { - left: 58.33333333%; - } - .col-md-push-6 { - left: 50%; - } - .col-md-push-5 { - left: 41.66666667%; - } - .col-md-push-4 { - left: 33.33333333%; - } - .col-md-push-3 { - left: 25%; - } - .col-md-push-2 { - left: 16.66666667%; - } - .col-md-push-1 { - left: 8.33333333%; - } - .col-md-push-0 { - left: auto; - } - .col-md-offset-12 { - margin-left: 100%; - } - .col-md-offset-11 { - margin-left: 91.66666667%; - } - .col-md-offset-10 { - margin-left: 83.33333333%; - } - .col-md-offset-9 { - margin-left: 75%; - } - .col-md-offset-8 { - margin-left: 66.66666667%; - } - .col-md-offset-7 { - margin-left: 58.33333333%; - } - .col-md-offset-6 { - margin-left: 50%; - } - .col-md-offset-5 { - margin-left: 41.66666667%; - } - .col-md-offset-4 { - margin-left: 33.33333333%; - } - .col-md-offset-3 { - margin-left: 25%; - } - .col-md-offset-2 { - margin-left: 16.66666667%; - } - .col-md-offset-1 { - margin-left: 8.33333333%; - } - .col-md-offset-0 { - margin-left: 0%; - } -} -@media (min-width: 1200px) { - .col-lg-1, .col-lg-2, .col-lg-3, .col-lg-4, .col-lg-5, .col-lg-6, .col-lg-7, .col-lg-8, .col-lg-9, .col-lg-10, .col-lg-11, .col-lg-12 { - float: left; - } - .col-lg-12 { - width: 100%; - } - .col-lg-11 { - width: 91.66666667%; - } - .col-lg-10 { - width: 83.33333333%; - } - .col-lg-9 { - width: 75%; - } - .col-lg-8 { - width: 66.66666667%; - } - .col-lg-7 { - width: 58.33333333%; - } - .col-lg-6 { - width: 50%; - } - .col-lg-5 { - width: 41.66666667%; - } - .col-lg-4 { - width: 33.33333333%; - } - .col-lg-3 { - width: 25%; - } - .col-lg-2 { - width: 16.66666667%; - } - .col-lg-1 { - width: 8.33333333%; - } - .col-lg-pull-12 { - right: 100%; - } - .col-lg-pull-11 { - right: 91.66666667%; - } - .col-lg-pull-10 { - right: 83.33333333%; - } - .col-lg-pull-9 { - right: 75%; - } - .col-lg-pull-8 { - right: 66.66666667%; - } - .col-lg-pull-7 { - right: 58.33333333%; - } - .col-lg-pull-6 { - right: 50%; - } - .col-lg-pull-5 { - right: 41.66666667%; - } - .col-lg-pull-4 { - right: 33.33333333%; - } - .col-lg-pull-3 { - right: 25%; - } - .col-lg-pull-2 { - right: 16.66666667%; - } - .col-lg-pull-1 { - right: 8.33333333%; - } - .col-lg-pull-0 { - right: auto; - } - .col-lg-push-12 { - left: 100%; - } - .col-lg-push-11 { - left: 91.66666667%; - } - .col-lg-push-10 { - left: 83.33333333%; - } - .col-lg-push-9 { - left: 75%; - } - .col-lg-push-8 { - left: 66.66666667%; - } - .col-lg-push-7 { - left: 58.33333333%; - } - .col-lg-push-6 { - left: 50%; - } - .col-lg-push-5 { - left: 41.66666667%; - } - .col-lg-push-4 { - left: 33.33333333%; - } - .col-lg-push-3 { - left: 25%; - } - .col-lg-push-2 { - left: 16.66666667%; - } - .col-lg-push-1 { - left: 8.33333333%; - } - .col-lg-push-0 { - left: auto; - } - .col-lg-offset-12 { - margin-left: 100%; - } - .col-lg-offset-11 { - margin-left: 91.66666667%; - } - .col-lg-offset-10 { - margin-left: 83.33333333%; - } - .col-lg-offset-9 { - margin-left: 75%; - } - .col-lg-offset-8 { - margin-left: 66.66666667%; - } - .col-lg-offset-7 { - margin-left: 58.33333333%; - } - .col-lg-offset-6 { - margin-left: 50%; - } - .col-lg-offset-5 { - margin-left: 41.66666667%; - } - .col-lg-offset-4 { - margin-left: 33.33333333%; - } - .col-lg-offset-3 { - margin-left: 25%; - } - .col-lg-offset-2 { - margin-left: 16.66666667%; - } - .col-lg-offset-1 { - margin-left: 8.33333333%; - } - .col-lg-offset-0 { - margin-left: 0%; - } -} -.table { - width: 100%; - max-width: 100%; - margin-bottom: 20px; - font-size: 14px; -} -.table thead { - font-size: 12px; -} -.table > thead > tr > th, -.table > tbody > tr > th, -.table > tfoot > tr > th, -.table > thead > tr > td, -.table > tbody > tr > td, -.table > tfoot > tr > td { - padding: 8px; - line-height: 1.42857143; - vertical-align: top; - border-top: 1px solid #D3DAE6; -} -.table > thead > tr > th { - vertical-align: bottom; - border-bottom: 1px solid #D3DAE6; -} -.table > caption + thead > tr:first-child > th, -.table > colgroup + thead > tr:first-child > th, -.table > thead:first-child > tr:first-child > th, -.table > caption + thead > tr:first-child > td, -.table > colgroup + thead > tr:first-child > td, -.table > thead:first-child > tr:first-child > td { - border-top: 0; -} -.table > tbody + tbody { - border-top: 2px solid #D3DAE6; -} -.table .table { - background-color: #FFF; -} -.table-condensed > thead > tr > th, -.table-condensed > tbody > tr > th, -.table-condensed > tfoot > tr > th, -.table-condensed > thead > tr > td, -.table-condensed > tbody > tr > td, -.table-condensed > tfoot > tr > td { - padding: 5px; - font-size: 12px; -} -.table-bordered { - border: 1px solid #D3DAE6; -} -.table-bordered > thead > tr > th, -.table-bordered > tbody > tr > th, -.table-bordered > tfoot > tr > th, -.table-bordered > thead > tr > td, -.table-bordered > tbody > tr > td, -.table-bordered > tfoot > tr > td { - border: 1px solid #D3DAE6; -} -.table-bordered > thead > tr > th, -.table-bordered > thead > tr > td { - border-bottom-width: 2px; -} -.table-striped > tbody > tr:nth-of-type(odd) { - background-color: #D3DAE6; -} -.table-hover > tbody > tr:hover { - background-color: #D3DAE6; -} -table col[class*="col-"] { - position: static; - float: none; - display: table-column; -} -table td[class*="col-"], -table th[class*="col-"] { - position: static; - float: none; - display: table-cell; -} -.table > thead > tr > td.active, -.table > tbody > tr > td.active, -.table > tfoot > tr > td.active, -.table > thead > tr > th.active, -.table > tbody > tr > th.active, -.table > tfoot > tr > th.active, -.table > thead > tr.active > td, -.table > tbody > tr.active > td, -.table > tfoot > tr.active > td, -.table > thead > tr.active > th, -.table > tbody > tr.active > th, -.table > tfoot > tr.active > th { - background-color: #D3DAE6; -} -.table-hover > tbody > tr > td.active:hover, -.table-hover > tbody > tr > th.active:hover, -.table-hover > tbody > tr.active:hover > td, -.table-hover > tbody > tr:hover > .active, -.table-hover > tbody > tr.active:hover > th { - background-color: #c3ccdd; -} -.table > thead > tr > td.success, -.table > tbody > tr > td.success, -.table > tfoot > tr > td.success, -.table > thead > tr > th.success, -.table > tbody > tr > th.success, -.table > tfoot > tr > th.success, -.table > thead > tr.success > td, -.table > tbody > tr.success > td, -.table > tfoot > tr.success > td, -.table > thead > tr.success > th, -.table > tbody > tr.success > th, -.table > tfoot > tr.success > th { - background-color: #017D73; -} -.table-hover > tbody > tr > td.success:hover, -.table-hover > tbody > tr > th.success:hover, -.table-hover > tbody > tr.success:hover > td, -.table-hover > tbody > tr:hover > .success, -.table-hover > tbody > tr.success:hover > th { - background-color: #01645c; -} -.table > thead > tr > td.info, -.table > tbody > tr > td.info, -.table > tfoot > tr > td.info, -.table > thead > tr > th.info, -.table > tbody > tr > th.info, -.table > tfoot > tr > th.info, -.table > thead > tr.info > td, -.table > tbody > tr.info > td, -.table > tfoot > tr.info > td, -.table > thead > tr.info > th, -.table > tbody > tr.info > th, -.table > tfoot > tr.info > th { - background-color: #006BB4; -} -.table-hover > tbody > tr > td.info:hover, -.table-hover > tbody > tr > th.info:hover, -.table-hover > tbody > tr.info:hover > td, -.table-hover > tbody > tr:hover > .info, -.table-hover > tbody > tr.info:hover > th { - background-color: #005c9b; -} -.table > thead > tr > td.warning, -.table > tbody > tr > td.warning, -.table > tfoot > tr > td.warning, -.table > thead > tr > th.warning, -.table > tbody > tr > th.warning, -.table > tfoot > tr > th.warning, -.table > thead > tr.warning > td, -.table > tbody > tr.warning > td, -.table > tfoot > tr.warning > td, -.table > thead > tr.warning > th, -.table > tbody > tr.warning > th, -.table > tfoot > tr.warning > th { - background-color: #F5A700; -} -.table-hover > tbody > tr > td.warning:hover, -.table-hover > tbody > tr > th.warning:hover, -.table-hover > tbody > tr.warning:hover > td, -.table-hover > tbody > tr:hover > .warning, -.table-hover > tbody > tr.warning:hover > th { - background-color: #dc9600; -} -.table > thead > tr > td.danger, -.table > tbody > tr > td.danger, -.table > tfoot > tr > td.danger, -.table > thead > tr > th.danger, -.table > tbody > tr > th.danger, -.table > tfoot > tr > th.danger, -.table > thead > tr.danger > td, -.table > tbody > tr.danger > td, -.table > tfoot > tr.danger > td, -.table > thead > tr.danger > th, -.table > tbody > tr.danger > th, -.table > tfoot > tr.danger > th { - background-color: #BD271E; -} -.table-hover > tbody > tr > td.danger:hover, -.table-hover > tbody > tr > th.danger:hover, -.table-hover > tbody > tr.danger:hover > td, -.table-hover > tbody > tr:hover > .danger, -.table-hover > tbody > tr.danger:hover > th { - background-color: #a7221b; -} -.table-responsive { - overflow-x: auto; - min-height: 0.01%; -} -@media screen and (max-width: 767px) { - .table-responsive { - width: 100%; - margin-bottom: 15px; - overflow-y: hidden; - -ms-overflow-style: -ms-autohiding-scrollbar; - border: 1px solid #D3DAE6; - } - .table-responsive > .table { - margin-bottom: 0; - } - .table-responsive > .table > thead > tr > th, - .table-responsive > .table > tbody > tr > th, - .table-responsive > .table > tfoot > tr > th, - .table-responsive > .table > thead > tr > td, - .table-responsive > .table > tbody > tr > td, - .table-responsive > .table > tfoot > tr > td { - white-space: nowrap; - } - .table-responsive > .table-bordered { - border: 0; - } - .table-responsive > .table-bordered > thead > tr > th:first-child, - .table-responsive > .table-bordered > tbody > tr > th:first-child, - .table-responsive > .table-bordered > tfoot > tr > th:first-child, - .table-responsive > .table-bordered > thead > tr > td:first-child, - .table-responsive > .table-bordered > tbody > tr > td:first-child, - .table-responsive > .table-bordered > tfoot > tr > td:first-child { - border-left: 0; - } - .table-responsive > .table-bordered > thead > tr > th:last-child, - .table-responsive > .table-bordered > tbody > tr > th:last-child, - .table-responsive > .table-bordered > tfoot > tr > th:last-child, - .table-responsive > .table-bordered > thead > tr > td:last-child, - .table-responsive > .table-bordered > tbody > tr > td:last-child, - .table-responsive > .table-bordered > tfoot > tr > td:last-child { - border-right: 0; - } - .table-responsive > .table-bordered > tbody > tr:last-child > th, - .table-responsive > .table-bordered > tfoot > tr:last-child > th, - .table-responsive > .table-bordered > tbody > tr:last-child > td, - .table-responsive > .table-bordered > tfoot > tr:last-child > td { - border-bottom: 0; - } -} -.form-control { - display: block; - width: 100%; - height: 32px; - padding: 5px 15px; - font-size: 14px; - line-height: 1.42857143; - color: #343741; - background-color: #fafbfd; - background-image: none; - border: 1px solid #D3DAE6; - border-radius: 4px; - box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075); - transition: border-color ease-in-out .15s, box-shadow ease-in-out .15s; -} -.form-control:focus { - border-color: #006BB4; - outline: 0; - box-shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(0, 107, 180, 0.6); -} -.form-control::-moz-placeholder { - color: #98A2B3; - opacity: 1; -} -.form-control:-ms-input-placeholder { - color: #98A2B3; -} -.form-control::-webkit-input-placeholder { - color: #98A2B3; -} -.form-control::-ms-expand { - border: 0; - background-color: transparent; -} -.form-control[disabled], -.form-control[readonly], -fieldset[disabled] .form-control { - background-color: #D3DAE6; - opacity: 1; -} -.form-control[disabled], -fieldset[disabled] .form-control { - cursor: not-allowed; -} -textarea.form-control { - height: auto; -} -.form-group:not(:empty) { - margin-bottom: 15px; -} -.radio, -.checkbox { - position: relative; - display: block; - margin-top: 10px; - margin-bottom: 10px; -} -.radio label, -.checkbox label { - min-height: 20px; - padding-left: 20px; - margin-bottom: 0; - font-weight: normal; - cursor: pointer; -} -.radio input[type="radio"], -.radio-inline input[type="radio"], -.checkbox input[type="checkbox"], -.checkbox-inline input[type="checkbox"] { - position: absolute; - margin-left: -20px; - margin-top: 4px \9; -} -.radio + .radio, -.checkbox + .checkbox { - margin-top: -5px; -} -.radio-inline, -.checkbox-inline { - position: relative; - display: inline-block; - padding-left: 20px; - margin-bottom: 0; - vertical-align: middle; - font-weight: normal; - cursor: pointer; -} -.radio-inline + .radio-inline, -.checkbox-inline + .checkbox-inline { - margin-top: 0; - margin-left: 10px; -} -.radio-inline.disabled, -.checkbox-inline.disabled, -fieldset[disabled] .radio-inline, -fieldset[disabled] .checkbox-inline { - cursor: not-allowed; -} -.radio.disabled label, -.checkbox.disabled label, -fieldset[disabled] .radio label, -fieldset[disabled] .checkbox label { - cursor: not-allowed; -} -.form-control-static { - padding-top: 6px; - padding-bottom: 6px; - margin-bottom: 0; - min-height: 34px; -} -.form-control-static.input-lg, -.form-control-static.input-sm { - padding-left: 0; - padding-right: 0; -} -.input-sm { - height: 32px; - padding: 6px 9px; - font-size: 12px; - line-height: 1.5; - border-radius: 4px; -} -select.input-sm { - height: 32px; - line-height: 32px; -} -textarea.input-sm, -select[multiple].input-sm { - height: auto; -} -.form-group-sm .form-control { - height: 32px; - padding: 6px 9px; - font-size: 12px; - line-height: 1.5; - border-radius: 4px; -} -.form-group-sm select.form-control { - height: 32px; - line-height: 32px; -} -.form-group-sm textarea.form-control, -.form-group-sm select[multiple].form-control { - height: auto; -} -.form-group-sm .form-control-static { - height: 32px; - min-height: 32px; - padding: 7px 9px; - font-size: 12px; - line-height: 1.5; -} -.input-lg { - height: 62px; - padding: 18px 27px; - font-size: 18px; - line-height: 1.3333333; - border-radius: 4px; -} -select.input-lg { - height: 62px; - line-height: 62px; -} -textarea.input-lg, -select[multiple].input-lg { - height: auto; -} -.form-group-lg .form-control { - height: 62px; - padding: 18px 27px; - font-size: 18px; - line-height: 1.3333333; - border-radius: 4px; -} -.form-group-lg select.form-control { - height: 62px; - line-height: 62px; -} -.form-group-lg textarea.form-control, -.form-group-lg select[multiple].form-control { - height: auto; -} -.form-group-lg .form-control-static { - height: 62px; - min-height: 38px; - padding: 19px 27px; - font-size: 18px; - line-height: 1.3333333; -} -.has-feedback { - position: relative; -} -.has-feedback .form-control { - padding-right: 40px; -} -.form-control-feedback { - position: absolute; - top: 0; - right: 0; - z-index: 2; - display: block; - width: 32px; - height: 32px; - line-height: 32px; - text-align: center; - pointer-events: none; -} -.input-lg + .form-control-feedback, -.input-group-lg + .form-control-feedback, -.form-group-lg .form-control + .form-control-feedback { - width: 62px; - height: 62px; - line-height: 62px; -} -.input-sm + .form-control-feedback, -.input-group-sm + .form-control-feedback, -.form-group-sm .form-control + .form-control-feedback { - width: 32px; - height: 32px; - line-height: 32px; -} -.has-success .help-block, -.has-success .control-label, -.has-success .radio, -.has-success .checkbox, -.has-success .radio-inline, -.has-success .checkbox-inline, -.has-success.radio label, -.has-success.checkbox label, -.has-success.radio-inline label, -.has-success.checkbox-inline label { - color: #FFF; -} -.has-success .form-control { - border-color: #FFF; - box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075); -} -.has-success .form-control:focus { - border-color: #e6e6e6; - box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075), 0 0 6px #ffffff; -} -.has-success .input-group-addon { - color: #FFF; - border-color: #FFF; - background-color: #017D73; -} -.has-success .form-control-feedback { - color: #FFF; -} -.has-warning .help-block, -.has-warning .control-label, -.has-warning .radio, -.has-warning .checkbox, -.has-warning .radio-inline, -.has-warning .checkbox-inline, -.has-warning.radio label, -.has-warning.checkbox label, -.has-warning.radio-inline label, -.has-warning.checkbox-inline label { - color: #FFF; -} -.has-warning .form-control { - border-color: #FFF; - box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075); -} -.has-warning .form-control:focus { - border-color: #e6e6e6; - box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075), 0 0 6px #ffffff; -} -.has-warning .input-group-addon { - color: #FFF; - border-color: #FFF; - background-color: #F5A700; -} -.has-warning .form-control-feedback { - color: #FFF; -} -.has-error .help-block, -.has-error .control-label, -.has-error .radio, -.has-error .checkbox, -.has-error .radio-inline, -.has-error .checkbox-inline, -.has-error.radio label, -.has-error.checkbox label, -.has-error.radio-inline label, -.has-error.checkbox-inline label { - color: #FFF; -} -.has-error .form-control { - border-color: #FFF; - box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075); -} -.has-error .form-control:focus { - border-color: #e6e6e6; - box-shadow: inset 0 1px 1px rgba(0, 0, 0, 0.075), 0 0 6px #ffffff; -} -.has-error .input-group-addon { - color: #FFF; - border-color: #FFF; - background-color: #BD271E; -} -.has-error .form-control-feedback { - color: #FFF; -} -.has-feedback label ~ .form-control-feedback { - top: 25px; -} -.has-feedback label.sr-only ~ .form-control-feedback { - top: 0; -} -.help-block { - display: block; - margin-top: 5px; - margin-bottom: 10px; - color: #6d7388; -} -@media (min-width: 768px) { - .form-inline .form-group { - display: inline-block; - margin-bottom: 0; - vertical-align: middle; - } - .form-inline .form-control { - display: inline-block; - width: auto; - vertical-align: middle; - } - .form-inline .form-control-static { - display: inline-block; - } - .form-inline .input-group { - display: inline-table; - vertical-align: middle; - } - .form-inline .input-group .input-group-addon, - .form-inline .input-group .form-control { - width: auto; - } - .form-inline .input-group > .form-control { - width: 100%; - } - .form-inline .control-label { - margin-bottom: 0; - vertical-align: middle; - } - .form-inline .radio, - .form-inline .checkbox { - display: inline-block; - margin-top: 0; - margin-bottom: 0; - vertical-align: middle; - } - .form-inline .radio label, - .form-inline .checkbox label { - padding-left: 0; - } - .form-inline .radio input[type="radio"], - .form-inline .checkbox input[type="checkbox"] { - position: relative; - margin-left: 0; - } - .form-inline .has-feedback .form-control-feedback { - top: 0; - } -} -.form-horizontal .radio, -.form-horizontal .checkbox, -.form-horizontal .radio-inline, -.form-horizontal .checkbox-inline { - margin-top: 0; - margin-bottom: 0; - padding-top: 6px; -} -.form-horizontal .radio, -.form-horizontal .checkbox { - min-height: 26px; -} -.form-horizontal .form-group { - margin-left: -15px; - margin-right: -15px; -} -@media (min-width: 768px) { - .form-horizontal .control-label { - text-align: right; - margin-bottom: 0; - padding-top: 6px; - } -} -.form-horizontal .has-feedback .form-control-feedback { - right: 15px; -} -@media (min-width: 768px) { - .form-horizontal .form-group-lg .control-label { - padding-top: 19px; - font-size: 18px; - } -} -@media (min-width: 768px) { - .form-horizontal .form-group-sm .control-label { - padding-top: 7px; - font-size: 12px; - } -} -.text-left { - text-align: left; -} -.text-right { - text-align: right; -} -.text-center { - text-align: center; -} -.text-muted { - color: #b2bac6; -} -.text-primary { - color: #343741; -} -a.text-primary:hover, -a.text-primary:focus { - color: #1d1f25; -} -.text-success { - color: #FFF; -} -a.text-success:hover, -a.text-success:focus { - color: #e6e6e6; -} -.text-info { - color: #FFF; -} -a.text-info:hover, -a.text-info:focus { - color: #e6e6e6; -} -.text-warning { - color: #FFF; -} -a.text-warning:hover, -a.text-warning:focus { - color: #e6e6e6; -} -.text-danger { - color: #FFF; -} -a.text-danger:hover, -a.text-danger:focus { - color: #e6e6e6; -} -.bg-info { - background-color: #006BB4; -} -a.bg-info:hover, -a.bg-info:focus { - background-color: #004d81; -} -.list-unstyled { - padding-left: 0; - list-style: none; -} -@media (min-width: 0) { - .dl-horizontal dt { - float: left; - width: 160px; - clear: left; - text-align: right; - overflow: hidden; - text-overflow: ellipsis; - white-space: nowrap; - } - .dl-horizontal dd { - margin-left: 180px; - } -} -.fade { - opacity: 0; - transition: opacity 0.15s linear; -} -.fade.in { - opacity: 1; -} -.collapse { - display: none; -} -.collapse.in { - display: block; -} -tr.collapse.in { - display: table-row; -} -tbody.collapse.in { - display: table-row-group; -} -.collapsing { - position: relative; - height: 0; - overflow: hidden; - transition-property: height, visibility; - transition-duration: 0.35s; - transition-timing-function: ease; -} -/** - * ui/angular-ui-select depends upon these styles. Don't use them in your markup. - * Please use the UI Framework styles instead. - */ -.btn { - display: inline-block; - margin-bottom: 0; - font-weight: normal; - text-align: center; - vertical-align: middle; - touch-action: manipulation; - cursor: pointer; - background-image: none; - border: 1px solid transparent; - white-space: nowrap; - padding: 5px 15px; - font-size: 14px; - line-height: 1.42857143; - border-radius: 4px; - -webkit-user-select: none; - -moz-user-select: none; - -ms-user-select: none; - user-select: none; -} -.btn:focus, -.btn:active:focus, -.btn.active:focus, -.btn.focus, -.btn:active.focus, -.btn.active.focus { - box-shadow: 0 0 0 1px white, 0 0 0 2px #0079a5; - /* 3 */ -} -.btn:hover, -.btn:focus, -.btn.focus { - color: #FFF; - text-decoration: none; -} -.btn:active, -.btn.active { - outline: 0; - background-image: none; - box-shadow: inset 0 3px 5px rgba(0, 0, 0, 0.125); -} -.btn.disabled, -.btn[disabled], -fieldset[disabled] .btn { - cursor: not-allowed; - opacity: 0.65; - filter: alpha(opacity=65); - box-shadow: none; -} -a.btn.disabled, -fieldset[disabled] a.btn { - pointer-events: none; -} -.btn-default { - color: #FFF; - background-color: #006BB4; - border-color: #006BB4; -} -.btn-default:focus, -.btn-default.focus { - color: #FFF; - background-color: #004d81; - border-color: #001f35; -} -.btn-default:hover { - color: #FFF; - background-color: #004d81; - border-color: #004777; -} -.btn-default:active, -.btn-default.active, -.open > .dropdown-toggle.btn-default { - color: #FFF; - background-color: #004d81; - border-color: #004777; -} -.btn-default:active:hover, -.btn-default.active:hover, -.open > .dropdown-toggle.btn-default:hover, -.btn-default:active:focus, -.btn-default.active:focus, -.open > .dropdown-toggle.btn-default:focus, -.btn-default:active.focus, -.btn-default.active.focus, -.open > .dropdown-toggle.btn-default.focus { - color: #FFF; - background-color: #00375d; - border-color: #001f35; -} -.btn-default:active, -.btn-default.active, -.open > .dropdown-toggle.btn-default { - background-image: none; -} -.btn-default.disabled:hover, -.btn-default[disabled]:hover, -fieldset[disabled] .btn-default:hover, -.btn-default.disabled:focus, -.btn-default[disabled]:focus, -fieldset[disabled] .btn-default:focus, -.btn-default.disabled.focus, -.btn-default[disabled].focus, -fieldset[disabled] .btn-default.focus { - background-color: #006BB4; - border-color: #006BB4; -} -.btn-default .badge { - color: #006BB4; - background-color: #FFF; -} -.btn-primary { - color: #FFF; - background-color: #006BB4; - border-color: #006BB4; -} -.btn-primary:focus, -.btn-primary.focus { - color: #FFF; - background-color: #004d81; - border-color: #001f35; -} -.btn-primary:hover { - color: #FFF; - background-color: #004d81; - border-color: #004777; -} -.btn-primary:active, -.btn-primary.active, -.open > .dropdown-toggle.btn-primary { - color: #FFF; - background-color: #004d81; - border-color: #004777; -} -.btn-primary:active:hover, -.btn-primary.active:hover, -.open > .dropdown-toggle.btn-primary:hover, -.btn-primary:active:focus, -.btn-primary.active:focus, -.open > .dropdown-toggle.btn-primary:focus, -.btn-primary:active.focus, -.btn-primary.active.focus, -.open > .dropdown-toggle.btn-primary.focus { - color: #FFF; - background-color: #00375d; - border-color: #001f35; -} -.btn-primary:active, -.btn-primary.active, -.open > .dropdown-toggle.btn-primary { - background-image: none; -} -.btn-primary.disabled:hover, -.btn-primary[disabled]:hover, -fieldset[disabled] .btn-primary:hover, -.btn-primary.disabled:focus, -.btn-primary[disabled]:focus, -fieldset[disabled] .btn-primary:focus, -.btn-primary.disabled.focus, -.btn-primary[disabled].focus, -fieldset[disabled] .btn-primary.focus { - background-color: #006BB4; - border-color: #006BB4; -} -.btn-primary .badge { - color: #006BB4; - background-color: #FFF; -} -.btn-xs { - padding: 1px 5px; - font-size: 12px; - line-height: 1.5; - border-radius: 4px; -} -.navbar { - position: relative; - min-height: 45px; - margin-bottom: 0px; - border: 1px solid transparent; -} -@media (min-width: 0) { - .navbar { - border-radius: 4px; - } -} -@media (min-width: 0) { - .navbar-header { - float: left; - } -} -.navbar-collapse { - overflow-x: visible; - padding-right: 10px; - padding-left: 10px; - border-top: 1px solid transparent; - box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.1); - -webkit-overflow-scrolling: touch; -} -.navbar-collapse.in { - overflow-y: auto; -} -@media (min-width: 0) { - .navbar-collapse { - width: auto; - border-top: 0; - box-shadow: none; - } - .navbar-collapse.collapse { - display: block !important; - height: auto !important; - padding-bottom: 0; - overflow: visible !important; - } - .navbar-collapse.in { - overflow-y: visible; - } - .navbar-fixed-top .navbar-collapse, - .navbar-fixed-bottom .navbar-collapse { - padding-left: 0; - padding-right: 0; - } -} -.navbar-fixed-top .navbar-collapse, -.navbar-fixed-bottom .navbar-collapse { - max-height: 340px; -} -@media (max-device-width: 480px) and (orientation: landscape) { - .navbar-fixed-top .navbar-collapse, - .navbar-fixed-bottom .navbar-collapse { - max-height: 200px; - } -} -.container > .navbar-header, -.container-fluid > .navbar-header, -.container > .navbar-collapse, -.container-fluid > .navbar-collapse { - margin-right: -10px; - margin-left: -10px; -} -@media (min-width: 0) { - .container > .navbar-header, - .container-fluid > .navbar-header, - .container > .navbar-collapse, - .container-fluid > .navbar-collapse { - margin-right: 0; - margin-left: 0; - } -} -.navbar-fixed-top, -.navbar-fixed-bottom { - position: fixed; - right: 0; - left: 0; - z-index: 1050; -} -@media (min-width: 0) { - .navbar-fixed-top, - .navbar-fixed-bottom { - border-radius: 0; - } -} -.navbar-fixed-top { - top: 0; - border-width: 0 0 1px; -} -.navbar-fixed-bottom { - bottom: 0; - margin-bottom: 0; - border-width: 1px 0 0; -} -.navbar-brand { - float: left; - padding: 12.5px 10px; - font-size: 18px; - line-height: 20px; - height: 45px; -} -.navbar-brand:hover, -.navbar-brand:focus { - text-decoration: none; -} -.navbar-brand > img { - display: block; -} -@media (min-width: 0) { - .navbar > .container .navbar-brand, - .navbar > .container-fluid .navbar-brand { - margin-left: -10px; - } -} -.navbar-toggle { - position: relative; - float: right; - margin-right: 10px; - padding: 9px 10px; - margin-top: 5.5px; - margin-bottom: 5.5px; - background-color: transparent; - background-image: none; - border: 1px solid transparent; - border-radius: 4px; -} -.navbar-toggle:focus { - outline: 0; -} -.navbar-toggle .icon-bar { - display: block; - width: 22px; - height: 2px; - border-radius: 1px; -} -.navbar-toggle .icon-bar + .icon-bar { - margin-top: 4px; -} -@media (min-width: 0) { - .navbar-toggle { - display: none; - } -} -.navbar-nav { - margin: 6.25px -10px; -} -.navbar-nav > li > a { - padding-top: 10px; - padding-bottom: 10px; - line-height: 20px; -} -@media (max-width: -1) { - .navbar-nav .open .dropdown-menu { - position: static; - float: none; - width: auto; - margin-top: 0; - background-color: transparent; - border: 0; - box-shadow: none; - } - .navbar-nav .open .dropdown-menu > li > a, - .navbar-nav .open .dropdown-menu .dropdown-header { - padding: 5px 15px 5px 25px; - } - .navbar-nav .open .dropdown-menu > li > a { - line-height: 20px; - } - .navbar-nav .open .dropdown-menu > li > a:hover, - .navbar-nav .open .dropdown-menu > li > a:focus { - background-image: none; - } -} -@media (min-width: 0) { - .navbar-nav { - float: left; - margin: 0; - } - .navbar-nav > li { - float: left; - } - .navbar-nav > li > a { - padding-top: 12.5px; - padding-bottom: 12.5px; - } -} -.navbar-form { - margin-left: -10px; - margin-right: -10px; - padding: 10px 10px; - border-top: 1px solid transparent; - border-bottom: 1px solid transparent; - box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.1), 0 1px 0 rgba(255, 255, 255, 0.1); - margin-top: 6.5px; - margin-bottom: 6.5px; -} -@media (min-width: 768px) { - .navbar-form .form-group { - display: inline-block; - margin-bottom: 0; - vertical-align: middle; - } - .navbar-form .form-control { - display: inline-block; - width: auto; - vertical-align: middle; - } - .navbar-form .form-control-static { - display: inline-block; - } - .navbar-form .input-group { - display: inline-table; - vertical-align: middle; - } - .navbar-form .input-group .input-group-addon, - .navbar-form .input-group .form-control { - width: auto; - } - .navbar-form .input-group > .form-control { - width: 100%; - } - .navbar-form .control-label { - margin-bottom: 0; - vertical-align: middle; - } - .navbar-form .radio, - .navbar-form .checkbox { - display: inline-block; - margin-top: 0; - margin-bottom: 0; - vertical-align: middle; - } - .navbar-form .radio label, - .navbar-form .checkbox label { - padding-left: 0; - } - .navbar-form .radio input[type="radio"], - .navbar-form .checkbox input[type="checkbox"] { - position: relative; - margin-left: 0; - } - .navbar-form .has-feedback .form-control-feedback { - top: 0; - } -} -@media (max-width: -1) { - .navbar-form .form-group { - margin-bottom: 5px; - } - .navbar-form .form-group:last-child { - margin-bottom: 0; - } -} -@media (min-width: 0) { - .navbar-form { - width: auto; - border: 0; - margin-left: 0; - margin-right: 0; - padding-top: 0; - padding-bottom: 0; - box-shadow: none; - } -} -.navbar-nav > li > .dropdown-menu { - margin-top: 0; - border-top-right-radius: 0; - border-top-left-radius: 0; -} -.navbar-fixed-bottom .navbar-nav > li > .dropdown-menu { - margin-bottom: 0; - border-top-right-radius: 4px; - border-top-left-radius: 4px; - border-bottom-right-radius: 0; - border-bottom-left-radius: 0; -} -.navbar-text { - margin-top: 12.5px; - margin-bottom: 12.5px; -} -@media (min-width: 0) { - .navbar-text { - float: left; - margin-left: 10px; - margin-right: 10px; - } -} -@media (min-width: 0) { - .navbar-left { - float: left !important; - } - .navbar-right { - float: right !important; - margin-right: -10px; - } - .navbar-right ~ .navbar-right { - margin-right: 0; - } -} -.navbar-default { - background-color: #F5F7FA; - border-color: transparent; -} -.navbar-default .navbar-brand { - color: #69707D; -} -.navbar-default .navbar-brand:hover, -.navbar-default .navbar-brand:focus { - color: #69707D; - background-color: transparent; -} -.navbar-default .navbar-text { - color: #69707D; -} -.navbar-default .navbar-nav > li > a { - color: #69707D; -} -.navbar-default .navbar-nav > li > a:hover, -.navbar-default .navbar-nav > li > a:focus { - color: #69707D; - background-color: transparent; -} -.navbar-default .navbar-nav > .active > a, -.navbar-default .navbar-nav > .active > a:hover, -.navbar-default .navbar-nav > .active > a:focus { - color: #343741; - background-color: transparent; -} -.navbar-default .navbar-nav > .disabled > a, -.navbar-default .navbar-nav > .disabled > a:hover, -.navbar-default .navbar-nav > .disabled > a:focus { - color: #69707D; - background-color: transparent; -} -.navbar-default .navbar-toggle { - border-color: #d3dce9; -} -.navbar-default .navbar-toggle:hover, -.navbar-default .navbar-toggle:focus { - background-color: #d3dce9; -} -.navbar-default .navbar-toggle .icon-bar { - background-color: #FFF; -} -.navbar-default .navbar-collapse, -.navbar-default .navbar-form { - border-color: transparent; -} -.navbar-default .navbar-nav > .open > a, -.navbar-default .navbar-nav > .open > a:hover, -.navbar-default .navbar-nav > .open > a:focus { - background-color: transparent; - color: #343741; -} -@media (max-width: -1) { - .navbar-default .navbar-nav .open .dropdown-menu > li > a { - color: #69707D; - } - .navbar-default .navbar-nav .open .dropdown-menu > li > a:hover, - .navbar-default .navbar-nav .open .dropdown-menu > li > a:focus { - color: #69707D; - background-color: transparent; - } - .navbar-default .navbar-nav .open .dropdown-menu > .active > a, - .navbar-default .navbar-nav .open .dropdown-menu > .active > a:hover, - .navbar-default .navbar-nav .open .dropdown-menu > .active > a:focus { - color: #343741; - background-color: transparent; - } - .navbar-default .navbar-nav .open .dropdown-menu > .disabled > a, - .navbar-default .navbar-nav .open .dropdown-menu > .disabled > a:hover, - .navbar-default .navbar-nav .open .dropdown-menu > .disabled > a:focus { - color: #69707D; - background-color: transparent; - } -} -.navbar-default .navbar-link { - color: #69707D; -} -.navbar-default .navbar-link:hover { - color: #69707D; -} -.navbar-inverse { - background-color: #343741; - border-color: #1d1f25; -} -.navbar-inverse .navbar-brand { - color: #FFF; -} -.navbar-inverse .navbar-brand:hover, -.navbar-inverse .navbar-brand:focus { - color: #FFF; - background-color: #4b4f5d; -} -.navbar-inverse .navbar-text { - color: #FFF; -} -.navbar-inverse .navbar-nav > li > a { - color: #D3DAE6; -} -.navbar-inverse .navbar-nav > li > a:hover, -.navbar-inverse .navbar-nav > li > a:focus { - color: #FFF; - background-color: #61677a; -} -.navbar-inverse .navbar-nav > .active > a, -.navbar-inverse .navbar-nav > .active > a:hover, -.navbar-inverse .navbar-nav > .active > a:focus { - color: #FFF; - background-color: #69707D; -} -.navbar-inverse .navbar-nav > .disabled > a, -.navbar-inverse .navbar-nav > .disabled > a:hover, -.navbar-inverse .navbar-nav > .disabled > a:focus { - color: #b2bac6; - background-color: transparent; -} -.navbar-inverse .navbar-toggle { - border-color: #1d1f25; -} -.navbar-inverse .navbar-toggle:hover, -.navbar-inverse .navbar-toggle:focus { - background-color: #1d1f25; -} -.navbar-inverse .navbar-toggle .icon-bar { - background-color: #FFF; -} -.navbar-inverse .navbar-collapse, -.navbar-inverse .navbar-form { - border-color: #24262d; -} -.navbar-inverse .navbar-nav > .open > a, -.navbar-inverse .navbar-nav > .open > a:hover, -.navbar-inverse .navbar-nav > .open > a:focus { - background-color: #69707D; - color: #FFF; -} -@media (max-width: -1) { - .navbar-inverse .navbar-nav .open .dropdown-menu > .dropdown-header { - border-color: #1d1f25; - } - .navbar-inverse .navbar-nav .open .dropdown-menu .divider { - background-color: #1d1f25; - } - .navbar-inverse .navbar-nav .open .dropdown-menu > li > a { - color: #D3DAE6; - } - .navbar-inverse .navbar-nav .open .dropdown-menu > li > a:hover, - .navbar-inverse .navbar-nav .open .dropdown-menu > li > a:focus { - color: #FFF; - background-color: #61677a; - } - .navbar-inverse .navbar-nav .open .dropdown-menu > .active > a, - .navbar-inverse .navbar-nav .open .dropdown-menu > .active > a:hover, - .navbar-inverse .navbar-nav .open .dropdown-menu > .active > a:focus { - color: #FFF; - background-color: #69707D; - } - .navbar-inverse .navbar-nav .open .dropdown-menu > .disabled > a, - .navbar-inverse .navbar-nav .open .dropdown-menu > .disabled > a:hover, - .navbar-inverse .navbar-nav .open .dropdown-menu > .disabled > a:focus { - color: #b2bac6; - background-color: transparent; - } -} -.navbar-inverse .navbar-link { - color: #D3DAE6; -} -.navbar-inverse .navbar-link:hover { - color: #FFF; -} -.close { - float: right; - font-size: 21px; - font-weight: bold; - line-height: 1; - color: #000; - text-shadow: none; - opacity: 0.2; - filter: alpha(opacity=20); -} -.close:hover, -.close:focus { - color: #000; - text-decoration: none; - cursor: pointer; - opacity: 0.5; - filter: alpha(opacity=50); -} -button.close { - padding: 0; - cursor: pointer; - background: transparent; - border: 0; - -webkit-appearance: none; -} -.modal-open { - overflow: hidden; -} -.modal { - display: none; - overflow: hidden; - position: fixed; - top: 0; - right: 0; - bottom: 0; - left: 0; - z-index: 1070; - -webkit-overflow-scrolling: touch; - outline: 0; -} -.modal.fade .modal-dialog { - transform: translate(0, -25%); - transition: transform 0.3s ease-out; -} -.modal.in .modal-dialog { - transform: translate(0, 0); -} -.modal-open .modal { - overflow-x: hidden; - overflow-y: auto; -} -.modal-dialog { - position: relative; - width: auto; - margin: 10px; -} -.modal-content { - position: relative; - background-color: #FFF; - border: 1px solid #98A2B3; - border: 1px solid rgba(0, 0, 0, 0.2); - border-radius: 4px; - box-shadow: 0 3px 9px rgba(0, 0, 0, 0.5); - background-clip: padding-box; - outline: 0; -} -.modal-backdrop { - position: fixed; - top: 0; - right: 0; - bottom: 0; - left: 0; - z-index: 1060; - background-color: #000; -} -.modal-backdrop.fade { - opacity: 0; - filter: alpha(opacity=0); -} -.modal-backdrop.in { - opacity: 0.5; - filter: alpha(opacity=50); -} -.modal-header { - padding: 15px; - border-bottom: 1px solid #e5e5e5; -} -.modal-header .close { - margin-top: -2px; -} -.modal-title { - margin: 0; - line-height: 1.42857143; -} -.modal-body { - position: relative; - padding: 15px; -} -.modal-footer { - padding: 15px; - text-align: right; - border-top: 1px solid #e5e5e5; -} -.modal-scrollbar-measure { - position: absolute; - top: -9999px; - width: 50px; - height: 50px; - overflow: scroll; -} -@media (min-width: 768px) { - .modal-dialog { - width: 600px; - margin: 30px auto; - } - .modal-content { - box-shadow: 0 5px 15px rgba(0, 0, 0, 0.5); - } - .modal-sm { - width: 300px; - } -} -@media (min-width: 992px) { - .modal-lg { - width: 900px; - } -} -@-webkit-keyframes progress-bar-stripes { - from { - background-position: 40px 0; - } - to { - background-position: 0 0; - } -} -@keyframes progress-bar-stripes { - from { - background-position: 40px 0; - } - to { - background-position: 0 0; - } -} -.progress { - overflow: hidden; - height: 20px; - margin-bottom: 20px; - background-color: #b8bec8; - border-radius: 4px; - box-shadow: inset 0 1px 2px rgba(0, 0, 0, 0.1); -} -.progress-bar { - float: left; - width: 0%; - height: 100%; - font-size: 12px; - line-height: 20px; - color: #FFF; - text-align: center; - background-color: #54B399; - transition: width 0.6s ease; -} -.progress-striped .progress-bar, -.progress-bar-striped { - background-image: linear-gradient(45deg, rgba(255, 255, 255, 0.15) 25%, transparent 25%, transparent 50%, rgba(255, 255, 255, 0.15) 50%, rgba(255, 255, 255, 0.15) 75%, transparent 75%, transparent); - background-size: 40px 40px; -} -.progress.active .progress-bar, -.progress-bar.active { - -webkit-animation: progress-bar-stripes 2s linear infinite; - animation: progress-bar-stripes 2s linear infinite; -} -.progress-bar-success { - background-color: #017D73; -} -.progress-striped .progress-bar-success { - background-image: linear-gradient(45deg, rgba(255, 255, 255, 0.15) 25%, transparent 25%, transparent 50%, rgba(255, 255, 255, 0.15) 50%, rgba(255, 255, 255, 0.15) 75%, transparent 75%, transparent); -} -.progress-bar-info { - background-color: #006BB4; -} -.progress-striped .progress-bar-info { - background-image: linear-gradient(45deg, rgba(255, 255, 255, 0.15) 25%, transparent 25%, transparent 50%, rgba(255, 255, 255, 0.15) 50%, rgba(255, 255, 255, 0.15) 75%, transparent 75%, transparent); -} -.progress-bar-warning { - background-color: #F5A700; -} -.progress-striped .progress-bar-warning { - background-image: linear-gradient(45deg, rgba(255, 255, 255, 0.15) 25%, transparent 25%, transparent 50%, rgba(255, 255, 255, 0.15) 50%, rgba(255, 255, 255, 0.15) 75%, transparent 75%, transparent); -} -.progress-bar-danger { - background-color: #BD271E; -} -.progress-striped .progress-bar-danger { - background-image: linear-gradient(45deg, rgba(255, 255, 255, 0.15) 25%, transparent 25%, transparent 50%, rgba(255, 255, 255, 0.15) 50%, rgba(255, 255, 255, 0.15) 75%, transparent 75%, transparent); -} -.list-group { - margin-bottom: 20px; - padding-left: 0; -} -.list-group-item { - position: relative; - display: block; - padding: 10px 15px; - margin-bottom: -1px; - background-color: #FFF; - border: 1px solid #D3DAE6; -} -.list-group-item:first-child { - border-top-right-radius: 4px; - border-top-left-radius: 4px; -} -.list-group-item:last-child { - margin-bottom: 0; - border-bottom-right-radius: 4px; - border-bottom-left-radius: 4px; -} -.list-group-item--noBorder { - border-top: 0; -} -a.list-group-item, -button.list-group-item { - color: #69707D; -} -a.list-group-item .list-group-item-heading, -button.list-group-item .list-group-item-heading { - color: #343741; -} -a.list-group-item:hover, -button.list-group-item:hover, -a.list-group-item:focus, -button.list-group-item:focus { - text-decoration: none; - color: #69707D; - background-color: #F5F7FA; -} -button.list-group-item { - width: 100%; - text-align: left; -} -.list-group-item.disabled, -.list-group-item.disabled:hover, -.list-group-item.disabled:focus { - background-color: #D3DAE6; - color: #b2bac6; - cursor: not-allowed; -} -.list-group-item.disabled .list-group-item-heading, -.list-group-item.disabled:hover .list-group-item-heading, -.list-group-item.disabled:focus .list-group-item-heading { - color: inherit; -} -.list-group-item.disabled .list-group-item-text, -.list-group-item.disabled:hover .list-group-item-text, -.list-group-item.disabled:focus .list-group-item-text { - color: #b2bac6; -} -.list-group-item.active, -.list-group-item.active:hover, -.list-group-item.active:focus { - z-index: 2; - color: #343741; - background-color: #343741; - border-color: #343741; -} -.list-group-item.active .list-group-item-heading, -.list-group-item.active:hover .list-group-item-heading, -.list-group-item.active:focus .list-group-item-heading, -.list-group-item.active .list-group-item-heading > small, -.list-group-item.active:hover .list-group-item-heading > small, -.list-group-item.active:focus .list-group-item-heading > small, -.list-group-item.active .list-group-item-heading > .small, -.list-group-item.active:hover .list-group-item-heading > .small, -.list-group-item.active:focus .list-group-item-heading > .small { - color: inherit; -} -.list-group-item.active .list-group-item-text, -.list-group-item.active:hover .list-group-item-text, -.list-group-item.active:focus .list-group-item-text { - color: #969bab; -} -.list-group-item-success { - color: #FFF; - background-color: #017D73; -} -a.list-group-item-success, -button.list-group-item-success { - color: #FFF; -} -a.list-group-item-success .list-group-item-heading, -button.list-group-item-success .list-group-item-heading { - color: inherit; -} -a.list-group-item-success:hover, -button.list-group-item-success:hover, -a.list-group-item-success:focus, -button.list-group-item-success:focus { - color: #FFF; - background-color: #01645c; -} -a.list-group-item-success.active, -button.list-group-item-success.active, -a.list-group-item-success.active:hover, -button.list-group-item-success.active:hover, -a.list-group-item-success.active:focus, -button.list-group-item-success.active:focus { - color: #fff; - background-color: #FFF; - border-color: #FFF; -} -.list-group-item-info { - color: #FFF; - background-color: #006BB4; -} -a.list-group-item-info, -button.list-group-item-info { - color: #FFF; -} -a.list-group-item-info .list-group-item-heading, -button.list-group-item-info .list-group-item-heading { - color: inherit; -} -a.list-group-item-info:hover, -button.list-group-item-info:hover, -a.list-group-item-info:focus, -button.list-group-item-info:focus { - color: #FFF; - background-color: #005c9b; -} -a.list-group-item-info.active, -button.list-group-item-info.active, -a.list-group-item-info.active:hover, -button.list-group-item-info.active:hover, -a.list-group-item-info.active:focus, -button.list-group-item-info.active:focus { - color: #fff; - background-color: #FFF; - border-color: #FFF; -} -.list-group-item-warning { - color: #FFF; - background-color: #F5A700; -} -a.list-group-item-warning, -button.list-group-item-warning { - color: #FFF; -} -a.list-group-item-warning .list-group-item-heading, -button.list-group-item-warning .list-group-item-heading { - color: inherit; -} -a.list-group-item-warning:hover, -button.list-group-item-warning:hover, -a.list-group-item-warning:focus, -button.list-group-item-warning:focus { - color: #FFF; - background-color: #dc9600; -} -a.list-group-item-warning.active, -button.list-group-item-warning.active, -a.list-group-item-warning.active:hover, -button.list-group-item-warning.active:hover, -a.list-group-item-warning.active:focus, -button.list-group-item-warning.active:focus { - color: #fff; - background-color: #FFF; - border-color: #FFF; -} -.list-group-item-danger { - color: #FFF; - background-color: #BD271E; -} -a.list-group-item-danger, -button.list-group-item-danger { - color: #FFF; -} -a.list-group-item-danger .list-group-item-heading, -button.list-group-item-danger .list-group-item-heading { - color: inherit; -} -a.list-group-item-danger:hover, -button.list-group-item-danger:hover, -a.list-group-item-danger:focus, -button.list-group-item-danger:focus { - color: #FFF; - background-color: #a7221b; -} -a.list-group-item-danger.active, -button.list-group-item-danger.active, -a.list-group-item-danger.active:hover, -button.list-group-item-danger.active:hover, -a.list-group-item-danger.active:focus, -button.list-group-item-danger.active:focus { - color: #fff; - background-color: #FFF; - border-color: #FFF; -} -.list-group-item-heading { - margin-top: 0; - margin-bottom: 5px; -} -.list-group-item-text { - margin-bottom: 0; - line-height: 1.3; -} -.nav { - margin-bottom: 0; - padding-left: 0; - list-style: none; -} -.nav > li { - position: relative; - display: block; -} -.nav > li > a { - position: relative; - display: block; - padding: 10px 15px; -} -.nav > li > a:hover, -.nav > li > a:focus { - text-decoration: none; - background-color: #D3DAE6; -} -.nav > li.disabled > a { - color: #b2bac6; -} -.nav > li.disabled > a:hover, -.nav > li.disabled > a:focus { - color: #b2bac6; - text-decoration: none; - background-color: transparent; - cursor: not-allowed; -} -.nav .open > a, -.nav .open > a:hover, -.nav .open > a:focus { - background-color: #D3DAE6; - border-color: #006BB4; -} -.nav .nav-divider { - height: 1px; - margin: 9px 0; - overflow: hidden; - background-color: #e5e5e5; -} -.nav > li > a > img { - max-width: none; -} -.nav-tabs { - border-bottom: 1px solid #D3DAE6; -} -.nav-tabs > li { - float: left; - margin-bottom: -1px; -} -.nav-tabs > li > a { - margin-right: 2px; - line-height: 1.42857143; - border: 1px solid transparent; - border-radius: 4px 4px 0 0; -} -.nav-tabs > li > a:hover { - border-color: #D3DAE6; - background-color: #FFF; -} -.nav-tabs > li.active > a, -.nav-tabs > li.active > a:hover, -.nav-tabs > li.active > a:focus { - color: #343741; - background-color: #FFF; - border: 1px solid #D3DAE6; - border-bottom-color: transparent; - cursor: default; -} -.nav-tabs.nav-justified { - width: 100%; - border-bottom: 0; -} -.nav-tabs.nav-justified > li { - float: none; -} -.nav-tabs.nav-justified > li > a { - text-align: center; - margin-bottom: 5px; -} -.nav-tabs.nav-justified > .dropdown .dropdown-menu { - top: auto; - left: auto; -} -@media (min-width: 768px) { - .nav-tabs.nav-justified > li { - display: table-cell; - width: 1%; - } - .nav-tabs.nav-justified > li > a { - margin-bottom: 0; - } -} -.nav-tabs.nav-justified > li > a { - margin-right: 0; - border-radius: 4px; -} -.nav-tabs.nav-justified > .active > a, -.nav-tabs.nav-justified > .active > a:hover, -.nav-tabs.nav-justified > .active > a:focus { - border: 1px solid #FFF; -} -@media (min-width: 768px) { - .nav-tabs.nav-justified > li > a { - border-bottom: 1px solid #FFF; - border-radius: 4px 4px 0 0; - } - .nav-tabs.nav-justified > .active > a, - .nav-tabs.nav-justified > .active > a:hover, - .nav-tabs.nav-justified > .active > a:focus { - border-bottom-color: #FFF; - } -} -.nav-pills > li { - float: left; -} -.nav-pills > li > a { - border-radius: 4px; -} -.nav-pills > li + li { - margin-left: 2px; -} -.nav-pills > li.active > a, -.nav-pills > li.active > a:hover, -.nav-pills > li.active > a:focus { - color: #FFF; - background-color: #006BB4; -} -.nav-stacked > li { - float: none; -} -.nav-stacked > li + li { - margin-top: 2px; - margin-left: 0; -} -.nav-justified { - width: 100%; -} -.nav-justified > li { - float: none; -} -.nav-justified > li > a { - text-align: center; - margin-bottom: 5px; -} -.nav-justified > .dropdown .dropdown-menu { - top: auto; - left: auto; -} -@media (min-width: 768px) { - .nav-justified > li { - display: table-cell; - width: 1%; - } - .nav-justified > li > a { - margin-bottom: 0; - } -} -.nav-tabs-justified { - border-bottom: 0; -} -.nav-tabs-justified > li > a { - margin-right: 0; - border-radius: 4px; -} -.nav-tabs-justified > .active > a, -.nav-tabs-justified > .active > a:hover, -.nav-tabs-justified > .active > a:focus { - border: 1px solid #FFF; -} -@media (min-width: 768px) { - .nav-tabs-justified > li > a { - border-bottom: 1px solid #FFF; - border-radius: 4px 4px 0 0; - } - .nav-tabs-justified > .active > a, - .nav-tabs-justified > .active > a:hover, - .nav-tabs-justified > .active > a:focus { - border-bottom-color: #FFF; - } -} -.tab-content > .tab-pane { - display: none; -} -.tab-content > .active { - display: block; -} -.nav-tabs .dropdown-menu { - margin-top: -1px; - border-top-right-radius: 0; - border-top-left-radius: 0; -} -.alert { - padding: 15px; - margin-bottom: 20px; - border: 1px solid transparent; - border-radius: 4px; -} -.alert h4 { - margin-top: 0; - color: inherit; -} -.alert .alert-link { - font-weight: bold; -} -.alert > p, -.alert > ul { - margin-bottom: 0; -} -.alert > p + p { - margin-top: 5px; -} -.alert-dismissable, -.alert-dismissible { - padding-right: 35px; -} -.alert-dismissable .close, -.alert-dismissible .close { - position: relative; - top: -2px; - right: -21px; - color: inherit; -} -.alert-success { - background-color: #017D73; - border-color: #014a44; - color: #FFF; -} -.alert-success hr { - border-top-color: #00312d; -} -.alert-success .alert-link { - color: #e6e6e6; -} -.alert-info { - background-color: #006BB4; - border-color: #004d81; - color: #FFF; -} -.alert-info hr { - border-top-color: #003e68; -} -.alert-info .alert-link { - color: #e6e6e6; -} -.alert-warning { - background-color: #F5A700; - border-color: #c28400; - color: #FFF; -} -.alert-warning hr { - border-top-color: #a97300; -} -.alert-warning .alert-link { - color: #e6e6e6; -} -.alert-danger { - background-color: #BD271E; - border-color: #911e17; - color: #FFF; -} -.alert-danger hr { - border-top-color: #7b1914; -} -.alert-danger .alert-link { - color: #e6e6e6; -} -.bsTooltip { - position: absolute; - z-index: 1040; - display: block; - font-family: 'Open Sans', Helvetica, Arial, sans-serif; - font-style: normal; - font-weight: normal; - letter-spacing: normal; - line-break: auto; - line-height: 1.42857143; - text-align: left; - text-align: start; - text-decoration: none; - text-shadow: none; - text-transform: none; - white-space: normal; - word-break: normal; - word-spacing: normal; - word-wrap: normal; - font-size: 12px; - opacity: 0; - filter: alpha(opacity=0); -} -.bsTooltip.in { - opacity: 0.8; - filter: alpha(opacity=80); -} -.bsTooltip.top { - margin-top: -3px; - padding: 5px 0; -} -.bsTooltip.right { - margin-left: 3px; - padding: 0 5px; -} -.bsTooltip.bottom { - margin-top: 3px; - padding: 5px 0; -} -.bsTooltip.left { - margin-left: -3px; - padding: 0 5px; -} -.bsTooltip-inner { - max-width: 200px; - padding: 3px 8px; - color: #fff; - text-align: center; - background-color: #000; - border-radius: 4px; -} -.bsTooltip-arrow { - position: absolute; - width: 0; - height: 0; - border-color: transparent; - border-style: solid; -} -.bsTooltip.top .bsTooltip-arrow { - bottom: 0; - left: 50%; - margin-left: -5px; - border-width: 5px 5px 0; - border-top-color: #000; -} -.bsTooltip.top-left .bsTooltip-arrow { - bottom: 0; - right: 5px; - margin-bottom: -5px; - border-width: 5px 5px 0; - border-top-color: #000; -} -.bsTooltip.top-right .bsTooltip-arrow { - bottom: 0; - left: 5px; - margin-bottom: -5px; - border-width: 5px 5px 0; - border-top-color: #000; -} -.bsTooltip.right .bsTooltip-arrow { - top: 50%; - left: 0; - margin-top: -5px; - border-width: 5px 5px 5px 0; - border-right-color: #000; -} -.bsTooltip.left .bsTooltip-arrow { - top: 50%; - right: 0; - margin-top: -5px; - border-width: 5px 0 5px 5px; - border-left-color: #000; -} -.bsTooltip.bottom .bsTooltip-arrow { - top: 0; - left: 50%; - margin-left: -5px; - border-width: 0 5px 5px; - border-bottom-color: #000; -} -.bsTooltip.bottom-left .bsTooltip-arrow { - top: 0; - right: 5px; - margin-top: -5px; - border-width: 0 5px 5px; - border-bottom-color: #000; -} -.bsTooltip.bottom-right .bsTooltip-arrow { - top: 0; - left: 5px; - margin-top: -5px; - border-width: 0 5px 5px; - border-bottom-color: #000; -} -.visible-xs, -.visible-sm, -.visible-md, -.visible-lg { - display: none !important; -} -.visible-xs-block, -.visible-xs-inline, -.visible-xs-inline-block, -.visible-sm-block, -.visible-sm-inline, -.visible-sm-inline-block, -.visible-md-block, -.visible-md-inline, -.visible-md-inline-block, -.visible-lg-block, -.visible-lg-inline, -.visible-lg-inline-block { - display: none !important; -} -@media (max-width: 767px) { - .visible-xs { - display: block !important; - } - table.visible-xs { - display: table !important; - } - tr.visible-xs { - display: table-row !important; - } - th.visible-xs, - td.visible-xs { - display: table-cell !important; - } -} -@media (max-width: 767px) { - .visible-xs-block { - display: block !important; - } -} -@media (max-width: 767px) { - .visible-xs-inline { - display: inline !important; - } -} -@media (max-width: 767px) { - .visible-xs-inline-block { - display: inline-block !important; - } -} -@media (min-width: 768px) and (max-width: 991px) { - .visible-sm { - display: block !important; - } - table.visible-sm { - display: table !important; - } - tr.visible-sm { - display: table-row !important; - } - th.visible-sm, - td.visible-sm { - display: table-cell !important; - } -} -@media (min-width: 768px) and (max-width: 991px) { - .visible-sm-block { - display: block !important; - } -} -@media (min-width: 768px) and (max-width: 991px) { - .visible-sm-inline { - display: inline !important; - } -} -@media (min-width: 768px) and (max-width: 991px) { - .visible-sm-inline-block { - display: inline-block !important; - } -} -@media (min-width: 992px) and (max-width: 1199px) { - .visible-md { - display: block !important; - } - table.visible-md { - display: table !important; - } - tr.visible-md { - display: table-row !important; - } - th.visible-md, - td.visible-md { - display: table-cell !important; - } -} -@media (min-width: 992px) and (max-width: 1199px) { - .visible-md-block { - display: block !important; - } -} -@media (min-width: 992px) and (max-width: 1199px) { - .visible-md-inline { - display: inline !important; - } -} -@media (min-width: 992px) and (max-width: 1199px) { - .visible-md-inline-block { - display: inline-block !important; - } -} -@media (min-width: 1200px) { - .visible-lg { - display: block !important; - } - table.visible-lg { - display: table !important; - } - tr.visible-lg { - display: table-row !important; - } - th.visible-lg, - td.visible-lg { - display: table-cell !important; - } -} -@media (min-width: 1200px) { - .visible-lg-block { - display: block !important; - } -} -@media (min-width: 1200px) { - .visible-lg-inline { - display: inline !important; - } -} -@media (min-width: 1200px) { - .visible-lg-inline-block { - display: inline-block !important; - } -} -@media (max-width: 767px) { - .hidden-xs { - display: none !important; - } -} -@media (min-width: 768px) and (max-width: 991px) { - .hidden-sm { - display: none !important; - } -} -@media (min-width: 992px) and (max-width: 1199px) { - .hidden-md { - display: none !important; - } -} -@media (min-width: 1200px) { - .hidden-lg { - display: none !important; - } -} -.visible-print { - display: none !important; -} -@media print { - .visible-print { - display: block !important; - } - table.visible-print { - display: table !important; - } - tr.visible-print { - display: table-row !important; - } - th.visible-print, - td.visible-print { - display: table-cell !important; - } -} -.visible-print-block { - display: none !important; -} -@media print { - .visible-print-block { - display: block !important; - } -} -.visible-print-inline { - display: none !important; -} -@media print { - .visible-print-inline { - display: inline !important; - } -} -.visible-print-inline-block { - display: none !important; -} -@media print { - .visible-print-inline-block { - display: inline-block !important; - } -} -@media print { - .hidden-print { - display: none !important; - } -} -.caret { - display: inline-block; - width: 0; - height: 0; - margin-left: 2px; - vertical-align: middle; - border-top: 4px dashed; - border-top: 4px solid \9; - border-right: 4px solid transparent; - border-left: 4px solid transparent; -} -.dropup, -.dropdown { - position: relative; -} -.dropdown-toggle:focus { - outline: 0; -} -.dropdown-menu { - position: absolute; - top: 100%; - left: 0; - z-index: 1000; - display: none; - float: left; - min-width: 160px; - padding: 5px 0; - margin: 2px 0 0; - list-style: none; - font-size: 14px; - text-align: left; - background-color: #FFF; - border: 1px solid #D3DAE6; - border-radius: 4px; - box-shadow: 0 4px 8px 0 rgba(0, 0, 0, 0.1); - background-clip: padding-box; -} -.dropdown-menu.pull-right { - right: 0; - left: auto; -} -.dropdown-menu .divider { - height: 1px; - margin: 9px 0; - overflow: hidden; - background-color: #D3DAE6; -} -.dropdown-menu > li > a, -.dropdown-menu > li > button { - display: block; - padding: 3px 20px; - clear: both; - font-weight: normal; - line-height: 1.42857143; - color: #7b7b7b; - white-space: nowrap; -} -.dropdown-menu > li > button { - -webkit-appearance: none; - -moz-appearance: none; - appearance: none; - background: none; - border: none; - width: 100%; - text-align: left; -} -.dropdown-menu > li > a:hover, -.dropdown-menu > li > button:hover, -.dropdown-menu > li > a:focus, -.dropdown-menu > li > button:focus { - text-decoration: none; - color: #FFF; - background-color: #343741; -} -.dropdown-menu > .active > button, -.dropdown-menu > .active > a, -.dropdown-menu > .active > button:hover, -.dropdown-menu > .active > a:hover, -.dropdown-menu > .active > button:focus, -.dropdown-menu > .active > a:focus { - color: #FFF; - text-decoration: none; - outline: 0; - background-color: #343741; -} -.dropdown-menu > .disabled > a, -.dropdown-menu > .disabled > a:hover, -.dropdown-menu > .disabled > a:focus { - color: #98A2B3; -} -.dropdown-menu > .disabled > a:hover, -.dropdown-menu > .disabled > a:focus { - text-decoration: none; - background-color: transparent; - background-image: none; - filter: progid:DXImageTransform.Microsoft.gradient(enabled = false); - cursor: not-allowed; -} -.open > .dropdown-menu { - display: block; -} -.open > a { - outline: 0; -} -.dropdown-menu-right { - left: auto; - right: 0; -} -.dropdown-menu-left { - left: 0; - right: auto; -} -.dropdown-header { - display: block; - padding: 3px 20px; - font-size: 12px; - line-height: 1.42857143; - color: #98A2B3; - white-space: nowrap; -} -.dropdown-backdrop { - position: fixed; - left: 0; - right: 0; - bottom: 0; - top: 0; - z-index: 990; -} -.pull-right > .dropdown-menu { - right: 0; - left: auto; -} -.dropup .caret, -.navbar-fixed-bottom .dropdown .caret { - border-top: 0; - border-bottom: 4px dashed; - border-bottom: 4px solid \9; - content: ""; -} -.dropup .dropdown-menu, -.navbar-fixed-bottom .dropdown .dropdown-menu { - top: auto; - bottom: 100%; - margin-bottom: 2px; -} -@media (min-width: 0) { - .navbar-right .dropdown-menu { - left: auto; - right: 0; - } - .navbar-right .dropdown-menu-left { - left: 0; - right: auto; - } -} -.input-group { - position: relative; - display: table; - border-collapse: separate; -} -.input-group[class*="col-"] { - float: none; - padding-left: 0; - padding-right: 0; -} -.input-group .form-control { - position: relative; - z-index: 2; - float: left; - width: 100%; - margin-bottom: 0; -} -.input-group .form-control:focus { - z-index: 3; -} -.input-group-lg > .form-control, -.input-group-lg > .input-group-addon { - height: 62px; - padding: 18px 27px; - font-size: 18px; - line-height: 1.3333333; - border-radius: 4px; -} -select.input-group-lg > .form-control, -select.input-group-lg > .input-group-addon { - height: 62px; - line-height: 62px; -} -textarea.input-group-lg > .form-control, -textarea.input-group-lg > .input-group-addon, -select[multiple].input-group-lg > .form-control, -select[multiple].input-group-lg > .input-group-addon { - height: auto; -} -.input-group-sm > .form-control, -.input-group-sm > .input-group-addon { - height: 32px; - padding: 6px 9px; - font-size: 12px; - line-height: 1.5; - border-radius: 4px; -} -select.input-group-sm > .form-control, -select.input-group-sm > .input-group-addon { - height: 32px; - line-height: 32px; -} -textarea.input-group-sm > .form-control, -textarea.input-group-sm > .input-group-addon, -select[multiple].input-group-sm > .form-control, -select[multiple].input-group-sm > .input-group-addon { - height: auto; -} -.input-group-addon, -.input-group .form-control { - display: table-cell; -} -.input-group-addon:not(:first-child):not(:last-child), -.input-group .form-control:not(:first-child):not(:last-child) { - border-radius: 0; -} -.input-group-addon { - width: 1%; - white-space: nowrap; - vertical-align: middle; -} -.input-group-addon { - padding: 5px 15px; - font-size: 14px; - font-weight: normal; - line-height: 1; - color: #343741; - text-align: center; - background-color: #D3DAE6; - border: 1px solid #D3DAE6; - border-radius: 4px; -} -.input-group-addon.input-sm { - padding: 6px 9px; - font-size: 12px; - border-radius: 4px; -} -.input-group-addon.input-lg { - padding: 18px 27px; - font-size: 18px; - border-radius: 4px; -} -.input-group-addon input[type="radio"], -.input-group-addon input[type="checkbox"] { - margin-top: 0; -} -.input-group .form-control:first-child, -.input-group-addon:first-child { - border-bottom-right-radius: 0; - border-top-right-radius: 0; -} -.input-group-addon:first-child { - border-right: 0; -} -.input-group .form-control:last-child, -.input-group-addon:last-child { - border-bottom-left-radius: 0; - border-top-left-radius: 0; -} -.input-group-addon:last-child { - border-left: 0; -} -.pagination { - display: inline-block; - padding-left: 0; - margin: 20px 0; - border-radius: 4px; -} -.pagination > li { - display: inline; -} -.pagination > li > a, -.pagination > li > span { - position: relative; - float: left; - padding: 5px 15px; - line-height: 1.42857143; - text-decoration: none; - color: #006BB4; - background-color: transparent; - border: 1px solid transparent; - margin-left: -1px; -} -.pagination > li:first-child > a, -.pagination > li:first-child > span { - margin-left: 0; - border-bottom-left-radius: 4px; - border-top-left-radius: 4px; -} -.pagination > li:last-child > a, -.pagination > li:last-child > span { - border-bottom-right-radius: 4px; - border-top-right-radius: 4px; -} -.pagination > li > a:hover, -.pagination > li > span:hover, -.pagination > li > a:focus, -.pagination > li > span:focus { - z-index: 2; - color: #006BB4; - background-color: rgba(0, 0, 0, 0); - border-color: transparent; -} -.pagination > .active > a, -.pagination > .active > span, -.pagination > .active > a:hover, -.pagination > .active > span:hover, -.pagination > .active > a:focus, -.pagination > .active > span:focus { - z-index: 3; - color: #343741; - background-color: rgba(0, 0, 0, 0); - border-color: transparent; - cursor: default; -} -.pagination > .disabled > span, -.pagination > .disabled > span:hover, -.pagination > .disabled > span:focus, -.pagination > .disabled > a, -.pagination > .disabled > a:hover, -.pagination > .disabled > a:focus { - color: #343741; - background-color: rgba(38, 38, 38, 0); - border-color: transparent; - cursor: not-allowed; -} -.pagination-lg > li > a, -.pagination-lg > li > span { - padding: 18px 27px; - font-size: 18px; - line-height: 1.3333333; -} -.pagination-lg > li:first-child > a, -.pagination-lg > li:first-child > span { - border-bottom-left-radius: 4px; - border-top-left-radius: 4px; -} -.pagination-lg > li:last-child > a, -.pagination-lg > li:last-child > span { - border-bottom-right-radius: 4px; - border-top-right-radius: 4px; -} -.pagination-sm > li > a, -.pagination-sm > li > span { - padding: 6px 9px; - font-size: 12px; - line-height: 1.5; -} -.pagination-sm > li:first-child > a, -.pagination-sm > li:first-child > span { - border-bottom-left-radius: 4px; - border-top-left-radius: 4px; -} -.pagination-sm > li:last-child > a, -.pagination-sm > li:last-child > span { - border-bottom-right-radius: 4px; - border-top-right-radius: 4px; -} -.pager { - padding-left: 0; - margin: 20px 0; - list-style: none; - text-align: center; -} -.pager li { - display: inline; -} -.pager li > a, -.pager li > span { - display: inline-block; - padding: 5px 14px; - background-color: transparent; - border: 1px solid transparent; - border-radius: 0; -} -.pager li > a:hover, -.pager li > a:focus { - text-decoration: none; - background-color: rgba(0, 0, 0, 0); -} -.pager .next > a, -.pager .next > span { - float: right; -} -.pager .previous > a, -.pager .previous > span { - float: left; -} -.pager .disabled > a, -.pager .disabled > a:hover, -.pager .disabled > a:focus, -.pager .disabled > span { - color: #FFF; - background-color: transparent; - cursor: not-allowed; -} -.label { - display: inline; - padding: .2em .6em .3em; - font-size: 75%; - font-weight: bold; - line-height: 1; - color: #FFF; - text-align: center; - white-space: nowrap; - vertical-align: baseline; - border-radius: .25em; -} -a.label:hover, -a.label:focus { - color: #FFF; - text-decoration: none; - cursor: pointer; -} -.label:empty { - display: none; -} -.label-default { - background-color: #006BB4; -} -.label-default[href]:hover, -.label-default[href]:focus { - background-color: #004d81; -} -.label-primary { - background-color: #343741; -} -.label-primary[href]:hover, -.label-primary[href]:focus { - background-color: #1d1f25; -} -.label-success { - background-color: #017D73; -} -.label-success[href]:hover, -.label-success[href]:focus { - background-color: #014a44; -} -.label-info { - background-color: #006BB4; -} -.label-info[href]:hover, -.label-info[href]:focus { - background-color: #004d81; -} -.label-warning { - background-color: #F5A700; -} -.label-warning[href]:hover, -.label-warning[href]:focus { - background-color: #c28400; -} -.label-danger { - background-color: #BD271E; -} -.label-danger[href]:hover, -.label-danger[href]:focus { - background-color: #911e17; -} -.panel { - margin-bottom: 20px; - background-color: #FFF; - border: 1px solid transparent; - border-radius: 4px; - box-shadow: 0 1px 1px rgba(0, 0, 0, 0.05); -} -.panel-body { - padding: 15px; -} -.panel-heading { - padding: 10px 15px; - border-bottom: 1px solid transparent; - border-top-right-radius: 3px; - border-top-left-radius: 3px; -} -.panel-heading > .dropdown .dropdown-toggle { - color: inherit; -} -.panel-title { - margin-top: 0; - margin-bottom: 0; - font-size: 16px; - color: inherit; -} -.panel-title > a, -.panel-title > small, -.panel-title > .small, -.panel-title > small > a, -.panel-title > .small > a { - color: inherit; -} -.panel-footer { - padding: 10px 15px; - background-color: #F5F7FA; - border-top: 1px solid #D3DAE6; - border-bottom-right-radius: 3px; - border-bottom-left-radius: 3px; -} -.panel > .list-group, -.panel > .panel-collapse > .list-group { - margin-bottom: 0; -} -.panel > .list-group .list-group-item, -.panel > .panel-collapse > .list-group .list-group-item { - border-width: 1px 0; - border-radius: 0; -} -.panel > .list-group:first-child .list-group-item:first-child, -.panel > .panel-collapse > .list-group:first-child .list-group-item:first-child { - border-top: 0; - border-top-right-radius: 3px; - border-top-left-radius: 3px; -} -.panel > .list-group:last-child .list-group-item:last-child, -.panel > .panel-collapse > .list-group:last-child .list-group-item:last-child { - border-bottom: 0; - border-bottom-right-radius: 3px; - border-bottom-left-radius: 3px; -} -.panel > .panel-heading + .panel-collapse > .list-group .list-group-item:first-child { - border-top-right-radius: 0; - border-top-left-radius: 0; -} -.panel-heading + .list-group .list-group-item:first-child { - border-top-width: 0; -} -.list-group + .panel-footer { - border-top-width: 0; -} -.panel > .table, -.panel > .table-responsive > .table, -.panel > .panel-collapse > .table { - margin-bottom: 0; -} -.panel > .table caption, -.panel > .table-responsive > .table caption, -.panel > .panel-collapse > .table caption { - padding-left: 15px; - padding-right: 15px; -} -.panel > .table:first-child, -.panel > .table-responsive:first-child > .table:first-child { - border-top-right-radius: 3px; - border-top-left-radius: 3px; -} -.panel > .table:first-child > thead:first-child > tr:first-child, -.panel > .table-responsive:first-child > .table:first-child > thead:first-child > tr:first-child, -.panel > .table:first-child > tbody:first-child > tr:first-child, -.panel > .table-responsive:first-child > .table:first-child > tbody:first-child > tr:first-child { - border-top-left-radius: 3px; - border-top-right-radius: 3px; -} -.panel > .table:first-child > thead:first-child > tr:first-child td:first-child, -.panel > .table-responsive:first-child > .table:first-child > thead:first-child > tr:first-child td:first-child, -.panel > .table:first-child > tbody:first-child > tr:first-child td:first-child, -.panel > .table-responsive:first-child > .table:first-child > tbody:first-child > tr:first-child td:first-child, -.panel > .table:first-child > thead:first-child > tr:first-child th:first-child, -.panel > .table-responsive:first-child > .table:first-child > thead:first-child > tr:first-child th:first-child, -.panel > .table:first-child > tbody:first-child > tr:first-child th:first-child, -.panel > .table-responsive:first-child > .table:first-child > tbody:first-child > tr:first-child th:first-child { - border-top-left-radius: 3px; -} -.panel > .table:first-child > thead:first-child > tr:first-child td:last-child, -.panel > .table-responsive:first-child > .table:first-child > thead:first-child > tr:first-child td:last-child, -.panel > .table:first-child > tbody:first-child > tr:first-child td:last-child, -.panel > .table-responsive:first-child > .table:first-child > tbody:first-child > tr:first-child td:last-child, -.panel > .table:first-child > thead:first-child > tr:first-child th:last-child, -.panel > .table-responsive:first-child > .table:first-child > thead:first-child > tr:first-child th:last-child, -.panel > .table:first-child > tbody:first-child > tr:first-child th:last-child, -.panel > .table-responsive:first-child > .table:first-child > tbody:first-child > tr:first-child th:last-child { - border-top-right-radius: 3px; -} -.panel > .table:last-child, -.panel > .table-responsive:last-child > .table:last-child { - border-bottom-right-radius: 3px; - border-bottom-left-radius: 3px; -} -.panel > .table:last-child > tbody:last-child > tr:last-child, -.panel > .table-responsive:last-child > .table:last-child > tbody:last-child > tr:last-child, -.panel > .table:last-child > tfoot:last-child > tr:last-child, -.panel > .table-responsive:last-child > .table:last-child > tfoot:last-child > tr:last-child { - border-bottom-left-radius: 3px; - border-bottom-right-radius: 3px; -} -.panel > .table:last-child > tbody:last-child > tr:last-child td:first-child, -.panel > .table-responsive:last-child > .table:last-child > tbody:last-child > tr:last-child td:first-child, -.panel > .table:last-child > tfoot:last-child > tr:last-child td:first-child, -.panel > .table-responsive:last-child > .table:last-child > tfoot:last-child > tr:last-child td:first-child, -.panel > .table:last-child > tbody:last-child > tr:last-child th:first-child, -.panel > .table-responsive:last-child > .table:last-child > tbody:last-child > tr:last-child th:first-child, -.panel > .table:last-child > tfoot:last-child > tr:last-child th:first-child, -.panel > .table-responsive:last-child > .table:last-child > tfoot:last-child > tr:last-child th:first-child { - border-bottom-left-radius: 3px; -} -.panel > .table:last-child > tbody:last-child > tr:last-child td:last-child, -.panel > .table-responsive:last-child > .table:last-child > tbody:last-child > tr:last-child td:last-child, -.panel > .table:last-child > tfoot:last-child > tr:last-child td:last-child, -.panel > .table-responsive:last-child > .table:last-child > tfoot:last-child > tr:last-child td:last-child, -.panel > .table:last-child > tbody:last-child > tr:last-child th:last-child, -.panel > .table-responsive:last-child > .table:last-child > tbody:last-child > tr:last-child th:last-child, -.panel > .table:last-child > tfoot:last-child > tr:last-child th:last-child, -.panel > .table-responsive:last-child > .table:last-child > tfoot:last-child > tr:last-child th:last-child { - border-bottom-right-radius: 3px; -} -.panel > .panel-body + .table, -.panel > .panel-body + .table-responsive, -.panel > .table + .panel-body, -.panel > .table-responsive + .panel-body { - border-top: 1px solid #D3DAE6; -} -.panel > .table > tbody:first-child > tr:first-child th, -.panel > .table > tbody:first-child > tr:first-child td { - border-top: 0; -} -.panel > .table-bordered, -.panel > .table-responsive > .table-bordered { - border: 0; -} -.panel > .table-bordered > thead > tr > th:first-child, -.panel > .table-responsive > .table-bordered > thead > tr > th:first-child, -.panel > .table-bordered > tbody > tr > th:first-child, -.panel > .table-responsive > .table-bordered > tbody > tr > th:first-child, -.panel > .table-bordered > tfoot > tr > th:first-child, -.panel > .table-responsive > .table-bordered > tfoot > tr > th:first-child, -.panel > .table-bordered > thead > tr > td:first-child, -.panel > .table-responsive > .table-bordered > thead > tr > td:first-child, -.panel > .table-bordered > tbody > tr > td:first-child, -.panel > .table-responsive > .table-bordered > tbody > tr > td:first-child, -.panel > .table-bordered > tfoot > tr > td:first-child, -.panel > .table-responsive > .table-bordered > tfoot > tr > td:first-child { - border-left: 0; -} -.panel > .table-bordered > thead > tr > th:last-child, -.panel > .table-responsive > .table-bordered > thead > tr > th:last-child, -.panel > .table-bordered > tbody > tr > th:last-child, -.panel > .table-responsive > .table-bordered > tbody > tr > th:last-child, -.panel > .table-bordered > tfoot > tr > th:last-child, -.panel > .table-responsive > .table-bordered > tfoot > tr > th:last-child, -.panel > .table-bordered > thead > tr > td:last-child, -.panel > .table-responsive > .table-bordered > thead > tr > td:last-child, -.panel > .table-bordered > tbody > tr > td:last-child, -.panel > .table-responsive > .table-bordered > tbody > tr > td:last-child, -.panel > .table-bordered > tfoot > tr > td:last-child, -.panel > .table-responsive > .table-bordered > tfoot > tr > td:last-child { - border-right: 0; -} -.panel > .table-bordered > thead > tr:first-child > td, -.panel > .table-responsive > .table-bordered > thead > tr:first-child > td, -.panel > .table-bordered > tbody > tr:first-child > td, -.panel > .table-responsive > .table-bordered > tbody > tr:first-child > td, -.panel > .table-bordered > thead > tr:first-child > th, -.panel > .table-responsive > .table-bordered > thead > tr:first-child > th, -.panel > .table-bordered > tbody > tr:first-child > th, -.panel > .table-responsive > .table-bordered > tbody > tr:first-child > th { - border-bottom: 0; -} -.panel > .table-bordered > tbody > tr:last-child > td, -.panel > .table-responsive > .table-bordered > tbody > tr:last-child > td, -.panel > .table-bordered > tfoot > tr:last-child > td, -.panel > .table-responsive > .table-bordered > tfoot > tr:last-child > td, -.panel > .table-bordered > tbody > tr:last-child > th, -.panel > .table-responsive > .table-bordered > tbody > tr:last-child > th, -.panel > .table-bordered > tfoot > tr:last-child > th, -.panel > .table-responsive > .table-bordered > tfoot > tr:last-child > th { - border-bottom: 0; -} -.panel > .table-responsive { - border: 0; - margin-bottom: 0; -} -.panel-group { - margin-bottom: 20px; -} -.panel-group .panel { - margin-bottom: 0; - border-radius: 4px; -} -.panel-group .panel + .panel { - margin-top: 5px; -} -.panel-group .panel-heading { - border-bottom: 0; -} -.panel-group .panel-heading + .panel-collapse > .panel-body, -.panel-group .panel-heading + .panel-collapse > .list-group { - border-top: 1px solid #D3DAE6; -} -.panel-group .panel-footer { - border-top: 0; -} -.panel-group .panel-footer + .panel-collapse .panel-body { - border-bottom: 1px solid #D3DAE6; -} -.panel-default { - border-color: #D3DAE6; -} -.panel-default > .panel-heading { - color: #7b7b7b; - background-color: #F5F7FA; - border-color: #D3DAE6; -} -.panel-default > .panel-heading + .panel-collapse > .panel-body { - border-top-color: #D3DAE6; -} -.panel-default > .panel-heading .badge { - color: #F5F7FA; - background-color: #7b7b7b; -} -.panel-default > .panel-footer + .panel-collapse > .panel-body { - border-bottom-color: #D3DAE6; -} -.panel-primary { - border-color: #343741; -} -.panel-primary > .panel-heading { - color: #FFF; - background-color: #343741; - border-color: #343741; -} -.panel-primary > .panel-heading + .panel-collapse > .panel-body { - border-top-color: #343741; -} -.panel-primary > .panel-heading .badge { - color: #343741; - background-color: #FFF; -} -.panel-primary > .panel-footer + .panel-collapse > .panel-body { - border-bottom-color: #343741; -} -.panel-success { - border-color: #014a44; -} -.panel-success > .panel-heading { - color: #FFF; - background-color: #017D73; - border-color: #014a44; -} -.panel-success > .panel-heading + .panel-collapse > .panel-body { - border-top-color: #014a44; -} -.panel-success > .panel-heading .badge { - color: #017D73; - background-color: #FFF; -} -.panel-success > .panel-footer + .panel-collapse > .panel-body { - border-bottom-color: #014a44; -} -.panel-info { - border-color: #004d81; -} -.panel-info > .panel-heading { - color: #FFF; - background-color: #006BB4; - border-color: #004d81; -} -.panel-info > .panel-heading + .panel-collapse > .panel-body { - border-top-color: #004d81; -} -.panel-info > .panel-heading .badge { - color: #006BB4; - background-color: #FFF; -} -.panel-info > .panel-footer + .panel-collapse > .panel-body { - border-bottom-color: #004d81; -} -.panel-warning { - border-color: #c28400; -} -.panel-warning > .panel-heading { - color: #FFF; - background-color: #F5A700; - border-color: #c28400; -} -.panel-warning > .panel-heading + .panel-collapse > .panel-body { - border-top-color: #c28400; -} -.panel-warning > .panel-heading .badge { - color: #F5A700; - background-color: #FFF; -} -.panel-warning > .panel-footer + .panel-collapse > .panel-body { - border-bottom-color: #c28400; -} -.panel-danger { - border-color: #911e17; -} -.panel-danger > .panel-heading { - color: #FFF; - background-color: #BD271E; - border-color: #911e17; -} -.panel-danger > .panel-heading + .panel-collapse > .panel-body { - border-top-color: #911e17; -} -.panel-danger > .panel-heading .badge { - color: #BD271E; - background-color: #FFF; -} -.panel-danger > .panel-footer + .panel-collapse > .panel-body { - border-bottom-color: #911e17; -} -.popover { - position: absolute; - top: 0; - left: 0; - z-index: 1010; - display: none; - max-width: 276px; - padding: 1px; - font-family: 'Open Sans', Helvetica, Arial, sans-serif; - font-style: normal; - font-weight: normal; - letter-spacing: normal; - line-break: auto; - line-height: 1.42857143; - text-align: left; - text-align: start; - text-decoration: none; - text-shadow: none; - text-transform: none; - white-space: normal; - word-break: normal; - word-spacing: normal; - word-wrap: normal; - font-size: 14px; - background-color: #FFF; - background-clip: padding-box; - border: 1px solid #D3DAE6; - border-radius: 4px; - box-shadow: 0 4px 8px 0 rgba(0, 0, 0, 0.1); -} -.popover.top { - margin-top: -10px; -} -.popover.right { - margin-left: 10px; -} -.popover.bottom { - margin-top: 10px; -} -.popover.left { - margin-left: -10px; -} -.popover-title { - margin: 0; - padding: 8px 14px; - font-size: 14px; - background-color: #f7f7f7; - border-bottom: 1px solid #ebebeb; - border-radius: 3px 3px 0 0; -} -.popover-content { - padding: 9px 14px; -} -.popover > .arrow, -.popover > .arrow:after { - position: absolute; - display: block; - width: 0; - height: 0; - border-color: transparent; - border-style: solid; -} -.popover > .arrow { - border-width: 11px; -} -.popover > .arrow:after { - border-width: 10px; - content: ""; -} -.popover.top > .arrow { - left: 50%; - margin-left: -11px; - border-bottom-width: 0; - border-top-color: #92a3c1; - border-top-color: #d3dae6; - bottom: -11px; -} -.popover.top > .arrow:after { - content: " "; - bottom: 1px; - margin-left: -10px; - border-bottom-width: 0; - border-top-color: #FFF; -} -.popover.right > .arrow { - top: 50%; - left: -11px; - margin-top: -11px; - border-left-width: 0; - border-right-color: #92a3c1; - border-right-color: #d3dae6; -} -.popover.right > .arrow:after { - content: " "; - left: 1px; - bottom: -10px; - border-left-width: 0; - border-right-color: #FFF; -} -.popover.bottom > .arrow { - left: 50%; - margin-left: -11px; - border-top-width: 0; - border-bottom-color: #92a3c1; - border-bottom-color: #d3dae6; - top: -11px; -} -.popover.bottom > .arrow:after { - content: " "; - top: 1px; - margin-left: -10px; - border-top-width: 0; - border-bottom-color: #FFF; -} -.popover.left > .arrow { - top: 50%; - right: -11px; - margin-top: -11px; - border-right-width: 0; - border-left-color: #92a3c1; - border-left-color: #d3dae6; -} -.popover.left > .arrow:after { - content: " "; - right: 1px; - border-right-width: 0; - border-left-color: #FFF; - bottom: -10px; -} -.clearfix:before, -.clearfix:after, -.container:before, -.container:after, -.container-fluid:before, -.container-fluid:after, -.row:before, -.row:after, -.form-horizontal .form-group:before, -.form-horizontal .form-group:after, -.dl-horizontal dd:before, -.dl-horizontal dd:after, -.navbar:before, -.navbar:after, -.navbar-header:before, -.navbar-header:after, -.navbar-collapse:before, -.navbar-collapse:after, -.modal-header:before, -.modal-header:after, -.modal-footer:before, -.modal-footer:after, -.nav:before, -.nav:after, -.pager:before, -.pager:after, -.panel-body:before, -.panel-body:after { - content: " "; - display: table; -} -.clearfix:after, -.container:after, -.container-fluid:after, -.row:after, -.form-horizontal .form-group:after, -.dl-horizontal dd:after, -.navbar:after, -.navbar-header:after, -.navbar-collapse:after, -.modal-header:after, -.modal-footer:after, -.nav:after, -.pager:after, -.panel-body:after { - clear: both; -} -.center-block { - display: block; - margin-left: auto; - margin-right: auto; -} -.pull-right { - float: right !important; -} -.pull-left { - float: left !important; -} -.hide { - display: none !important; -} -.show { - display: block !important; -} -.invisible { - visibility: hidden; -} -.text-hide { - font: 0/0 a; - color: transparent; - text-shadow: none; - background-color: transparent; - border: 0; -} -.hidden { - display: none !important; -} -.affix { - position: fixed; -} -.navbar > .container-fluid > .navbar-nav:not(.pull-right):first-child, -.navbar > .container-fluid > .navbar-form:not(.pull-right):first-child { - margin-left: -15px; - margin-top: 4px; -} -.navbar { - border-width: 0; -} -.navbar-btn-link { - margin: 0; - border-radius: 0; -} -@media (max-width: 768px) { - .navbar-btn-link { - width: 100%; - text-align: left; - } -} -.navbar-default .badge { - background-color: #FFF; - color: #F5F7FA; -} -.navbar-inverse .kbnGlobalNav__logoBrand { - height: 45px; - width: 252px; - background-color: #4b4f5d; -} -.navbar-inverse .kbnGlobalNav__smallLogoBrand { - height: 45px; - width: 45px; - background-color: #4b4f5d; -} -.navbar-inverse .badge { - background-color: #FFF; - color: #4b4f5d; -} -.navbar-brand { - cursor: default; - font-size: 1.8em; - -webkit-user-select: none; - -moz-user-select: none; - -ms-user-select: none; - user-select: none; -} -.navbar-nav { - font-size: 12px; -} -.navbar-nav > .active > a { - border-bottom-color: #7b7b7b; - background-color: transparent; -} -.navbar-toggle { - margin-top: 4px; -} -.text-primary, -.text-primary:hover { - color: #343741; -} -.text-success, -.text-success:hover { - color: #017D73; -} -.text-danger, -.text-danger:hover { - color: #BD271E; -} -.text-warning, -.text-warning:hover { - color: #F5A700; -} -.text-info, -.text-info:hover { - color: #006BB4; -} -table .success, -.table .success, -table .warning, -.table .warning, -table .danger, -.table .danger, -table .info, -.table .info { - color: #FFF; -} -table .success a, -.table .success a, -table .warning a, -.table .warning a, -table .danger a, -.table .danger a, -table .info a, -.table .info a { - color: #FFF; -} -.table-bordered > thead > tr > th, -.table-bordered > tbody > tr > th, -.table-bordered > tfoot > tr > th, -.table-bordered > thead > tr > td, -.table-bordered > tbody > tr > td, -.table-bordered > tfoot > tr > td { - border: 1px solid #D3DAE6; -} -.form-control, -input { - border-width: 1px; - box-shadow: none; -} -.form-control:focus, -input:focus { - box-shadow: none; -} -.has-warning .help-block, -.has-warning .control-label, -.has-warning .radio, -.has-warning .checkbox, -.has-warning .radio-inline, -.has-warning .checkbox-inline, -.has-warning .form-control-feedback { - color: #F5A700; -} -.has-warning .form-control, -.has-warning .form-control:focus { - border: 1px solid; - border-color: #F5A700; -} -.has-warning .input-group-addon { - border-color: #F5A700; -} -.has-error .help-block, -.has-error .control-label, -.has-error .radio, -.has-error .checkbox, -.has-error .radio-inline, -.has-error .checkbox-inline, -.has-error .form-control-feedback { - color: #BD271E; -} -.has-error .form-control, -.has-error .form-control:focus { - border: 1px solid; - border-color: #BD271E; -} -.has-error .input-group-addon { - border-color: #BD271E; -} -.has-success .help-block, -.has-success .control-label, -.has-success .radio, -.has-success .checkbox, -.has-success .radio-inline, -.has-success .checkbox-inline, -.has-success .form-control-feedback { - color: #017D73; -} -.has-success .form-control, -.has-success .form-control:focus { - border: solid #017D73; -} -.has-success .input-group-addon { - border-color: #017D73; -} -.nav .open > a, -.nav .open > a:hover, -.nav .open > a:focus { - border-color: transparent; -} -.pager a, -.pager a:hover { - color: #FFF; -} -.pager .disabled > a, -.pager .disabled > a:hover, -.pager .disabled > a:focus, -.pager .disabled > span { - background-color: rgba(38, 38, 38, 0); -} -.panel { - border-radius: 0; - box-shadow: 0 0 0 rgba(0, 0, 0, 0); -} -.progress { - box-shadow: none; -} -.progress .progress-bar { - font-size: 10px; - line-height: 10px; -} -.well { - box-shadow: none; -} - -/*------------- WAZUH -------------*/ -.wz-login { - background: url(./wazuh_wazuh_bg.svg) !important; - width: 100% !important; - height: 100% !important; - background-size: cover !important; -} - -.login-wrapper { - text-align: center; - width: 430px!important; - top: 55px; - border-radius: 1px; - padding: 1em; -} - -#kibana-body > div > div.app-wrapper.hidden-chrome > div > div.application > div > ul > div.euiText.euiText--medium > div { - text-align: center; - padding-bottom: 10px; - color: #ffffff !important; - font-size: 35px !important; - font-weight: 300; -} - -#kibana-body > div > div.app-wrapper.hidden-chrome > div > div.application > div > ul > div.euiText.euiText--small > div { - text-align: center; - padding-bottom: 15px; - color: #ffffff !important; - font-size: 16px !important; -} - -#kibana-body > div > div.app-wrapper.hidden-chrome > div > div.application > div > ul > form { - padding: 16px; - box-shadow: 0 2px 2px -1px rgba(152, 162, 179, 0.3), 0 1px 5px -2px rgba(152, 162, 179, 0.3); - background-color: #FFF; - border: 1px solid #D3DAE6; - border-radius: 4px; - -webkit-box-flex: 1; - -ms-flex-positive: 1; - flex-grow: 1; - margin-top: 32px; -} - -.loginWelcome__logo { - display: inline-block; - width: 80px; - height: 80px; - line-height: 80px; - text-align: center; - background-color: #FFF; - border-radius: 100%; - padding: 16px; - box-shadow: 0 6px 12px -1px rgba(152, 162, 179, 0.2), 0 4px 4px -1px rgba(152, 162, 179, 0.2), 0 2px 2px 0 rgba(152, 162, 179, 0.2); - margin-bottom: 32px; -} - -div.euiFormRow > div.euiFormRow__fieldWrapper > button { - background-color: #00a9e5!important; - border-color: #00a9e5!important; - color: #fff; -} - -.loginWelcome__logo { - background: url(./wazuh_logo_circle.svg) center center no-repeat !important; -} diff --git a/kibana-odfe/config/custom_welcome/template.js.hbs b/kibana-odfe/config/custom_welcome/template.js.hbs deleted file mode 100644 index b3ee1d61..00000000 --- a/kibana-odfe/config/custom_welcome/template.js.hbs +++ /dev/null @@ -1,112 +0,0 @@ -var kbnCsp = JSON.parse(document.querySelector('kbn-csp').getAttribute('data')); -window.__kbnStrictCsp__ = kbnCsp.strictCsp; -window.__kbnThemeTag__ = "{{themeTag}}"; -window.__kbnPublicPath__ = {{publicPathMap}}; -window.__kbnBundles__ = {{kbnBundlesLoaderSource}} - -if (window.__kbnStrictCsp__ && window.__kbnCspNotEnforced__) { - var legacyBrowserError = document.getElementById('kbn_legacy_browser_error'); - legacyBrowserError.style.display = 'flex'; -} else { - if (!window.__kbnCspNotEnforced__ && window.console) { - window.console.log("^ A single error about an inline script not firing due to content security policy is expected!"); - } - var loadingMessage = document.getElementById('kbn_loading_message'); - loadingMessage.style.display = 'flex'; - - window.onload = function () { - //WAZUH - var interval = setInterval(() => { - var title = document.querySelector("#kibana-body > div > div.app-wrapper.hidden-chrome > div > div.application > div > ul > div.euiText.euiText--medium > div") - if (!!title) { - clearInterval(interval); - var content = document.querySelector("#kibana-body > div"); - content.classList.add("wz-login") - title.textContent = "Welcome to Wazuh"; - var subtitle = document.querySelector("#kibana-body > div > div.app-wrapper.hidden-chrome > div > div.application > div > ul > div.euiText.euiText--small > div") - subtitle.textContent = "The Open Source Security Platform"; - var logo = document.querySelector("#kibana-body > div > div.app-wrapper.hidden-chrome > div > div.application > div > ul > figure"); - logo.remove(); - var logoContainer = document.querySelector("#kibana-body > div > div.app-wrapper.hidden-chrome > div > div.application > div > ul"); - $(logoContainer).prepend(''); - } - }) - // - - function failure() { - // make subsequent calls to failure() noop - failure = function () {}; - - var err = document.createElement('h1'); - err.style['color'] = 'white'; - err.style['font-family'] = 'monospace'; - err.style['text-align'] = 'center'; - err.style['background'] = '#F44336'; - err.style['padding'] = '25px'; - err.innerText = document.querySelector('[data-error-message]').dataset.errorMessage; - - document.body.innerHTML = err.outerHTML; - } - - var stylesheetTarget = document.querySelector('head meta[name="add-styles-here"]') - function loadStyleSheet(url, cb) { - var dom = document.createElement('link'); - dom.rel = 'stylesheet'; - dom.type = 'text/css'; - dom.href = url; - dom.addEventListener('error', failure); - dom.addEventListener('load', cb); - document.head.insertBefore(dom, stylesheetTarget); - } - - var scriptsTarget = document.querySelector('head meta[name="add-scripts-here"]') - function loadScript(url, cb) { - var dom = document.createElement('script'); - {{!-- NOTE: async = false is used to trigger async-download/ordered-execution as outlined here: https://www.html5rocks.com/en/tutorials/speed/script-loading/ --}} - dom.async = false; - dom.src = url; - dom.addEventListener('error', failure); - dom.addEventListener('load', cb); - document.head.insertBefore(dom, scriptsTarget); - } - - function load(urls, cb) { - var pending = urls.length; - urls.forEach(function (url) { - var innerCb = function () { - pending = pending - 1; - if (pending === 0 && typeof cb === 'function') { - cb(); - } - } - - if (typeof url !== 'string') { - load(url, innerCb); - } else if (url.slice(-4) === '.css') { - loadStyleSheet(url, innerCb); - } else { - loadScript(url, innerCb); - } - }); - } - - load([ - {{#each jsDependencyPaths}} - '{{this}}', - {{/each}} - ], function () { - {{#unless legacyBundlePath}} - __kbnBundles__.get('entry/core/public').__kbnBootstrap__(); - {{/unless}} - - load([ - {{#if legacyBundlePath}} - '{{legacyBundlePath}}', - {{/if}} - {{#each styleSheetPaths}} - '{{this}}', - {{/each}} - ]); - }); - } -} diff --git a/kibana-odfe/config/custom_welcome/wazuh_logo_circle.svg b/kibana-odfe/config/custom_welcome/wazuh_logo_circle.svg deleted file mode 100644 index 45a61d74..00000000 --- a/kibana-odfe/config/custom_welcome/wazuh_logo_circle.svg +++ /dev/null @@ -1 +0,0 @@ -wazuh_logo_circle \ No newline at end of file diff --git a/kibana-odfe/config/custom_welcome/wazuh_wazuh_bg.svg b/kibana-odfe/config/custom_welcome/wazuh_wazuh_bg.svg deleted file mode 100644 index 0c49c5c6..00000000 --- a/kibana-odfe/config/custom_welcome/wazuh_wazuh_bg.svg +++ /dev/null @@ -1 +0,0 @@ -wazuh_wazuh_bg \ No newline at end of file diff --git a/kibana-odfe/config/entrypoint.sh b/kibana-odfe/config/entrypoint.sh deleted file mode 100644 index f96672fb..00000000 --- a/kibana-odfe/config/entrypoint.sh +++ /dev/null @@ -1,65 +0,0 @@ -#!/bin/bash -# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) - -set -e - -############################################################################## -# Waiting for elasticsearch -############################################################################## - -if [ "x${ELASTICSEARCH_URL}" == "x" ]; then - if [[ ${ENABLED_SECURITY} == "false" ]]; then - export el_url="http://elasticsearch:9200" - else - export el_url="https://elasticsearch:9200" - fi -else - export el_url="${ELASTICSEARCH_URL}" -fi - -if [[ ${ENABLED_SECURITY} == "false" || "x${ELASTICSEARCH_USERNAME}" == "x" || "x${ELASTICSEARCH_PASSWORD}" == "x" ]]; then - auth="" - # remove security plugin from kibana if elasticsearch is not using it either - /usr/share/kibana/bin/kibana-plugin remove opendistro_security -else - export auth="--user ${ELASTICSEARCH_USERNAME}:${ELASTICSEARCH_PASSWORD} -k" -fi - -until curl -XGET $el_url ${auth}; do - >&2 echo "Elastic is unavailable - sleeping" - sleep 5 -done - -sleep 2 - ->&2 echo "Elasticsearch is up." - - -############################################################################## -# Waiting for wazuh alerts template -############################################################################## - -strlen=0 - -while [[ $strlen -eq 0 ]] -do - template=$(curl ${auth} $el_url/_cat/templates/wazuh -s) - strlen=${#template} - >&2 echo "Wazuh alerts template not loaded - sleeping." - sleep 2 -done - -sleep 2 - ->&2 echo "Wazuh alerts template is loaded." - - -./wazuh_app_config.sh - -sleep 5 - -./kibana_settings.sh & - -sleep 2 - -/usr/local/bin/kibana-docker diff --git a/kibana-odfe/config/kibana_settings.sh b/kibana-odfe/config/kibana_settings.sh deleted file mode 100644 index 7b182678..00000000 --- a/kibana-odfe/config/kibana_settings.sh +++ /dev/null @@ -1,58 +0,0 @@ -#!/bin/bash -# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) - -WAZUH_MAJOR=4 - -############################################################################## -# Wait for the Kibana API to start. It is necessary to do it in this container -# because the others are running Elastic Stack and we can not interrupt them. -# -# The following actions are performed: -# -# Add the wazuh alerts index as default. -# Set the Discover time interval to 24 hours instead of 15 minutes. -# Do not ask user to help providing usage statistics to Elastic. -############################################################################## - -############################################################################## -# Customize elasticsearch ip -############################################################################## -sed -i "s|elasticsearch.hosts:.*|elasticsearch.hosts: $el_url|g" /usr/share/kibana/config/kibana.yml - -# If KIBANA_INDEX was set, then change the default index in kibana.yml configuration file. If there was an index, then delete it and recreate. -if [ "$KIBANA_INDEX" != "" ]; then - if grep -q 'kibana.index' /usr/share/kibana/config/kibana.yml; then - sed -i '/kibana.index/d' /usr/share/kibana/config/kibana.yml - fi - echo "kibana.index: $KIBANA_INDEX" >> /usr/share/kibana/config/kibana.yml -fi - -while [[ "$(curl -XGET -I -s -o /dev/null -w '%{http_code}' -k https://127.0.0.1:5601/app/login)" != "200" ]]; do - echo "Waiting for Kibana API. Sleeping 5 seconds" - sleep 5 -done - -# Prepare index selection. -echo "Kibana API is running" - -default_index="/tmp/default_index.json" - -cat > ${default_index} << EOF -{ - "changes": { - "defaultIndex": "wazuh-alerts-${WAZUH_MAJOR}.x-*" - } -} -EOF - -sleep 5 -# Add the wazuh alerts index as default. -curl ${auth} -POST -k https://127.0.0.1:5601/api/kibana/settings -H "Content-Type: application/json" -H "kbn-xsrf: true" -d@${default_index} -rm -f ${default_index} - -sleep 5 -# Configuring Kibana TimePicker. -curl ${auth} -POST -k "https://127.0.0.1:5601/api/kibana/settings" -H "Content-Type: application/json" -H "kbn-xsrf: true" -d \ -'{"changes":{"timepicker:timeDefaults":"{\n \"from\": \"now-12h\",\n \"to\": \"now\"}"}}' - -echo "End settings" diff --git a/kibana-odfe/config/wazuh.yml b/kibana-odfe/config/wazuh.yml deleted file mode 100644 index 3b074c61..00000000 --- a/kibana-odfe/config/wazuh.yml +++ /dev/null @@ -1,162 +0,0 @@ ---- -# -# Wazuh app - App configuration file -# Copyright (C) 2015-2021 Wazuh, Inc. -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# Find more information about this on the LICENSE file. -# -# ======================== Wazuh app configuration file ======================== -# -# Please check the documentation for more information on configuration options: -# https://documentation.wazuh.com/current/installation-guide/index.html -# -# Also, you can check our repository: -# https://github.com/wazuh/wazuh-kibana-app -# -# ------------------------------- Index patterns ------------------------------- -# -# Default index pattern to use. -#pattern: wazuh-alerts-* -# -# ----------------------------------- Checks ----------------------------------- -# -# Defines which checks must to be consider by the healthcheck -# step once the Wazuh app starts. Values must to be true or false. -#checks.pattern : true -#checks.template: true -#checks.api : true -#checks.setup : true -#checks.metaFields: true -# -# --------------------------------- Extensions --------------------------------- -# -# Defines which extensions should be activated when you add a new API entry. -# You can change them after Wazuh app starts. -# Values must to be true or false. -#extensions.pci : true -#extensions.gdpr : true -#extensions.hipaa : true -#extensions.nist : true -#extensions.tsc : true -#extensions.audit : true -#extensions.oscap : false -#extensions.ciscat : false -#extensions.aws : false -#extensions.gcp : false -#extensions.virustotal: false -#extensions.osquery : false -#extensions.docker : false -# -# ---------------------------------- Time out ---------------------------------- -# -# Defines maximum timeout to be used on the Wazuh app requests. -# It will be ignored if it is bellow 1500. -# It means milliseconds before we consider a request as failed. -# Default: 20000 -#timeout: 20000 -# -# -------------------------------- API selector -------------------------------- -# -# Defines if the user is allowed to change the selected -# API directly from the Wazuh app top menu. -# Default: true -#api.selector: true -# -# --------------------------- Index pattern selector --------------------------- -# -# Defines if the user is allowed to change the selected -# index pattern directly from the Wazuh app top menu. -# Default: true -#ip.selector: true -# -# List of index patterns to be ignored -#ip.ignore: [] -# -# -------------------------------- X-Pack RBAC --------------------------------- -# -# Custom setting to enable/disable built-in X-Pack RBAC security capabilities. -# Default: enabled -#xpack.rbac.enabled: true -# -# ------------------------------ wazuh-monitoring ------------------------------ -# -# Custom setting to enable/disable wazuh-monitoring indices. -# Values: true, false, worker -# If worker is given as value, the app will show the Agents status -# visualization but won't insert data on wazuh-monitoring indices. -# Default: true -#wazuh.monitoring.enabled: true -# -# Custom setting to set the frequency for wazuh-monitoring indices cron task. -# Default: 900 (s) -#wazuh.monitoring.frequency: 900 -# -# Configure wazuh-monitoring-* indices shards and replicas. -#wazuh.monitoring.shards: 2 -#wazuh.monitoring.replicas: 0 -# -# Configure wazuh-monitoring-* indices custom creation interval. -# Values: h (hourly), d (daily), w (weekly), m (monthly) -# Default: d -#wazuh.monitoring.creation: d -# -# Default index pattern to use for Wazuh monitoring -#wazuh.monitoring.pattern: wazuh-monitoring-* -# -# --------------------------------- wazuh-cron ---------------------------------- -# -# Customize the index prefix of predefined jobs -# This change is not retroactive, if you change it new indexes will be created -# cron.prefix: test -# -# ------------------------------ wazuh-statistics ------------------------------- -# -# Custom setting to enable/disable statistics tasks. -#cron.statistics.status: true -# -# Enter the ID of the APIs you want to save data from, leave this empty to run -# the task on all configured APIs -#cron.statistics.apis: [] -# -# Define the frequency of task execution using cron schedule expressions -#cron.statistics.interval: 0 0 * * * * -# -# Define the name of the index in which the documents are to be saved. -#cron.statistics.index.name: statistics -# -# Define the interval in which the index will be created -#cron.statistics.index.creation: w -# -# ------------------------------- App privileges -------------------------------- -#admin: true -# -# ---------------------------- Hide manager alerts ------------------------------ -# Hide the alerts of the manager in all dashboards and discover -#hideManagerAlerts: false -# -# ------------------------------- App logging level ----------------------------- -# Set the logging level for the Wazuh App log files. -# Default value: info -# Allowed values: info, debug -#logs.level: info -# -# -------------------------------- Enrollment DNS ------------------------------- -# Set the variable WAZUH_REGISTRATION_SERVER in agents deployment. -# Default value: '' -#enrollment.dns: '' -# -#-------------------------------- API entries ----------------------------------- -#The following configuration is the default structure to define an API entry. -# -#hosts: -# - : -# url: http(s):// -# port: -# username: -# password: - diff --git a/kibana-odfe/config/wazuh_app_config.sh b/kibana-odfe/config/wazuh_app_config.sh deleted file mode 100644 index 9f8d3932..00000000 --- a/kibana-odfe/config/wazuh_app_config.sh +++ /dev/null @@ -1,62 +0,0 @@ -#!/bin/bash -# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) - -wazuh_url="${WAZUH_API_URL:-https://wazuh}" -wazuh_port="${API_PORT:-55000}" -api_username="${API_USERNAME:-wazuh-wui}" -api_password="${API_PASSWORD:-wazuh-wui}" - -kibana_config_file="/usr/share/kibana/data/wazuh/config/wazuh.yml" - -declare -A CONFIG_MAP=( - [pattern]=$PATTERN - [checks.pattern]=$CHECKS_PATTERN - [checks.template]=$CHECKS_TEMPLATE - [checks.api]=$CHECKS_API - [checks.setup]=$CHECKS_SETUP - [extensions.pci]=$EXTENSIONS_PCI - [extensions.gdpr]=$EXTENSIONS_GDPR - [extensions.hipaa]=$EXTENSIONS_HIPAA - [extensions.nist]=$EXTENSIONS_NIST - [extensions.tsc]=$EXTENSIONS_TSC - [extensions.audit]=$EXTENSIONS_AUDIT - [extensions.oscap]=$EXTENSIONS_OSCAP - [extensions.ciscat]=$EXTENSIONS_CISCAT - [extensions.aws]=$EXTENSIONS_AWS - [extensions.gcp]=$EXTENSIONS_GCP - [extensions.virustotal]=$EXTENSIONS_VIRUSTOTAL - [extensions.osquery]=$EXTENSIONS_OSQUERY - [extensions.docker]=$EXTENSIONS_DOCKER - [timeout]=$APP_TIMEOUT - [api.selector]=$API_SELECTOR - [ip.selector]=$IP_SELECTOR - [ip.ignore]=$IP_IGNORE - [wazuh.monitoring.enabled]=$WAZUH_MONITORING_ENABLED - [wazuh.monitoring.creation]=$WAZUH_MONITORING_CREATION - [wazuh.monitoring.frequency]=$WAZUH_MONITORING_FREQUENCY - [wazuh.monitoring.shards]=$WAZUH_MONITORING_SHARDS - [wazuh.monitoring.replicas]=$WAZUH_MONITORING_REPLICAS - [admin]=$ADMIN_PRIVILEGES -) - -for i in "${!CONFIG_MAP[@]}" -do - if [ "${CONFIG_MAP[$i]}" != "" ]; then - sed -i 's/.*#'"$i"'.*/'"$i"': '"${CONFIG_MAP[$i]}"'/' $kibana_config_file - fi -done - -CONFIG_CODE=$(curl ${auth} -s -o /dev/null -w "%{http_code}" -XGET $el_url/.wazuh/_doc/1513629884013) - -if [[ "x$CONFIG_CODE" != "x200" ]] && ! grep -q 1513629884013 $kibana_config_file ; then -cat << EOF >> $kibana_config_file -hosts: - - 1513629884013: - url: $wazuh_url - port: $wazuh_port - username: $api_username - password: $api_password -EOF -else - echo "Wazuh APP already configured" -fi diff --git a/kibana-odfe/config/welcome_wazuh.sh b/kibana-odfe/config/welcome_wazuh.sh deleted file mode 100644 index c3846762..00000000 --- a/kibana-odfe/config/welcome_wazuh.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash -# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) - -if [[ $CHANGE_WELCOME == "true" ]] -then - echo "Set Wazuh app as the default landing page" - echo "server.defaultRoute: /app/wazuh?security_tenant=global" >> /usr/share/kibana/config/kibana.yml - - echo "Set custom welcome styles" - cp -f /tmp/custom_welcome/template.js.hbs /usr/share/kibana/src/legacy/ui/ui_render/bootstrap/template.js.hbs - cp -f /tmp/custom_welcome/light_theme.style.css /usr/share/kibana/src/core/server/core_app/assets/legacy_light_theme.css - cp -f /tmp/custom_welcome/*svg /usr/share/kibana/src/core/server/core_app/assets/ -fi - diff --git a/kibana/Dockerfile b/kibana/Dockerfile index d98443ae..76f39d0d 100644 --- a/kibana/Dockerfile +++ b/kibana/Dockerfile @@ -6,7 +6,7 @@ ARG WAZUH_VERSION=4.3.0 ARG WAZUH_APP_VERSION="${WAZUH_VERSION}_${ELASTIC_VERSION}" WORKDIR /usr/share/kibana -RUN ./bin/kibana-plugin install https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana-${WAZUH_APP_VERSION}-1.zip +RUN ./bin/kibana-plugin install https://packages-dev.wazuh.com/pre-release/ui/kibana/wazuh_kibana-${WAZUH_APP_VERSION}-1.zip ENV PATTERN="" \ CHECKS_PATTERN="" \ diff --git a/production-cluster.yml b/production-cluster.yml index 6161fbdd..39194d10 100644 --- a/production-cluster.yml +++ b/production-cluster.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.master: - image: wazuh/wazuh-odfe:4.3.0 + image: wazuh/wazuh-manager:4.3.0 hostname: wazuh.master restart: always ports: @@ -38,7 +38,7 @@ services: - ./production_cluster/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: - image: wazuh/wazuh-odfe:4.3.0 + image: wazuh/wazuh-manager:4.3.0 hostname: wazuh.worker restart: always environment: @@ -175,8 +175,8 @@ services: - wazuh.worker:wazuh.worker - wazuh.dashboard:wazuh.dashboard volumes: - - ./production_cluster/nginx_wazuh/nginx.conf:/etc/nginx/nginx.conf:ro - - ./production_cluster/nginx_wazuh/ssl:/etc/nginx/ssl:ro + - ./production_cluster/nginx/nginx.conf:/etc/nginx/nginx.conf:ro + - ./production_cluster/nginx/ssl:/etc/nginx/ssl:ro volumes: ossec-api-configuration: diff --git a/production-cluster_odfe.yml b/production-cluster_odfe.yml deleted file mode 100644 index 21e44f99..00000000 --- a/production-cluster_odfe.yml +++ /dev/null @@ -1,206 +0,0 @@ -# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2) -version: '3.7' - -services: - wazuh-master: - image: wazuh/wazuh-odfe:4.3.0 - hostname: wazuh-master - restart: always - ports: - - "1515:1515" - - "514:514/udp" - - "55000:55000" - environment: - - ELASTICSEARCH_URL=https://elasticsearch:9200 - - ELASTIC_USERNAME=admin - - ELASTIC_PASSWORD=SecretPassword - - FILEBEAT_SSL_VERIFICATION_MODE=full - - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem - - SSL_CERTIFICATE=/etc/ssl/filebeat.pem - - SSL_KEY=/etc/ssl/filebeat.key - - API_USERNAME=acme-user - - API_PASSWORD=MyS3cr37P450r.*- - volumes: - - ossec-api-configuration:/var/ossec/api/configuration - - ossec-etc:/var/ossec/etc - - ossec-logs:/var/ossec/logs - - ossec-queue:/var/ossec/queue - - ossec-var-multigroups:/var/ossec/var/multigroups - - ossec-integrations:/var/ossec/integrations - - ossec-active-response:/var/ossec/active-response/bin - - ossec-agentless:/var/ossec/agentless - - ossec-wodles:/var/ossec/wodles - - filebeat-etc:/etc/filebeat - - filebeat-var:/var/lib/filebeat - - ./production_cluster/ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem - - ./production_cluster/ssl_certs/filebeat.pem:/etc/ssl/filebeat.pem - - ./production_cluster/ssl_certs/filebeat.key:/etc/ssl/filebeat.key - - ./production_cluster/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf - - wazuh-worker: - image: wazuh/wazuh-odfe:4.3.0 - hostname: wazuh-worker - restart: always - environment: - - ELASTICSEARCH_URL=https://elasticsearch:9200 - - ELASTIC_USERNAME=admin - - ELASTIC_PASSWORD=SecretPassword - - FILEBEAT_SSL_VERIFICATION_MODE=full - - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem - - SSL_CERTIFICATE=/etc/ssl/filebeat.pem - - SSL_KEY=/etc/ssl/filebeat.key - volumes: - - worker-ossec-api-configuration:/var/ossec/api/configuration - - worker-ossec-etc:/var/ossec/etc - - worker-ossec-logs:/var/ossec/logs - - worker-ossec-queue:/var/ossec/queue - - worker-ossec-var-multigroups:/var/ossec/var/multigroups - - worker-ossec-integrations:/var/ossec/integrations - - worker-ossec-active-response:/var/ossec/active-response/bin - - worker-ossec-agentless:/var/ossec/agentless - - worker-ossec-wodles:/var/ossec/wodles - - worker-filebeat-etc:/etc/filebeat - - worker-filebeat-var:/var/lib/filebeat - - ./production_cluster/ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem - - ./production_cluster/ssl_certs/filebeat.pem:/etc/ssl/filebeat.pem - - ./production_cluster/ssl_certs/filebeat.key:/etc/ssl/filebeat.key - - ./production_cluster/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf - - elasticsearch: - image: amazon/opendistro-for-elasticsearch:1.13.2 - hostname: elasticsearch - restart: always - ports: - - "9200:9200" - environment: - - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Dlog4j2.formatMsgNoLookups=true" - ulimits: - memlock: - soft: -1 - hard: -1 - nofile: - soft: 65536 - hard: 65536 - volumes: - - elastic-data-1:/usr/share/elasticsearch/data - - ./production_cluster/ssl_certs/root-ca.pem:/usr/share/elasticsearch/config/root-ca.pem - - ./production_cluster/ssl_certs/node1.key:/usr/share/elasticsearch/config/node1.key - - ./production_cluster/ssl_certs/node1.pem:/usr/share/elasticsearch/config/node1.pem - - ./production_cluster/ssl_certs/admin.pem:/usr/share/elasticsearch/config/admin.pem - - ./production_cluster/ssl_certs/admin.key:/usr/share/elasticsearch/config/admin.key - - ./production_cluster/elastic_opendistro/elasticsearch-node1.yml:/usr/share/elasticsearch/config/elasticsearch.yml - - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml - - elasticsearch-2: - image: amazon/opendistro-for-elasticsearch:1.13.2 - hostname: elasticsearch-2 - restart: always - environment: - - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Dlog4j2.formatMsgNoLookups=true" - ulimits: - memlock: - soft: -1 - hard: -1 - nofile: - soft: 65536 - hard: 65536 - volumes: - - elastic-data-2:/usr/share/elasticsearch/data - - ./production_cluster/ssl_certs/root-ca.pem:/usr/share/elasticsearch/config/root-ca.pem - - ./production_cluster/ssl_certs/node2.key:/usr/share/elasticsearch/config/node2.key - - ./production_cluster/ssl_certs/node2.pem:/usr/share/elasticsearch/config/node2.pem - - ./production_cluster/elastic_opendistro/elasticsearch-node2.yml:/usr/share/elasticsearch/config/elasticsearch.yml - - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml - - elasticsearch-3: - image: amazon/opendistro-for-elasticsearch:1.13.2 - hostname: elasticsearch-3 - restart: always - environment: - - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Dlog4j2.formatMsgNoLookups=true" - ulimits: - memlock: - soft: -1 - hard: -1 - nofile: - soft: 65536 - hard: 65536 - volumes: - - elastic-data-3:/usr/share/elasticsearch/data - - ./production_cluster/ssl_certs/root-ca.pem:/usr/share/elasticsearch/config/root-ca.pem - - ./production_cluster/ssl_certs/node3.key:/usr/share/elasticsearch/config/node3.key - - ./production_cluster/ssl_certs/node3.pem:/usr/share/elasticsearch/config/node3.pem - - ./production_cluster/elastic_opendistro/elasticsearch-node3.yml:/usr/share/elasticsearch/config/elasticsearch.yml - - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml - - kibana: - image: wazuh/wazuh-kibana-odfe:4.3.0 - hostname: kibana - restart: always - ports: - - 5601:5601 - environment: - - ELASTICSEARCH_USERNAME=admin - - ELASTICSEARCH_PASSWORD=SecretPassword - - SERVER_SSL_ENABLED=true - - SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/cert.pem - - SERVER_SSL_KEY=/usr/share/kibana/config/key.pem - - WAZUH_API_URL="https://wazuh-master" - - API_USERNAME=acme-user - - API_PASSWORD=MyS3cr37P450r.*- - volumes: - - ./production_cluster/kibana_ssl/cert.pem:/usr/share/kibana/config/cert.pem - - ./production_cluster/kibana_ssl/key.pem:/usr/share/kibana/config/key.pem - - depends_on: - - elasticsearch - links: - - elasticsearch:elasticsearch - - wazuh-master:wazuh-master - - nginx: - image: nginx:stable - hostname: nginx - restart: always - ports: - - "80:80" - - "443:443" - - "1514:1514" - depends_on: - - wazuh-master - - wazuh-worker - - kibana - links: - - wazuh-master:wazuh-master - - wazuh-worker:wazuh-worker - - kibana:kibana - volumes: - - ./production_cluster/nginx/nginx.conf:/etc/nginx/nginx.conf:ro - - ./production_cluster/nginx/ssl:/etc/nginx/ssl:ro - -volumes: - ossec-api-configuration: - ossec-etc: - ossec-logs: - ossec-queue: - ossec-var-multigroups: - ossec-integrations: - ossec-active-response: - ossec-agentless: - ossec-wodles: - filebeat-etc: - filebeat-var: - worker-ossec-api-configuration: - worker-ossec-etc: - worker-ossec-logs: - worker-ossec-queue: - worker-ossec-var-multigroups: - worker-ossec-integrations: - worker-ossec-active-response: - worker-ossec-agentless: - worker-ossec-wodles: - worker-filebeat-etc: - worker-filebeat-var: - elastic-data-1: - elastic-data-2: - elastic-data-3: \ No newline at end of file diff --git a/production_cluster/nginx/nginx.conf b/production_cluster/nginx/nginx.conf index 8cd13ca2..c68c6f2d 100644 --- a/production_cluster/nginx/nginx.conf +++ b/production_cluster/nginx/nginx.conf @@ -41,7 +41,7 @@ http { ssl_certificate /etc/nginx/ssl/cert.pem; ssl_certificate_key /etc/nginx/ssl/key.pem; location / { - proxy_pass https://kibana:5601/; + proxy_pass https://wazuh.dashboard:5601/; proxy_ssl_verify off; proxy_buffer_size 128k; proxy_buffers 4 256k; @@ -57,8 +57,8 @@ http { stream { upstream mycluster { hash $remote_addr consistent; - server wazuh-master:1514; - server wazuh-worker:1514; + server wazuh.master:1514; + server wazuh.worker:1514; } server { listen 1514; diff --git a/production_cluster/nginx_wazuh/nginx.conf b/production_cluster/nginx_wazuh/nginx.conf deleted file mode 100644 index c68c6f2d..00000000 --- a/production_cluster/nginx_wazuh/nginx.conf +++ /dev/null @@ -1,67 +0,0 @@ -user nginx; -worker_processes 1; - -error_log /var/log/nginx/error.log warn; -pid /var/run/nginx.pid; - - -events { - worker_connections 1024; -} - - -http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /var/log/nginx/access.log main; - - sendfile on; - tcp_nopush on; - - keepalive_timeout 65; - - server_tokens off; - gzip on; - - # kibana UI - server { - listen 80; - listen [::]:80; - return 301 https://$host:443$request_uri; - } - - server { - listen 443 default_server ssl http2; - listen [::]:443 ssl http2; - ssl_certificate /etc/nginx/ssl/cert.pem; - ssl_certificate_key /etc/nginx/ssl/key.pem; - location / { - proxy_pass https://wazuh.dashboard:5601/; - proxy_ssl_verify off; - proxy_buffer_size 128k; - proxy_buffers 4 256k; - proxy_busy_buffers_size 256k; - } - } - -} - - - -# load balancer for Wazuh cluster -stream { - upstream mycluster { - hash $remote_addr consistent; - server wazuh.master:1514; - server wazuh.worker:1514; - } - server { - listen 1514; - proxy_pass mycluster; - } -} diff --git a/production_cluster/nginx_wazuh/ssl/generate-self-signed-cert.sh b/production_cluster/nginx_wazuh/ssl/generate-self-signed-cert.sh deleted file mode 100644 index e006733f..00000000 --- a/production_cluster/nginx_wazuh/ssl/generate-self-signed-cert.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash - -DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" -cd $DIR - -if [ -s key.pem ] -then - echo "Certificate already exists" - exit -else - openssl req -x509 -batch -nodes -days 365 -newkey rsa:2048 -keyout key.pem -out cert.pem -fi diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index 3a6dedeb..d9928498 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -1,5 +1,5 @@ # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) -FROM ubuntu:20.04 +FROM ubuntu:focal ARG WAZUH_VERSION=4.3.0-1 @@ -7,7 +7,7 @@ ARG WAZUH_VERSION=4.3.0-1 RUN apt-get update && apt install curl libcap2-bin -y #Download and install Wazuh Dashboard -RUN curl https://s3.us-west-1.amazonaws.com/packages.wazuh.com/4.x/apt/pool/main/w/wazuh-dashboard/wazuh-dashboard_${WAZUH_VERSION}_amd64.deb --output wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ +RUN curl https://s3.us-west-1.amazonaws.com/packages-dev.wazuh.com/pre-release/apt/pool/main/w/wazuh-dashboard/wazuh-dashboard_${WAZUH_VERSION}_amd64.deb --output wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ dpkg -i wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ apt-get clean -y && rm -rf wazuh-dashboard_${WAZUH_VERSION}_amd64.deb diff --git a/wazuh-odfe/Dockerfile b/wazuh-manager/Dockerfile similarity index 97% rename from wazuh-odfe/Dockerfile rename to wazuh-manager/Dockerfile index 5968d239..c7a9cf83 100644 --- a/wazuh-odfe/Dockerfile +++ b/wazuh-manager/Dockerfile @@ -8,7 +8,7 @@ ARG TEMPLATE_VERSION="master" ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" # Set repositories. -RUN rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH +RUN rpm --import https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH COPY config/wazuh.repo /etc/yum.repos.d/wazuh.repo diff --git a/wazuh-odfe/config/create_user.py b/wazuh-manager/config/create_user.py similarity index 100% rename from wazuh-odfe/config/create_user.py rename to wazuh-manager/config/create_user.py diff --git a/wazuh-odfe/config/etc/cont-init.d/0-wazuh-init b/wazuh-manager/config/etc/cont-init.d/0-wazuh-init similarity index 100% rename from wazuh-odfe/config/etc/cont-init.d/0-wazuh-init rename to wazuh-manager/config/etc/cont-init.d/0-wazuh-init diff --git a/wazuh-odfe/config/etc/cont-init.d/1-config-filebeat b/wazuh-manager/config/etc/cont-init.d/1-config-filebeat similarity index 100% rename from wazuh-odfe/config/etc/cont-init.d/1-config-filebeat rename to wazuh-manager/config/etc/cont-init.d/1-config-filebeat diff --git a/wazuh-odfe/config/etc/cont-init.d/2-manager b/wazuh-manager/config/etc/cont-init.d/2-manager similarity index 100% rename from wazuh-odfe/config/etc/cont-init.d/2-manager rename to wazuh-manager/config/etc/cont-init.d/2-manager diff --git a/wazuh-odfe/config/etc/services.d/filebeat/finish b/wazuh-manager/config/etc/services.d/filebeat/finish similarity index 100% rename from wazuh-odfe/config/etc/services.d/filebeat/finish rename to wazuh-manager/config/etc/services.d/filebeat/finish diff --git a/wazuh-odfe/config/etc/services.d/filebeat/run b/wazuh-manager/config/etc/services.d/filebeat/run similarity index 100% rename from wazuh-odfe/config/etc/services.d/filebeat/run rename to wazuh-manager/config/etc/services.d/filebeat/run diff --git a/wazuh-odfe/config/etc/services.d/ossec-logs/run b/wazuh-manager/config/etc/services.d/ossec-logs/run similarity index 100% rename from wazuh-odfe/config/etc/services.d/ossec-logs/run rename to wazuh-manager/config/etc/services.d/ossec-logs/run diff --git a/wazuh-odfe/config/filebeat.yml b/wazuh-manager/config/filebeat.yml similarity index 100% rename from wazuh-odfe/config/filebeat.yml rename to wazuh-manager/config/filebeat.yml diff --git a/wazuh-odfe/config/permanent_data.env b/wazuh-manager/config/permanent_data.env similarity index 100% rename from wazuh-odfe/config/permanent_data.env rename to wazuh-manager/config/permanent_data.env diff --git a/wazuh-odfe/config/permanent_data.sh b/wazuh-manager/config/permanent_data.sh similarity index 100% rename from wazuh-odfe/config/permanent_data.sh rename to wazuh-manager/config/permanent_data.sh diff --git a/wazuh-manager/config/wazuh.repo b/wazuh-manager/config/wazuh.repo new file mode 100644 index 00000000..4b673ff0 --- /dev/null +++ b/wazuh-manager/config/wazuh.repo @@ -0,0 +1,7 @@ +[wazuh_repo] +gpgcheck=1 +gpgkey=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH +enabled=1 +name=Wazuh repository +baseurl=https://packages-dev.wazuh.com/pre-release/yum/ +protect=1 diff --git a/wazuh-odfe/config/wazuh.repo b/wazuh-odfe/config/wazuh.repo deleted file mode 100644 index e230d6a9..00000000 --- a/wazuh-odfe/config/wazuh.repo +++ /dev/null @@ -1,7 +0,0 @@ -[wazuh_repo] -gpgcheck=1 -gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH -enabled=1 -name=Wazuh repository -baseurl=https://packages.wazuh.com/4.x/yum/ -protect=1 From ec4b9f7ee182f48ec66443847ce21b0f44d776f0 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 15 Feb 2022 16:40:21 -0300 Subject: [PATCH 035/163] clean Dockerfile and docker-compose start script --- kibana/Dockerfile | 2 +- wazuh-dashboard/Dockerfile | 2 +- wazuh-manager/Dockerfile | 2 +- wazuh-manager/config/wazuh.repo | 4 ++-- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/kibana/Dockerfile b/kibana/Dockerfile index 76f39d0d..d98443ae 100644 --- a/kibana/Dockerfile +++ b/kibana/Dockerfile @@ -6,7 +6,7 @@ ARG WAZUH_VERSION=4.3.0 ARG WAZUH_APP_VERSION="${WAZUH_VERSION}_${ELASTIC_VERSION}" WORKDIR /usr/share/kibana -RUN ./bin/kibana-plugin install https://packages-dev.wazuh.com/pre-release/ui/kibana/wazuh_kibana-${WAZUH_APP_VERSION}-1.zip +RUN ./bin/kibana-plugin install https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana-${WAZUH_APP_VERSION}-1.zip ENV PATTERN="" \ CHECKS_PATTERN="" \ diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index d9928498..c1d088c3 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -7,7 +7,7 @@ ARG WAZUH_VERSION=4.3.0-1 RUN apt-get update && apt install curl libcap2-bin -y #Download and install Wazuh Dashboard -RUN curl https://s3.us-west-1.amazonaws.com/packages-dev.wazuh.com/pre-release/apt/pool/main/w/wazuh-dashboard/wazuh-dashboard_${WAZUH_VERSION}_amd64.deb --output wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ +RUN curl https://s3.us-west-1.amazonaws.com/packages.wazuh.com/4.x/apt/pool/main/w/wazuh-dashboard/wazuh-dashboard_${WAZUH_VERSION}_amd64.deb --output wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ dpkg -i wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ apt-get clean -y && rm -rf wazuh-dashboard_${WAZUH_VERSION}_amd64.deb diff --git a/wazuh-manager/Dockerfile b/wazuh-manager/Dockerfile index c7a9cf83..5968d239 100644 --- a/wazuh-manager/Dockerfile +++ b/wazuh-manager/Dockerfile @@ -8,7 +8,7 @@ ARG TEMPLATE_VERSION="master" ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" # Set repositories. -RUN rpm --import https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH +RUN rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH COPY config/wazuh.repo /etc/yum.repos.d/wazuh.repo diff --git a/wazuh-manager/config/wazuh.repo b/wazuh-manager/config/wazuh.repo index 4b673ff0..e230d6a9 100644 --- a/wazuh-manager/config/wazuh.repo +++ b/wazuh-manager/config/wazuh.repo @@ -1,7 +1,7 @@ [wazuh_repo] gpgcheck=1 -gpgkey=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH +gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH enabled=1 name=Wazuh repository -baseurl=https://packages-dev.wazuh.com/pre-release/yum/ +baseurl=https://packages.wazuh.com/4.x/yum/ protect=1 From 463589c2ac56ec5d3668601e7d8b7720fb092d52 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 15 Feb 2022 16:42:10 -0300 Subject: [PATCH 036/163] clean Dockerfile and docker-compose start script --- .../elasticsearch-node1.yml | 31 ---------- .../elasticsearch-node2.yml | 31 ---------- .../elasticsearch-node3.yml | 31 ---------- .../elastic_opendistro/internal_users.yml | 56 ------------------- .../kibana_ssl/generate-self-signed-cert.sh | 13 ----- production_cluster/ssl_certs/certs.yml | 35 ------------ 6 files changed, 197 deletions(-) delete mode 100644 production_cluster/elastic_opendistro/elasticsearch-node1.yml delete mode 100644 production_cluster/elastic_opendistro/elasticsearch-node2.yml delete mode 100644 production_cluster/elastic_opendistro/elasticsearch-node3.yml delete mode 100644 production_cluster/elastic_opendistro/internal_users.yml delete mode 100644 production_cluster/kibana_ssl/generate-self-signed-cert.sh delete mode 100644 production_cluster/ssl_certs/certs.yml diff --git a/production_cluster/elastic_opendistro/elasticsearch-node1.yml b/production_cluster/elastic_opendistro/elasticsearch-node1.yml deleted file mode 100644 index 4f9a628d..00000000 --- a/production_cluster/elastic_opendistro/elasticsearch-node1.yml +++ /dev/null @@ -1,31 +0,0 @@ -network.host: 0.0.0.0 -cluster.name: wazuh-cluster -node.name: elasticsearch -discovery.seed_hosts: elasticsearch,elasticsearch-2,elasticsearch-3 -cluster.initial_master_nodes: elasticsearch,elasticsearch-2,elasticsearch-3 -bootstrap.memory_lock: true - -opendistro_security.ssl.transport.pemcert_filepath: node1.pem -opendistro_security.ssl.transport.pemkey_filepath: node1.key -opendistro_security.ssl.transport.pemtrustedcas_filepath: root-ca.pem -opendistro_security.ssl.transport.enforce_hostname_verification: false -opendistro_security.ssl.transport.resolve_hostname: false -opendistro_security.ssl.http.enabled: true -opendistro_security.ssl.http.pemcert_filepath: node1.pem -opendistro_security.ssl.http.pemkey_filepath: node1.key -opendistro_security.ssl.http.pemtrustedcas_filepath: root-ca.pem -opendistro_security.allow_default_init_securityindex: true -opendistro_security.nodes_dn: - - 'CN=node1,OU=Ops,O=Example\, Inc.,DC=example,DC=com' - - 'CN=node2,OU=Ops,O=Example\, Inc.,DC=example,DC=com' - - 'CN=node3,OU=Ops,O=Example\, Inc.,DC=example,DC=com' - - 'CN=filebeat,OU=Ops,O=Example\, Inc.,DC=example,DC=com' -opendistro_security.authcz.admin_dn: ['CN=admin,OU=Ops,O=Example\, Inc.,DC=example,DC=com'] -opendistro_security.audit.type: internal_elasticsearch -opendistro_security.enable_snapshot_restore_privilege: true -opendistro_security.check_snapshot_restore_write_privileges: true -opendistro_security.restapi.roles_enabled: ["all_access", "security_rest_api_access"] -cluster.routing.allocation.disk.threshold_enabled: false -#opendistro_security.audit.config.disabled_rest_categories: NONE -#opendistro_security.audit.config.disabled_transport_categories: NONE -opendistro_security.audit.log_request_body: false diff --git a/production_cluster/elastic_opendistro/elasticsearch-node2.yml b/production_cluster/elastic_opendistro/elasticsearch-node2.yml deleted file mode 100644 index e368461e..00000000 --- a/production_cluster/elastic_opendistro/elasticsearch-node2.yml +++ /dev/null @@ -1,31 +0,0 @@ -network.host: 0.0.0.0 -cluster.name: wazuh-cluster -node.name: elasticsearch-2 -discovery.seed_hosts: elasticsearch,elasticsearch-2,elasticsearch-3 -cluster.initial_master_nodes: elasticsearch,elasticsearch-2,elasticsearch-3 -bootstrap.memory_lock: true - -opendistro_security.ssl.transport.pemcert_filepath: node2.pem -opendistro_security.ssl.transport.pemkey_filepath: node2.key -opendistro_security.ssl.transport.pemtrustedcas_filepath: root-ca.pem -opendistro_security.ssl.transport.enforce_hostname_verification: false -opendistro_security.ssl.transport.resolve_hostname: false -opendistro_security.ssl.http.enabled: true -opendistro_security.ssl.http.pemcert_filepath: node2.pem -opendistro_security.ssl.http.pemkey_filepath: node2.key -opendistro_security.ssl.http.pemtrustedcas_filepath: root-ca.pem -opendistro_security.allow_default_init_securityindex: true -opendistro_security.nodes_dn: - - 'CN=node1,OU=Ops,O=Example\, Inc.,DC=example,DC=com' - - 'CN=node2,OU=Ops,O=Example\, Inc.,DC=example,DC=com' - - 'CN=node3,OU=Ops,O=Example\, Inc.,DC=example,DC=com' - - 'CN=filebeat,OU=Ops,O=Example\, Inc.,DC=example,DC=com' -opendistro_security.authcz.admin_dn: ['CN=admin,OU=Ops,O=Example\, Inc.,DC=example,DC=com'] -opendistro_security.audit.type: internal_elasticsearch -opendistro_security.enable_snapshot_restore_privilege: true -opendistro_security.check_snapshot_restore_write_privileges: true -opendistro_security.restapi.roles_enabled: ["all_access", "security_rest_api_access"] -cluster.routing.allocation.disk.threshold_enabled: false -#opendistro_security.audit.config.disabled_rest_categories: NONE -#opendistro_security.audit.config.disabled_transport_categories: NONE -opendistro_security.audit.log_request_body: false diff --git a/production_cluster/elastic_opendistro/elasticsearch-node3.yml b/production_cluster/elastic_opendistro/elasticsearch-node3.yml deleted file mode 100644 index 14717a81..00000000 --- a/production_cluster/elastic_opendistro/elasticsearch-node3.yml +++ /dev/null @@ -1,31 +0,0 @@ -network.host: 0.0.0.0 -cluster.name: wazuh-cluster -node.name: elasticsearch-3 -discovery.seed_hosts: elasticsearch,elasticsearch-2,elasticsearch-3 -cluster.initial_master_nodes: elasticsearch,elasticsearch-2,elasticsearch-3 -bootstrap.memory_lock: true - -opendistro_security.ssl.transport.pemcert_filepath: node3.pem -opendistro_security.ssl.transport.pemkey_filepath: node3.key -opendistro_security.ssl.transport.pemtrustedcas_filepath: root-ca.pem -opendistro_security.ssl.transport.enforce_hostname_verification: false -opendistro_security.ssl.transport.resolve_hostname: false -opendistro_security.ssl.http.enabled: true -opendistro_security.ssl.http.pemcert_filepath: node3.pem -opendistro_security.ssl.http.pemkey_filepath: node3.key -opendistro_security.ssl.http.pemtrustedcas_filepath: root-ca.pem -opendistro_security.allow_default_init_securityindex: true -opendistro_security.nodes_dn: - - 'CN=node1,OU=Ops,O=Example\, Inc.,DC=example,DC=com' - - 'CN=node2,OU=Ops,O=Example\, Inc.,DC=example,DC=com' - - 'CN=node3,OU=Ops,O=Example\, Inc.,DC=example,DC=com' - - 'CN=filebeat,OU=Ops,O=Example\, Inc.,DC=example,DC=com' -opendistro_security.authcz.admin_dn: ['CN=admin,OU=Ops,O=Example\, Inc.,DC=example,DC=com'] -opendistro_security.audit.type: internal_elasticsearch -opendistro_security.enable_snapshot_restore_privilege: true -opendistro_security.check_snapshot_restore_write_privileges: true -opendistro_security.restapi.roles_enabled: ["all_access", "security_rest_api_access"] -cluster.routing.allocation.disk.threshold_enabled: false -#opendistro_security.audit.config.disabled_rest_categories: NONE -#opendistro_security.audit.config.disabled_transport_categories: NONE -opendistro_security.audit.log_request_body: false diff --git a/production_cluster/elastic_opendistro/internal_users.yml b/production_cluster/elastic_opendistro/internal_users.yml deleted file mode 100644 index d9f05b34..00000000 --- a/production_cluster/elastic_opendistro/internal_users.yml +++ /dev/null @@ -1,56 +0,0 @@ ---- -# This is the internal user database -# The hash value is a bcrypt hash and can be generated with plugin/tools/hash.sh - -_meta: - type: "internalusers" - config_version: 2 - -# Define your internal users here - -## Demo users - -admin: - hash: "$2y$12$K/SpwjtB.wOHJ/Nc6GVRDuc1h0rM1DfvziFRNPtk27P.c4yDr9njO" - reserved: true - backend_roles: - - "admin" - description: "Demo admin user" - -kibanaserver: - hash: "$2a$12$4AcgAt3xwOWadA5s5blL6ev39OXDNhmOesEoo33eZtrq2N0YrU3H." - reserved: true - description: "Demo kibanaserver user" - -kibanaro: - hash: "$2a$12$JJSXNfTowz7Uu5ttXfeYpeYE0arACvcwlPBStB1F.MI7f0U9Z4DGC" - reserved: false - backend_roles: - - "kibanauser" - - "readall" - attributes: - attribute1: "value1" - attribute2: "value2" - attribute3: "value3" - description: "Demo kibanaro user" - -logstash: - hash: "$2a$12$u1ShR4l4uBS3Uv59Pa2y5.1uQuZBrZtmNfqB3iM/.jL0XoV9sghS2" - reserved: false - backend_roles: - - "logstash" - description: "Demo logstash user" - -readall: - hash: "$2a$12$ae4ycwzwvLtZxwZ82RmiEunBbIPiAmGZduBAjKN0TXdwQFtCwARz2" - reserved: false - backend_roles: - - "readall" - description: "Demo readall user" - -snapshotrestore: - hash: "$2y$12$DpwmetHKwgYnorbgdvORCenv4NAK8cPUg8AI6pxLCuWf/ALc0.v7W" - reserved: false - backend_roles: - - "snapshotrestore" - description: "Demo snapshotrestore user" diff --git a/production_cluster/kibana_ssl/generate-self-signed-cert.sh b/production_cluster/kibana_ssl/generate-self-signed-cert.sh deleted file mode 100644 index 5951acf7..00000000 --- a/production_cluster/kibana_ssl/generate-self-signed-cert.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash - -DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" -cd $DIR - -if [ -s key.pem ] -then - echo "Certificate already exists" - exit -else - openssl req -x509 -batch -nodes -days 365 -newkey rsa:2048 -keyout key.pem -out cert.pem - chown -R 1000:1000 *.pem -fi diff --git a/production_cluster/ssl_certs/certs.yml b/production_cluster/ssl_certs/certs.yml deleted file mode 100644 index 486e4178..00000000 --- a/production_cluster/ssl_certs/certs.yml +++ /dev/null @@ -1,35 +0,0 @@ -ca: - root: - dn: CN=root-ca,OU=CA,O=Example\, Inc.,DC=example,DC=com - pkPassword: none - keysize: 2048 - file: root-ca.pem - intermediate: - dn: CN=intermediate,OU=CA,O=Example\, Inc.,DC=example,DC=com - keysize: 2048 - validityDays: 3650 - pkPassword: intermediate-ca-password - file: intermediate-ca.pem - -nodes: - - name: node1 - dn: CN=node1,OU=Ops,O=Example\, Inc.,DC=example,DC=com - dns: - - elasticsearch - - name: node2 - dn: CN=node2,OU=Ops,O=Example\, Inc.,DC=example,DC=com - dns: - - elasticsearch-2 - - name: node3 - dn: CN=node3,OU=Ops,O=Example\, Inc.,DC=example,DC=com - dns: - - elasticsearch-3 - - name: filebeat - dn: CN=filebeat,OU=Ops,O=Example\, Inc.,DC=example,DC=com - dns: - - wazuh - -clients: - - name: admin - dn: CN=admin,OU=Ops,O=Example\, Inc.,DC=example,DC=com - admin: true From e5a6ffef8f916744fbf23383a26d8a67394c283b Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 15 Feb 2022 17:43:04 -0300 Subject: [PATCH 037/163] clean Dockerfile and docker-compose start script --- indexer_certs_creator/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/indexer_certs_creator/Dockerfile b/indexer_certs_creator/Dockerfile index 1a1d00dd..eefe7bea 100644 --- a/indexer_certs_creator/Dockerfile +++ b/indexer_certs_creator/Dockerfile @@ -1,5 +1,5 @@ # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) -FROM wazuh/wazuh-indexer:4.3.0 +FROM ubuntu:focal RUN apt-get update && apt-get install openssl -y From 16d37e6ecd29e9d6efea5b7794c540d7d558cc94 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Wed, 16 Feb 2022 16:42:21 -0300 Subject: [PATCH 038/163] fix in wazuh-indexer demo certificates --- docker-compose.yml | 2 +- .../config/unattended_installer.tar.gz | Bin 5699 -> 9234 bytes .../wazuh-indexer/opensearch.yml | 6 ----- .../wazuh-indexer/wazuh1.indexer.yml | 16 +++++-------- .../wazuh-indexer/wazuh2.indexer.yml | 16 +++++-------- .../wazuh-indexer/wazuh3.indexer.yml | 16 +++++-------- .../wazuh_indexer_ssl_certs/certs.yml | 6 ++--- wazuh-dashboard/config/wazuh_app_config.sh | 4 ++-- wazuh-indexer/Dockerfile | 8 ++++++- wazuh-indexer/config/config.sh | 17 ++++++++------ wazuh-indexer/config/config.yml | 5 +++++ wazuh-indexer/config/opensearch.yml | 21 ++++++------------ .../config/unattended_installer.tar.gz | Bin 8865 -> 9234 bytes 13 files changed, 50 insertions(+), 67 deletions(-) create mode 100644 wazuh-indexer/config/config.yml diff --git a/docker-compose.yml b/docker-compose.yml index c4a212f0..5ed424b6 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.manager: - image: wazuh/wazuh-odfe:4.3.0 + image: wazuh/wazuh-manager:4.3.0 hostname: wazuh.manager restart: always ports: diff --git a/indexer_certs_creator/config/unattended_installer.tar.gz b/indexer_certs_creator/config/unattended_installer.tar.gz index 04d24f9e211d67946787a9846b239eba0b9493f3..0a2de7fdb283502c7b8f2917f9cb068a7a03ad05 100644 GIT binary patch literal 9234 zcmV+tB<OjSQRQ+tSRMxo_~FCNS@N&f>YEw)H@0gVcS!B#hns)?pUdC%Y#Qv82)Rps zH@`%E;(#uEralR%KZZZ79;!t#wj{(ghjfQkmFuj)8SRi?M3XWrcScWG&0V!|Llm** zbYKRdV+GXot^S-&8wENk^k?Y4OU?tzezn8P5hb2GxFi!N?31DAQxf(~7s{yUJTzUi zM}6ow!QX8TEKoy7XJ-?w>+%b)$*9-5<(<1Xh2F7W>vjm<_z{+kbL_3!@Qw|L6sa_KHPbiosH0@8H` zltke51P@5Zv@Sp~nAnNw+NAFVVL&W!m^zf89#ETv9yuOSm+Uz~=zHXhT9NOBmxT4I z0OS+u51k-zJQtvQK5K3B#sV^UVO-xL9{@V8=nD!~Dz%3+G|`da?vKH$gbEr^%saNx zM*|Eyq)`Htd$j9-M|bH(zQ7@RkUoeIT40l*m#!<7K=s?EWzm4Sdp>2ppS?r6<{&`F zO7Nr2x?z(tF-&{txJU>%o0jj4LPmx0${fMKunrlN05(b`Z{oJuywW3KycfXl=K;3{ z18+jQ(O^J0L`d+w%>}3~d9l};3 zVHDpqqydF~loc;;%^O2!!4`)zLfgCV*fw=%QAOT=#5Ood#e1IXvA*W;6P)7hJj8^q zy!>yBEU64y68>%r`R{&;um6r4qCFWfX$8wT01MXtjg6fDx4FIjJ^u4e9=`s+#>F50 zkIROXGn=QxHbb)mR)RI6qz_918JmNMVsn#pEdO#8@?!K6gm=)RF7?e2RwEW_84aSI z<5ok@8w6EsTM7F4#a$w1`c-IkPmvmAmUmVL%epkDh!?P|G|ZKHW95ytyVvVCj`l8U z+b^CU)%;J-JFhA&d$a!Mo73vsXD_VY!Kilr+zqx~>|GAWmCEbm=Z4PwE#Vh1y0~8; zRxZ^D=ZV~GS-n=c@p*FmyJ@$!g00Tr7-cf&eOoM&T+t{G*LjTXkQSGgN zzHv~|5~-m>MV%(c_wuB?cyac}QTMes`LcZ;ZH3_qfewAuAf0iVaz@ zF+(_#0g@rAO?eEXEo+aZyS2_Tk@Bh{7 z8xOPbpN-n~_xR5@d9)Fhna5l?YYMw9xU~d-?_*nL*>!+L1+EFcEES;duZmwLj+dgIhDle^ z2>Lq~9uuf^rRxN3zzo=YDB7rPC8D#UnPhgtYn(8o<$6OCtj`_|DWeG{8oqfxpJl+= zXn?xG+uhPEv#Sy-ESz1hfJl@cQrnm4Q*l+&u!au2pV{$-bJm{DwPc02yHhGE>@SpI}sM*xp5YPqlHy*#}x z-{*%6_5gqw{JlGn00}1lUVuot4jtG@sa8@VppGy?>Y8q-p)eEwn{68?Tf6dFN{Pe;N0GkT&(5B~qVf!BIukTO?`Iz1Vj=KKspNFY z`}d^$g%~Se2VM_TW~T=E`0+6UaM`ki%NIKj5%o=@IyU_({K`xuK98W>D0Q8ZO*>Jq zjde}q$rF-*CyggR)(wW4lwCl)W_d&0J&^L4Tt>rnz^|YWE(3O7sA)i*QKAEV$1j&7 zSS)Au<<+yho1?G{4%p28qMnVcBrSEKVpk6F{)AESA#wXUC2qEfa1w@G}5HN z3X?o1$sP3Tm36 zDw&JD|D779N<+$?4|kzj=~OBab)rftxW#&;(V=OMTKRV##pJKQ=9)vDy5UOEp|DD+ z+NL3raoHQ#&6TyDPe;U%r0y7`N<*tE0mUy&!0Ra>zS%TL>>9w1Pmcn~lJC{(if>NS z?J&mx+N_}luQL5ih#{5x#sh^o0=gVaZMtf#Pf<~4(z~9vcQQ5`N8tAiE`*9>jds=^FaN9K;Mkgm*yFjr?XJ+-PcO}R+a zx;T`wMpr50CIM~I%@TG4{k)v$^Xm@?A6gO&%96McoXe_B$5j_^75zn+cBCxvx>)6A z;1+&jG4#AK7!K>g?9o7rPZl~qEx;^2%wnjaH6MAoyzJPsCc6mtbLO}(^JUK~@?D2` z2HR!R>vLR(RLk(i1HKBg^CoghRgVE&k?C3j<|=#g;f8B7UyHmj_q7a234!l*=eo0B z7A{m@iux$9>Fr@u8tfh^gZbPwUDpeNBG`7OK2h=@_X!Nx96pmO?YTV9?=lGKu#y;E z`q>Fd{qYq%cg@ObnIk$(mQ;4lC8)@p!AcMeDxq(>0UlIUplRr1$lbQgppC2;nIR@# zs|$?uewEctv;K0tS4OBA1Fm=Yg6lGS$*j$4)PuWW*o1uK{!FUof?j3=A}QjjX}7SQ z#S-?^DzP9cuiCZo)bqmJlDL048ki*e&k|A$OqUnv_(tH zIXHF+EvfJX--cpn;;|Z&n6XPuHUc`v0UbdYH0xRZuuW)ort-!GrWPjG_M90sk4#LQ;kqN0iA& z%6<5Gcrw*7OQ_#}8{~&(p{YWJtiU~w1~$_Vm@ZuI_Dm(wX~9Wa_z8@ZM#;N_2VmBh zjt^#0@<4D}^>{E&ndDapD!K>+3_r%rucImAG9>DTkqJB*a)B<7$?vVxqr;=;>p7E5 z6j9C$ZDnPOoRw^5DVruN4R*!IbyQ`VF+B3&%>1djh6W6OOpSGgX)c{9nv=9Vk~^c) zD5#6G+Igl>lL6ekbd-qBJh>E-$(7`hm4zaQxtz`MHEY3T{oI)RthH&*d;>Sc_J*;9 zl;OxCkkBuL`J<6&9QpvoBCYZ}v;3u2egv%UV{`J8nOZuZ8#B$%45tB~lh)bUO|VQAfta}nTAjEtXJ;=IH_2Nae-$3%6Ppq! zo2R|#|0f#ExY=A2cdk=6p5vRo@l{%RTQz$DRJr*{l8ckVCC}n7><02E6S|K(26^%X zn*yvhKTgcFlArODP9yA4rno>X?3M(^)Wv0PckWT9SsWhFf#TgU=qPI={qv~xYClsX z31YUG;wTVh4Rno^$t#x0qZ}~H4+Mz=W*+f3=Hfhidvttqc6e4C@B8DE*N4YPXCLPS z-rGOhJw0SiXTUC-58$6NcSp+N7PO|Fe0EvGfMp`$)>J)9XBw3-0*_cnzT<}MlMF-L z%))jBrqBXz#H2-xGzRq-{P)QM+72-}5Y(7|0)p{N9H%oFlfD-y(|Y2-5YP!^BZApX z7C`TU4M@6+`+4}ar;x*vvxu0|P=Xc~9qWjVHHQ9+d|PtNbP`keAl?49=P51ySBF-ZYoqbMwjz00t(@1MmA#LOaw zUly@L&g^u$3|ccR0aXsfHrwGrDF$}|%ze}1Uw1$+4jJ4x$5ec!&GUz5SWpkuhp#q^ z+u_4koI=J!KFMk`a}Lg8e-HRyE=x0TRXIGDW+XNS3=o^YSqF@X2h+`Mj2y<_oGCzS zpQ%b8mc&9@s%a>GGLI*>)*jIiKl6Lw1w6=wO%G3Gkg?qNiQ)1l75u8!PJ!?tcU6uK zn(3Y*5D35x3>Q?ZD@O<51+c=qEHxMPjs;$w5$7WN)?7&au4&PDkMLeZ8=C)1+Lin5 zeCRLkA`!I}Uxkeg;Fp0nn_xn0pU15+3@f_fmWv+>vPF@sY))692qrrCzEzmKbxqV- z(9|SGt-}77-@V|-2cBgPkR9>vNR@};-NwRjy$Mi^S3k&4tM}~cyw#Jptin!LaX%+7!wfZHjHlpR-Hv)h{VQJpg_GP?u|{2hXo z!1bJyZIo%o%a@O!cmMSC_;e@lo#PYqoh~Y@uI}+;4X(+2Tw?QlQ`qeO40LHe>me?W zZ5A>`$~S`Q{tO<{AOPpN$@Sp6h-hG1+O3wNmHdb&8QxSRGpr?P2$@PXLjkMyU6cbq z6k5-k2qoV^mDj9zxHzL1Y+%8%kW%o;m9)uZJEU&X)$TBrF-Xc3lD!lHmz+(grebJ1 zt~Pd3a3(AK&rfL4C^Myv^4R#xNSvm;s)!oOIj_;kSxS;o5Tk4|Ov+{_k1P(%UI$Oa z@UZlmJO&nqYOZ{3O!Wu~mgbO-7*gpQXb>kMs~g8{amIqvtidaT{I`JjBF2kO`V7=i zbqlDw3^h(F9jlqUcMDj19BsW__ZU?-U^qb(xEV{1= zTdP$$gf|EJ%Z#z)6*;cBajnvTz-an8yBMUF#yJzqNSd?1htmEwyH=qIhOnkpo{Ry$R6aftds)Wf-U|+=**S=(iG(^LWNKH) z$$+9yj~PcSMU6);S$u`X3q_>a!U$N{FNa<#W;`c5X$eMPly?p@(C=Ho3<*Ipq^JZi z_Izce*!!vyK*Y;S;UbX&04OSntjfl-P01C5BFpoAYK3ud@8pX`RzI}XSfKVpaGwQX z;qQmZPw;OXUxoMg@qusqL-`}tuK)Dm-KskE*OQH?NWB#3raVusUMTq|9ZJO%F?TiO z!Dy2RfHERoDjkZ1x@@p|r*tkp&cNf!OgbesWE|h^VD=*2T0OW;by6$h-CL>jUx`Rk zb0fep@H1h-aSmU#mon1G&)-N8b%M}eBP)#ur2c>msM`zsYb%X)vQDNV))(;9N)cF= zpp{z@R|g+!ia5z$`I?Mjx*pdi$YqPTWV)UUNG$Z;Q`t65ZPk+tJWP&>cz<8bl1gnGC{_CZGfr2DM<>@);zWRW0nh{CAlxEH7dlR~)s@6YSv*KSl zWlHH$rWIn8QbGA^dx=J=9MYs=Ha@Cz6f#aikXo(EPhrvKUu(ZoR-=50zwe#9#+#%z zax}?rqda@@s-+gM+IqRJtd5d@d?@SLA**-ga!LJni+U=VJ9jdD!{XOom{V6Lrr(Q( z)cwEquJyTX8;O6u{uQXI8%eGyzmiPrT5WuaGv~Qn;;AQJ&T=%2MA^Jblp;!Y+}Qv7 z?Jht7BmqA3NZUCgGZ~q9Ef%}L0$BWz_U}(lKQk&cYWo>;KC#+|9@{zSvGxwXQ8KL8 z5+rdibRIicjM>ojCey%~djvXY@WeJ{678S^ymlyBW68Uc>mwBW;VJIQO*N)`^2EVz zlU~hr7U*aJ%|R&sF|PkwG^|Dam@%Fu^4T;~b%xsROdZ=K{VRE61pTRdm9!+u>`DZ; zv-Be^LomKQ+@sS})iYIRtlAkc6MPn|oezMq8h>#g#NH9f)Kzb++Z&0CZ|gS4))bqU zx`Ew9Yn#E+JsS7KQ`lgDErVg93w@~>HL=}fzoGO725I!u*4+R@F=L0ZYf6KB%!-|j zOwabKPJhT1rs($4V7Qsqt#Q4HZd2vmamrHv)E!ePg)~`{V_~f84T7e+V?JTde3UB{ zNlNwYy7-zS2xvyo zJb5RBW z+rm;d(ul>W=Wi&r2jN_rM))me>Sp8%=i`;~A=g&OC=WdySbxmu>@-nG8XW?!cwJt; zk*?!PV00u+vX;Yf%X$z)CNbKnqCB!xAAzHCXTJ@?A7HT`pbG)JIQutMq5eQ4x=?j6 zoy~rOl7cCJt=zdgU>E;5b1wgRdf*(rI=jrL-89^%DV}?u@Vw$a+Oo(gFSAyf7M+jo zVsOixaQX4Stg+YayuaLg)9JcnAJ`E1?%ul&Syg-Q-isgIw;jsf$fx%6^Zg%T<>Ees z?C8bwedZAP8C>Ngbx%zR5I4ygxV&B6Q%n1!R2U7ZxH}mvwtS$=32)uQ=Pz=&lGzV~ zTQCXPvuDq&`FC>X?MV8&O7OXvwdCj=N(&&0{mg2Hs_66vbJf_%iNns`y_PC>MM9!3 zdw>Bv0g>#$WUR(5Z{#k=i~dJ{5kd@VODb+Mgc!~-73bqqoi|G|WBX)acCfmBIzr|_ zA?SObVF^f2Wykqkm>!U{PPX`sU%c>eg~gPMAet~sZZUv@M%B< zY8>MfX-spMi`yygCH~8MI3Iceb`(rgAXWZw*AK&`=3fe(;}5#fw8h+|3-v(V>GA8+ zHe$hTaM)PqCp0vp3FUL?k|NHvO;qFuG`+AMF(wl|Y3X>~_fzzr-kkjI? z2GUrD*Q@ZG@{HqT1D^`gZIF0hy$C$%Llk=qB{} z1zlIh$EBxp<}z%G)wRGh$D9j~7;SSU;Q~?r@}1bB?FZAL#|H}ZDq+se!VcfY+oJ>T z;f_WOJu|kY)2_wcrlh-*x$?B{Q{JqpZ8hskdK5e$nbC@aa*Bow4^9Ax%A;r(4U^Vr(mKY5Jh6Gz5 z3bKeQFd$@Q&mR`Db8m5Q$S3>j4-uI(@Og_dWJ8&hV5dR<7L zZ3L{Q%f`|oJx)Y!U59PN6wqH=)_mQy=iH*+W|RB%b=FExzP{%0Z>v*#uE4B17$7h? zFweAQnyJyqeO-+sEjDNgmy#8ACDzM1X{Zb1+mCXSG1_&EZACURx@hBgl4*Ygi6<#= z;fTKo12>8vUW=n)K8PZE9CT{1SQBQ_K+dLNCQ~?lNw_kW2wkqjW?;U&_R7i!E&{U& zp;)zgk$ois%D@8hbD1zgy+H?o!YGpWL#im@G_-1qbLQw`6!{uOVmY!NJ(i_^F=|4M z8g6H;M@+_Q#Dt7zfLAK?=!3SkQ|{4+*vX-OnjhOp92&+@tCyjq<@Iztq+3j>tnL^+ zG#v~qBT|ld8TeQ$@s?bd4LzG^QEdB*Ke=GoG_!gdZWGLkLrfV4 zIs?=crCJAPYQSqVjBLj0)~RX}us``wU;4@PI@I0|siMq*(7+*?a;>_3t#0FxXQ)}E zTdUqstJgHR8LH*UR->nhYlacB<@?c^S&M{N@p6+ON!`%rLW; zAuQ&5o<*B+?xm-nL7t#;K7}Y_2ugT zmZGz{H}XF#U_Aac>@=>fj>DNd@Q$yqcN$vMJw(Za*?v536h>#gFCQ0k_L4Pv`$x|r zNDXgDW?e0O{LpLG!(Qw7v3KxTW4&1aI(iED|Gw9%hsX8ss#j}V_nPgUUWT|N~{BPPGB8*HTs~ncc^B8JKTA=;)$*y zRb7k2&ATS;-cc&(2+$Gu@UtisJ`6nqJ{P52KRxN{)QqY;YC)d;$mLU2-Ko`n618;p ze`5X#FBg7&|2?FJ1kJmk)r?ASHEaD^D-KOTx4=iu+TTO`*XhBJUac44scxgrWu;Nu zy$f~;-UKL7&Eo|8PO}H+(V`z-Q|k0NQ>V!?i-?>eX#b}#^P`K&BPmWJ+)KxG_VyYr zma5*iZ(fdwL@5SR(kUzinKtLj5u=r0AS50uiOA{|f3{+u_%mCN__N~uQM&qg8EGPt z@x^+gG#M&?ngl)0)&~YwpnL0jq8XKvBcD;SG;Pbk|Fo2Hsl1geo)TzL&shWi^#TN~ z4-tFSS&HxY4gR$f4_ZNa-{}?cqG&?2dW6Vfj%AK>ua>hhhd`4SB$h)+SYbPFq)W1a zgu=oEJowoN3uHk?2FTd8nh&LvZhT4xG7rtSAqm+PmSsrHdf%K-SkCpgBN|zit(lVpE1!aJ)A7A)yH^>k!Y zak>C~eo>+^x^sbTqBi>%02{uI95;RC;p+@J~vnbHsB5SvFD+A9P(yLhr;v=7%L!rgj_flGr zBlyLeG~QH`=$ z48y%?&Mr6BXL`%OowB%V82S4UTvI!-my+oi|7QZks6rL0P=zW~p$b)~LKUh|g(_5` o3RS2=6{=8$Dpa8gRj5K0s!)Y0RG|u0_=|=A0R*>>xB&0~0D~nz1ONa4 literal 5699 zcmV-J7QE>niwFP!000001MNL|f7>?C{rB~!;M8=EyZFx0ruE*rIok9{vbgEiHhKJ$ zCEDg9ORf&PZkzA^f~0Oyw(J~xwpYxW*dz#m00@AGG)I?h8|x}oyF|BaS<|pteQ>*_ z24$yKqkro=TamwBc~IZ1@9Z=hjqOdSuW!}2>krV@E%PBP4h-5v=)pw6Cf1!)xJB*% z(Bg>nuNZot3~tQ~me>FGW@9_o|9zBs`ZvZ{x3Fv~!<(7H()w@Iwzjr%{ohB)sDBu| zP5MNUZM?iKEU*7&t+|uy|31nJ`sb}(nHZJXNXtNDk^UQ-TQU7_ZErUppxT{}{=xry z{p*H`t=$4bSd%TAC|uvP0wG-<;oWEht0&`KRB!B5YVcEsnyLKF8FnpfPOxc(yY`8O zdsw!Gy{<@4*5xobuMq(M-9q{omyGk@G&F3jnguNH|LZ%oJpaF!vXuVW@9sz*kBL6W z==>in)PJL~*@*l9#`bpZ|L>!e%jLpDbfhDDNG#^CkprIG+CV*7xdOvrI!CguqM>2g z7E)v#^)RAFfK_B0=me|;?Gwv34b;JkV-kCYSg#6TKE>vUSQasKz;2ifTIIklW)mZB zZ;lBFiSG6V>naqwBW$w}Vb8`8ASBl0+Mfi~ZYo0K4p7)djRKI|$9G&3C2rQ!BK zLr@_=P>_)kZ7USO^t-a6V2gz?6SH`xLJ*TR3qy@7k1p#*LCQ#y)e+GtBM?LtlZ|NxKlZe}zW=v7v(KN&{GWCll{o=e5dWLaME4na+ygJcfG`?DNI(-= zb1(&$QBN^vW1Cmg9Kp>F23W_YY(q4f5_^conlm7J)iw;xs#4gBHB1I~k1#W?Owm2U zsuc_GtPaAu=T0eIpt9DG*XoV656a&DVAwd`zpCxLetBFo|9aVbS81!8^)DaJsvi$u zD}z_#+WAY}+Iqb|8%-*e_a`qUk^5UBFJOG}yugiIVJDnqa&T@&GY7~ijYYGA7Ro_c1$D5%InviKaczG zjp?_Yb7#x8|Lo(BWBl=;CY$ZOi89qrUv%sj^~1`$qn&>3{OPC7{g-=E=3p947s3%5 zqJnLkr03Y!-COX#*MU7|i*+g5(C``>v4*DC&`eQ|Cjd_%;lwE_5U1W5o^5KI&Wld- ze6scQRBp_+Ds|^~=hF-GlRY}_e|ga)@2Zu*-q!v!K0LJs!%ic+K!W^B$fwtgk{M8x zO&M>_l-5u;#@UD*IQom;(J5(dH3}LIqW;aiJB#u3QY*~{TeC^e^CX=Ctra@I)JIz zL5;ehL3yQVC@{lzqGZb=107jotkAP6m&stGL>bEZfbWg?I4x}3L?6)9 z*EF2LkhOY*DuuuW!N|MvmckX zuC$hr?_&zfwhKjw-3A&GOt02O{kZ6Ulj(RdwNpFj>Hr1XI(H)*nzC+gh6fH7|Gy#_OXo_PcYHwC&T2k3?%Dl)HXQW9nCVe>QSu{y>Dbt zNvMZs?Mw8@I+4{XAOA8mU}bS-&6|RrjVDDPGj>8xgMD&aa<#5 zCc<(pW2$Qgd^y8ogN8(t|K;huPVM$iti~l%^~hv2orRCf5L|A&p?)ih_rF6c)FF6!h`Iw${CDCE1Y*qU6$D+gx(7j5L+`41 z1Qxhb@2p-Xx3*YDZq0NBmU+72SY@8w#PgL9M3+O{jU@^Q-A~f8OAmCa)VaC&op=$$ z+$P)qRE1*mb83OW?k2w$2#lv2%O6mS7~q?WLg|ZT?;T#3AM-N?RRbgv|J>I+gb0lw zmj;#e3D(r0R;Vd=Kb_*Ru`cVjfWz4KCoe1A9{2}HfqmiL&i~3UZ1`UpQ_D!~@7{3x zFDt_RU-whjbB-(D{NyFu{m(|N*4Wu@HX8K#kDYogzyEn3C8PfNB&SaSl<6sc#TqU_ zgXw>3%hPx4?`Eyutb6*e*K3<}|G!?p@B9CzVc7HF7PbFF%fp|lJ&3eDncm2Fh)zvo zV9Fz!0(f^g*p7JU`40=}n8tS5oUt37e^ApvuF0^CV!*R!jAtep3~jW&S3-?ieQU!7 zJkpg);h}fuWbD#omr432#>g`I_Ea|UGkV2?oh(2OLURCiN{EOJT_JI<0_BmRlKu>; zkOKy6GDaabjVxsJ*_W5c=jbIHhK5d^o<k=2m$7h^3-v8g5HM)&|;&k6bht|KBMwCB&~g?cVuX699~Q4@)<>-vk>Lix1_ao zm9Pt$0KZN{oJRC3RPMvqnpA=x*1P_2;@&D0t2Q5(g~nhtOoLm(ceDBZMa) zV#yrQ;Y69{JLMI{GNBtrRs6S4jiN!zg}K2IFw?A>FXOX@%8_4o zZX!p={FdQs@d{$eJq^DCyY;I0Ky_+=_3PxgrbBw0JO-f}emk>vPynKhFw#f^Em9dv zr9^Fr--ENWle1k(2x1LM-xE{3JbNafHJwlEkM`N|(ecaMqNWa0$VKHW#<)DSG-4qw z-wLV6DKez-V!#|){rbid#Fni16{?|QZ!XY3u_^dHG(>8F=*JJV?i*#i@#mkTO$R#F zh05AWG4l>te?(`3nZTGt&u za~EEOZ&Rliitur_?z%1tZ(1@c8;+gPcQ$I9Ptv`xhj)CXSWi%y9-DzS(hYtswLGb#(-#Nj&Z~C4+}uCtEaqM0@{=5!_zO_MQ$)Kg#y6KL3ytNT zY%4=lww&Hys94==op-8lTYIubKnyyOt0yg%K2=Z7TloTI(A2!N)+Wku%0+H0o_--Dvf0L3?1Eo>6tt85MB#@6-%p)88L zp6%`hX6rpg#Im!%hM@`liX;Ig>Wo;TAfe~a%jn?b(4R1$nTjv{?~tdCz@SAXd9`}!Ur6*5qhO!;IM47%M!vCCD%`28r)f>beuo0qe5X*9~>BEAqh_VMGwN07mOul>V-NW|V&VdgD9nY!ngEo~6 z2;@l}GJxf*W8w|alYWNBj!Kv{Y*63>T_NKktPgEdIRarWVB7 zKkm%KDwn^t%b#e!;A5HM*sfoP8rT1K7tr(Xm){#3*QH<9BvdN+aor2LbQJORPKu-h zjZjIu--?vSWn{gIyjdSD$~MR;Bi{lGxj(iu$r8qL-@*(fM)8#sy)8H(6HFh7r0D~{ zfv6gE&jJ=xBNk)X6DhI|(-g_7YSO!bhKXcEhmy9)5{90G@QV?`8ze#OVL9U3_lJ>p zD0JyN7r4{-{M+RR3| zC=rTVxF{9+jzjm&DD&M$F>el@R=iqZ2L0)RXB8uOUS;5FuT zU+gvJ_r61~v6$`q_Zo9~TI@A4$Z{30v2ZfKVUIE-rn2u5yy@&d@^Hg>%&CQEaOwmW z5?pQOCQ*4)Hr#UOb5+PjhDj>yw|I7@bi2c8Ifv2vpO0c@7Ei=^V!PA0J>NWT60pxe zfFL)~CTaRqrBWA7RKbkkrm^C@h-h~K4AWk8x6#{E^!6Ad8;`{~`iV)(eucGhX!DpZ z@945jihezAzdMLkd1^>rGeBkZj@|g-FDGDzOQ{+C=$W*8;>(j9#Tbo2p}K8Vq`9ng zJ|3T(c8)sP+4+2O`u^zTxN|ul@%}+)@9cP4$OicMkul*{X=9%J% zjHSl)W%%MAVG(1=-I8>+1WDB#h9a>sG~KeB)I#geuKP@S$RLy8wxw`=I+jfc{WE!_ zg%_j>tS`qV?vt-AdN3ENwOYl`pLeY>5Zk@Hbe|mJO;c#{&tbdKw!Y;Z?f&+|HqmdW zcu{L^y0-`E>o;g3Cs{xKbFsc=U6gizT-1L^=pv%oau@=BPcKSq*6y11`9dmQUaVIh zUzFHKXkLTulGJL4hJ*UO>gKE>fuAPqBDdF0Ze{Q)t~I*(^by znzwlvkZwuRGnY!M_6(8d94~zO(V2O{0Av@y{)U}W&GSqg^75nUIfmKRL0SZ>d5G=C4>V-|!n2KW;yTZ=)t z5yld5zV#IDNUxCN(b%5FwvB?+*_}Rq3)_TQTMuSXf|u}FHG@t&7iz7exrn@*5NvCw z8^c0xnfzdrsAyHwAX?RGv4j!~rEPgH$50H5fT1Kr3PXt(%c&oG|@Iuk^WrhMM~SCj>vKAX&wBON>TR)SRaPTaa1f&F1QlnJ3%zp3+_8( zjb#gJY!8fLV{ZcwZz71jVO%iGK<0{tp7Gp@P<%vlMB>BTf-H=neky!7rXZwpld&(Q zeV@JgbM*G?mh}7dA!Hlr&Zq|lYxL75G<&@^x(`f zGt+!VF3t4X`g+PmNMHP@3_~lGGL0_eKzt9%Ia|f;r^Mb{2u=b=pNP=Qx%j#F=8p{& zz3|1Z_VlU6R$|*Msb{V958WT4hrMX+xBUOvmzTWcB`dC5y&@{*Ul $kibana_config_file +cat << EOF > $dashboard_config_file hosts: - 1513629884013: url: $wazuh_url diff --git a/wazuh-indexer/Dockerfile b/wazuh-indexer/Dockerfile index cdb843b9..6014512b 100644 --- a/wazuh-indexer/Dockerfile +++ b/wazuh-indexer/Dockerfile @@ -3,7 +3,7 @@ FROM ubuntu:focal AS builder ENV tini_bin="tini-amd64" -RUN apt-get update -y && apt-get install curl -y +RUN apt-get update -y && apt-get install curl openssl xz-utils -y RUN curl --retry 8 -S -L -O https://github.com/krallin/tini/releases/download/v0.19.0/${tini_bin} RUN curl --retry 8 -S -L -O https://github.com/krallin/tini/releases/download/v0.19.0/${tini_bin}.sha256sum @@ -17,8 +17,14 @@ COPY config/unattended_installer.tar.gz / COPY config/config.sh . +COPY config/config.yml / + RUN tar -xzvf /unattended_installer.tar.gz +RUN mv /config.yml /unattended_installer/install_functions/ + +RUN chmod 755 /unattended_installer/install_functions/wazuh-cert-tool.sh && bash /unattended_installer/install_functions/wazuh-cert-tool.sh + RUN bash config.sh ################################################################################ diff --git a/wazuh-indexer/config/config.sh b/wazuh-indexer/config/config.sh index 59f8c1d4..5fa3715e 100644 --- a/wazuh-indexer/config/config.sh +++ b/wazuh-indexer/config/config.sh @@ -14,14 +14,15 @@ export LIB_DIR=/var/lib/${NAME} export PID_DIR=/run/${NAME} export INSTALLATION_DIR=/usr/share/${NAME} export BASE_DIR=${NAME}-* -export INDEXER_FILE=wazuh-indexer-base-linux-x64.tar.gz +export INDEXER_FILE=wazuh-indexer-base.tar.xz +export BASE_FILE=wazuh-indexer-base-4.3.0-linux-x64.tar.xz export REPO_DIR=/unattended_installer rm -rf ${INSTALLATION_DIR}/ -curl -o ${INDEXER_FILE} https://s3.amazonaws.com/warehouse.wazuh.com/indexer/${INDEXER_FILE} -tar -zvxf ${INDEXER_FILE} +curl -o ${INDEXER_FILE} https://packages-dev.wazuh.com/stack/indexer/base/${BASE_FILE} +tar -xf ${INDEXER_FILE} # copy to target mkdir -p ${TARGET_DIR}${INSTALLATION_DIR} @@ -47,8 +48,10 @@ cp -pr ${BASE_DIR}/* ${TARGET_DIR}${INSTALLATION_DIR} # Copy the security tools cp ${REPO_DIR}/install_functions/wazuh-cert-tool.sh ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/ cp ${REPO_DIR}/install_functions/wazuh-passwords-tool.sh ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/ -cp ${REPO_DIR}/config/opensearch/certificate/config_aio.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/config.yml +#cp ${REPO_DIR}/config/indexer/certificate/config_aio.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/config.yml # Copy Wazuh's config files for the security plugin -cp -pr ${REPO_DIR}/config/opensearch/roles/roles_mapping.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ -cp -pr ${REPO_DIR}/config/opensearch/roles/roles.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ -cp -pr ${REPO_DIR}/config/opensearch/roles/internal_users.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ +cp -pr ${REPO_DIR}/config/indexer/roles/roles_mapping.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ +cp -pr ${REPO_DIR}/config/indexer/roles/roles.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ +cp -pr ${REPO_DIR}/config/indexer/roles/internal_users.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ +# Copy Wazuh indexer certificates +cp -R ${REPO_DIR}/install_functions/certs ${TARGET_DIR}${CONFIG_DIR} diff --git a/wazuh-indexer/config/config.yml b/wazuh-indexer/config/config.yml new file mode 100644 index 00000000..b3f56cea --- /dev/null +++ b/wazuh-indexer/config/config.yml @@ -0,0 +1,5 @@ +nodes: + # Wazuh indexer server nodes + indexer: + name: demo.indexer + ip: demo.indexer \ No newline at end of file diff --git a/wazuh-indexer/config/opensearch.yml b/wazuh-indexer/config/opensearch.yml index 9793012d..1ef919cc 100644 --- a/wazuh-indexer/config/opensearch.yml +++ b/wazuh-indexer/config/opensearch.yml @@ -6,31 +6,24 @@ path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer discovery.type: single-node compatibility.override_main_response_version: true -############################################################################### -# # -# WARNING: Insecure demo certificates set up in this file. # -# Please change on production cluster! # -# # -############################################################################### -plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/demo-indexer.pem -plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/demo-indexer-key.pem +plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/demo.indexer.pem +plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/demo.indexer-key.pem plugins.security.ssl.http.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem -plugins.security.ssl.transport.pemcert_filepath: /etc/wazuh-indexer/certs/demo-indexer.pem -plugins.security.ssl.transport.pemkey_filepath: /etc/wazuh-indexer/certs/demo-indexer-key.pem +plugins.security.ssl.transport.pemcert_filepath: /etc/wazuh-indexer/certs/demo.indexer.pem +plugins.security.ssl.transport.pemkey_filepath: /etc/wazuh-indexer/certs/demo.indexer-key.pem plugins.security.ssl.transport.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem plugins.security.ssl.http.enabled: true plugins.security.ssl.transport.enforce_hostname_verification: false plugins.security.ssl.transport.resolve_hostname: false plugins.security.audit.type: internal_opensearch plugins.security.authcz.admin_dn: -- "CN=admin,OU=Demo,O=Wazuh,L=California,C=US" +- "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US" plugins.security.check_snapshot_restore_write_privileges: true plugins.security.enable_snapshot_restore_privilege: true plugins.security.nodes_dn: -- "CN=demo-indexer,OU=Demo,O=Wazuh,L=California,C=US" +- "CN=demo.indexer,OU=Wazuh,O=Wazuh,L=California,C=US" plugins.security.restapi.roles_enabled: - "all_access" - "security_rest_api_access" plugins.security.system_indices.enabled: true -plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opensearch-observability", ".opendistro-asynchronous-search-response*", ".replication-metadata-store"] - +plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opensearch-observability", ".opendistro-asynchronous-search-response*", ".replication-metadata-store"] \ No newline at end of file diff --git a/wazuh-indexer/config/unattended_installer.tar.gz b/wazuh-indexer/config/unattended_installer.tar.gz index e3b05292cc06a0d9c7a55602dc9e47e5fceb71dc..0a2de7fdb283502c7b8f2917f9cb068a7a03ad05 100644 GIT binary patch literal 9234 zcmV+tB<OjSQRQ+tSRMxo_~FCNS@N&f>YEw)H@0gVcS!B#hns)?pUdC%Y#Qv82)Rps zH@`%E;(#uEralR%KZZZ79;!t#wj{(ghjfQkmFuj)8SRi?M3XWrcScWG&0V!|Llm** zbYKRdV+GXot^S-&8wENk^k?Y4OU?tzezn8P5hb2GxFi!N?31DAQxf(~7s{yUJTzUi zM}6ow!QX8TEKoy7XJ-?w>+%b)$*9-5<(<1Xh2F7W>vjm<_z{+kbL_3!@Qw|L6sa_KHPbiosH0@8H` zltke51P@5Zv@Sp~nAnNw+NAFVVL&W!m^zf89#ETv9yuOSm+Uz~=zHXhT9NOBmxT4I z0OS+u51k-zJQtvQK5K3B#sV^UVO-xL9{@V8=nD!~Dz%3+G|`da?vKH$gbEr^%saNx zM*|Eyq)`Htd$j9-M|bH(zQ7@RkUoeIT40l*m#!<7K=s?EWzm4Sdp>2ppS?r6<{&`F zO7Nr2x?z(tF-&{txJU>%o0jj4LPmx0${fMKunrlN05(b`Z{oJuywW3KycfXl=K;3{ z18+jQ(O^J0L`d+w%>}3~d9l};3 zVHDpqqydF~loc;;%^O2!!4`)zLfgCV*fw=%QAOT=#5Ood#e1IXvA*W;6P)7hJj8^q zy!>yBEU64y68>%r`R{&;um6r4qCFWfX$8wT01MXtjg6fDx4FIjJ^u4e9=`s+#>F50 zkIROXGn=QxHbb)mR)RI6qz_918JmNMVsn#pEdO#8@?!K6gm=)RF7?e2RwEW_84aSI z<5ok@8w6EsTM7F4#a$w1`c-IkPmvmAmUmVL%epkDh!?P|G|ZKHW95ytyVvVCj`l8U z+b^CU)%;J-JFhA&d$a!Mo73vsXD_VY!Kilr+zqx~>|GAWmCEbm=Z4PwE#Vh1y0~8; zRxZ^D=ZV~GS-n=c@p*FmyJ@$!g00Tr7-cf&eOoM&T+t{G*LjTXkQSGgN zzHv~|5~-m>MV%(c_wuB?cyac}QTMes`LcZ;ZH3_qfewAuAf0iVaz@ zF+(_#0g@rAO?eEXEo+aZyS2_Tk@Bh{7 z8xOPbpN-n~_xR5@d9)Fhna5l?YYMw9xU~d-?_*nL*>!+L1+EFcEES;duZmwLj+dgIhDle^ z2>Lq~9uuf^rRxN3zzo=YDB7rPC8D#UnPhgtYn(8o<$6OCtj`_|DWeG{8oqfxpJl+= zXn?xG+uhPEv#Sy-ESz1hfJl@cQrnm4Q*l+&u!au2pV{$-bJm{DwPc02yHhGE>@SpI}sM*xp5YPqlHy*#}x z-{*%6_5gqw{JlGn00}1lUVuot4jtG@sa8@VppGy?>Y8q-p)eEwn{68?Tf6dFN{Pe;N0GkT&(5B~qVf!BIukTO?`Iz1Vj=KKspNFY z`}d^$g%~Se2VM_TW~T=E`0+6UaM`ki%NIKj5%o=@IyU_({K`xuK98W>D0Q8ZO*>Jq zjde}q$rF-*CyggR)(wW4lwCl)W_d&0J&^L4Tt>rnz^|YWE(3O7sA)i*QKAEV$1j&7 zSS)Au<<+yho1?G{4%p28qMnVcBrSEKVpk6F{)AESA#wXUC2qEfa1w@G}5HN z3X?o1$sP3Tm36 zDw&JD|D779N<+$?4|kzj=~OBab)rftxW#&;(V=OMTKRV##pJKQ=9)vDy5UOEp|DD+ z+NL3raoHQ#&6TyDPe;U%r0y7`N<*tE0mUy&!0Ra>zS%TL>>9w1Pmcn~lJC{(if>NS z?J&mx+N_}luQL5ih#{5x#sh^o0=gVaZMtf#Pf<~4(z~9vcQQ5`N8tAiE`*9>jds=^FaN9K;Mkgm*yFjr?XJ+-PcO}R+a zx;T`wMpr50CIM~I%@TG4{k)v$^Xm@?A6gO&%96McoXe_B$5j_^75zn+cBCxvx>)6A z;1+&jG4#AK7!K>g?9o7rPZl~qEx;^2%wnjaH6MAoyzJPsCc6mtbLO}(^JUK~@?D2` z2HR!R>vLR(RLk(i1HKBg^CoghRgVE&k?C3j<|=#g;f8B7UyHmj_q7a234!l*=eo0B z7A{m@iux$9>Fr@u8tfh^gZbPwUDpeNBG`7OK2h=@_X!Nx96pmO?YTV9?=lGKu#y;E z`q>Fd{qYq%cg@ObnIk$(mQ;4lC8)@p!AcMeDxq(>0UlIUplRr1$lbQgppC2;nIR@# zs|$?uewEctv;K0tS4OBA1Fm=Yg6lGS$*j$4)PuWW*o1uK{!FUof?j3=A}QjjX}7SQ z#S-?^DzP9cuiCZo)bqmJlDL048ki*e&k|A$OqUnv_(tH zIXHF+EvfJX--cpn;;|Z&n6XPuHUc`v0UbdYH0xRZuuW)ort-!GrWPjG_M90sk4#LQ;kqN0iA& z%6<5Gcrw*7OQ_#}8{~&(p{YWJtiU~w1~$_Vm@ZuI_Dm(wX~9Wa_z8@ZM#;N_2VmBh zjt^#0@<4D}^>{E&ndDapD!K>+3_r%rucImAG9>DTkqJB*a)B<7$?vVxqr;=;>p7E5 z6j9C$ZDnPOoRw^5DVruN4R*!IbyQ`VF+B3&%>1djh6W6OOpSGgX)c{9nv=9Vk~^c) zD5#6G+Igl>lL6ekbd-qBJh>E-$(7`hm4zaQxtz`MHEY3T{oI)RthH&*d;>Sc_J*;9 zl;OxCkkBuL`J<6&9QpvoBCYZ}v;3u2egv%UV{`J8nOZuZ8#B$%45tB~lh)bUO|VQAfta}nTAjEtXJ;=IH_2Nae-$3%6Ppq! zo2R|#|0f#ExY=A2cdk=6p5vRo@l{%RTQz$DRJr*{l8ckVCC}n7><02E6S|K(26^%X zn*yvhKTgcFlArODP9yA4rno>X?3M(^)Wv0PckWT9SsWhFf#TgU=qPI={qv~xYClsX z31YUG;wTVh4Rno^$t#x0qZ}~H4+Mz=W*+f3=Hfhidvttqc6e4C@B8DE*N4YPXCLPS z-rGOhJw0SiXTUC-58$6NcSp+N7PO|Fe0EvGfMp`$)>J)9XBw3-0*_cnzT<}MlMF-L z%))jBrqBXz#H2-xGzRq-{P)QM+72-}5Y(7|0)p{N9H%oFlfD-y(|Y2-5YP!^BZApX z7C`TU4M@6+`+4}ar;x*vvxu0|P=Xc~9qWjVHHQ9+d|PtNbP`keAl?49=P51ySBF-ZYoqbMwjz00t(@1MmA#LOaw zUly@L&g^u$3|ccR0aXsfHrwGrDF$}|%ze}1Uw1$+4jJ4x$5ec!&GUz5SWpkuhp#q^ z+u_4koI=J!KFMk`a}Lg8e-HRyE=x0TRXIGDW+XNS3=o^YSqF@X2h+`Mj2y<_oGCzS zpQ%b8mc&9@s%a>GGLI*>)*jIiKl6Lw1w6=wO%G3Gkg?qNiQ)1l75u8!PJ!?tcU6uK zn(3Y*5D35x3>Q?ZD@O<51+c=qEHxMPjs;$w5$7WN)?7&au4&PDkMLeZ8=C)1+Lin5 zeCRLkA`!I}Uxkeg;Fp0nn_xn0pU15+3@f_fmWv+>vPF@sY))692qrrCzEzmKbxqV- z(9|SGt-}77-@V|-2cBgPkR9>vNR@};-NwRjy$Mi^S3k&4tM}~cyw#Jptin!LaX%+7!wfZHjHlpR-Hv)h{VQJpg_GP?u|{2hXo z!1bJyZIo%o%a@O!cmMSC_;e@lo#PYqoh~Y@uI}+;4X(+2Tw?QlQ`qeO40LHe>me?W zZ5A>`$~S`Q{tO<{AOPpN$@Sp6h-hG1+O3wNmHdb&8QxSRGpr?P2$@PXLjkMyU6cbq z6k5-k2qoV^mDj9zxHzL1Y+%8%kW%o;m9)uZJEU&X)$TBrF-Xc3lD!lHmz+(grebJ1 zt~Pd3a3(AK&rfL4C^Myv^4R#xNSvm;s)!oOIj_;kSxS;o5Tk4|Ov+{_k1P(%UI$Oa z@UZlmJO&nqYOZ{3O!Wu~mgbO-7*gpQXb>kMs~g8{amIqvtidaT{I`JjBF2kO`V7=i zbqlDw3^h(F9jlqUcMDj19BsW__ZU?-U^qb(xEV{1= zTdP$$gf|EJ%Z#z)6*;cBajnvTz-an8yBMUF#yJzqNSd?1htmEwyH=qIhOnkpo{Ry$R6aftds)Wf-U|+=**S=(iG(^LWNKH) z$$+9yj~PcSMU6);S$u`X3q_>a!U$N{FNa<#W;`c5X$eMPly?p@(C=Ho3<*Ipq^JZi z_Izce*!!vyK*Y;S;UbX&04OSntjfl-P01C5BFpoAYK3ud@8pX`RzI}XSfKVpaGwQX z;qQmZPw;OXUxoMg@qusqL-`}tuK)Dm-KskE*OQH?NWB#3raVusUMTq|9ZJO%F?TiO z!Dy2RfHERoDjkZ1x@@p|r*tkp&cNf!OgbesWE|h^VD=*2T0OW;by6$h-CL>jUx`Rk zb0fep@H1h-aSmU#mon1G&)-N8b%M}eBP)#ur2c>msM`zsYb%X)vQDNV))(;9N)cF= zpp{z@R|g+!ia5z$`I?Mjx*pdi$YqPTWV)UUNG$Z;Q`t65ZPk+tJWP&>cz<8bl1gnGC{_CZGfr2DM<>@);zWRW0nh{CAlxEH7dlR~)s@6YSv*KSl zWlHH$rWIn8QbGA^dx=J=9MYs=Ha@Cz6f#aikXo(EPhrvKUu(ZoR-=50zwe#9#+#%z zax}?rqda@@s-+gM+IqRJtd5d@d?@SLA**-ga!LJni+U=VJ9jdD!{XOom{V6Lrr(Q( z)cwEquJyTX8;O6u{uQXI8%eGyzmiPrT5WuaGv~Qn;;AQJ&T=%2MA^Jblp;!Y+}Qv7 z?Jht7BmqA3NZUCgGZ~q9Ef%}L0$BWz_U}(lKQk&cYWo>;KC#+|9@{zSvGxwXQ8KL8 z5+rdibRIicjM>ojCey%~djvXY@WeJ{678S^ymlyBW68Uc>mwBW;VJIQO*N)`^2EVz zlU~hr7U*aJ%|R&sF|PkwG^|Dam@%Fu^4T;~b%xsROdZ=K{VRE61pTRdm9!+u>`DZ; zv-Be^LomKQ+@sS})iYIRtlAkc6MPn|oezMq8h>#g#NH9f)Kzb++Z&0CZ|gS4))bqU zx`Ew9Yn#E+JsS7KQ`lgDErVg93w@~>HL=}fzoGO725I!u*4+R@F=L0ZYf6KB%!-|j zOwabKPJhT1rs($4V7Qsqt#Q4HZd2vmamrHv)E!ePg)~`{V_~f84T7e+V?JTde3UB{ zNlNwYy7-zS2xvyo zJb5RBW z+rm;d(ul>W=Wi&r2jN_rM))me>Sp8%=i`;~A=g&OC=WdySbxmu>@-nG8XW?!cwJt; zk*?!PV00u+vX;Yf%X$z)CNbKnqCB!xAAzHCXTJ@?A7HT`pbG)JIQutMq5eQ4x=?j6 zoy~rOl7cCJt=zdgU>E;5b1wgRdf*(rI=jrL-89^%DV}?u@Vw$a+Oo(gFSAyf7M+jo zVsOixaQX4Stg+YayuaLg)9JcnAJ`E1?%ul&Syg-Q-isgIw;jsf$fx%6^Zg%T<>Ees z?C8bwedZAP8C>Ngbx%zR5I4ygxV&B6Q%n1!R2U7ZxH}mvwtS$=32)uQ=Pz=&lGzV~ zTQCXPvuDq&`FC>X?MV8&O7OXvwdCj=N(&&0{mg2Hs_66vbJf_%iNns`y_PC>MM9!3 zdw>Bv0g>#$WUR(5Z{#k=i~dJ{5kd@VODb+Mgc!~-73bqqoi|G|WBX)acCfmBIzr|_ zA?SObVF^f2Wykqkm>!U{PPX`sU%c>eg~gPMAet~sZZUv@M%B< zY8>MfX-spMi`yygCH~8MI3Iceb`(rgAXWZw*AK&`=3fe(;}5#fw8h+|3-v(V>GA8+ zHe$hTaM)PqCp0vp3FUL?k|NHvO;qFuG`+AMF(wl|Y3X>~_fzzr-kkjI? z2GUrD*Q@ZG@{HqT1D^`gZIF0hy$C$%Llk=qB{} z1zlIh$EBxp<}z%G)wRGh$D9j~7;SSU;Q~?r@}1bB?FZAL#|H}ZDq+se!VcfY+oJ>T z;f_WOJu|kY)2_wcrlh-*x$?B{Q{JqpZ8hskdK5e$nbC@aa*Bow4^9Ax%A;r(4U^Vr(mKY5Jh6Gz5 z3bKeQFd$@Q&mR`Db8m5Q$S3>j4-uI(@Og_dWJ8&hV5dR<7L zZ3L{Q%f`|oJx)Y!U59PN6wqH=)_mQy=iH*+W|RB%b=FExzP{%0Z>v*#uE4B17$7h? zFweAQnyJyqeO-+sEjDNgmy#8ACDzM1X{Zb1+mCXSG1_&EZACURx@hBgl4*Ygi6<#= z;fTKo12>8vUW=n)K8PZE9CT{1SQBQ_K+dLNCQ~?lNw_kW2wkqjW?;U&_R7i!E&{U& zp;)zgk$ois%D@8hbD1zgy+H?o!YGpWL#im@G_-1qbLQw`6!{uOVmY!NJ(i_^F=|4M z8g6H;M@+_Q#Dt7zfLAK?=!3SkQ|{4+*vX-OnjhOp92&+@tCyjq<@Iztq+3j>tnL^+ zG#v~qBT|ld8TeQ$@s?bd4LzG^QEdB*Ke=GoG_!gdZWGLkLrfV4 zIs?=crCJAPYQSqVjBLj0)~RX}us``wU;4@PI@I0|siMq*(7+*?a;>_3t#0FxXQ)}E zTdUqstJgHR8LH*UR->nhYlacB<@?c^S&M{N@p6+ON!`%rLW; zAuQ&5o<*B+?xm-nL7t#;K7}Y_2ugT zmZGz{H}XF#U_Aac>@=>fj>DNd@Q$yqcN$vMJw(Za*?v536h>#gFCQ0k_L4Pv`$x|r zNDXgDW?e0O{LpLG!(Qw7v3KxTW4&1aI(iED|Gw9%hsX8ss#j}V_nPgUUWT|N~{BPPGB8*HTs~ncc^B8JKTA=;)$*y zRb7k2&ATS;-cc&(2+$Gu@UtisJ`6nqJ{P52KRxN{)QqY;YC)d;$mLU2-Ko`n618;p ze`5X#FBg7&|2?FJ1kJmk)r?ASHEaD^D-KOTx4=iu+TTO`*XhBJUac44scxgrWu;Nu zy$f~;-UKL7&Eo|8PO}H+(V`z-Q|k0NQ>V!?i-?>eX#b}#^P`K&BPmWJ+)KxG_VyYr zma5*iZ(fdwL@5SR(kUzinKtLj5u=r0AS50uiOA{|f3{+u_%mCN__N~uQM&qg8EGPt z@x^+gG#M&?ngl)0)&~YwpnL0jq8XKvBcD;SG;Pbk|Fo2Hsl1geo)TzL&shWi^#TN~ z4-tFSS&HxY4gR$f4_ZNa-{}?cqG&?2dW6Vfj%AK>ua>hhhd`4SB$h)+SYbPFq)W1a zgu=oEJowoN3uHk?2FTd8nh&LvZhT4xG7rtSAqm+PmSsrHdf%K-SkCpgBN|zit(lVpE1!aJ)A7A)yH^>k!Y zak>C~eo>+^x^sbTqBi>%02{uI95;RC;p+@J~vnbHsB5SvFD+A9P(yLhr;v=7%L!rgj_flGr zBlyLeG~QH`=$ z48y%?&Mr6BXL`%OowB%V82S4UTvI!-my+oi|7QZks6rL0P=zW~p$b)~LKUh|g(_5` o3RS2=6{=8$Dpa8gRj5K0s!)Y0RG|u0_=|=A0R*>>xB&0~0D~nz1ONa4 literal 8865 zcmV;SB3|7eiwFP!000001MEF}U)#pA`Sr zZl4A`>+5Uyx4FL7NdA@2gXU^;eZAFcJzjkTV#wPWs6Bf3c zRsRotLY4eY*Xi25J5z)C<^OnfwRJE5Z}Ci%zdNFiPYuuPf0-)GE&o zls^nUu)DTt1ay8~m|y-YjkT3~`G1S&7V_t{ZNqkJm%~8`94O$&k5>!j-&$SE$baqe z`sxGH`0As7@c&-^j%!hWqe2KB7=B=zT;5nfh+_=tM!JHP+oKKAY^~QC@Lv;3CdO6R zZ~N36Q_oL!?b-v{p+=zWbzyf5$4EBkC5py>HIx3uPs#c3xdZCo)(e>5{x{c~_x}Gk zdFGNo`?ozbMkCwll{EejX4?N&3!MFo{co+W-`oFh@#wl<`JNm&BjyqD4Tp3nK_#FT30!gnT0(YgKk!^~O3l!-gG<7C)d2D_^@g_Z z+pYu9U5~Z4cw+(CqlD{Q=m9|65q&|sDwXz-25gB4E=RCHXsk-;p9aOk6~T1}Fl>-k z1yJtLuI*5A>4u)bA$pKLh!9#}lcAfgt5iVs+lFaUpDke?W$T#*iYEfVTz%cS5@1 zU_dxT2HznJB3nf*GO#ZwNR!JEiva7u?SY#6{qiG|J)kpRmfHxfe1F~v`)HYAac@D^ zLc7fJ`>(Q7|+!0Cx z3cN5YUf!BFhR%X5HfMygci*-w>J(8$-hae4I7!8Op6ijm=I|4o;_W=dn6AA1?~E*| z3`!FIY76=Ae&$;LZ6`pJGGGGpOFIBF*8i22od37Bit(TO_5bTXeEolei$DAimklXo zHcyFV1V#s}1ZzY|AC?3%HU=TZ<_77Q-sLFZ#pojl@1RE=>KOs7MiV>elhGjT*-kxh z-GN`nwl%+>U)&{Prd*{~_Y|pqW_f32u&hgSig*D_wPjSBt?FBId#BfL9qwE-)?e-& zHoQ-Jo!7N3Yqj~u+mrgc7cb4;{-|-b=lE+ccP@wHTJ6ozo~AN?bNB^}F76kIl`Cn4 z^F*$0nZ2!G<@4m|H^bUm^Vd3qSC8p<<;l_SJBR(@5%qUncV&g12i_m8!^S)BY-PWu zBvL^~5_Os!&&`wa^5yC8hut^sd)r#+#Wd|MBv)uy6@tLCJ7GXYY$5vH1oD_JHnns`OIEZp6)Uo0r9e26 z0g@p}$0^N_uzA`)Ssko~&res*#%oWGjn?H_tr`9row4|etH$r{ z+b4dnf7&X~kl6oH(kZJ+-UCXLY0%Y6b8;b6S~jcL8JHX_~mZT+G}okzr5XT9KHVh)_&0ql@qm$ zGnJSSzP`rXTK4 z?6)V*sUI|JgX4qN>qc$w_!bpkfgv&}#_T)vAQ<0bR@TxW1e#x|Y6KYnNo>?;GUD)S00 zFfbk0@GNL0qx@pCj7vlt`zp4U!snD`fSl}}z9C!32Qv17w4xgd#IQ(|;rn*aA^wP( zcvdBdi~}WR-*9?7HWI<~X%N^>4_#l+4SRi7D-qQyu?d2aw~djl3=v6cS$M`5cmW|} z$Ix|bSV;UwxYz(L#ugq?Ghng>eue!3A~-V&5r9mB+$GYpDBc$eyDhji2Y;8bEejW_0E-G-5XYuh4QoqvnThKs&B`;a42__H|S_0$(3M!EAoV?ThF~Rf)*Ys7O4RJ5Z8o#F@aX zfX*|VaAeKd!=eK^Uyo9gI4hAN6=A-XJ8=ds{5YW_7nekj|K;wzgL?Z_v__z*OEe{w zC)ceMLu9WZc;t0C;`#W(3i-QkVNB6x6Fp+rS7lO+aK7;-`rVSfe-EjkL6CAtn*+)I zuVM@oY%FUP6kW@j2Sr!cX#rnQw0VoK zqlpSc-^OX#zyqB+8aLtJsW&mqY_j;LrDR*=Q!5zub^L1u!??RK{{gj%03KXaa$n7R zd3dca^D_o(06;YU-W^DQgbcx#29b1aIGS^*?3|-6aUP2KGL3KSwClE7aG~$oF!!xqS zl28WZIP45;6FR>F2grdnU{M@ukk%47H)MqMejhxY&L!*o;`9Y9EiaI!Q$Z8-e>x z76`Agya3FV-PG!1!>hxu%nacZ1j@CFMLS`yjTM{PvuC7wE&AS&*0Ud)TE*^?_e6Jy zR$VmRA#MtYJ|>spa7iN{pCUmHTkQNxzm119n;O(<6*^FNyt*908d%tuS7V-KAp~O- z=-^rvf)Mo#M%S)XxUL+FkuNThYu17N6JxmM&A_bOqyaNm0c2`p?k}|aE>gJn|NHSq zi`rPOfGM8@?9?3ONS#xa$BBG`52Q64Wy&kkO@dhY#)%elCANtfY;t0dKmVL+Fjd+o zZ`q|3uZRooz}l=X_B=Wwnk0KeBXt^>bqOeXVX|II0r8AYF#J(ZqNz~;S@OMJuX@H! zx*aALK$}HW<^`szF)^gJtUXE)M-~JuEV)_GmTpjI3+Y`-W1?o?Wy}POz?Wy!Mw&KZ zc;at(!6|3}_zgspO|_(urErsiWpY(2Q9`2o2YVqS}R+3rXF`jjNPi&*{pqrPIt9q#c@j`2Y;Z_nAf`3`J=(z6Sb)i2AlYbmh1D7iW zOSXWug%4{X^n*&)?t^JZZwp`Zy5^9v!jl7N{<8{4S)l`^vu-GRl?zsSzy>6zQW=yzpS z^0bsz*^=y0>9WE%_;O9=Ky%ub#WklE-x6w}1}9i?RcZrvHQkxIDr*}CZm)-DCa{JR z9Xx#)wBx1l5IOcQL8}-Hx@P!-z9W0d_>agcDLA%y zVok_L?qjEFF6bqzDToK)Vbd12Gg$^{vMLeb5U)v(?!F(LVjs`NMq%l)@ zSR9n!KOsZl3*MabLI-1#9>6Zp7-kA24QH^oh-pZL(RgqKLugNl<)(Ek5jsJOz_%<) z)dI|Z;BPjwj9@X5+%#m3OH3O~>+acO>WE8*F6DEF0VoemQfl23SC|&-8cOHt>Vimbo^W(tsOjuo0xIsBGRd; z;vf*P!g!WaEXdi)Auh-g9d$1iqfG2Ee%m@ZJUHA-n_@nSA2%1P*Nm8(r39@GRkPzb z&4c*vuAD2$6{-{?V-9^yj!fmoOl4LnG^&>zKFeh`V2QG7TGk*&%FGoyQpV}5%`sM3 zG+CTFK*=h%j1`tuY*=$GcNmE!9)c_Zsr*csHyVnzfk$-9BwPBqp7R#N zuXi&=k_u+SC=yPpjU}R!*DMVwaX2nNZX`AX{QN?jitqH@;nDHw!D%_1?~jh(92^~< zew+?;XZLjbYTS0V#|!I<=2KQSREHVgqh6gDE5 ziDU-!F3jJ!ySP}0U#SW>EID0>A#EKfUD>gY*jOXzKg+i{$4n;?g^!|b1iKQ+zP;hH z%k99~vSgWDJJ6y0*>l4HR0K_hp7;c4c?uZ-OejH8xyebuDM`^qL=if*MMR;;dsl=J zfTh*SQ8#APfeG$_uFb%I+Q%$gL}|Li5#}|@{U7}dE)SCw5H<>fve>%}JNs^1q(ICF z;!b@QJLJqxr}>~I!xB(sU+mIs9?4*EXTaPwO#W30w)_Eu`^K1xugkgK&Y9bf3rRm6A$LeTX>&3`c_T} zTKh~@`mhw1(o#i3@soKia%nxJ0nl}^@A`>g$icCUM(KTzXbx{v!>@pClnXL(cjRz? zGu>IliU7Wb8`*ljdblrkWRc7KUhHu()Y)KPkZmZ!KL}#rn#KU(rX2EwPZy8KaVIb& zyzoJOTzF{J9}epe-;sy=8xLP^JUkU)N)y&=Qf=aNiSTGT)zWV0kf%}Yo}3(=Y@|0A zL+bnBR>0s|>58XM696Y_fMOGL3y{l7cn60sjtYS_mB6TPn6b)KfoY`5pur#B6+HET zQt&|%iExbTL&J8E-Gt;K-OXstZTM!5W4T<<$fn^FhrLfvTd{Enq#Cd-vfNGn1vD3l4yC6lsd4KxqC zfN&Y;yaV|1z4RdFaf6;wT0Es$g7s6^|ASoKKDknJ%TxOM;nQRF1d9^(`&B>j{!59N$io|LZrpAt9< zK%tGzf=j|m@3Uefm^chgw2cqT66P{_MM+Zz};rJiin! zVkrQCa+2U$E3`G5X^E@}C^B8oqh=6AEsn2DvhZPRkwu<9_{%J+1b;tFeuRIcfDydE zj}D>QAM}q{yY%CS^92&k`lWa`E0T-^vKyW!(wy&5iA9DmVZvDmcx=re0-y}ARVoJ} zp(Go7+o+t0OY%HS#*Tj~$p~1KY0vCLx^?orDb*=i5g$2L{u9e0H7R@?13$_V{FWy| zf@M)27(YxPe%SE?Z;@16k4WZguVnX)DWup1)zGd_q@cRY?FhKkOLjD}REa=9yepX8xn znx5Ptt{;wYqeQJu`SF4HDSHqcThnavQi23!h{<#b%ZjpE9?=^5lz8DWspw zJ-Ae+MZ{3d!jxbz4O4uMAmy~qmGhUCw<4`7%bB7ytIQzO*WJ3d{51RK;!?Uaq5Mmg zzk!0}Zw6*KF(n%?Jyez`km{O`8RXdz^-8Ihy60W!R#LV8{+bp2$|;jHu-CBwP}FgQ zq?Nr+^E}-!8%IsJtC_{$Ppw1xb6Ae~=df>;t|VW?2b2{zC*zzYjwb%C>005^)JQE& zjU~OASoxxLiLXhKvy;55q)IAU95LDcNhl-XzaPkQ^8=|Z^L%Bix|CNBp7_Wcn883^ zh$7Wy%@>!V6q$t)+IbVQs@Ki`-lUTY8NQiGS-AxC)XK=g3P|bOTM6%ZI+O6jSj8M- zZZkHiS@mi&X45~KHzdQJ&tjaO38Rb#iyP@;o}}CUdl)01*_)v(c?@EWz#d7?ApV6T z4;H@ADR+rLnzzhueoB7yE7!0vLob;<;tR9sr;?=2*_XDL@5ESsqeN@dx*KZ$PMO%- zkv6d}T(bO=}Q-49j_V;Av3g>#-9N_F9bliusP z{QsGT#9ubRTQ&=cfaJo0nk$n;_N`3!A}9aX-u3^cu_N)HuYZM)$7!Jn1VUQ9mxjCM zDA7f)mqZsuCtb)xTUeUC2MfnS(zMC{elugQ*WUGhg;dp3sFcF4zs%U<@z^u|*qJ%A zPy7Zsj^3z+zMzqray%S^+Y(L*Llbxo0^ZrnhX8Y$6dT8yr*Z8!mRGRvuCk5 zzXqKrBQsd_{mU)Pf5cBA{5PE2ib228CmsK-^QO~^-v4{h>Ac+k@?Aa={I?5% z$_83Y#x|2V5pJ~miax>#nuEIuk)eY#iBNF+e?%xa#aWE;`UsGE8=2SSb3{BDyGtI^ zU&HN)DHw(5rh!GhKqwIx?{IiIwM=m>6G1}}@S1uCR)&A*wn7q4T{w~nqYg{sh8?~z zuYEmRF5UA z2@-Mf5=UZ08eVLW;#Yp=AKzK8UIiMCji!$6p>s&t8`4Z;y(jqnFU^s^lqNAg)0Qo1 z8U5w7Tt<|EGC8G_umQ`+1^F5yrQlQ_HU|a{;6abe%a75$qpuOXK)NQ(pBgqpgy}&` zqTsYV6sRAQk1bI`%TcFEDeWaL_q)aA%H|K|1L^M<^MSt0z~xYg1m;=#Hfzk+tDHi) z-#Yj?S-yjE7r&4EpJ5^Gp<9z(^#4g!gg?+=%~c)fz{T%Sk~ilU**5Ol?BehJ#^pbb z+l|hL{$)1prm+;KcSdp9BJ3oylw(D&g??Dcdt{N%2Dc!P2tdp8@y8_sO_ z&czGZKCj6v8ItAD#p;If7cvj_-_ZF2c0B>1Lx#J~5c25jJEGiNQpidVGGATFpC938 zC}Z;RIXwQih$RqDuHX^MU0Bi?JQ-@#QC1^IBt zyRPrAm7q50D0kEYPFG8t4j%%M$A>4!A20hd4P?9`Mc0KU{p`ZrbLoDD#m{=_>_R_z z|8f@Vu}hM$i;4T*$X(omAqiFQ(lyxX6Im<{KWDT$p03V#*Sxo(Bautrz@~f`@_BmE zY-7W?i&uX_nUXeO1RXDIK19Q#Uskm(An%f8wXPiDQQ_`Vq?^ed8=ubch`jq1>8!e7 zmEW#gjbCoQwRbyDgJ$;ks+byG|HIj(1OVFCOSBtbj~oBNJmJ>{=6~CMQeM{nb_hlD z-#6d(cc1Dz)e5V}ch!)7ldsp%x?wM1>xy4ibw6+WmT6&uIRn2s2n;o?b9}JYM2Wp|Gg58E{Z(DlBu;RDn=4 zPcGUbMO`$9vx`b*h*N`$O?`!<=57XC?Oh%m9~^wbd|DJNM#v@WCXINO7Pct}+T{7GVOxaa;!&UO%S} zNTVi)4oJ(Mtpn0?Ka&o~Ci(m8fK-~YbwG}GETaRGhbMn;9;AFTu;>sKTZl@wTw_z* zc)szVjF-blqx$?ghoQ0l9OKWJFMHr6WP7F&mqO(CA8KY|vd36jlReu6n=TexoLLcf z6Phrx1DP>qF_US;8U_ZJl9Izi>*$O$)RFo&Ua(mgY~E=*dR9tTMOtce#H+Z+SE61C z1RH8z1gx3p?m^*q)U*^3YY?0WL)yL*hY^mGp|Ng4vymli z1ILD=%NTT+0cD0#Z31O8;{=qt$UTnP9RYlHGY>IYgv4y^6iNbzU1@4!vAt=OCGNB*Q6roav6Q@yU+Wku= zEO9C?LRT34oJLrD$0M06gB_JZkTxeO!!5r^WlDekzR%SUIoc!)3zM_CYECWeCCvE` z_H3%IK}WEpTr8c5`z1iW;?Ml9b$xy4FQBT!o151byN3tTuQ|jg6F+c{zJFXT*?VRU zTAhR7h`Tc;E3M)`{x+yp{XzZkanOFOuz}Wx4K)S)y&u%8{$bU>9#pKGL9O|EP^Yi( zx(fNL6MwLee>#tgyhZU+j0Iqv)gu)`H&vd%3ub)_Mb<-KKI_WEjP3f~eyHs4aOdEf zC%S=DRplK9o7U(gFr|V9$Fl-1T}FxN;Q_xZJ}Bkp=}8?bwV=vQ9rCn-u%)o-Zl&^0 z)Y5IeW9|_z7ryQ6Kx#-(yYuR`p!9mJGOX0~Bja>#b5g7P#m9f$0el%$1|IrEttyuZ ztFn9N?GoGoP!h7o3wpA22@3~OGz@PNcuGaEsA1aTn;X?yD5gx$qWWGbZIYLyTVpB3 zgjau!9e)@p1H&R7Np>xNFDXTLZ_lc;7&%Fs#YM=8lwlwzo+5#q*cMk2I)cmw0+d&> z=IoAf7aMeoyGZX8cagtK3KF815GN%1K1XL1q(EeiS1n&8b%TL>45QpcAcHb8q%uer zr;K9&)VS(l7HAyLiXD}Tx*Z-VcH_^rY6}%AqLI|U;os|O>*n2PXXlCa&pt455!dJm zs>GQmBg#O+v?kgVv>~@%OgZe2A*P$4V0`0A-9!^8C-dkN**5E<%xy3ZMQzS@s{gk% z<7uT9W<3_7zpXA$@J4T&^RitY=X)zXZuTmcX4qIe znH{V_mVT-TR&vtpP9}JEZN>djICysq^Ih-r)Cp?#LU&4Dnh_wg1kJGG z{<2u+5kl6kr-G1322Z^JlP~NhPF%7mRAii-Cay6q=w|4&6ys}LNN>k jbkdC2%!!^P{O{#h`pf6#^YVH5Z2I{>Z6H%z0LTCUs=+KJ From 75cbf4561a5a917f146ae24e5e2945895a96299b Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 17 Feb 2022 11:32:11 -0300 Subject: [PATCH 039/163] fix in wazuh-indexer demo certificates --- production_cluster/wazuh_dashboard/dashboard.yml | 2 -- wazuh-dashboard/config/dashboard.yml | 2 -- 2 files changed, 4 deletions(-) diff --git a/production_cluster/wazuh_dashboard/dashboard.yml b/production_cluster/wazuh_dashboard/dashboard.yml index 8b0c332b..c231a6f3 100644 --- a/production_cluster/wazuh_dashboard/dashboard.yml +++ b/production_cluster/wazuh_dashboard/dashboard.yml @@ -2,8 +2,6 @@ server.host: 0.0.0.0 server.port: 5601 opensearch.hosts: https://wazuh1.indexer:9700 opensearch.ssl.verificationMode: certificate -opensearch.username: kibanaserver -opensearch.password: kibanaserver opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"] opensearch_security.multitenancy.enabled: false opensearch_security.readonly_mode.roles: ["kibana_read_only"] diff --git a/wazuh-dashboard/config/dashboard.yml b/wazuh-dashboard/config/dashboard.yml index 31bdf8f7..243b8f7e 100644 --- a/wazuh-dashboard/config/dashboard.yml +++ b/wazuh-dashboard/config/dashboard.yml @@ -2,8 +2,6 @@ server.host: 0.0.0.0 server.port: 5601 opensearch.hosts: https://wazuh1.indexer:9700 opensearch.ssl.verificationMode: none -opensearch.username: "kibanaserver" -opensearch.password: "kibanaserver" opensearch.requestHeadersWhitelist: [ authorization,securitytenant ] opensearch_security.multitenancy.enabled: true opensearch_security.multitenancy.tenants.preferred: ["Private", "Global"] From be152cf6b34734a7cccf56049ae220012f207abc Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 17 Feb 2022 11:34:49 -0300 Subject: [PATCH 040/163] fix in wazuh-indexer demo certificates --- wazuh-dashboard/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index c1d088c3..89eb295b 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -7,7 +7,7 @@ ARG WAZUH_VERSION=4.3.0-1 RUN apt-get update && apt install curl libcap2-bin -y #Download and install Wazuh Dashboard -RUN curl https://s3.us-west-1.amazonaws.com/packages.wazuh.com/4.x/apt/pool/main/w/wazuh-dashboard/wazuh-dashboard_${WAZUH_VERSION}_amd64.deb --output wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ +RUN curl https://packages.wazuh.com/4.x/apt/pool/main/w/wazuh-dashboard/wazuh-dashboard_${WAZUH_VERSION}_amd64.deb --output wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ dpkg -i wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ apt-get clean -y && rm -rf wazuh-dashboard_${WAZUH_VERSION}_amd64.deb From 1d0f4aa4a938c963d76f8f8d159d7493cc15ac92 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 17 Feb 2022 13:09:49 -0300 Subject: [PATCH 041/163] remove tini --- wazuh-indexer/Dockerfile | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/wazuh-indexer/Dockerfile b/wazuh-indexer/Dockerfile index 6014512b..59514c3c 100644 --- a/wazuh-indexer/Dockerfile +++ b/wazuh-indexer/Dockerfile @@ -1,18 +1,8 @@ # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) FROM ubuntu:focal AS builder -ENV tini_bin="tini-amd64" - RUN apt-get update -y && apt-get install curl openssl xz-utils -y -RUN curl --retry 8 -S -L -O https://github.com/krallin/tini/releases/download/v0.19.0/${tini_bin} -RUN curl --retry 8 -S -L -O https://github.com/krallin/tini/releases/download/v0.19.0/${tini_bin}.sha256sum -RUN sha256sum -c ${tini_bin}.sha256sum && \ - echo ${tini_bin} \ - rm ${tini_bin}.sha256sum && \ - mv ${tini_bin} /tini && \ - chmod +x /tini - COPY config/unattended_installer.tar.gz / COPY config/config.sh . @@ -60,7 +50,6 @@ COPY config/securityadmin.sh / RUN chmod 700 /entrypoint.sh && chmod 700 /securityadmin.sh COPY --from=builder --chown=1000:1000 /debian/wazuh-indexer/usr/share/wazuh-indexer /usr/share/wazuh-indexer -COPY --from=builder --chown=0:0 /tini /tini COPY --from=builder --chown=0:0 /debian/wazuh-indexer/etc/init.d/wazuh-indexer /etc/init.d/wazuh-indexer COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/systemd /usr/lib/systemd COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/sysctl.d /usr/lib/sysctl.d @@ -78,6 +67,6 @@ RUN mkdir -p /var/lib/wazuh-indexer && chown 1000:1000 /var/lib/wazuh-indexer && EXPOSE 9700 -ENTRYPOINT ["/tini", "--", "/entrypoint.sh"] +ENTRYPOINT ["/entrypoint.sh"] # Dummy overridable parameter parsed by entrypoint CMD ["opensearchwrapper"] \ No newline at end of file From 0c1654e01c7e47eb3d5768a2182135ab3f9bdac3 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 18 Feb 2022 17:01:58 -0300 Subject: [PATCH 042/163] fix various issues into PR --- .github/workflows/push.yml | 13 +- README.md | 124 +++++++++--------- docker-compose.yml | 1 - kibana/Dockerfile | 2 +- production_cluster/nginx/ssl/cert.pem | 21 +++ production_cluster/nginx/ssl/key.pem | 28 ++++ .../wazuh-indexer/opensearch.yml | 30 ----- .../wazuh_indexer_ssl_certs/admin-key.pem | 28 ++++ .../wazuh_indexer_ssl_certs/admin.pem | 19 +++ .../wazuh_indexer_ssl_certs/root-ca.key | 28 ++++ .../wazuh_indexer_ssl_certs/root-ca.pem | 20 +++ .../wazuh.dashboard-key.pem | 28 ++++ .../wazuh.dashboard.pem | 21 +++ .../wazuh.master-key.pem | 28 ++++ .../wazuh_indexer_ssl_certs/wazuh.master.pem | 21 +++ .../wazuh.worker-key.pem | 28 ++++ .../wazuh_indexer_ssl_certs/wazuh.worker.pem | 21 +++ .../wazuh1.indexer-key.pem | 28 ++++ .../wazuh1.indexer.pem | 21 +++ .../wazuh2.indexer-key.pem | 28 ++++ .../wazuh2.indexer.pem | 21 +++ .../wazuh3.indexer-key.pem | 28 ++++ .../wazuh3.indexer.pem | 21 +++ wazuh-dashboard/Dockerfile | 2 +- wazuh-indexer/config/config.sh | 1 - wazuh-manager/Dockerfile | 4 +- wazuh-manager/config/wazuh.repo | 4 +- 27 files changed, 513 insertions(+), 106 deletions(-) create mode 100644 production_cluster/nginx/ssl/cert.pem create mode 100644 production_cluster/nginx/ssl/key.pem delete mode 100644 production_cluster/wazuh-indexer/opensearch.yml create mode 100644 production_cluster/wazuh_indexer_ssl_certs/admin-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/admin.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/root-ca.key create mode 100644 production_cluster/wazuh_indexer_ssl_certs/root-ca.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 4637f903..3d74554e 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -11,13 +11,13 @@ jobs: uses: actions/checkout@v2 - name: Build the docker-compose stack - run: docker-compose -f build-from-sources.yml up -d --build + run: docker-compose -f build-wazuh-images.yml up -d --build - name: Check running containers run: docker ps -a - name: Shutdown the stack - run: docker-compose -f build-from-sources.yml kill + run: docker-compose -f build-wazuh-images.yml kill - name: Install Goss uses: e1himself/goss-installation-action@v1.0.3 @@ -25,12 +25,7 @@ jobs: version: v0.3.16 - name: Execute Goss tests (wazuh-odfe) - run: dgoss run wazuh/wazuh-odfe:dev-version + run: dgoss run wazuh/wazuh-manager:4.3.0 env: GOSS_SLEEP: 30 - GOSS_FILE: .goss.yaml - - - name: Execute Goss tests (wazuh-kibana-odfe) - run: dgoss run wazuh/wazuh-kibana-odfe:dev-version - env: - GOSS_FILE: .goss.kibana.yaml + GOSS_FILE: .goss.yaml \ No newline at end of file diff --git a/README.md b/README.md index 6dda77ba..d02255b6 100644 --- a/README.md +++ b/README.md @@ -7,9 +7,9 @@ In this repository you will find the containers to run: -* wazuh-opendistro: It runs the Wazuh manager, Wazuh API and Filebeat OSS (for integration with ODFE) -* wazuh-kibana-opendistro: Provides a web user interface to browse through alerts data. It includes Wazuh plugin for Kibana, that allows you to visualize agents configuration and status. -* opendistro-for-elasticsearch: An Elasticsearch (ODFE) container (working as a single-node cluster) using ODFE Docker images. **Be aware to increase the `vm.max_map_count` setting, as it's detailed in the [Wazuh documentation](https://documentation.wazuh.com/current/docker/wazuh-container.html#increase-max-map-count-on-your-host-linux).** +* wazuh manager: It runs the Wazuh manager, Wazuh API and Filebeat OSS +* Wazuh dashboard: Provides a web user interface to browse through alerts data and allows you to visualize agents configuration and status. +* Wazuh indexer: An Elasticsearch container (working as a single-node cluster). **Be aware to increase the `vm.max_map_count` setting, as it's detailed in the [Wazuh documentation](https://documentation.wazuh.com/current/docker/wazuh-container.html#increase-max-map-count-on-your-host-linux).** In addition, a docker-compose file is provided to launch the containers mentioned above. @@ -88,61 +88,67 @@ ADMIN_PRIVILEGES=true # App privileges ## Directory structure - ├── CHANGELOG.md - ├── docker-compose.yml - ├── generate-opendistro-certs.yml - ├── kibana-odfe - │   ├── config - │   │   ├── custom_welcome - │   │   │   ├── light_theme.style.css - │   │   │   ├── template.js.hbs - │   │   │   ├── wazuh_logo_circle.svg - │   │   │   └── wazuh_wazuh_bg.svg - │   │   ├── entrypoint.sh - │   │   ├── kibana_settings.sh - │   │   ├── wazuh_app_config.sh - │   │   ├── wazuh.yml - │   │   └── welcome_wazuh.sh - │   └── Dockerfile - ├── LICENSE - ├── production_cluster - │   ├── elastic_opendistro - │   │   ├── elasticsearch-node1.yml - │   │   ├── elasticsearch-node2.yml - │   │   ├── elasticsearch-node3.yml - │   │   └── internal_users.yml - │   ├── kibana_ssl - │   │   └── generate-self-signed-cert.sh - │   ├── nginx - │   │   ├── nginx.conf - │   │   └── ssl - │   │   └── generate-self-signed-cert.sh - │   ├── ssl_certs - │   │   └── certs.yml - │   └── wazuh_cluster - │   ├── wazuh_manager.conf - │   └── wazuh_worker.conf - ├── production-cluster.yml - ├── README.md - ├── VERSION - └── wazuh-odfe - ├── config - │   ├── create_user.py - │   ├── etc - │   │   ├── cont-init.d - │   │   │   ├── 0-wazuh-init - │   │   │   ├── 1-config-filebeat - │   │   │   └── 2-manager - │   │   └── services.d - │   │   └── filebeat - │   │   ├── finish - │   │   └── run - │   ├── filebeat.yml - │   ├── permanent_data.env - │   ├── permanent_data.sh - │   └── wazuh.repo - └── Dockerfile - +├── build-wazuh-images.yml +├── CHANGELOG.md +├── docker-compose.yml +├── generate-indexer-certs.yml +├── LICENSE +├── production_cluster +│   ├── nginx +│   │   ├── nginx.conf +│   │   └── ssl +│   │   └── generate-self-signed-cert.sh +│   ├── wazuh_cluster +│   │   ├── wazuh_manager.conf +│   │   └── wazuh_worker.conf +│   ├── wazuh_dashboard +│   │   └── dashboard.yml +│   ├── wazuh-indexer +│   │   ├── internal_users.yml +│   │   ├── opensearch.yml +│   │   ├── wazuh1.indexer.yml +│   │   ├── wazuh2.indexer.yml +│   │   └── wazuh3.indexer.yml +│   └── wazuh_indexer_ssl_certs +│   └── certs.yml +├── production-cluster.yml +├── README.md +├── VERSION +├── wazuh-dashboard +│   ├── config +│   │   ├── dashboard.yml +│   │   ├── entrypoint.sh +│   │   ├── wazuh_app_config.sh +│   │   └── wazuh.yml +│   └── Dockerfile +├── wazuh-indexer +│   ├── config +│   │   ├── config.sh +│   │   ├── config.yml +│   │   ├── entrypoint.sh +│   │   ├── opensearch.yml +│   │   ├── securityadmin.sh +│   │   └── unattended_installer.tar.gz +│   └── Dockerfile +└── wazuh-manager +    ├── config +    │   ├── create_user.py +    │   ├── etc +    │   │   ├── cont-init.d +    │   │   │   ├── 0-wazuh-init +    │   │   │   ├── 1-config-filebeat +    │   │   │   └── 2-manager +    │   │   └── services.d +    │   │   ├── filebeat +    │   │   │   ├── finish +    │   │   │   └── run +    │   │   └── ossec-logs +    │   │   └── run +    │   ├── filebeat.yml +    │   ├── permanent_data.env +    │   ├── permanent_data.sh +    │   └── wazuh.repo +    └── Dockerfile ## Branches @@ -154,7 +160,7 @@ ADMIN_PRIVILEGES=true # App privileges | Wazuh version | ODFE | XPACK | |---------------|---------|--------| -| v4.3.0 | 1.13.2 | 7.11.2 | +| v4.3.0 | | 7.11.2 | | v4.2.5 | 1.13.2 | 7.11.2 | | v4.2.4 | 1.13.2 | 7.11.2 | | v4.2.3 | 1.13.2 | 7.11.2 | diff --git a/docker-compose.yml b/docker-compose.yml index 5ed424b6..ec9001fc 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -55,7 +55,6 @@ services: environment: - ELASTICSEARCH_USERNAME=admin - ELASTICSEARCH_PASSWORD=admin - - SERVER_SSL_ENABLED=false - WAZUH_API_URL=https://wazuh.manager depends_on: - wazuh1.indexer diff --git a/kibana/Dockerfile b/kibana/Dockerfile index d98443ae..76f39d0d 100644 --- a/kibana/Dockerfile +++ b/kibana/Dockerfile @@ -6,7 +6,7 @@ ARG WAZUH_VERSION=4.3.0 ARG WAZUH_APP_VERSION="${WAZUH_VERSION}_${ELASTIC_VERSION}" WORKDIR /usr/share/kibana -RUN ./bin/kibana-plugin install https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana-${WAZUH_APP_VERSION}-1.zip +RUN ./bin/kibana-plugin install https://packages-dev.wazuh.com/pre-release/ui/kibana/wazuh_kibana-${WAZUH_APP_VERSION}-1.zip ENV PATTERN="" \ CHECKS_PATTERN="" \ diff --git a/production_cluster/nginx/ssl/cert.pem b/production_cluster/nginx/ssl/cert.pem new file mode 100644 index 00000000..1eaf2bd9 --- /dev/null +++ b/production_cluster/nginx/ssl/cert.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDazCCAlOgAwIBAgIUQ1qhaGbkLQKDypv0VYUrcCeDfoIwDQYJKoZIhvcNAQEL +BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM +GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMjAyMTgxODQ3NTRaFw0yMzAy +MTgxODQ3NTRaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw +HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB +AQUAA4IBDwAwggEKAoIBAQCnEhTwQ1QkQEdU/258kta6bWNFP+E52Ez3SruJIl8C +6thAjplR4LQh7K8COWvWZty44JDY2kfpABtyeVDobWZZfJnxXUw/xgLQu6govJO3 +md27I2xKSDSq1j+l2fmwRRQDTDQb9/WWG8BhE+sB/kx65omyeOq0GhIQl+bvolfT +naLyjhDW/ZyT3rfMax28jRs/6MEF3DcaLZnOaKgFdBMDB98A7LOqdLAnEPsMZGyQ +LoNkYZWERuXXYM3Au58kIq0CDqIIqWtucbeQznHhYcwqY5FtwNhXEIwzt41ita9l +uXSzgU+HjGqhnd7iJAtDCeuNk9Iiic4aX3HdKEzv/pN5AgMBAAGjUzBRMB0GA1Ud +DgQWBBSpMpywVhepErRyxnGfJOfjJtfZaTAfBgNVHSMEGDAWgBSpMpywVhepErRy +xnGfJOfjJtfZaTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCI +Nj2/eC1+9WXPNhs8YbtLAmJ0EzYZCvD4ybVE0C/2mF2IOpBwouZzmd1Rd7V+h8mu +b/uQeahJVyxsldFFr4nv5HjQe/q0PbxtjK4rUQKejDLB88SEJ85+Low5OT6gvW3y +Gzsy6XIQkghG+zwxEoO4vwbJO0gLdMR6MkcLkUkLVN0YcUPBSPLz4kiNL2jcF/lB +8z3NBmDAV1W81z6xlZdKkkJuEtXpS+r0cfxUUXQOcNC77ujLUr7ZfsdwDh6wbgrP +JvZId+tBrfuOmXZQmvLt/H0nJ64dgDFuGDEgJcFSroMvK3pAoHeJy47C19v1vtbv +2Z4EKAkuPze93MpoTVn2 +-----END CERTIFICATE----- diff --git a/production_cluster/nginx/ssl/key.pem b/production_cluster/nginx/ssl/key.pem new file mode 100644 index 00000000..c4bd32ca --- /dev/null +++ b/production_cluster/nginx/ssl/key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCnEhTwQ1QkQEdU +/258kta6bWNFP+E52Ez3SruJIl8C6thAjplR4LQh7K8COWvWZty44JDY2kfpABty +eVDobWZZfJnxXUw/xgLQu6govJO3md27I2xKSDSq1j+l2fmwRRQDTDQb9/WWG8Bh +E+sB/kx65omyeOq0GhIQl+bvolfTnaLyjhDW/ZyT3rfMax28jRs/6MEF3DcaLZnO +aKgFdBMDB98A7LOqdLAnEPsMZGyQLoNkYZWERuXXYM3Au58kIq0CDqIIqWtucbeQ +znHhYcwqY5FtwNhXEIwzt41ita9luXSzgU+HjGqhnd7iJAtDCeuNk9Iiic4aX3Hd +KEzv/pN5AgMBAAECggEAMS7MhTJ86bMWjLopb3jWx8j+CVvV1O6NMduJO8SnjbdO +9CpGjmkE/lur5Y675UEgxzgsy/nuY3RJoDiAjfvuvndE5l4d3URQfdxQk7V4Evuz +36x86504C/bIg+2YaMDdNF9Rk846OPdweeOgMlUHdMK7VJPuHBj0qnfdXzw+eKgc +ivBsDRYb98XVgQ4VjisahfSe631eKr3jVoX0KIQ0rb0E0IWO2KtKZ460zGP5TQCT +i+/dQiKEDrLYPetxnTH1D4PUqxJPI/wsmvhJ0zX/wNc65gywGQN6NEuigBQ5w0w5 +KVgGphlM6JJ4qG37welTFsg0u4Tyo97gDGcRc/8MJQKBgQDUQtlxAdv/G2SBpFRs +2NNue8Lzbqjqrx8a+9xS2dCcLMqWcVVT+pnD04zrct4vuoWEjBdsnbDyAZ8e0VaZ +QJfdOiAaREXcvZdyYDutqbZQhTX8D+OPWzvMovYQTPHTLFd/y+LqkbgCxlEb6P7b +LqKzIz0LelDZ4GOSnyvK4Ua0LwKBgQDJf1qDp9QfgkyTWMByfr0ulwSGo7WUJjdL +9OlCmc6FDHzBWvKvw0CyJLbj1klSzvlirKs4aYqGd/ITjrvSdnaFFUq1RJ8UX2qM +2qGJpCWSdPVhEc/Gdb1TVS4LptAVSZWYACMw9QjD60i2JLL3Go8YCZcfxpl/Ya2V +7UhKIKbA1wKBgA+XcX15k31jt7hGJ+Vu7+j3slRLVqEWiARlZ8O2ODqgl6kBXjEz +AUR/L6TD5UpAOzqHR9k0pCDCubt7yQ6szfr0IBON3EvgqVU/eGLDSp8TiemgCSko +nHXlqol7/W9znGHIyjxMw+WAR8jzDnVvMYhTGFLVg0bd0rKceo0GizkFAoGAb/Q3 +mWDdRiiCXXf5bWQnvsQfuqMpF0hofuZz2BJXIat/gXsDzk5hGtm1WD/Oe5kODRo9 +A9n4IqBwOxeaGeTCE01yNecLsCkXrW0oRa6TRZ2AXM+lrvHqIGv6anTjtoAtAshI +xUHP/fMzcihP22XBTay+b+RLku/1n5C4Ep+zpv8CgYEApkjrYfQdPZe9gCqZpEpe +pRO+ojilKstVb3IH95ACZR7/5KSmEOdLGav02sPNxaPCpWKGxPPXytdZoQJ+oGUP +QrylTfRMPewrSRRKhps8XTA4fJr25ORDNoalx3iFSqENHsx3bzvQkteJVZSCoVEL +nAO2njccRKHBlsqD2zyskK0= +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh-indexer/opensearch.yml b/production_cluster/wazuh-indexer/opensearch.yml deleted file mode 100644 index 958c8d08..00000000 --- a/production_cluster/wazuh-indexer/opensearch.yml +++ /dev/null @@ -1,30 +0,0 @@ -network.host: "0.0.0.0" -node.name: "wazuh1.indexer" -http.port: 9700-9799 -transport.tcp.port: 9800-9899 -path.data: /var/lib/wazuh-indexer -path.logs: /var/log/wazuh-indexer -discovery.type: single-node -compatibility.override_main_response_version: true -plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/admin.pem -plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/admin-key.pem -plugins.security.ssl.http.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem -plugins.security.ssl.transport.pemcert_filepath: /etc/wazuh-indexer/certs/admin.pem -plugins.security.ssl.transport.pemkey_filepath: /etc/wazuh-indexer/certs/admin-key.pem -plugins.security.ssl.transport.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem -plugins.security.ssl.http.enabled: true -plugins.security.ssl.transport.enforce_hostname_verification: false -plugins.security.ssl.transport.resolve_hostname: false -plugins.security.audit.type: internal_opensearch -plugins.security.authcz.admin_dn: -- "CN=admin,OU=Demo,O=Wazuh,L=California,C=US" -plugins.security.check_snapshot_restore_write_privileges: true -plugins.security.enable_snapshot_restore_privilege: true -plugins.security.nodes_dn: -- "CN=demo-indexer,OU=Demo,O=Wazuh,L=California,C=US" -plugins.security.restapi.roles_enabled: -- "all_access" -- "security_rest_api_access" -plugins.security.system_indices.enabled: true -plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opensearch-observability", ".opendistro-asynchronous-search-response*", ".replication-metadata-store"] - diff --git a/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem b/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem new file mode 100644 index 00000000..a99ad416 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC1PBTdizTqmFYU +zRCKVBJqkQI2gY2onSY4LgS8PG7d1L8KNfb8dH4YS+jC30aP4I1DaK6yAo/sB9LF +9/Fp9XD55lLWRUt9214v+7UnOY19z4s8mCUMHPvcT8dz6XSnbZIG9p8n1zP3Omm4 +WSSTvldR89ZzDoQaZWfYYmEHWG9oqvsAT5ANRMgtsH9tYgQALeM/cujJHITYjJfJ +nFaQGBSNMs70v5riVfYnePlEx2AAwYDy5OU+py8pF0m2Q3SfuemT2Wpc/i0Qkawj +F7Df4keUgSlQcg+leqFDHrP8U8TY2ty4JOc2XjmU0KSkKk1BpmDlzeg+0wT2bQmY +TwEv/HyFAgMBAAECggEAaxbeaW5pTTnIm6/0VxiIbUnUGesBjqGVRNsEV0oKZK/i +VqE+mTwoiijIl+Wg50FTl4JSv8K90kVpKStyDh9Gq5OKXSxDCFJIXGgKSew7DB1H +8/0e3wJ9XFgTzg0jrg8Tm2O89ai2/x4X/CNIdrihFj7T99aa/pHvA7BWDyYVZq2q +ugOKggSGTkyZ7/SzEy6xgXleFEV5El/HEuW1YtPeK+0pqPmPhFr8zQKh1p38rAhm +G6ojmkIENwHUPzWVFI2OK4mNM/uXvAttQEK2kvfffFuBjJss5qRrNMTbxVW0E03Y +g4TBBHqxRgrrnMePmGtZukGCh2/7f9Y2xSicdbhUXQKBgQDfjWNO6qb+K4fgd8KV +mxXyINiCAuB987EXeRcTitmPWd2c7yBa/7ylQkK36tqnhhm7KgP1C69aBbrcDT4A +RWZoei7vrQkzo3Eag6nT8TNqbEXLgwmmE87Kfxjg+Ila8gAFKIHzsMU81BN886Vb +9EUnGnPyPHVCBitfW+iqUN9zFwKBgQDPikiLDyXIWa22gn/ietgk1zb/ww7Eh64s +2YrVL74qqVhYRvsTZUUD3gejM5IKHV7+iYotbnlCuv2it7RwMZz6RiodM5+5cYx5 +Pph6Dtdbr0umM8NulnfwbxMaBOyxs2Jjre6CGaqWMHqCEQ3wyxpOFdHO3hcB5L/H +vLKyFYH+wwKBgQDXDGfvzoL+FloLcKlayWl/FmGwD5xtDTPaZL3yKqvG3qf1A4OY +hlKuluMfkWjtpm6yQWS1IZx5ePGcJZDzKc+tyXvFTCuB5UQ0QVvpaioPwkAR2eg6 +Puu6mDESmYNoXUvvqlv4VKAoN8rXdHopzv2G9Ed9SvNxpAWtIfjbfhi12QKBgQDH +7jEgNUFylmGwNls4NJtQMjt7e88YKJT0A8WoxctukaDXudlZv+8SYKv+3klLkSvY +DWudhJUwYa7BODOM+V5+A2XCp96w6OAoVNLSksWIP4Ci5a7ZM/7rEjXWlPPn5CVe +XUos7sjU0nLSJdfGJgJ7Qq3RmUWUv2a45eFHiUynvQKBgQCOzJVGE+GNTcOco0Ek +JU+BLYxc7sG2w5lJo2ri5hRB1b1ao+BLqLp4RoOCz5kS3cfSmCAXpBFsGi2Y2c1H +uI2KaUtpah1E4IMVVX5y6Bfv/E2HUKoRduGUATGgaNXpT9rG8s04wx9Y2dF3Uly3 +Ym2E41FN3Xp3aAxAI7hVHdmUKA== +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/admin.pem b/production_cluster/wazuh_indexer_ssl_certs/admin.pem new file mode 100644 index 00000000..ea875f54 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/admin.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDDjCCAfYCFCALmQUoEozkC1ZAX0lf+xbwrGloMA0GCSqGSIb3DQEBCwUAMDUx +DjAMBgNVBAsMBVdhenVoMQ4wDAYDVQQKDAVXYXp1aDETMBEGA1UEBwwKQ2FsaWZv +cm5pYTAeFw0yMjAyMTgxODQ3NDVaFw0zMjAyMTYxODQ3NDVaMFIxCzAJBgNVBAYT +AlVTMRMwEQYDVQQHDApDYWxpZm9ybmlhMQ4wDAYDVQQKDAVXYXp1aDEOMAwGA1UE +CwwFV2F6dWgxDjAMBgNVBAMMBWFkbWluMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEAtTwU3Ys06phWFM0QilQSapECNoGNqJ0mOC4EvDxu3dS/CjX2/HR+ +GEvowt9Gj+CNQ2iusgKP7AfSxffxafVw+eZS1kVLfdteL/u1JzmNfc+LPJglDBz7 +3E/Hc+l0p22SBvafJ9cz9zppuFkkk75XUfPWcw6EGmVn2GJhB1hvaKr7AE+QDUTI +LbB/bWIEAC3jP3LoyRyE2IyXyZxWkBgUjTLO9L+a4lX2J3j5RMdgAMGA8uTlPqcv +KRdJtkN0n7npk9lqXP4tEJGsIxew3+JHlIEpUHIPpXqhQx6z/FPE2NrcuCTnNl45 +lNCkpCpNQaZg5c3oPtME9m0JmE8BL/x8hQIDAQABMA0GCSqGSIb3DQEBCwUAA4IB +AQBOrqGywQkT45WfQRwPsuCisMuogIhLDRe4Idpck/AXFXa+SIEtq5KG4KOCJ2qt +tnOcCX3iI8k9rJWRlDCR+vrJvdnsgS15uvbuhe9ADqvn1LIojhQDYf4eK+AC+dg0 +H07HqoDiyOSDrhTWXd07yX43qBLvuh8Jk3EHTOWB7xTg1mzLkGIXyPjQOcl5OOhT +dcaQ1z9x7pAU2RlPgvW9WRG+OkW4QPlQ3Dfu9cnolxVE0EE7l9+QsWEmngZSR3S3 +/FX4FYqJPUeTec2pkRNDhJSj0Lxmsq/j6jizgRHw3PVFPex5AyZq2QpM4vc/Jmr7 +YeYPqGk9Vs+5qt7OTtXx92D2 +-----END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/root-ca.key b/production_cluster/wazuh_indexer_ssl_certs/root-ca.key new file mode 100644 index 00000000..eb7cefcc --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/root-ca.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC4eWZKsWGQdEj7 +4036dloDJ3GXQ0svWhmQmq0H1SWjmIrNw952SsAiCcflb/buJUwN4h1w/h77+88T ++iigTpb6vW/hiXcB2ev0IVrEa5SvpYBmooEPz9vJopxaBoJt0NEtR0qHEwHT7NOl +7tQJRAGq4+HOkqFv2XC9MjRWIVL7AkWjrGJL4IgIlX8vR5TZ93TXDWUPUGADWQcL +84Uc/URqpovgfVu62AwCS3xvf3kkgbA4CDVZPhb+My4Mozz/l0S5wYvxYdpzs9zT +MpVZP9Ye1g2p7L7veV3A2UXapYNbMbSGzCsbZa0u9pur6ZOX4Z+RD6OwPrBQ/0zs +k2ZV4GGBAgMBAAECggEAbNiMp7PD2mUSjzVOVGMytzu1xUeafCUQgocRY1a7r6yY +8dIJWAjBFxRoUxNeQqPVHTf2oS4AADRSufnXsMbORMIz2oKuqnP3ygNIOC81+vGP +Mn/d4QOHLpD46hF/MeaNFcdDzTFE2dOaCgVCLPlodnmhSa6w/HrzD18pDEz7Vki+ +SWyJGlci+eIWEZ6a0JvJ9xk5I+EmoVNJLFM1ncgvF391AaD0RmWlrq9JhcuxF5mP +lnZPo9DC3f7LjKRPrrdgSJFTxnEbGaP/ECqVeju/VTrjYOi9WRWGa9eZjDzet8+B +l9n2KUqHm0KRALSuqp5bjJgB5VpOP9TdsRw3Hj8JcQKBgQDvGw+xQXTdPJ0X3KA7 +wtQSa/pcQJes6l6AWmNO7KugfoTd5yIAIUIYmN8W4iafwcxwiXAnzyOW0d1ymPqI +0Lgz1uh708B1/ZtT8nkPzjWPoThW33ngR+SdmlCFVeVyPsx/Cp+6ueQvy6y+lmEp +bZeVMP57e+AKdDb4uh15ijRzDQKBgQDFgipDUs4kU0aA5HKpLmXeQ8gcaocwj+ml +0XNjJ2BPzOt9OnDyfL3dMSGczfWtjqz3LSr/BTSFQKeg1CaRD/DjRc+B8lCOGsgS +2agUXSWUjqshG35XTB2wHR64CEydqx00N9ych6kc57aKYbOOgjMsRX8BGJwIq1rM +ojLR+UcbRQKBgQDoN68A5uJ572FeiF5yS+CtV4MaT30/aYuIOsDSKRbyU430+YJS +//nya53W2qLKa2yDK2fqsckNtBrPLnW7pIIRjrnRcTEtJrXRTN94kzv/l4NhE7+J +LCmDSxjCtk6VqxnulEHXFqzgIn5NxzzsAEzEj4XIJeHMJVwyKodvv+L6jQKBgBLJ +kO+aftVhvoEgOe/x4+rCk9RwJa/u4JDPXaR+6GBu46+j0X6fcwgJVmMuDEKYIcfZ +Wg+sFRTf05Iu3ARMeeOEjnqT7Cm4TnPMlHpradm5wHmDvf7b1K8d9gAXegI9dqey +8J9LIEEJoYmERao2pFt/uNcH2j/Q3PA+NYtXpPXpAoGANTR6OMftiW8EFrcZyeJm +KsPxzhK6/X3Tgesdcpxx3x8NmvpgKUkdSWiFV4kZ2Ns4quCfrlSK1jpmC7TVlSiM +CLi84bUlujCbOrONxcgQsb/wRJW7gguolmJeE2WBzEhuklTR36VRUH9dYCkrfscI +ROuWGjg69W/p31l4vcxho9k= +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem b/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem new file mode 100644 index 00000000..c2f2de7d --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDSzCCAjOgAwIBAgIUbG+CuamLgOVOhiJSbsE8k5fKLVcwDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDIxODE4NDc0NVoXDTMyMDIxNjE4NDc0NVowNTEOMAwG +A1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApDYWxpZm9ybmlh +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHlmSrFhkHRI++NN+nZa +Aydxl0NLL1oZkJqtB9Ulo5iKzcPedkrAIgnH5W/27iVMDeIdcP4e+/vPE/oooE6W ++r1v4Yl3Adnr9CFaxGuUr6WAZqKBD8/byaKcWgaCbdDRLUdKhxMB0+zTpe7UCUQB +quPhzpKhb9lwvTI0ViFS+wJFo6xiS+CICJV/L0eU2fd01w1lD1BgA1kHC/OFHP1E +aqaL4H1butgMAkt8b395JIGwOAg1WT4W/jMuDKM8/5dEucGL8WHac7Pc0zKVWT/W +HtYNqey+73ldwNlF2qWDWzG0hswrG2WtLvabq+mTl+GfkQ+jsD6wUP9M7JNmVeBh +gQIDAQABo1MwUTAdBgNVHQ4EFgQUspGtRvONTCkbxbwdYuy7uzv3+uwwHwYDVR0j +BBgwFoAUspGtRvONTCkbxbwdYuy7uzv3+uwwDwYDVR0TAQH/BAUwAwEB/zANBgkq +hkiG9w0BAQsFAAOCAQEAoGVw5SL6rrUeRKzUd1AMBqDv6LtNOXY2MZUtbNo9EyU7 +4AuTVlenK8DJuwr4gIwiUWJe5PbQF5+eegppdwwCVpLr8/xAe9y8M04+oPVI21IW +KyUUzyYx07OHI89tTRodCmaiGvLoEunuXjGoxyNsu9SRce4gXFB6bxKV+40XN3jL +0DA2Hks65eK21nlnoUCcNMxz3IXyQfzEfl+spPPpGtu9sPuMyDbUl6hSK/ra+0GX +bKHSDmjodbnk09GxIHgKLQR6Hy8JmE/eH3he4QGOds6v1g8kDe9F/nrhykxou4/T +ghImCJUVyEeV/c/Xtit08ev6WjvuPQr2eoiwJ2aYkQ== +-----END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem new file mode 100644 index 00000000..90b13740 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCsqKFvSwilCJw3 +LY79lwGiX2Qtm91xzuMenHTXtGfE/gfvSSMlsze94qIEj4MnZycB8ZC1+x+nf/JM +nYe/jF8vHNuCkT3mSxlcOPtSj26obTJUstGVWQ0eJcDSTueKGj/3/akdza/Q0JLM +D7arwzhRUYd8FcSu/oVqawIz7LxKccD/K/103AJ++r3UnWZwcQtRlWz1dWOUsrX9 +sASCaEGm+4HFKQuvvCA7Nqu2us39gvVom1qy62KzM31nrMe8OmAOci9084z98OYj +4y77u4no6k8PZTaz2ieuzjlk7CYRJSq3RFlhIP9xAuV/YUOC637lMWGKxwVauk1c +ACMNU/EPAgMBAAECggEAQUaLqfDbNtGXhcDio3sYshOQYzHfOay27xbFkdtxs+c6 +hrvG3vTvqQlqqYC8XARCmhiC1lo3sHLN3ytbbA6c2cn2L1nL5ioUT2p3kdIKSwDl +m2HznJwLOo+ZY6lTHkIoVxB+hHcD9lU0epOiQzPOMeg56a6tKl+tfvsv3QOueBIE +gKh2G6PuEmtarfCJCMr3XvZFs3T+0BzCMHgsyjwNpZw1gu+aHnWo/vMjl5pm9LmK +qiHhtnML6iCyyD3KaZT7decCiNLnv5sjzMsqNmP7CSoSphw29f7sRPAAuDwr5NDq +ni8XZJEXp1QrYvc7+/EArs/cbfiEqjoFWZOFLZPeqQKBgQDbc6NrFss1yL0S9yD/ +XdUBBaqqxUSqDRH0nXI5xe8Kfi/wxD2pBcaRoq19zgLJMuuHMU8lITbg+AXStQz/ +kcqxT1lOz9TyKYh13TpvBBPcWKPwgbgxdAL2EfZn65KH3ry9Ufh5mYpIrFCfuDsa +WP21oEKGVElGczOx11WNN8NqkwKBgQDJafbz4Z/p1aq7lF+Tf2L0DVlgz3a460k9 +JH8+Vqwc6KeUB4foIldty5XvF5iNL1h7pA8IvAcznkM9xDF4DoEczk0fbMi3y7rn +3HSKmJY2VDPbJacunf+xcZGyiX1y1TwD5Jd1UhDRMZQbCEl0uz2TNptmowVRWuiH +n2Whh3vhFQKBgQCR7Mw++pI3+nrXsKMti/yGyHjbQ3/MQBKvgT6ich7o8E36oNOL +oD6ROwZ4gFPT7Fs3s684NmTipaphmWjCTPTmgKgXQxYLzVhjX69qgOCgBgVFeUy8 +/bK2Y+1g3wG5/X+tuGMsoM+WUZbvDjem5oQWkTGLV2K+SP6YBGNsGyeDpwKBgGF/ +/0DN7uh2O2D0kVPIbbFwqNyZcYJQu7JycXpO4KBZ641YG+0+eo426EzGYl2uFqo7 +n999jgrpyOkkiUHx24SDRYg50+xNHhxRdsUE2mpQVo32azjA2V8feAUyU1z8ZkII +LV1oraVm16hCWbS9UzBpVc7YiaF5XWkRu1P3TvuFAoGBAJSmSaTYf8ebPFmPDAIt +xgmRHMAEvHe5U/TvMbtEIpgQLXoziPgtr8yOEVty7p1pJ1r4+Yym0QQ1a8wQp4K7 +VLzMubcv+gNfTclHHTiail757Jk6pBSkV94hP4dHN6tsRdlYlF7iUmUCWt37WON3 +SrEcAhLdo2SBNfsrhW5+X8Pj +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem new file mode 100644 index 00000000..db0aa317 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDdjCCAl6gAwIBAgIUIAuZBSgSjOQLVkBfSV/7FvCsaW4wDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDIxODE4NDc0NVoXDTMyMDIxNjE4NDc0NVowXDELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEYMBYGA1UEAwwPd2F6dWguZGFzaGJvYXJkMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKihb0sIpQicNy2O/ZcBol9kLZvdcc7j +Hpx017RnxP4H70kjJbM3veKiBI+DJ2cnAfGQtfsfp3/yTJ2Hv4xfLxzbgpE95ksZ +XDj7Uo9uqG0yVLLRlVkNHiXA0k7niho/9/2pHc2v0NCSzA+2q8M4UVGHfBXErv6F +amsCM+y8SnHA/yv9dNwCfvq91J1mcHELUZVs9XVjlLK1/bAEgmhBpvuBxSkLr7wg +OzartrrN/YL1aJtasutiszN9Z6zHvDpgDnIvdPOM/fDmI+Mu+7uJ6OpPD2U2s9on +rs45ZOwmESUqt0RZYSD/cQLlf2FDgut+5TFhiscFWrpNXAAjDVPxDwIDAQABo1cw +VTAfBgNVHSMEGDAWgBSyka1G841MKRvFvB1i7Lu7O/f67DAJBgNVHRMEAjAAMAsG +A1UdDwQEAwIE8DAaBgNVHREEEzARgg93YXp1aC5kYXNoYm9hcmQwDQYJKoZIhvcN +AQELBQADggEBABl1eEkawX/bOVYAeCv1h+Jx6oS55fFXcPoLC+Zhr5N5ksdFwpEV +b0tt7LwInH+zoOGLsDx8kid0P9ES5N29T4575jZMKv7ACG5WpVKqEXhawxb85Ngq +PGV/JoLxtT1Q3ZQpstR/2BV9NjMJDWne9A14kzBMYpVIh0viE6wuvK8/4bYiTbRl +kQ+8eilxGTQKjLPSCMM6u/S9oyh3yAvcX9gKktBWzI7JhPZbExti/ktuntkKPsfW +3qH3s4GPw/M26ucYEE7oila57heV5UkWOJwtuVEX1KcrTM6jpZ/Ux56iUKMpw2/q +y37905GTlCTLYPiixIxYV1/Vfs0TNJo0sso= +-----END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem new file mode 100644 index 00000000..f3186848 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCsNnML+R5oTQ6e +MwBsr2s7+nTenaoxkpvWasdTRhYZI1Cw52pPAMr6BCQP5g0MX58WOOBswziyKftQ +vvM1n3rJXLlQEC60kWicSZ/yTAdathF7wozqJckuls70pVJikEsOmNVpEoWVnri9 +PfBEAKHcvrKjeIa7x7FNz/fXJSkO3MDnFhpMR2J4BaKpy52ZHH284bFmifDj2Prb +z1QQmWnQDUKaZJB432vfmzztJJ2I80mgxu0GIj68rM+ObYUdV7i25rzmvgw2aB4U +FMALDCQeQPP/gzlS9NsosOpGs2YUgZuQkbZerbjWGX8caNMC34+PuDdn2p9lDoyo +Nfd/i0oBAgMBAAECgf8+j4k70EQ7n8KvtddxpEhQgavzM1OgrqHuQtwmZE+i0jF+ +EpOMH72dFeQD4o7a7+HbMM5WtJTkJFwn+TZhRI5WmFi5vSc6cZiPLi/s1bHWQk4X +p5WJejCbvC1yspw7MjASHXNpuFDPCdoS5W1jRteGWcCLoj1P+jtvCR4ACn/f5blN +C3Iq+1gfDB8fgQDzFElMiyu9qNcm5hv2I/yW/qApAXyLRkfMHTXM8GbWhkeQZxHm +ytfnGikiCieBguaDhYWHfe43eQFQLvpY8J2tEQVgV4lpmoAD/HcJgAkkGuCh3TK6 +Po152qGZGc3v8Q84iQI5hQMOrc6NpbKtKSy/SLUCgYEA4CBXTtA7h9UwkY080CkR +Sz1Hu7UKUBU+YfO2WGzH8HlF4J3l5N3OzYgyn9ILe8nDsmUuXVWupHhuC1Z1KgZ0 +h8Ikcf78L2U0srmpF9PQ7gKIAH3ih5mJyIv7Q+PFcYOjsRD/dk7cB9ARnUlGfQii +Uxz8UzOUOVVi43cnGcXG/ucCgYEAxLQdFTjN4pw/wNCDcVnLPHfPuFnhH/MbQTR8 +OPDx6cXmoomKKggWGnKGViZP3K+Lb9uhhYSO9HU9+cVHELKhB4adPfGoek9OJRMT +rAaOoD6CIvpcHiCukSvyAjZ/y/+vlkoNWZsWNqktT9PVRQOc8sldpg6WmbkWUvej +674CWtcCgYEA2ifAs+9OMr4Zo2N1sSx4L+M7IoNqwV6cNR3S/KkNyI1Srfsjna0l +MbwDgrsiAGD5AnkoMyNGdcLfYlvKeZiE7uvTK77FW6DINbsv0wiTEkkWdlwSFmkl +yzYt4fwf4IkA2UYxUsgZteUacB215dh0oC/Tj2ziNxhcxAnj3ls7gjsCgYAxAc7d +IrHo65TWrRySeRSxlAgkngAAvcjkjfcFGMKsw6mahTnvDuSy4iWmARWUngfXbpjn +cwdK0IsIV6ZE+rwz683xSOv4zRljE0WrblbKhchWfpnEx8+2S4SYGIvuf113zCtX +T9RQ+gVYBib0ctn/gzvZy3iqA/sT4K7uZQChMQKBgQCyJTpYPqp8gDn7d/ycc+vB +vNLxX2Yj6g5HGuOZo2Aet70pfxWYW0SLwuff1NtfS0sVaK6dB5CLIvaXH25H5JA7 +hCeM2aea4HCA4TM5pMQWC7yFXgqmUqT8D89xjZgRaX7VdoEmKaIeGFLKeG9EXr5o +vJHt2Gz7u2If6FD8mmoxmQ== +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem new file mode 100644 index 00000000..09d975cd --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDcDCCAligAwIBAgIUIAuZBSgSjOQLVkBfSV/7FvCsaWwwDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDIxODE4NDc0NVoXDTMyMDIxNjE4NDc0NVowWTELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEVMBMGA1UEAwwMd2F6dWgubWFzdGVyMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDZzC/keaE0OnjMAbK9rO/p03p2qMZKb1mrH +U0YWGSNQsOdqTwDK+gQkD+YNDF+fFjjgbMM4sin7UL7zNZ96yVy5UBAutJFonEmf +8kwHWrYRe8KM6iXJLpbO9KVSYpBLDpjVaRKFlZ64vT3wRACh3L6yo3iGu8exTc/3 +1yUpDtzA5xYaTEdieAWiqcudmRx9vOGxZonw49j6289UEJlp0A1CmmSQeN9r35s8 +7SSdiPNJoMbtBiI+vKzPjm2FHVe4tua85r4MNmgeFBTACwwkHkDz/4M5UvTbKLDq +RrNmFIGbkJG2Xq241hl/HGjTAt+Pj7g3Z9qfZQ6MqDX3f4tKAQIDAQABo1QwUjAf +BgNVHSMEGDAWgBSyka1G841MKRvFvB1i7Lu7O/f67DAJBgNVHRMEAjAAMAsGA1Ud +DwQEAwIE8DAXBgNVHREEEDAOggx3YXp1aC5tYXN0ZXIwDQYJKoZIhvcNAQELBQAD +ggEBAK7aj2hBFOsq/V1OYamjFKQ3wRf7bmsbl3GpeVqsp9iSsjiE32wUethdIQzO +P/xad50Ue9Xx2FaAGSaTBerst7tStNDvPCkONf7Mp/N0f9EjofEAJIwY6H+Rz5G8 +PWoUc0uLnOFlEZ1C380hzOCYN0BMSX8S9+YVm5qSIHEFCRdyglxJZJGtepFGw7CJ +cB1mJ5XVr+cmZ58Hx+raAJA1WNFP8Dl1CIxUM2XF6m8Sx+RYGnt1V1E5GTsUee6d +39fT9FB4sdLqD5cp/jjZcj0uCBF1K+vmclieJYOUKvH8KSPihcFwH0I/WHfcQwj4 +3chvv6KOu8k0r/nvIQOw9zhYdvY= +-----END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem new file mode 100644 index 00000000..d8c18d75 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC3kUbKxgJ3GfJm +KyQyxS3h0OHi4Q6Mj3EN1dsNydX2sjBQBZ5Fj6wnxEKis4qtLnNNc+I6f6mzCOvP +yNyWEW2SgWAn6g6d9rQAPTPOOVOFm3DQBBdKCU+3/1+pdlWBIW7C0Vo0r+y86c4o +ZhSPMyyMDMishFyH6sh0tubauXlxR0QNBoDpFU/yAynEsWyJDmQT3SMqzW8nPis6 +uVrx0Fky0DU26j/BMQRto99b8lNcwGn/xCjjVpqAk4WOc+Ml/muOdhFLnw2VKXgV +TtcT4NA3sVSe4pNGGm+X6Md2WUBZ4WHl1H1zEgQerLoCkDPdvCQwD0lureoUHDTl +J0ePH2JRAgMBAAECggEAA3wCd/7iNRiM/Vt8SGptwIeSghf7ird+UeDpU42tPg2L +1TkGFBPyFJ8pFKWL0FW9Yo78kFe0BO36a+tIJKEYD1vdU2Sh+mWgbRC8VwHHkBWv +QoORXZpnpPp3+mOAo/7ad2A58h4UxFE71JB7e2xhQBdOB9hLWVkfjPeb0jMLFxdW +/FG0xgIqWHilVCC/2ICNaONbpLiHwJz7DKRYLLJFZv0ItMkqZeSBoaaWQKTAa7p/ +Czra55/Kic0kiZfhmLVEsHuHdNfBlYTEPmY/UBBg1vxE+GgaDHnQxcbLv/WmoG5/ +aCkwV0gTRVPoSCjdb4KsaUSD+3Cfby3kZiG8htroAQKBgQDbzMafh2Aw5kfbEZn+ +F9tGzsOpoaCsk44GWKrH4elObVfIxVFjt65TNdshrAxoow2HCTdRGMhycjX3pvS5 +HcLoP66yleLvRt3EHBAQm5p5lznMt8vRkUZV4eptxebyl6Lkhedf3kxOlxd0JPlC +wKgPiYI9TWRRVX6ciPOGGHJ3MQKBgQDVzN2zWAxNbD923+/s8yz1dlSh2qGM1jZj +G81gor5GmipJfzSaYP1wkXZyHZUHb9aI4mdcoaqFkU/nEJFws653bF4E6O6ngn5g +Lw+A2XhdV80lzv80AWjVeStPPpA6ZdHd9Z39Yaa6LgdcE658JhxUC5ubXhOAFz4y +SNSL1kcVIQKBgB/qP/zx/zmadlyM1btbY2+InkiHO3lTg4/QWBvl5aaJofF5FTRR +e3KBo2vkO3kGE/TDldCktJZJlyR6jZZDiAWJGai8stLji1fqazq+HVQCbVYYafPo +EDpwL0X5MmuPMQvVlZ8J/DJ9Jd6rb7YNm1mGMe8MycA1lcjM6e9SpWxBAoGBAL60 +CvjCy85vhLhrDR5k1jBoiRsJ4dm25TJIBUxyPZjKQHfoYCpn4wh6p5Uob9r/VfQp +RpsolOqo8AWiEKjfjPp3DfIBN4bw7fqrX3/F+wf/njxgQ+DGdRUdDJWVr553XdhH +EtKFPOuKzQPDhnq0n8YTyIuwQWKa2N6Peg71ZdghAoGAN3n4fXYZo0qyZ15jGs5N +WOgWWOUnipU7LrnbC2c0ZJxftn4T6okl2z4Rc2qyeUgZg4zMPJeDwFXaQFeS/pcD +UEXAppPvOUdsl8P2g/n6DUxPr3Tfq7+Kvv5TA6LZQ168n69wZ4bcdFJK2NPJycxj +LKvGrr3vlO4cPyJYcUk8nW0= +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem new file mode 100644 index 00000000..46dfa432 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDcDCCAligAwIBAgIUIAuZBSgSjOQLVkBfSV/7FvCsaW0wDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDIxODE4NDc0NVoXDTMyMDIxNjE4NDc0NVowWTELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEVMBMGA1UEAwwMd2F6dWgud29ya2VyMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5FGysYCdxnyZiskMsUt4dDh4uEOjI9xDdXb +DcnV9rIwUAWeRY+sJ8RCorOKrS5zTXPiOn+pswjrz8jclhFtkoFgJ+oOnfa0AD0z +zjlThZtw0AQXSglPt/9fqXZVgSFuwtFaNK/svOnOKGYUjzMsjAzIrIRch+rIdLbm +2rl5cUdEDQaA6RVP8gMpxLFsiQ5kE90jKs1vJz4rOrla8dBZMtA1Nuo/wTEEbaPf +W/JTXMBp/8Qo41aagJOFjnPjJf5rjnYRS58NlSl4FU7XE+DQN7FUnuKTRhpvl+jH +dllAWeFh5dR9cxIEHqy6ApAz3bwkMA9Jbq3qFBw05SdHjx9iUQIDAQABo1QwUjAf +BgNVHSMEGDAWgBSyka1G841MKRvFvB1i7Lu7O/f67DAJBgNVHRMEAjAAMAsGA1Ud +DwQEAwIE8DAXBgNVHREEEDAOggx3YXp1aC53b3JrZXIwDQYJKoZIhvcNAQELBQAD +ggEBAA1hbdqXYJWbMCPceOI9A1WXX4yhiUHR8ts7RmJST641EkpPxH13Ug7xWR+Q +5l4MMi8dQKJP+uW7a3ePMkwZ0YfWqViqHDHQCEmFk1iuNpT5X3mMrGG1zQNRaPRJ +MrGxhiTdlyqDkwxVgnc+BI458nIPJsDZ31bj6aYhiEgiA5Ts9WelGN/QVB3vvVin +jaSutvUpyV5H6piEyTWLEjoCCeoJPyJlBl6VthqD+2ncFpj0Bl4BQgFX+HsfbiXb +fh3G36zgHNbjMZUQ6AiNFT1zTEyvn8V94jX/mzGwGMD8y5ToYHBfR0E8705rNUDX +Q9Zw+o7qBfA2ARiVwMUQQPFZ2VA= +-----END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem new file mode 100644 index 00000000..06ee5794 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC9dIMKAKHvsLNn +AFnGGwmFjeoAvkGcW8lY3HjxXNAd+22BmrSKlD6CMcXuNkebEg6tJHbRpPUE+4fH +cWFlEBxh36HTJrSE2BhMm3iBI4xFos2w9ifzsEX8mEgBhGGV2ejXG9QXZDXy0PI3 +PwRJ2nfZ59iD255SZjX9UzqfyAhqw4MCEXJA0x4wmjUbGB84/lbzRsPy8CbVeRv9 +1vqzCjvzydP7o+pdxcjD3NSOmEShLJr89uXKMTt1nrVEUPcvJd3hB7X2HFW8fBEI +tgp0XH/BpbuxQ2oHsrcPy7+ItFsz5EuRbWkvjvSZ87+jmz5BSRUmd0aO/jMdwbZj +3jZwZvOjAgMBAAECggEAOyDv/OExqUM22sDLQ/8QO7SNAepfQ9OJxcgZnwrekVz1 +UmvcSRv3Xl72bWBXfNhn6DXnN4sKRaHTQLXsNcSPdyR6txHvaT6gZthnBbb4gotL +Mx3AXlf3n9xPLNoKMuCtwOUYjqxiAgSgdAmg5wPeQA4SDyUuBn2MACJHu7KMnfUY +46nLB+ha9XSCuZiBIDpUCiTVlO0VYrMJ4eyRoEBHEZHtGZRWAgHHhR9QHlHEyjjJ +IuTX7BEbL62O5t0LV5olywh+kId9s2Yv/YhjVTaou2HjlPndaNBRFRYhCTCEnu0t +/cO2nRFGyU0OJ+OdEiU+FB1r6vU1cD/tcgbfpSYAgQKBgQD0yCn7CulhoxyoNNBh +ja2S9yZ6xQ9bRnkR1kJgprXHvIRLta0Nmpj9Jy8PtaC93QX12Nz/TnZf0xDv3QYR +X8cYRh6sY6+lfwOAIgv4uWs0VySwMGdVk1zqCHvvNeb1RtdMya5EmxPsOp8ImPQF +MMqAUo3N2XZFX0GssRXkVgIfYQKBgQDGIz3qr5mmJtEURSKigCR7IvCA7ZAp9MYo +rmvH0i6qHHmj3VBBiTqk05aMh9cfFa9NNVkron3DxRac0lqqRsDNzP7Lh8kNhb01 +9s4aq+xwaZhcy7YtTXBvnhAhopv2d2dmBkechcNmwo8SJT1mzO4FIN2uX1uEcTW/ +VFvP4zQFgwKBgQDUH3XJ2G3gr7JQzdva/iTx2/3bnFOvfIXEgFFrYmzbFzHqThkW +VefIUaGF0pbmkdftca4qDPumFMlzo6zzd3WYQoOoTobTOxt0eYy4US5m4DGqAXg6 +/4YgRZPo+2QXH/nJ0GiViXIdX7ubfrjQmrSRuXirb4z/lwnZtmhLRIF4YQKBgGuM ++bEIfIi6DUfJd1Fp6WOFxbLWQSjlGyM9+ndO2dGw/z45hbTtPo315ISHv/e5l5x7 +VtnerBG2S934OQqwuTt9CNmF7VaPv/Mo8xt7My6ZwwCr+0l//YY48FyxnaMdkVzK +D9kgqr5+4ZZh7IB+wLy76Fkcndq4cQpYSjYACF7tAoGAa8akoAlwa/NfNY2T0KyV +AvHKeoT/7Zqn4JRFIw+1w85+ZRqTsVDrcQA8x0SV+muBXhKNzzsrdglKXCmyHCs0 ++NpB0MVIj9OnYRqk/CZYhfUym9DTJ77dluyH2YTJ/CVW5rOvD4U8RJtuHp2FaBek +P/769dwceRqNJi2FDQfsVgU= +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem new file mode 100644 index 00000000..e3db869e --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDdDCCAlygAwIBAgIUIAuZBSgSjOQLVkBfSV/7FvCsaWkwDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDIxODE4NDc0NVoXDTMyMDIxNjE4NDc0NVowWzELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEXMBUGA1UEAwwOd2F6dWgxLmluZGV4ZXIwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9dIMKAKHvsLNnAFnGGwmFjeoAvkGcW8lY +3HjxXNAd+22BmrSKlD6CMcXuNkebEg6tJHbRpPUE+4fHcWFlEBxh36HTJrSE2BhM +m3iBI4xFos2w9ifzsEX8mEgBhGGV2ejXG9QXZDXy0PI3PwRJ2nfZ59iD255SZjX9 +UzqfyAhqw4MCEXJA0x4wmjUbGB84/lbzRsPy8CbVeRv91vqzCjvzydP7o+pdxcjD +3NSOmEShLJr89uXKMTt1nrVEUPcvJd3hB7X2HFW8fBEItgp0XH/BpbuxQ2oHsrcP +y7+ItFsz5EuRbWkvjvSZ87+jmz5BSRUmd0aO/jMdwbZj3jZwZvOjAgMBAAGjVjBU +MB8GA1UdIwQYMBaAFLKRrUbzjUwpG8W8HWLsu7s79/rsMAkGA1UdEwQCMAAwCwYD +VR0PBAQDAgTwMBkGA1UdEQQSMBCCDndhenVoMS5pbmRleGVyMA0GCSqGSIb3DQEB +CwUAA4IBAQAaSMpOsqeqQmZk886kaJWqGYvUXL+28fp2bFQ+52mKKtYKNpamUdHP +iUEQHo/FiiJFsqktPEqiet7bQGsP0o0reNvlAMfdPNcCYRgBJtaOJyTfcD1stL/w +IFvvqfHffuimApJ9pAls5lGM+CxuMpQMsVfOFuHgdAI3qQJN7T68/td2PBosXBM6 +GAemErdHGxMbih0+SVbL/5UbX3TcEawh2/IMtdB55t9yB9LzbUp8N6Dm8A4tFhOa +pl2E0D0h2xR0++U9gX00m6cUQGCJ/SwkcyEIZoRUAihP46cYPkIgxyfdllczDHIT +tfvJuVD90ZuNOfJTl2+1kX6m+6u0ccLO +-----END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem new file mode 100644 index 00000000..54a47cff --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDLbCFjjBj8spc0 +HCDjfhMMXLXsoEtQMcSCYivYMAOm3Y/eidqhPmR7wRmAGKG7uisoX3JCZvq1tgtz +DEk27o3DTDVsAZIJg4qixUtFH9RLlzNBBsh+2bXLh/JqJAxpF6lwsazeXcbt+8Sw +jdURAPhJu2Soc5JeTUUP6IhJ3D8fcG1WiXiIN8gTpjkjn5wwf4tIl5Tk1SxCIOCu +Quo/SZAJfnqY22NJ9o5t2Dk/WYbiUyi80NHOeU+l6k9K/5KOXKDjizUW4+/UQVHW +kP0EfvSB7VqpeF/D/oBsY7o0Atk0ga2RVsuCyoCofP4gHkC5iOd8U18wyn9yzqV2 +w8j42+/nAgMBAAECgf8jwd4coYPC56Gsh0VAt+ihQ6q27XZPom/oe1k5pzb9HfUs +KQ9FSLJhDpBs8+d6GD992Uk8Yt2vE1Dv6Dj2bvh8W+kIEz6YbYbxFb0laXLn1qwr +wgV8Rsit/jeecLe9wWsHZDP+4n0VWCw63LOXSZRbYZVQBwCzkuGQ6k8KrKxr2gah +l/tLi6qm591PFD7ebMZyg1xfTZ9i5SZ1gaqC3IjMor0ZJ1GeNvWgyP5/0Lr9jeCb +a72V/3R3g86HlfBNSTRZpGQxv1I4ZGBVPfwRdykvnbBBmOTs9RWqbwXnkYJB0cH9 +5fsweMLcrmHWn2puMuhqC/VwpFcefDH7OfpkJjECgYEA/2ilKhTlXxgVfYRaRp9U +xweYcPauaenpyQw4jXwKsxIogHDeo5smfWdEN8cEKvIMGfGeH1Aj426PkFkAcbss +Jq5SHG7x2KIquJq5FEzVnLPSDkgKBcF0vW/MkwpMr99fb2YMSUfBcZPIrBUBNt24 +fydahiMn1hcFSiynefmX0kkCgYEAy+StnrpHQAlgSJ+Xg1/XdVYcrR2S4I4oqYeM +fsufUKxprAZ3iBfd2QgH7skPySHbuIrsc+CIY+IxXfskSUlgy+wjz6F3sPrUoHyX +hj2iWcmv7GV+j+ygdXx8epJviwlPq1URxf+R36vJr8yB/i2mqRxXb+JlVWJ37Iv6 +Z+15sK8CgYBpAF1+im6uBJm5K3Ntu01AMdgzAMc9lcPeOp75U7iWW+24uC5ftoZB +YfYCtFf7S907wUCPgQPwGWD+KAjtuNRy5pGtTNMyi6DimgFi3h+nt6mw417zdNAI +nXDONprGZx+2DY8ZhV160xXZ4RzJsKeL5uLpaISVGIu9LdSAaeNHuQKBgQC/SxJ1 +nFFizCkwmcK+ODpeVOdcqCV4VwfhXlI7V/Fl8AzIn9yfq7yxda5zouITk5egwX5s +jVmJVNt6UDjQJW8Sg79pexVfz0WUOLC0+riKQwax5NtkTt6Qu7XSDfdm29qKZari +OBB1aKg2Lso7XjtB6FxElYT7IgJfxUivHweP8wKBgQCq0LVjK6JHd3wfIBNUQaLp +snETUeVZVeW8gBIbY+y0Yqxg2Em3//ClmZE99FBvVE1UpwumUu6iuSV152aCBt9T +bixkduqzgDn4zru85giSCRf62Spg2EFXC+Iz9lbsxFWQeQBHi4Rpn2/VLj2mUQ68 +VnQz7SbZYZSFlOKji0cjYA== +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem new file mode 100644 index 00000000..9bdd7d1b --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDdDCCAlygAwIBAgIUIAuZBSgSjOQLVkBfSV/7FvCsaWowDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDIxODE4NDc0NVoXDTMyMDIxNjE4NDc0NVowWzELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEXMBUGA1UEAwwOd2F6dWgyLmluZGV4ZXIwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLbCFjjBj8spc0HCDjfhMMXLXsoEtQMcSC +YivYMAOm3Y/eidqhPmR7wRmAGKG7uisoX3JCZvq1tgtzDEk27o3DTDVsAZIJg4qi +xUtFH9RLlzNBBsh+2bXLh/JqJAxpF6lwsazeXcbt+8SwjdURAPhJu2Soc5JeTUUP +6IhJ3D8fcG1WiXiIN8gTpjkjn5wwf4tIl5Tk1SxCIOCuQuo/SZAJfnqY22NJ9o5t +2Dk/WYbiUyi80NHOeU+l6k9K/5KOXKDjizUW4+/UQVHWkP0EfvSB7VqpeF/D/oBs +Y7o0Atk0ga2RVsuCyoCofP4gHkC5iOd8U18wyn9yzqV2w8j42+/nAgMBAAGjVjBU +MB8GA1UdIwQYMBaAFLKRrUbzjUwpG8W8HWLsu7s79/rsMAkGA1UdEwQCMAAwCwYD +VR0PBAQDAgTwMBkGA1UdEQQSMBCCDndhenVoMi5pbmRleGVyMA0GCSqGSIb3DQEB +CwUAA4IBAQASHK0l0e3dStzmEhwRi8GutzBh8KFvJDXAIgAZqTiP1s5n3YOONNJJ +zcQCl+yAzJ9PlDbSRqoLu7kO1oPd1MhoCUCh0SPe59q/tKOfh8uTEw419aaXSP2B +sl+SgumOd5WKomc2MByBehZR5FAV9vKFcvgu5sbYC92g9zyhNSA1X+6wocgqUdBd +YXOUw9gfnvu1gipjLcXLnwrDUyUYFq9NuQ6pkiF+3rKS1gpu3up1EDny26kmsFkK +Db1enNY5jMB6ALc1fRm1JHXmFY9bOEfwx8+kZTjRFHPoj+RlOKGEcg3ppDu9Rsdp +LEpx7vX5svwqHKWXzppFd7WnIchuLaG7 +-----END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem new file mode 100644 index 00000000..d02c1694 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDMkhAYDEv2F/EA +xoCtFBOWObPZWRYAy/lX1COoieWK5FYMSVcZDwtRodvHmqhU2yFPmqpWwEGUiEZw +SntSWEWfXtjFhWzMA2zYdLud0vJ2nViZjEpG7o7cD4aovAMHIoGasG2P/+NKMXPR +bAxyQ4+hSrFRr/JNHxGruS0qqqyj79ZsaktulgHqKNKSfdOZEYMZYB7Hpe+wPHFt +72x84nbtdYEB5EYjDVwQlgazuvNcRXdCki8cPqsVwejIT3MHSd5MqQ8nGe8mnG5T +aprzBhLkY/XhG5iB3my3puiXkRisYK/KHlLAOqMc3LDZNvF345a2azpe4S8KC5P8 +AWzLXjHfAgMBAAECggEBAIJAff7R1YvbspfLzCJnphEArIK3NktLlHdXm1y0cHL+ +78ri55INAif35vgwgP2GiK8my05xG1B3dGILCnpjufC/c0ZQrfU4ORWZPdw/dCIS +DVe2+5QuUMfNGvBUxZjFX8AelaQaSZ3z3sp5AXO/kLQh2sUoQh7YqWetgBSql0HJ +UD9LKeVAuUVvo6jEGwXclDWn7QvkUVEgRfYAZ9uhH/urmwsQjfVbzzxP/f4tz5kQ +qkjvLICQqvH8x22blmK+EHO5iHkE7H4QmdUcidbEiqWKWm5tvCsAVFjrPryTGcvB +j2ny2CDRRGh/Rpu8ec8iIwE8ZUC1QqXO+JScULcw+AECgYEA6g8fLW6ZjwIqBg7h +P6DoSqJgbbT/edNlO76rXanOke37C5FtJgTUpId8/36kmPUwfdV9hNutT12UrnjL +7iBX4A61Xl5jNY8w5dRDXoedswNFvimihLos6TE/rYy8Pi2vHLAUtVKW4PhpZ6X4 +JqOMwIRtTXKIaD068qW2hnp+baMCgYEA379I5rvMXBhuctfI7EB1O357jWrjI922 +3yroY9rgF90/bHdD7dL4sFHv1gpp5ohCG221tiGRF2JWfsMgjMPgAqXwkqInLpRL ++bzbRFmmmVbH1mMBdDed4sf57qBRLrkHZUns8IwC8OeRn2oyGIAkqgC4MUKQgrUm +CfQBP1M4NpUCgYEAkzIFWm4GtlAXG446C+jmjSFG4VeFnxjZvlPvs0y58z4ltiWz +7cf17q6iZo8/dk4kO86KTIZWnOXuPjcLkOrYOLknSHy1iZZOmwr9fzJsc4roTmoi +obPv0Is/T6aFL9lNGg6GR230IvE2YI+Y2rvaJaxijOUtcdin/LdIbZQVdF8CgYEA +1yktQ6Soeo+L9qgHMRkzIwkYav+0eZMF/klWvF+IS6qZCQcPra3JNFU224+cEvJJ +D/NKYGCbE++e2btum67oxeMpGvkP0L0O6pNwD6RejupitYjzpvysuZ4wfAZyywln +UUHrtc4OLfehk7kdf24K0+hpOAWYzfjBIaUhZfHzBpkCgYBdmXNe8QybI0EAvCn6 +ENK1CYv7JH9L26aMhd1avmIhRWVcvFbCZTIECr2cEadoLF9LVBTuyCtCYdssRIM1 +YxUWpi5AFtRsrjypgWYpu/MJS7egR+vZqSEFFNgWnqDDMH8LgK6anR2yqVHhf4NK +zZOLoET8jTOvtBFZmhJ1RvoaLQ== +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem new file mode 100644 index 00000000..f52603a4 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDdDCCAlygAwIBAgIUIAuZBSgSjOQLVkBfSV/7FvCsaWswDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDIxODE4NDc0NVoXDTMyMDIxNjE4NDc0NVowWzELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEXMBUGA1UEAwwOd2F6dWgzLmluZGV4ZXIwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMkhAYDEv2F/EAxoCtFBOWObPZWRYAy/lX +1COoieWK5FYMSVcZDwtRodvHmqhU2yFPmqpWwEGUiEZwSntSWEWfXtjFhWzMA2zY +dLud0vJ2nViZjEpG7o7cD4aovAMHIoGasG2P/+NKMXPRbAxyQ4+hSrFRr/JNHxGr +uS0qqqyj79ZsaktulgHqKNKSfdOZEYMZYB7Hpe+wPHFt72x84nbtdYEB5EYjDVwQ +lgazuvNcRXdCki8cPqsVwejIT3MHSd5MqQ8nGe8mnG5TaprzBhLkY/XhG5iB3my3 +puiXkRisYK/KHlLAOqMc3LDZNvF345a2azpe4S8KC5P8AWzLXjHfAgMBAAGjVjBU +MB8GA1UdIwQYMBaAFLKRrUbzjUwpG8W8HWLsu7s79/rsMAkGA1UdEwQCMAAwCwYD +VR0PBAQDAgTwMBkGA1UdEQQSMBCCDndhenVoMy5pbmRleGVyMA0GCSqGSIb3DQEB +CwUAA4IBAQBS8eW6MitrYwZekjIoo74po2sYMkCcjuqmmk70TEOxPcAEcGLsHoNT +jUfGhSlEhxTnUmBG4spMD6ZAsYvaUR+ZoQSDecbRuBwEzIz8xuUnxM5bIypI88nd +JvdQhXQ0jJ2unC6uRqOYrwnRYzhMw72gAnzXd59l4nWEnSBg/Khu66kRXNclP7XW +1pzkoKZ38aZ9HfG6groQdQVy/3+ZYXc2sa/Vrcy7m0S8/V1xSftMl8sw3s5ae/jv +lv9qL/8cLlcXaksdCEe0QHTWo/N7CYd1LOAPrBBmUONaGGkIhFqEVgmXGJjbKuKl +I+HU/JaMMHvYkbP7z4j9u3zWb7GuE0d6 +-----END CERTIFICATE----- diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index 89eb295b..a3740f94 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -7,7 +7,7 @@ ARG WAZUH_VERSION=4.3.0-1 RUN apt-get update && apt install curl libcap2-bin -y #Download and install Wazuh Dashboard -RUN curl https://packages.wazuh.com/4.x/apt/pool/main/w/wazuh-dashboard/wazuh-dashboard_${WAZUH_VERSION}_amd64.deb --output wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ +RUN curl https://packages-dev.wazuh.com/pre-release/apt/pool/main/w/wazuh-dashboard/wazuh-dashboard_${WAZUH_VERSION}_amd64.deb --output wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ dpkg -i wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ apt-get clean -y && rm -rf wazuh-dashboard_${WAZUH_VERSION}_amd64.deb diff --git a/wazuh-indexer/config/config.sh b/wazuh-indexer/config/config.sh index 5fa3715e..0b53cc41 100644 --- a/wazuh-indexer/config/config.sh +++ b/wazuh-indexer/config/config.sh @@ -48,7 +48,6 @@ cp -pr ${BASE_DIR}/* ${TARGET_DIR}${INSTALLATION_DIR} # Copy the security tools cp ${REPO_DIR}/install_functions/wazuh-cert-tool.sh ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/ cp ${REPO_DIR}/install_functions/wazuh-passwords-tool.sh ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/ -#cp ${REPO_DIR}/config/indexer/certificate/config_aio.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/config.yml # Copy Wazuh's config files for the security plugin cp -pr ${REPO_DIR}/config/indexer/roles/roles_mapping.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ cp -pr ${REPO_DIR}/config/indexer/roles/roles.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ diff --git a/wazuh-manager/Dockerfile b/wazuh-manager/Dockerfile index 5968d239..473cf6b5 100644 --- a/wazuh-manager/Dockerfile +++ b/wazuh-manager/Dockerfile @@ -8,7 +8,7 @@ ARG TEMPLATE_VERSION="master" ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" # Set repositories. -RUN rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH +RUN rpm --import https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH COPY config/wazuh.repo /etc/yum.repos.d/wazuh.repo @@ -21,7 +21,7 @@ RUN yum --enablerepo=updates clean metadata && \ RUN curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm &&\ rpm -i ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm && rm -f ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm -RUN curl -s https://packages.wazuh.com/4.x/filebeat/${WAZUH_FILEBEAT_MODULE} | tar -xvz -C /usr/share/filebeat/module +RUN curl -s https://packages-dev.wazuh.com/pre-release/filebeat/${WAZUH_FILEBEAT_MODULE} | tar -xvz -C /usr/share/filebeat/module RUN curl -L https://github.com/aelsabbahy/goss/releases/latest/download/goss-linux-amd64 -o /usr/local/bin/goss && chmod +rx /usr/local/bin/goss diff --git a/wazuh-manager/config/wazuh.repo b/wazuh-manager/config/wazuh.repo index e230d6a9..4b673ff0 100644 --- a/wazuh-manager/config/wazuh.repo +++ b/wazuh-manager/config/wazuh.repo @@ -1,7 +1,7 @@ [wazuh_repo] gpgcheck=1 -gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH +gpgkey=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH enabled=1 name=Wazuh repository -baseurl=https://packages.wazuh.com/4.x/yum/ +baseurl=https://packages-dev.wazuh.com/pre-release/yum/ protect=1 From 80da7139377b345fc6df7ef7b861c1e4d2f95ca7 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 18 Feb 2022 17:02:36 -0300 Subject: [PATCH 043/163] fix various issues into PR --- production_cluster/nginx/ssl/cert.pem | 21 -------------- production_cluster/nginx/ssl/key.pem | 28 ------------------- .../wazuh_indexer_ssl_certs/admin-key.pem | 28 ------------------- .../wazuh_indexer_ssl_certs/admin.pem | 19 ------------- .../wazuh_indexer_ssl_certs/root-ca.key | 28 ------------------- .../wazuh_indexer_ssl_certs/root-ca.pem | 20 ------------- .../wazuh.dashboard-key.pem | 28 ------------------- .../wazuh.dashboard.pem | 21 -------------- .../wazuh.master-key.pem | 28 ------------------- .../wazuh_indexer_ssl_certs/wazuh.master.pem | 21 -------------- .../wazuh.worker-key.pem | 28 ------------------- .../wazuh_indexer_ssl_certs/wazuh.worker.pem | 21 -------------- .../wazuh1.indexer-key.pem | 28 ------------------- .../wazuh1.indexer.pem | 21 -------------- .../wazuh2.indexer-key.pem | 28 ------------------- .../wazuh2.indexer.pem | 21 -------------- .../wazuh3.indexer-key.pem | 28 ------------------- .../wazuh3.indexer.pem | 21 -------------- 18 files changed, 438 deletions(-) delete mode 100644 production_cluster/nginx/ssl/cert.pem delete mode 100644 production_cluster/nginx/ssl/key.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/admin-key.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/admin.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/root-ca.key delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/root-ca.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem diff --git a/production_cluster/nginx/ssl/cert.pem b/production_cluster/nginx/ssl/cert.pem deleted file mode 100644 index 1eaf2bd9..00000000 --- a/production_cluster/nginx/ssl/cert.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDazCCAlOgAwIBAgIUQ1qhaGbkLQKDypv0VYUrcCeDfoIwDQYJKoZIhvcNAQEL -BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM -GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMjAyMTgxODQ3NTRaFw0yMzAy -MTgxODQ3NTRaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw -HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB -AQUAA4IBDwAwggEKAoIBAQCnEhTwQ1QkQEdU/258kta6bWNFP+E52Ez3SruJIl8C -6thAjplR4LQh7K8COWvWZty44JDY2kfpABtyeVDobWZZfJnxXUw/xgLQu6govJO3 -md27I2xKSDSq1j+l2fmwRRQDTDQb9/WWG8BhE+sB/kx65omyeOq0GhIQl+bvolfT -naLyjhDW/ZyT3rfMax28jRs/6MEF3DcaLZnOaKgFdBMDB98A7LOqdLAnEPsMZGyQ -LoNkYZWERuXXYM3Au58kIq0CDqIIqWtucbeQznHhYcwqY5FtwNhXEIwzt41ita9l -uXSzgU+HjGqhnd7iJAtDCeuNk9Iiic4aX3HdKEzv/pN5AgMBAAGjUzBRMB0GA1Ud -DgQWBBSpMpywVhepErRyxnGfJOfjJtfZaTAfBgNVHSMEGDAWgBSpMpywVhepErRy -xnGfJOfjJtfZaTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCI -Nj2/eC1+9WXPNhs8YbtLAmJ0EzYZCvD4ybVE0C/2mF2IOpBwouZzmd1Rd7V+h8mu -b/uQeahJVyxsldFFr4nv5HjQe/q0PbxtjK4rUQKejDLB88SEJ85+Low5OT6gvW3y -Gzsy6XIQkghG+zwxEoO4vwbJO0gLdMR6MkcLkUkLVN0YcUPBSPLz4kiNL2jcF/lB -8z3NBmDAV1W81z6xlZdKkkJuEtXpS+r0cfxUUXQOcNC77ujLUr7ZfsdwDh6wbgrP -JvZId+tBrfuOmXZQmvLt/H0nJ64dgDFuGDEgJcFSroMvK3pAoHeJy47C19v1vtbv -2Z4EKAkuPze93MpoTVn2 ------END CERTIFICATE----- diff --git a/production_cluster/nginx/ssl/key.pem b/production_cluster/nginx/ssl/key.pem deleted file mode 100644 index c4bd32ca..00000000 --- a/production_cluster/nginx/ssl/key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCnEhTwQ1QkQEdU -/258kta6bWNFP+E52Ez3SruJIl8C6thAjplR4LQh7K8COWvWZty44JDY2kfpABty -eVDobWZZfJnxXUw/xgLQu6govJO3md27I2xKSDSq1j+l2fmwRRQDTDQb9/WWG8Bh -E+sB/kx65omyeOq0GhIQl+bvolfTnaLyjhDW/ZyT3rfMax28jRs/6MEF3DcaLZnO -aKgFdBMDB98A7LOqdLAnEPsMZGyQLoNkYZWERuXXYM3Au58kIq0CDqIIqWtucbeQ -znHhYcwqY5FtwNhXEIwzt41ita9luXSzgU+HjGqhnd7iJAtDCeuNk9Iiic4aX3Hd -KEzv/pN5AgMBAAECggEAMS7MhTJ86bMWjLopb3jWx8j+CVvV1O6NMduJO8SnjbdO -9CpGjmkE/lur5Y675UEgxzgsy/nuY3RJoDiAjfvuvndE5l4d3URQfdxQk7V4Evuz -36x86504C/bIg+2YaMDdNF9Rk846OPdweeOgMlUHdMK7VJPuHBj0qnfdXzw+eKgc -ivBsDRYb98XVgQ4VjisahfSe631eKr3jVoX0KIQ0rb0E0IWO2KtKZ460zGP5TQCT -i+/dQiKEDrLYPetxnTH1D4PUqxJPI/wsmvhJ0zX/wNc65gywGQN6NEuigBQ5w0w5 -KVgGphlM6JJ4qG37welTFsg0u4Tyo97gDGcRc/8MJQKBgQDUQtlxAdv/G2SBpFRs -2NNue8Lzbqjqrx8a+9xS2dCcLMqWcVVT+pnD04zrct4vuoWEjBdsnbDyAZ8e0VaZ -QJfdOiAaREXcvZdyYDutqbZQhTX8D+OPWzvMovYQTPHTLFd/y+LqkbgCxlEb6P7b -LqKzIz0LelDZ4GOSnyvK4Ua0LwKBgQDJf1qDp9QfgkyTWMByfr0ulwSGo7WUJjdL -9OlCmc6FDHzBWvKvw0CyJLbj1klSzvlirKs4aYqGd/ITjrvSdnaFFUq1RJ8UX2qM -2qGJpCWSdPVhEc/Gdb1TVS4LptAVSZWYACMw9QjD60i2JLL3Go8YCZcfxpl/Ya2V -7UhKIKbA1wKBgA+XcX15k31jt7hGJ+Vu7+j3slRLVqEWiARlZ8O2ODqgl6kBXjEz -AUR/L6TD5UpAOzqHR9k0pCDCubt7yQ6szfr0IBON3EvgqVU/eGLDSp8TiemgCSko -nHXlqol7/W9znGHIyjxMw+WAR8jzDnVvMYhTGFLVg0bd0rKceo0GizkFAoGAb/Q3 -mWDdRiiCXXf5bWQnvsQfuqMpF0hofuZz2BJXIat/gXsDzk5hGtm1WD/Oe5kODRo9 -A9n4IqBwOxeaGeTCE01yNecLsCkXrW0oRa6TRZ2AXM+lrvHqIGv6anTjtoAtAshI -xUHP/fMzcihP22XBTay+b+RLku/1n5C4Ep+zpv8CgYEApkjrYfQdPZe9gCqZpEpe -pRO+ojilKstVb3IH95ACZR7/5KSmEOdLGav02sPNxaPCpWKGxPPXytdZoQJ+oGUP -QrylTfRMPewrSRRKhps8XTA4fJr25ORDNoalx3iFSqENHsx3bzvQkteJVZSCoVEL -nAO2njccRKHBlsqD2zyskK0= ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem b/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem deleted file mode 100644 index a99ad416..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC1PBTdizTqmFYU -zRCKVBJqkQI2gY2onSY4LgS8PG7d1L8KNfb8dH4YS+jC30aP4I1DaK6yAo/sB9LF -9/Fp9XD55lLWRUt9214v+7UnOY19z4s8mCUMHPvcT8dz6XSnbZIG9p8n1zP3Omm4 -WSSTvldR89ZzDoQaZWfYYmEHWG9oqvsAT5ANRMgtsH9tYgQALeM/cujJHITYjJfJ -nFaQGBSNMs70v5riVfYnePlEx2AAwYDy5OU+py8pF0m2Q3SfuemT2Wpc/i0Qkawj -F7Df4keUgSlQcg+leqFDHrP8U8TY2ty4JOc2XjmU0KSkKk1BpmDlzeg+0wT2bQmY -TwEv/HyFAgMBAAECggEAaxbeaW5pTTnIm6/0VxiIbUnUGesBjqGVRNsEV0oKZK/i -VqE+mTwoiijIl+Wg50FTl4JSv8K90kVpKStyDh9Gq5OKXSxDCFJIXGgKSew7DB1H -8/0e3wJ9XFgTzg0jrg8Tm2O89ai2/x4X/CNIdrihFj7T99aa/pHvA7BWDyYVZq2q -ugOKggSGTkyZ7/SzEy6xgXleFEV5El/HEuW1YtPeK+0pqPmPhFr8zQKh1p38rAhm -G6ojmkIENwHUPzWVFI2OK4mNM/uXvAttQEK2kvfffFuBjJss5qRrNMTbxVW0E03Y -g4TBBHqxRgrrnMePmGtZukGCh2/7f9Y2xSicdbhUXQKBgQDfjWNO6qb+K4fgd8KV -mxXyINiCAuB987EXeRcTitmPWd2c7yBa/7ylQkK36tqnhhm7KgP1C69aBbrcDT4A -RWZoei7vrQkzo3Eag6nT8TNqbEXLgwmmE87Kfxjg+Ila8gAFKIHzsMU81BN886Vb -9EUnGnPyPHVCBitfW+iqUN9zFwKBgQDPikiLDyXIWa22gn/ietgk1zb/ww7Eh64s -2YrVL74qqVhYRvsTZUUD3gejM5IKHV7+iYotbnlCuv2it7RwMZz6RiodM5+5cYx5 -Pph6Dtdbr0umM8NulnfwbxMaBOyxs2Jjre6CGaqWMHqCEQ3wyxpOFdHO3hcB5L/H -vLKyFYH+wwKBgQDXDGfvzoL+FloLcKlayWl/FmGwD5xtDTPaZL3yKqvG3qf1A4OY -hlKuluMfkWjtpm6yQWS1IZx5ePGcJZDzKc+tyXvFTCuB5UQ0QVvpaioPwkAR2eg6 -Puu6mDESmYNoXUvvqlv4VKAoN8rXdHopzv2G9Ed9SvNxpAWtIfjbfhi12QKBgQDH -7jEgNUFylmGwNls4NJtQMjt7e88YKJT0A8WoxctukaDXudlZv+8SYKv+3klLkSvY -DWudhJUwYa7BODOM+V5+A2XCp96w6OAoVNLSksWIP4Ci5a7ZM/7rEjXWlPPn5CVe -XUos7sjU0nLSJdfGJgJ7Qq3RmUWUv2a45eFHiUynvQKBgQCOzJVGE+GNTcOco0Ek -JU+BLYxc7sG2w5lJo2ri5hRB1b1ao+BLqLp4RoOCz5kS3cfSmCAXpBFsGi2Y2c1H -uI2KaUtpah1E4IMVVX5y6Bfv/E2HUKoRduGUATGgaNXpT9rG8s04wx9Y2dF3Uly3 -Ym2E41FN3Xp3aAxAI7hVHdmUKA== ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/admin.pem b/production_cluster/wazuh_indexer_ssl_certs/admin.pem deleted file mode 100644 index ea875f54..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/admin.pem +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDDjCCAfYCFCALmQUoEozkC1ZAX0lf+xbwrGloMA0GCSqGSIb3DQEBCwUAMDUx -DjAMBgNVBAsMBVdhenVoMQ4wDAYDVQQKDAVXYXp1aDETMBEGA1UEBwwKQ2FsaWZv -cm5pYTAeFw0yMjAyMTgxODQ3NDVaFw0zMjAyMTYxODQ3NDVaMFIxCzAJBgNVBAYT -AlVTMRMwEQYDVQQHDApDYWxpZm9ybmlhMQ4wDAYDVQQKDAVXYXp1aDEOMAwGA1UE -CwwFV2F6dWgxDjAMBgNVBAMMBWFkbWluMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A -MIIBCgKCAQEAtTwU3Ys06phWFM0QilQSapECNoGNqJ0mOC4EvDxu3dS/CjX2/HR+ -GEvowt9Gj+CNQ2iusgKP7AfSxffxafVw+eZS1kVLfdteL/u1JzmNfc+LPJglDBz7 -3E/Hc+l0p22SBvafJ9cz9zppuFkkk75XUfPWcw6EGmVn2GJhB1hvaKr7AE+QDUTI -LbB/bWIEAC3jP3LoyRyE2IyXyZxWkBgUjTLO9L+a4lX2J3j5RMdgAMGA8uTlPqcv -KRdJtkN0n7npk9lqXP4tEJGsIxew3+JHlIEpUHIPpXqhQx6z/FPE2NrcuCTnNl45 -lNCkpCpNQaZg5c3oPtME9m0JmE8BL/x8hQIDAQABMA0GCSqGSIb3DQEBCwUAA4IB -AQBOrqGywQkT45WfQRwPsuCisMuogIhLDRe4Idpck/AXFXa+SIEtq5KG4KOCJ2qt -tnOcCX3iI8k9rJWRlDCR+vrJvdnsgS15uvbuhe9ADqvn1LIojhQDYf4eK+AC+dg0 -H07HqoDiyOSDrhTWXd07yX43qBLvuh8Jk3EHTOWB7xTg1mzLkGIXyPjQOcl5OOhT -dcaQ1z9x7pAU2RlPgvW9WRG+OkW4QPlQ3Dfu9cnolxVE0EE7l9+QsWEmngZSR3S3 -/FX4FYqJPUeTec2pkRNDhJSj0Lxmsq/j6jizgRHw3PVFPex5AyZq2QpM4vc/Jmr7 -YeYPqGk9Vs+5qt7OTtXx92D2 ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/root-ca.key b/production_cluster/wazuh_indexer_ssl_certs/root-ca.key deleted file mode 100644 index eb7cefcc..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/root-ca.key +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC4eWZKsWGQdEj7 -4036dloDJ3GXQ0svWhmQmq0H1SWjmIrNw952SsAiCcflb/buJUwN4h1w/h77+88T -+iigTpb6vW/hiXcB2ev0IVrEa5SvpYBmooEPz9vJopxaBoJt0NEtR0qHEwHT7NOl -7tQJRAGq4+HOkqFv2XC9MjRWIVL7AkWjrGJL4IgIlX8vR5TZ93TXDWUPUGADWQcL -84Uc/URqpovgfVu62AwCS3xvf3kkgbA4CDVZPhb+My4Mozz/l0S5wYvxYdpzs9zT -MpVZP9Ye1g2p7L7veV3A2UXapYNbMbSGzCsbZa0u9pur6ZOX4Z+RD6OwPrBQ/0zs -k2ZV4GGBAgMBAAECggEAbNiMp7PD2mUSjzVOVGMytzu1xUeafCUQgocRY1a7r6yY -8dIJWAjBFxRoUxNeQqPVHTf2oS4AADRSufnXsMbORMIz2oKuqnP3ygNIOC81+vGP -Mn/d4QOHLpD46hF/MeaNFcdDzTFE2dOaCgVCLPlodnmhSa6w/HrzD18pDEz7Vki+ -SWyJGlci+eIWEZ6a0JvJ9xk5I+EmoVNJLFM1ncgvF391AaD0RmWlrq9JhcuxF5mP -lnZPo9DC3f7LjKRPrrdgSJFTxnEbGaP/ECqVeju/VTrjYOi9WRWGa9eZjDzet8+B -l9n2KUqHm0KRALSuqp5bjJgB5VpOP9TdsRw3Hj8JcQKBgQDvGw+xQXTdPJ0X3KA7 -wtQSa/pcQJes6l6AWmNO7KugfoTd5yIAIUIYmN8W4iafwcxwiXAnzyOW0d1ymPqI -0Lgz1uh708B1/ZtT8nkPzjWPoThW33ngR+SdmlCFVeVyPsx/Cp+6ueQvy6y+lmEp -bZeVMP57e+AKdDb4uh15ijRzDQKBgQDFgipDUs4kU0aA5HKpLmXeQ8gcaocwj+ml -0XNjJ2BPzOt9OnDyfL3dMSGczfWtjqz3LSr/BTSFQKeg1CaRD/DjRc+B8lCOGsgS -2agUXSWUjqshG35XTB2wHR64CEydqx00N9ych6kc57aKYbOOgjMsRX8BGJwIq1rM -ojLR+UcbRQKBgQDoN68A5uJ572FeiF5yS+CtV4MaT30/aYuIOsDSKRbyU430+YJS -//nya53W2qLKa2yDK2fqsckNtBrPLnW7pIIRjrnRcTEtJrXRTN94kzv/l4NhE7+J -LCmDSxjCtk6VqxnulEHXFqzgIn5NxzzsAEzEj4XIJeHMJVwyKodvv+L6jQKBgBLJ -kO+aftVhvoEgOe/x4+rCk9RwJa/u4JDPXaR+6GBu46+j0X6fcwgJVmMuDEKYIcfZ -Wg+sFRTf05Iu3ARMeeOEjnqT7Cm4TnPMlHpradm5wHmDvf7b1K8d9gAXegI9dqey -8J9LIEEJoYmERao2pFt/uNcH2j/Q3PA+NYtXpPXpAoGANTR6OMftiW8EFrcZyeJm -KsPxzhK6/X3Tgesdcpxx3x8NmvpgKUkdSWiFV4kZ2Ns4quCfrlSK1jpmC7TVlSiM -CLi84bUlujCbOrONxcgQsb/wRJW7gguolmJeE2WBzEhuklTR36VRUH9dYCkrfscI -ROuWGjg69W/p31l4vcxho9k= ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem b/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem deleted file mode 100644 index c2f2de7d..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDSzCCAjOgAwIBAgIUbG+CuamLgOVOhiJSbsE8k5fKLVcwDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDIxODE4NDc0NVoXDTMyMDIxNjE4NDc0NVowNTEOMAwG -A1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApDYWxpZm9ybmlh -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHlmSrFhkHRI++NN+nZa -Aydxl0NLL1oZkJqtB9Ulo5iKzcPedkrAIgnH5W/27iVMDeIdcP4e+/vPE/oooE6W -+r1v4Yl3Adnr9CFaxGuUr6WAZqKBD8/byaKcWgaCbdDRLUdKhxMB0+zTpe7UCUQB -quPhzpKhb9lwvTI0ViFS+wJFo6xiS+CICJV/L0eU2fd01w1lD1BgA1kHC/OFHP1E -aqaL4H1butgMAkt8b395JIGwOAg1WT4W/jMuDKM8/5dEucGL8WHac7Pc0zKVWT/W -HtYNqey+73ldwNlF2qWDWzG0hswrG2WtLvabq+mTl+GfkQ+jsD6wUP9M7JNmVeBh -gQIDAQABo1MwUTAdBgNVHQ4EFgQUspGtRvONTCkbxbwdYuy7uzv3+uwwHwYDVR0j -BBgwFoAUspGtRvONTCkbxbwdYuy7uzv3+uwwDwYDVR0TAQH/BAUwAwEB/zANBgkq -hkiG9w0BAQsFAAOCAQEAoGVw5SL6rrUeRKzUd1AMBqDv6LtNOXY2MZUtbNo9EyU7 -4AuTVlenK8DJuwr4gIwiUWJe5PbQF5+eegppdwwCVpLr8/xAe9y8M04+oPVI21IW -KyUUzyYx07OHI89tTRodCmaiGvLoEunuXjGoxyNsu9SRce4gXFB6bxKV+40XN3jL -0DA2Hks65eK21nlnoUCcNMxz3IXyQfzEfl+spPPpGtu9sPuMyDbUl6hSK/ra+0GX -bKHSDmjodbnk09GxIHgKLQR6Hy8JmE/eH3he4QGOds6v1g8kDe9F/nrhykxou4/T -ghImCJUVyEeV/c/Xtit08ev6WjvuPQr2eoiwJ2aYkQ== ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem deleted file mode 100644 index 90b13740..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCsqKFvSwilCJw3 -LY79lwGiX2Qtm91xzuMenHTXtGfE/gfvSSMlsze94qIEj4MnZycB8ZC1+x+nf/JM -nYe/jF8vHNuCkT3mSxlcOPtSj26obTJUstGVWQ0eJcDSTueKGj/3/akdza/Q0JLM -D7arwzhRUYd8FcSu/oVqawIz7LxKccD/K/103AJ++r3UnWZwcQtRlWz1dWOUsrX9 -sASCaEGm+4HFKQuvvCA7Nqu2us39gvVom1qy62KzM31nrMe8OmAOci9084z98OYj -4y77u4no6k8PZTaz2ieuzjlk7CYRJSq3RFlhIP9xAuV/YUOC637lMWGKxwVauk1c -ACMNU/EPAgMBAAECggEAQUaLqfDbNtGXhcDio3sYshOQYzHfOay27xbFkdtxs+c6 -hrvG3vTvqQlqqYC8XARCmhiC1lo3sHLN3ytbbA6c2cn2L1nL5ioUT2p3kdIKSwDl -m2HznJwLOo+ZY6lTHkIoVxB+hHcD9lU0epOiQzPOMeg56a6tKl+tfvsv3QOueBIE -gKh2G6PuEmtarfCJCMr3XvZFs3T+0BzCMHgsyjwNpZw1gu+aHnWo/vMjl5pm9LmK -qiHhtnML6iCyyD3KaZT7decCiNLnv5sjzMsqNmP7CSoSphw29f7sRPAAuDwr5NDq -ni8XZJEXp1QrYvc7+/EArs/cbfiEqjoFWZOFLZPeqQKBgQDbc6NrFss1yL0S9yD/ -XdUBBaqqxUSqDRH0nXI5xe8Kfi/wxD2pBcaRoq19zgLJMuuHMU8lITbg+AXStQz/ -kcqxT1lOz9TyKYh13TpvBBPcWKPwgbgxdAL2EfZn65KH3ry9Ufh5mYpIrFCfuDsa -WP21oEKGVElGczOx11WNN8NqkwKBgQDJafbz4Z/p1aq7lF+Tf2L0DVlgz3a460k9 -JH8+Vqwc6KeUB4foIldty5XvF5iNL1h7pA8IvAcznkM9xDF4DoEczk0fbMi3y7rn -3HSKmJY2VDPbJacunf+xcZGyiX1y1TwD5Jd1UhDRMZQbCEl0uz2TNptmowVRWuiH -n2Whh3vhFQKBgQCR7Mw++pI3+nrXsKMti/yGyHjbQ3/MQBKvgT6ich7o8E36oNOL -oD6ROwZ4gFPT7Fs3s684NmTipaphmWjCTPTmgKgXQxYLzVhjX69qgOCgBgVFeUy8 -/bK2Y+1g3wG5/X+tuGMsoM+WUZbvDjem5oQWkTGLV2K+SP6YBGNsGyeDpwKBgGF/ -/0DN7uh2O2D0kVPIbbFwqNyZcYJQu7JycXpO4KBZ641YG+0+eo426EzGYl2uFqo7 -n999jgrpyOkkiUHx24SDRYg50+xNHhxRdsUE2mpQVo32azjA2V8feAUyU1z8ZkII -LV1oraVm16hCWbS9UzBpVc7YiaF5XWkRu1P3TvuFAoGBAJSmSaTYf8ebPFmPDAIt -xgmRHMAEvHe5U/TvMbtEIpgQLXoziPgtr8yOEVty7p1pJ1r4+Yym0QQ1a8wQp4K7 -VLzMubcv+gNfTclHHTiail757Jk6pBSkV94hP4dHN6tsRdlYlF7iUmUCWt37WON3 -SrEcAhLdo2SBNfsrhW5+X8Pj ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem deleted file mode 100644 index db0aa317..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDdjCCAl6gAwIBAgIUIAuZBSgSjOQLVkBfSV/7FvCsaW4wDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDIxODE4NDc0NVoXDTMyMDIxNjE4NDc0NVowXDELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEYMBYGA1UEAwwPd2F6dWguZGFzaGJvYXJkMIIBIjANBgkq -hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKihb0sIpQicNy2O/ZcBol9kLZvdcc7j -Hpx017RnxP4H70kjJbM3veKiBI+DJ2cnAfGQtfsfp3/yTJ2Hv4xfLxzbgpE95ksZ -XDj7Uo9uqG0yVLLRlVkNHiXA0k7niho/9/2pHc2v0NCSzA+2q8M4UVGHfBXErv6F -amsCM+y8SnHA/yv9dNwCfvq91J1mcHELUZVs9XVjlLK1/bAEgmhBpvuBxSkLr7wg -OzartrrN/YL1aJtasutiszN9Z6zHvDpgDnIvdPOM/fDmI+Mu+7uJ6OpPD2U2s9on -rs45ZOwmESUqt0RZYSD/cQLlf2FDgut+5TFhiscFWrpNXAAjDVPxDwIDAQABo1cw -VTAfBgNVHSMEGDAWgBSyka1G841MKRvFvB1i7Lu7O/f67DAJBgNVHRMEAjAAMAsG -A1UdDwQEAwIE8DAaBgNVHREEEzARgg93YXp1aC5kYXNoYm9hcmQwDQYJKoZIhvcN -AQELBQADggEBABl1eEkawX/bOVYAeCv1h+Jx6oS55fFXcPoLC+Zhr5N5ksdFwpEV -b0tt7LwInH+zoOGLsDx8kid0P9ES5N29T4575jZMKv7ACG5WpVKqEXhawxb85Ngq -PGV/JoLxtT1Q3ZQpstR/2BV9NjMJDWne9A14kzBMYpVIh0viE6wuvK8/4bYiTbRl -kQ+8eilxGTQKjLPSCMM6u/S9oyh3yAvcX9gKktBWzI7JhPZbExti/ktuntkKPsfW -3qH3s4GPw/M26ucYEE7oila57heV5UkWOJwtuVEX1KcrTM6jpZ/Ux56iUKMpw2/q -y37905GTlCTLYPiixIxYV1/Vfs0TNJo0sso= ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem deleted file mode 100644 index f3186848..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCsNnML+R5oTQ6e -MwBsr2s7+nTenaoxkpvWasdTRhYZI1Cw52pPAMr6BCQP5g0MX58WOOBswziyKftQ -vvM1n3rJXLlQEC60kWicSZ/yTAdathF7wozqJckuls70pVJikEsOmNVpEoWVnri9 -PfBEAKHcvrKjeIa7x7FNz/fXJSkO3MDnFhpMR2J4BaKpy52ZHH284bFmifDj2Prb -z1QQmWnQDUKaZJB432vfmzztJJ2I80mgxu0GIj68rM+ObYUdV7i25rzmvgw2aB4U -FMALDCQeQPP/gzlS9NsosOpGs2YUgZuQkbZerbjWGX8caNMC34+PuDdn2p9lDoyo -Nfd/i0oBAgMBAAECgf8+j4k70EQ7n8KvtddxpEhQgavzM1OgrqHuQtwmZE+i0jF+ -EpOMH72dFeQD4o7a7+HbMM5WtJTkJFwn+TZhRI5WmFi5vSc6cZiPLi/s1bHWQk4X -p5WJejCbvC1yspw7MjASHXNpuFDPCdoS5W1jRteGWcCLoj1P+jtvCR4ACn/f5blN -C3Iq+1gfDB8fgQDzFElMiyu9qNcm5hv2I/yW/qApAXyLRkfMHTXM8GbWhkeQZxHm -ytfnGikiCieBguaDhYWHfe43eQFQLvpY8J2tEQVgV4lpmoAD/HcJgAkkGuCh3TK6 -Po152qGZGc3v8Q84iQI5hQMOrc6NpbKtKSy/SLUCgYEA4CBXTtA7h9UwkY080CkR -Sz1Hu7UKUBU+YfO2WGzH8HlF4J3l5N3OzYgyn9ILe8nDsmUuXVWupHhuC1Z1KgZ0 -h8Ikcf78L2U0srmpF9PQ7gKIAH3ih5mJyIv7Q+PFcYOjsRD/dk7cB9ARnUlGfQii -Uxz8UzOUOVVi43cnGcXG/ucCgYEAxLQdFTjN4pw/wNCDcVnLPHfPuFnhH/MbQTR8 -OPDx6cXmoomKKggWGnKGViZP3K+Lb9uhhYSO9HU9+cVHELKhB4adPfGoek9OJRMT -rAaOoD6CIvpcHiCukSvyAjZ/y/+vlkoNWZsWNqktT9PVRQOc8sldpg6WmbkWUvej -674CWtcCgYEA2ifAs+9OMr4Zo2N1sSx4L+M7IoNqwV6cNR3S/KkNyI1Srfsjna0l -MbwDgrsiAGD5AnkoMyNGdcLfYlvKeZiE7uvTK77FW6DINbsv0wiTEkkWdlwSFmkl -yzYt4fwf4IkA2UYxUsgZteUacB215dh0oC/Tj2ziNxhcxAnj3ls7gjsCgYAxAc7d -IrHo65TWrRySeRSxlAgkngAAvcjkjfcFGMKsw6mahTnvDuSy4iWmARWUngfXbpjn -cwdK0IsIV6ZE+rwz683xSOv4zRljE0WrblbKhchWfpnEx8+2S4SYGIvuf113zCtX -T9RQ+gVYBib0ctn/gzvZy3iqA/sT4K7uZQChMQKBgQCyJTpYPqp8gDn7d/ycc+vB -vNLxX2Yj6g5HGuOZo2Aet70pfxWYW0SLwuff1NtfS0sVaK6dB5CLIvaXH25H5JA7 -hCeM2aea4HCA4TM5pMQWC7yFXgqmUqT8D89xjZgRaX7VdoEmKaIeGFLKeG9EXr5o -vJHt2Gz7u2If6FD8mmoxmQ== ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem deleted file mode 100644 index 09d975cd..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDcDCCAligAwIBAgIUIAuZBSgSjOQLVkBfSV/7FvCsaWwwDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDIxODE4NDc0NVoXDTMyMDIxNjE4NDc0NVowWTELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEVMBMGA1UEAwwMd2F6dWgubWFzdGVyMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDZzC/keaE0OnjMAbK9rO/p03p2qMZKb1mrH -U0YWGSNQsOdqTwDK+gQkD+YNDF+fFjjgbMM4sin7UL7zNZ96yVy5UBAutJFonEmf -8kwHWrYRe8KM6iXJLpbO9KVSYpBLDpjVaRKFlZ64vT3wRACh3L6yo3iGu8exTc/3 -1yUpDtzA5xYaTEdieAWiqcudmRx9vOGxZonw49j6289UEJlp0A1CmmSQeN9r35s8 -7SSdiPNJoMbtBiI+vKzPjm2FHVe4tua85r4MNmgeFBTACwwkHkDz/4M5UvTbKLDq -RrNmFIGbkJG2Xq241hl/HGjTAt+Pj7g3Z9qfZQ6MqDX3f4tKAQIDAQABo1QwUjAf -BgNVHSMEGDAWgBSyka1G841MKRvFvB1i7Lu7O/f67DAJBgNVHRMEAjAAMAsGA1Ud -DwQEAwIE8DAXBgNVHREEEDAOggx3YXp1aC5tYXN0ZXIwDQYJKoZIhvcNAQELBQAD -ggEBAK7aj2hBFOsq/V1OYamjFKQ3wRf7bmsbl3GpeVqsp9iSsjiE32wUethdIQzO -P/xad50Ue9Xx2FaAGSaTBerst7tStNDvPCkONf7Mp/N0f9EjofEAJIwY6H+Rz5G8 -PWoUc0uLnOFlEZ1C380hzOCYN0BMSX8S9+YVm5qSIHEFCRdyglxJZJGtepFGw7CJ -cB1mJ5XVr+cmZ58Hx+raAJA1WNFP8Dl1CIxUM2XF6m8Sx+RYGnt1V1E5GTsUee6d -39fT9FB4sdLqD5cp/jjZcj0uCBF1K+vmclieJYOUKvH8KSPihcFwH0I/WHfcQwj4 -3chvv6KOu8k0r/nvIQOw9zhYdvY= ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem deleted file mode 100644 index d8c18d75..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC3kUbKxgJ3GfJm -KyQyxS3h0OHi4Q6Mj3EN1dsNydX2sjBQBZ5Fj6wnxEKis4qtLnNNc+I6f6mzCOvP -yNyWEW2SgWAn6g6d9rQAPTPOOVOFm3DQBBdKCU+3/1+pdlWBIW7C0Vo0r+y86c4o -ZhSPMyyMDMishFyH6sh0tubauXlxR0QNBoDpFU/yAynEsWyJDmQT3SMqzW8nPis6 -uVrx0Fky0DU26j/BMQRto99b8lNcwGn/xCjjVpqAk4WOc+Ml/muOdhFLnw2VKXgV -TtcT4NA3sVSe4pNGGm+X6Md2WUBZ4WHl1H1zEgQerLoCkDPdvCQwD0lureoUHDTl -J0ePH2JRAgMBAAECggEAA3wCd/7iNRiM/Vt8SGptwIeSghf7ird+UeDpU42tPg2L -1TkGFBPyFJ8pFKWL0FW9Yo78kFe0BO36a+tIJKEYD1vdU2Sh+mWgbRC8VwHHkBWv -QoORXZpnpPp3+mOAo/7ad2A58h4UxFE71JB7e2xhQBdOB9hLWVkfjPeb0jMLFxdW -/FG0xgIqWHilVCC/2ICNaONbpLiHwJz7DKRYLLJFZv0ItMkqZeSBoaaWQKTAa7p/ -Czra55/Kic0kiZfhmLVEsHuHdNfBlYTEPmY/UBBg1vxE+GgaDHnQxcbLv/WmoG5/ -aCkwV0gTRVPoSCjdb4KsaUSD+3Cfby3kZiG8htroAQKBgQDbzMafh2Aw5kfbEZn+ -F9tGzsOpoaCsk44GWKrH4elObVfIxVFjt65TNdshrAxoow2HCTdRGMhycjX3pvS5 -HcLoP66yleLvRt3EHBAQm5p5lznMt8vRkUZV4eptxebyl6Lkhedf3kxOlxd0JPlC -wKgPiYI9TWRRVX6ciPOGGHJ3MQKBgQDVzN2zWAxNbD923+/s8yz1dlSh2qGM1jZj -G81gor5GmipJfzSaYP1wkXZyHZUHb9aI4mdcoaqFkU/nEJFws653bF4E6O6ngn5g -Lw+A2XhdV80lzv80AWjVeStPPpA6ZdHd9Z39Yaa6LgdcE658JhxUC5ubXhOAFz4y -SNSL1kcVIQKBgB/qP/zx/zmadlyM1btbY2+InkiHO3lTg4/QWBvl5aaJofF5FTRR -e3KBo2vkO3kGE/TDldCktJZJlyR6jZZDiAWJGai8stLji1fqazq+HVQCbVYYafPo -EDpwL0X5MmuPMQvVlZ8J/DJ9Jd6rb7YNm1mGMe8MycA1lcjM6e9SpWxBAoGBAL60 -CvjCy85vhLhrDR5k1jBoiRsJ4dm25TJIBUxyPZjKQHfoYCpn4wh6p5Uob9r/VfQp -RpsolOqo8AWiEKjfjPp3DfIBN4bw7fqrX3/F+wf/njxgQ+DGdRUdDJWVr553XdhH -EtKFPOuKzQPDhnq0n8YTyIuwQWKa2N6Peg71ZdghAoGAN3n4fXYZo0qyZ15jGs5N -WOgWWOUnipU7LrnbC2c0ZJxftn4T6okl2z4Rc2qyeUgZg4zMPJeDwFXaQFeS/pcD -UEXAppPvOUdsl8P2g/n6DUxPr3Tfq7+Kvv5TA6LZQ168n69wZ4bcdFJK2NPJycxj -LKvGrr3vlO4cPyJYcUk8nW0= ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem deleted file mode 100644 index 46dfa432..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDcDCCAligAwIBAgIUIAuZBSgSjOQLVkBfSV/7FvCsaW0wDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDIxODE4NDc0NVoXDTMyMDIxNjE4NDc0NVowWTELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEVMBMGA1UEAwwMd2F6dWgud29ya2VyMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5FGysYCdxnyZiskMsUt4dDh4uEOjI9xDdXb -DcnV9rIwUAWeRY+sJ8RCorOKrS5zTXPiOn+pswjrz8jclhFtkoFgJ+oOnfa0AD0z -zjlThZtw0AQXSglPt/9fqXZVgSFuwtFaNK/svOnOKGYUjzMsjAzIrIRch+rIdLbm -2rl5cUdEDQaA6RVP8gMpxLFsiQ5kE90jKs1vJz4rOrla8dBZMtA1Nuo/wTEEbaPf -W/JTXMBp/8Qo41aagJOFjnPjJf5rjnYRS58NlSl4FU7XE+DQN7FUnuKTRhpvl+jH -dllAWeFh5dR9cxIEHqy6ApAz3bwkMA9Jbq3qFBw05SdHjx9iUQIDAQABo1QwUjAf -BgNVHSMEGDAWgBSyka1G841MKRvFvB1i7Lu7O/f67DAJBgNVHRMEAjAAMAsGA1Ud -DwQEAwIE8DAXBgNVHREEEDAOggx3YXp1aC53b3JrZXIwDQYJKoZIhvcNAQELBQAD -ggEBAA1hbdqXYJWbMCPceOI9A1WXX4yhiUHR8ts7RmJST641EkpPxH13Ug7xWR+Q -5l4MMi8dQKJP+uW7a3ePMkwZ0YfWqViqHDHQCEmFk1iuNpT5X3mMrGG1zQNRaPRJ -MrGxhiTdlyqDkwxVgnc+BI458nIPJsDZ31bj6aYhiEgiA5Ts9WelGN/QVB3vvVin -jaSutvUpyV5H6piEyTWLEjoCCeoJPyJlBl6VthqD+2ncFpj0Bl4BQgFX+HsfbiXb -fh3G36zgHNbjMZUQ6AiNFT1zTEyvn8V94jX/mzGwGMD8y5ToYHBfR0E8705rNUDX -Q9Zw+o7qBfA2ARiVwMUQQPFZ2VA= ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem deleted file mode 100644 index 06ee5794..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC9dIMKAKHvsLNn -AFnGGwmFjeoAvkGcW8lY3HjxXNAd+22BmrSKlD6CMcXuNkebEg6tJHbRpPUE+4fH -cWFlEBxh36HTJrSE2BhMm3iBI4xFos2w9ifzsEX8mEgBhGGV2ejXG9QXZDXy0PI3 -PwRJ2nfZ59iD255SZjX9UzqfyAhqw4MCEXJA0x4wmjUbGB84/lbzRsPy8CbVeRv9 -1vqzCjvzydP7o+pdxcjD3NSOmEShLJr89uXKMTt1nrVEUPcvJd3hB7X2HFW8fBEI -tgp0XH/BpbuxQ2oHsrcPy7+ItFsz5EuRbWkvjvSZ87+jmz5BSRUmd0aO/jMdwbZj -3jZwZvOjAgMBAAECggEAOyDv/OExqUM22sDLQ/8QO7SNAepfQ9OJxcgZnwrekVz1 -UmvcSRv3Xl72bWBXfNhn6DXnN4sKRaHTQLXsNcSPdyR6txHvaT6gZthnBbb4gotL -Mx3AXlf3n9xPLNoKMuCtwOUYjqxiAgSgdAmg5wPeQA4SDyUuBn2MACJHu7KMnfUY -46nLB+ha9XSCuZiBIDpUCiTVlO0VYrMJ4eyRoEBHEZHtGZRWAgHHhR9QHlHEyjjJ -IuTX7BEbL62O5t0LV5olywh+kId9s2Yv/YhjVTaou2HjlPndaNBRFRYhCTCEnu0t -/cO2nRFGyU0OJ+OdEiU+FB1r6vU1cD/tcgbfpSYAgQKBgQD0yCn7CulhoxyoNNBh -ja2S9yZ6xQ9bRnkR1kJgprXHvIRLta0Nmpj9Jy8PtaC93QX12Nz/TnZf0xDv3QYR -X8cYRh6sY6+lfwOAIgv4uWs0VySwMGdVk1zqCHvvNeb1RtdMya5EmxPsOp8ImPQF -MMqAUo3N2XZFX0GssRXkVgIfYQKBgQDGIz3qr5mmJtEURSKigCR7IvCA7ZAp9MYo -rmvH0i6qHHmj3VBBiTqk05aMh9cfFa9NNVkron3DxRac0lqqRsDNzP7Lh8kNhb01 -9s4aq+xwaZhcy7YtTXBvnhAhopv2d2dmBkechcNmwo8SJT1mzO4FIN2uX1uEcTW/ -VFvP4zQFgwKBgQDUH3XJ2G3gr7JQzdva/iTx2/3bnFOvfIXEgFFrYmzbFzHqThkW -VefIUaGF0pbmkdftca4qDPumFMlzo6zzd3WYQoOoTobTOxt0eYy4US5m4DGqAXg6 -/4YgRZPo+2QXH/nJ0GiViXIdX7ubfrjQmrSRuXirb4z/lwnZtmhLRIF4YQKBgGuM -+bEIfIi6DUfJd1Fp6WOFxbLWQSjlGyM9+ndO2dGw/z45hbTtPo315ISHv/e5l5x7 -VtnerBG2S934OQqwuTt9CNmF7VaPv/Mo8xt7My6ZwwCr+0l//YY48FyxnaMdkVzK -D9kgqr5+4ZZh7IB+wLy76Fkcndq4cQpYSjYACF7tAoGAa8akoAlwa/NfNY2T0KyV -AvHKeoT/7Zqn4JRFIw+1w85+ZRqTsVDrcQA8x0SV+muBXhKNzzsrdglKXCmyHCs0 -+NpB0MVIj9OnYRqk/CZYhfUym9DTJ77dluyH2YTJ/CVW5rOvD4U8RJtuHp2FaBek -P/769dwceRqNJi2FDQfsVgU= ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem deleted file mode 100644 index e3db869e..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDdDCCAlygAwIBAgIUIAuZBSgSjOQLVkBfSV/7FvCsaWkwDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDIxODE4NDc0NVoXDTMyMDIxNjE4NDc0NVowWzELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEXMBUGA1UEAwwOd2F6dWgxLmluZGV4ZXIwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9dIMKAKHvsLNnAFnGGwmFjeoAvkGcW8lY -3HjxXNAd+22BmrSKlD6CMcXuNkebEg6tJHbRpPUE+4fHcWFlEBxh36HTJrSE2BhM -m3iBI4xFos2w9ifzsEX8mEgBhGGV2ejXG9QXZDXy0PI3PwRJ2nfZ59iD255SZjX9 -UzqfyAhqw4MCEXJA0x4wmjUbGB84/lbzRsPy8CbVeRv91vqzCjvzydP7o+pdxcjD -3NSOmEShLJr89uXKMTt1nrVEUPcvJd3hB7X2HFW8fBEItgp0XH/BpbuxQ2oHsrcP -y7+ItFsz5EuRbWkvjvSZ87+jmz5BSRUmd0aO/jMdwbZj3jZwZvOjAgMBAAGjVjBU -MB8GA1UdIwQYMBaAFLKRrUbzjUwpG8W8HWLsu7s79/rsMAkGA1UdEwQCMAAwCwYD -VR0PBAQDAgTwMBkGA1UdEQQSMBCCDndhenVoMS5pbmRleGVyMA0GCSqGSIb3DQEB -CwUAA4IBAQAaSMpOsqeqQmZk886kaJWqGYvUXL+28fp2bFQ+52mKKtYKNpamUdHP -iUEQHo/FiiJFsqktPEqiet7bQGsP0o0reNvlAMfdPNcCYRgBJtaOJyTfcD1stL/w -IFvvqfHffuimApJ9pAls5lGM+CxuMpQMsVfOFuHgdAI3qQJN7T68/td2PBosXBM6 -GAemErdHGxMbih0+SVbL/5UbX3TcEawh2/IMtdB55t9yB9LzbUp8N6Dm8A4tFhOa -pl2E0D0h2xR0++U9gX00m6cUQGCJ/SwkcyEIZoRUAihP46cYPkIgxyfdllczDHIT -tfvJuVD90ZuNOfJTl2+1kX6m+6u0ccLO ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem deleted file mode 100644 index 54a47cff..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDLbCFjjBj8spc0 -HCDjfhMMXLXsoEtQMcSCYivYMAOm3Y/eidqhPmR7wRmAGKG7uisoX3JCZvq1tgtz -DEk27o3DTDVsAZIJg4qixUtFH9RLlzNBBsh+2bXLh/JqJAxpF6lwsazeXcbt+8Sw -jdURAPhJu2Soc5JeTUUP6IhJ3D8fcG1WiXiIN8gTpjkjn5wwf4tIl5Tk1SxCIOCu -Quo/SZAJfnqY22NJ9o5t2Dk/WYbiUyi80NHOeU+l6k9K/5KOXKDjizUW4+/UQVHW -kP0EfvSB7VqpeF/D/oBsY7o0Atk0ga2RVsuCyoCofP4gHkC5iOd8U18wyn9yzqV2 -w8j42+/nAgMBAAECgf8jwd4coYPC56Gsh0VAt+ihQ6q27XZPom/oe1k5pzb9HfUs -KQ9FSLJhDpBs8+d6GD992Uk8Yt2vE1Dv6Dj2bvh8W+kIEz6YbYbxFb0laXLn1qwr -wgV8Rsit/jeecLe9wWsHZDP+4n0VWCw63LOXSZRbYZVQBwCzkuGQ6k8KrKxr2gah -l/tLi6qm591PFD7ebMZyg1xfTZ9i5SZ1gaqC3IjMor0ZJ1GeNvWgyP5/0Lr9jeCb -a72V/3R3g86HlfBNSTRZpGQxv1I4ZGBVPfwRdykvnbBBmOTs9RWqbwXnkYJB0cH9 -5fsweMLcrmHWn2puMuhqC/VwpFcefDH7OfpkJjECgYEA/2ilKhTlXxgVfYRaRp9U -xweYcPauaenpyQw4jXwKsxIogHDeo5smfWdEN8cEKvIMGfGeH1Aj426PkFkAcbss -Jq5SHG7x2KIquJq5FEzVnLPSDkgKBcF0vW/MkwpMr99fb2YMSUfBcZPIrBUBNt24 -fydahiMn1hcFSiynefmX0kkCgYEAy+StnrpHQAlgSJ+Xg1/XdVYcrR2S4I4oqYeM -fsufUKxprAZ3iBfd2QgH7skPySHbuIrsc+CIY+IxXfskSUlgy+wjz6F3sPrUoHyX -hj2iWcmv7GV+j+ygdXx8epJviwlPq1URxf+R36vJr8yB/i2mqRxXb+JlVWJ37Iv6 -Z+15sK8CgYBpAF1+im6uBJm5K3Ntu01AMdgzAMc9lcPeOp75U7iWW+24uC5ftoZB -YfYCtFf7S907wUCPgQPwGWD+KAjtuNRy5pGtTNMyi6DimgFi3h+nt6mw417zdNAI -nXDONprGZx+2DY8ZhV160xXZ4RzJsKeL5uLpaISVGIu9LdSAaeNHuQKBgQC/SxJ1 -nFFizCkwmcK+ODpeVOdcqCV4VwfhXlI7V/Fl8AzIn9yfq7yxda5zouITk5egwX5s -jVmJVNt6UDjQJW8Sg79pexVfz0WUOLC0+riKQwax5NtkTt6Qu7XSDfdm29qKZari -OBB1aKg2Lso7XjtB6FxElYT7IgJfxUivHweP8wKBgQCq0LVjK6JHd3wfIBNUQaLp -snETUeVZVeW8gBIbY+y0Yqxg2Em3//ClmZE99FBvVE1UpwumUu6iuSV152aCBt9T -bixkduqzgDn4zru85giSCRf62Spg2EFXC+Iz9lbsxFWQeQBHi4Rpn2/VLj2mUQ68 -VnQz7SbZYZSFlOKji0cjYA== ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem deleted file mode 100644 index 9bdd7d1b..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDdDCCAlygAwIBAgIUIAuZBSgSjOQLVkBfSV/7FvCsaWowDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDIxODE4NDc0NVoXDTMyMDIxNjE4NDc0NVowWzELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEXMBUGA1UEAwwOd2F6dWgyLmluZGV4ZXIwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLbCFjjBj8spc0HCDjfhMMXLXsoEtQMcSC -YivYMAOm3Y/eidqhPmR7wRmAGKG7uisoX3JCZvq1tgtzDEk27o3DTDVsAZIJg4qi -xUtFH9RLlzNBBsh+2bXLh/JqJAxpF6lwsazeXcbt+8SwjdURAPhJu2Soc5JeTUUP -6IhJ3D8fcG1WiXiIN8gTpjkjn5wwf4tIl5Tk1SxCIOCuQuo/SZAJfnqY22NJ9o5t -2Dk/WYbiUyi80NHOeU+l6k9K/5KOXKDjizUW4+/UQVHWkP0EfvSB7VqpeF/D/oBs -Y7o0Atk0ga2RVsuCyoCofP4gHkC5iOd8U18wyn9yzqV2w8j42+/nAgMBAAGjVjBU -MB8GA1UdIwQYMBaAFLKRrUbzjUwpG8W8HWLsu7s79/rsMAkGA1UdEwQCMAAwCwYD -VR0PBAQDAgTwMBkGA1UdEQQSMBCCDndhenVoMi5pbmRleGVyMA0GCSqGSIb3DQEB -CwUAA4IBAQASHK0l0e3dStzmEhwRi8GutzBh8KFvJDXAIgAZqTiP1s5n3YOONNJJ -zcQCl+yAzJ9PlDbSRqoLu7kO1oPd1MhoCUCh0SPe59q/tKOfh8uTEw419aaXSP2B -sl+SgumOd5WKomc2MByBehZR5FAV9vKFcvgu5sbYC92g9zyhNSA1X+6wocgqUdBd -YXOUw9gfnvu1gipjLcXLnwrDUyUYFq9NuQ6pkiF+3rKS1gpu3up1EDny26kmsFkK -Db1enNY5jMB6ALc1fRm1JHXmFY9bOEfwx8+kZTjRFHPoj+RlOKGEcg3ppDu9Rsdp -LEpx7vX5svwqHKWXzppFd7WnIchuLaG7 ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem deleted file mode 100644 index d02c1694..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDMkhAYDEv2F/EA -xoCtFBOWObPZWRYAy/lX1COoieWK5FYMSVcZDwtRodvHmqhU2yFPmqpWwEGUiEZw -SntSWEWfXtjFhWzMA2zYdLud0vJ2nViZjEpG7o7cD4aovAMHIoGasG2P/+NKMXPR -bAxyQ4+hSrFRr/JNHxGruS0qqqyj79ZsaktulgHqKNKSfdOZEYMZYB7Hpe+wPHFt -72x84nbtdYEB5EYjDVwQlgazuvNcRXdCki8cPqsVwejIT3MHSd5MqQ8nGe8mnG5T -aprzBhLkY/XhG5iB3my3puiXkRisYK/KHlLAOqMc3LDZNvF345a2azpe4S8KC5P8 -AWzLXjHfAgMBAAECggEBAIJAff7R1YvbspfLzCJnphEArIK3NktLlHdXm1y0cHL+ -78ri55INAif35vgwgP2GiK8my05xG1B3dGILCnpjufC/c0ZQrfU4ORWZPdw/dCIS -DVe2+5QuUMfNGvBUxZjFX8AelaQaSZ3z3sp5AXO/kLQh2sUoQh7YqWetgBSql0HJ -UD9LKeVAuUVvo6jEGwXclDWn7QvkUVEgRfYAZ9uhH/urmwsQjfVbzzxP/f4tz5kQ -qkjvLICQqvH8x22blmK+EHO5iHkE7H4QmdUcidbEiqWKWm5tvCsAVFjrPryTGcvB -j2ny2CDRRGh/Rpu8ec8iIwE8ZUC1QqXO+JScULcw+AECgYEA6g8fLW6ZjwIqBg7h -P6DoSqJgbbT/edNlO76rXanOke37C5FtJgTUpId8/36kmPUwfdV9hNutT12UrnjL -7iBX4A61Xl5jNY8w5dRDXoedswNFvimihLos6TE/rYy8Pi2vHLAUtVKW4PhpZ6X4 -JqOMwIRtTXKIaD068qW2hnp+baMCgYEA379I5rvMXBhuctfI7EB1O357jWrjI922 -3yroY9rgF90/bHdD7dL4sFHv1gpp5ohCG221tiGRF2JWfsMgjMPgAqXwkqInLpRL -+bzbRFmmmVbH1mMBdDed4sf57qBRLrkHZUns8IwC8OeRn2oyGIAkqgC4MUKQgrUm -CfQBP1M4NpUCgYEAkzIFWm4GtlAXG446C+jmjSFG4VeFnxjZvlPvs0y58z4ltiWz -7cf17q6iZo8/dk4kO86KTIZWnOXuPjcLkOrYOLknSHy1iZZOmwr9fzJsc4roTmoi -obPv0Is/T6aFL9lNGg6GR230IvE2YI+Y2rvaJaxijOUtcdin/LdIbZQVdF8CgYEA -1yktQ6Soeo+L9qgHMRkzIwkYav+0eZMF/klWvF+IS6qZCQcPra3JNFU224+cEvJJ -D/NKYGCbE++e2btum67oxeMpGvkP0L0O6pNwD6RejupitYjzpvysuZ4wfAZyywln -UUHrtc4OLfehk7kdf24K0+hpOAWYzfjBIaUhZfHzBpkCgYBdmXNe8QybI0EAvCn6 -ENK1CYv7JH9L26aMhd1avmIhRWVcvFbCZTIECr2cEadoLF9LVBTuyCtCYdssRIM1 -YxUWpi5AFtRsrjypgWYpu/MJS7egR+vZqSEFFNgWnqDDMH8LgK6anR2yqVHhf4NK -zZOLoET8jTOvtBFZmhJ1RvoaLQ== ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem deleted file mode 100644 index f52603a4..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDdDCCAlygAwIBAgIUIAuZBSgSjOQLVkBfSV/7FvCsaWswDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDIxODE4NDc0NVoXDTMyMDIxNjE4NDc0NVowWzELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEXMBUGA1UEAwwOd2F6dWgzLmluZGV4ZXIwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMkhAYDEv2F/EAxoCtFBOWObPZWRYAy/lX -1COoieWK5FYMSVcZDwtRodvHmqhU2yFPmqpWwEGUiEZwSntSWEWfXtjFhWzMA2zY -dLud0vJ2nViZjEpG7o7cD4aovAMHIoGasG2P/+NKMXPRbAxyQ4+hSrFRr/JNHxGr -uS0qqqyj79ZsaktulgHqKNKSfdOZEYMZYB7Hpe+wPHFt72x84nbtdYEB5EYjDVwQ -lgazuvNcRXdCki8cPqsVwejIT3MHSd5MqQ8nGe8mnG5TaprzBhLkY/XhG5iB3my3 -puiXkRisYK/KHlLAOqMc3LDZNvF345a2azpe4S8KC5P8AWzLXjHfAgMBAAGjVjBU -MB8GA1UdIwQYMBaAFLKRrUbzjUwpG8W8HWLsu7s79/rsMAkGA1UdEwQCMAAwCwYD -VR0PBAQDAgTwMBkGA1UdEQQSMBCCDndhenVoMy5pbmRleGVyMA0GCSqGSIb3DQEB -CwUAA4IBAQBS8eW6MitrYwZekjIoo74po2sYMkCcjuqmmk70TEOxPcAEcGLsHoNT -jUfGhSlEhxTnUmBG4spMD6ZAsYvaUR+ZoQSDecbRuBwEzIz8xuUnxM5bIypI88nd -JvdQhXQ0jJ2unC6uRqOYrwnRYzhMw72gAnzXd59l4nWEnSBg/Khu66kRXNclP7XW -1pzkoKZ38aZ9HfG6groQdQVy/3+ZYXc2sa/Vrcy7m0S8/V1xSftMl8sw3s5ae/jv -lv9qL/8cLlcXaksdCEe0QHTWo/N7CYd1LOAPrBBmUONaGGkIhFqEVgmXGJjbKuKl -I+HU/JaMMHvYkbP7z4j9u3zWb7GuE0d6 ------END CERTIFICATE----- From 14b3979268b170a7392f453049b4297b038a4c06 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 22 Feb 2022 10:51:47 -0300 Subject: [PATCH 044/163] Fix PR --- build-wazuh-images.yml | 7 ++--- docker-compose.yml | 7 ++--- production-cluster.yml | 14 ++++------ production_cluster/nginx/nginx.conf | 2 +- production_cluster/nginx/ssl/cert.pem | 21 ++++++++++++++ production_cluster/nginx/ssl/key.pem | 28 +++++++++++++++++++ .../wazuh_dashboard/dashboard.yml | 2 +- .../wazuh_indexer_ssl_certs/admin-key.pem | 28 +++++++++++++++++++ .../wazuh_indexer_ssl_certs/admin.pem | 19 +++++++++++++ .../wazuh_indexer_ssl_certs/root-ca.key | 28 +++++++++++++++++++ .../wazuh_indexer_ssl_certs/root-ca.pem | 20 +++++++++++++ .../wazuh.dashboard-key.pem | 28 +++++++++++++++++++ .../wazuh.dashboard.pem | 21 ++++++++++++++ .../wazuh.master-key.pem | 28 +++++++++++++++++++ .../wazuh_indexer_ssl_certs/wazuh.master.pem | 21 ++++++++++++++ .../wazuh.worker-key.pem | 28 +++++++++++++++++++ .../wazuh_indexer_ssl_certs/wazuh.worker.pem | 21 ++++++++++++++ .../wazuh1.indexer-key.pem | 28 +++++++++++++++++++ .../wazuh1.indexer.pem | 21 ++++++++++++++ .../wazuh2.indexer-key.pem | 28 +++++++++++++++++++ .../wazuh2.indexer.pem | 21 ++++++++++++++ .../wazuh3.indexer-key.pem | 28 +++++++++++++++++++ .../wazuh3.indexer.pem | 21 ++++++++++++++ wazuh-dashboard/config/dashboard.yml | 2 +- wazuh-manager/Dockerfile | 4 +-- .../config/etc/cont-init.d/1-config-filebeat | 12 ++++---- wazuh-manager/config/filebeat.yml | 2 +- 27 files changed, 462 insertions(+), 28 deletions(-) create mode 100644 production_cluster/nginx/ssl/cert.pem create mode 100644 production_cluster/nginx/ssl/key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/admin-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/admin.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/root-ca.key create mode 100644 production_cluster/wazuh_indexer_ssl_certs/root-ca.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem diff --git a/build-wazuh-images.yml b/build-wazuh-images.yml index 35eac251..cad9c561 100644 --- a/build-wazuh-images.yml +++ b/build-wazuh-images.yml @@ -13,9 +13,9 @@ services: - "514:514/udp" - "55000:55000" environment: - - ELASTICSEARCH_URL=https://wazuh1.indexer:9700 - - ELASTIC_USERNAME=admin - - ELASTIC_PASSWORD=admin + - INDEXER_URL=https://wazuh1.indexer:9700 + - INDEXER_USERNAME=admin + - INDEXER_PASSWORD=admin - FILEBEAT_SSL_VERIFICATION_MODE=none volumes: - ossec_api_configuration:/var/ossec/api/configuration @@ -53,7 +53,6 @@ services: hostname: wazuh.dashboard restart: always ports: - - 5601:5601 - 443:443 environment: - ELASTICSEARCH_USERNAME=admin diff --git a/docker-compose.yml b/docker-compose.yml index ec9001fc..fd767315 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -12,9 +12,9 @@ services: - "514:514/udp" - "55000:55000" environment: - - ELASTICSEARCH_URL=https://wazuh1.indexer:9700 - - ELASTIC_USERNAME=admin - - ELASTIC_PASSWORD=admin + - INDEXER_URL=https://wazuh1.indexer:9700 + - INDEXER_USERNAME=admin + - INDEXER_PASSWORD=admin - FILEBEAT_SSL_VERIFICATION_MODE=none volumes: - ossec_api_configuration:/var/ossec/api/configuration @@ -50,7 +50,6 @@ services: hostname: wazuh.dashboard restart: always ports: - - 5601:5601 - 443:443 environment: - ELASTICSEARCH_USERNAME=admin diff --git a/production-cluster.yml b/production-cluster.yml index 39194d10..c2d14aa1 100644 --- a/production-cluster.yml +++ b/production-cluster.yml @@ -11,9 +11,9 @@ services: - "514:514/udp" - "55000:55000" environment: - - ELASTICSEARCH_URL=https://wazuh1.indexer:9700 - - ELASTIC_USERNAME=admin - - ELASTIC_PASSWORD=SecretPassword + - INDEXER_URL=https://wazuh1.indexer:9700 + - INDEXER_USERNAME=admin + - INDEXER_PASSWORD=SecretPassword - FILEBEAT_SSL_VERIFICATION_MODE=full - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem - SSL_CERTIFICATE=/etc/ssl/filebeat.pem @@ -42,9 +42,9 @@ services: hostname: wazuh.worker restart: always environment: - - ELASTICSEARCH_URL=https://wazuh1.indexer:9700 - - ELASTIC_USERNAME=admin - - ELASTIC_PASSWORD=SecretPassword + - INDEXER_URL=https://wazuh1.indexer:9700 + - INDEXER_USERNAME=admin + - INDEXER_PASSWORD=SecretPassword - FILEBEAT_SSL_VERIFICATION_MODE=full - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem - SSL_CERTIFICATE=/etc/ssl/filebeat.pem @@ -140,8 +140,6 @@ services: image: wazuh/wazuh-dashboard:4.3.0 hostname: wazuh.dashboard restart: always - ports: - - 5601:5601 environment: - OPENSEARCH_HOSTS="https://wazuh1.indexer:9700" - WAZUH_API_URL="https://wazuh.master" diff --git a/production_cluster/nginx/nginx.conf b/production_cluster/nginx/nginx.conf index c68c6f2d..0fd5288c 100644 --- a/production_cluster/nginx/nginx.conf +++ b/production_cluster/nginx/nginx.conf @@ -41,7 +41,7 @@ http { ssl_certificate /etc/nginx/ssl/cert.pem; ssl_certificate_key /etc/nginx/ssl/key.pem; location / { - proxy_pass https://wazuh.dashboard:5601/; + proxy_pass https://wazuh.dashboard:443/; proxy_ssl_verify off; proxy_buffer_size 128k; proxy_buffers 4 256k; diff --git a/production_cluster/nginx/ssl/cert.pem b/production_cluster/nginx/ssl/cert.pem new file mode 100644 index 00000000..dc566e80 --- /dev/null +++ b/production_cluster/nginx/ssl/cert.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDazCCAlOgAwIBAgIUBG8TQXNgpjsqz+1Lj1KMSrgnzvUwDQYJKoZIhvcNAQEL +BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM +GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMjAyMjIxMzQxMTZaFw0yMzAy +MjIxMzQxMTZaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw +HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB +AQUAA4IBDwAwggEKAoIBAQDE68FvxsMkrl6crXUyjW+q2+cTNuDlf6318aOY6SHh +m0ROKxsTlbEvxo6IavvqjUg0rgPyOX2jbLYGGV4sTdTQlUmYX7V/9Ij1DOuknpjy +dWKOxGikY9Q08ouA47RQarVFHlukpXsYH0foM52qCMSpdqHlBAHZPxe3ho9RwKUi +0fISOGTgkTOCLunWp8s8AHydFJ/g6X/2qdBmSJWNOU9l3liKXTyWXeePCX+slPsx +yzjUZudceLcyIuzsqfBO1jUlgQGj78mlXDKS50QwXr1SvxpGaUyLJIr7ULazawY7 +Td0nki7GlGQl73D8UT3Ius9tFOSHvjKMCwfVEkVtOi8jAgMBAAGjUzBRMB0GA1Ud +DgQWBBS3bpa3iXkZQUjtKte4ccE3IHOmOzAfBgNVHSMEGDAWgBS3bpa3iXkZQUjt +Kte4ccE3IHOmOzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBT +AJjLaiE9TIcknBRHkvIU+uTj7Wp94xhhiVUL7qMiuBrMRN8nfA8+09tzsT+Ckqcd +vvvUzeMU9ZeC9L6LyZYaxqpkwLwX30+tVaTgguZAVptWXWG58e+HtblY+E2Owhi4 +lLnmcGod0d4JEeoaIReS8z0wcJKQjhKsPfzTczRi017TSuZQydg95h5HvO5TGlsp +0MuxVV1c4A0TDLzqT40T5qKVyV/Vddf0fYHQwR+WSwCZ/LaVsIefllaB+F6n/nv1 +2mS+NAkdXzG8pODhXVWi4P9HbqcyJi32NgS3t7jHLqFwgTxBwUyDh7xh9lqeRAF4 +Zln7qoe91reJD1M42jWr +-----END CERTIFICATE----- diff --git a/production_cluster/nginx/ssl/key.pem b/production_cluster/nginx/ssl/key.pem new file mode 100644 index 00000000..7ac53735 --- /dev/null +++ b/production_cluster/nginx/ssl/key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQDE68FvxsMkrl6c +rXUyjW+q2+cTNuDlf6318aOY6SHhm0ROKxsTlbEvxo6IavvqjUg0rgPyOX2jbLYG +GV4sTdTQlUmYX7V/9Ij1DOuknpjydWKOxGikY9Q08ouA47RQarVFHlukpXsYH0fo +M52qCMSpdqHlBAHZPxe3ho9RwKUi0fISOGTgkTOCLunWp8s8AHydFJ/g6X/2qdBm +SJWNOU9l3liKXTyWXeePCX+slPsxyzjUZudceLcyIuzsqfBO1jUlgQGj78mlXDKS +50QwXr1SvxpGaUyLJIr7ULazawY7Td0nki7GlGQl73D8UT3Ius9tFOSHvjKMCwfV +EkVtOi8jAgMBAAECggEBALAZIEgEGFjCMkusdqT5hIXn1zIAnoe9cWUCbUl+GlV1 +k1TQCYuvDt/pkWb/PT7Yj1zEzTSdIvS1b+XuY5/9DjZleoXv+RBvLtbtcgEp7x7L +yJJhpC52M7wRtp1Rg9tyQZ6I8m0/qt+8gYJuPi1jX/Mn6skxlzGe0WfGxn3WaBbE +1NRWliF9Bvz/Ylp7URRfDti80NJz9ZJ2snGDAx5bCUTvs6VtykaDB/7HVCSrwT37 +xRMkLXj0OA2S/LY3jRsU2/GVGhZ3u2G/rmqYNjAbiAwTEgO1HnuTw/ZPU11xhdD4 +V7KGytLphpBAnppjsKJu2PAnXCP/sY4h8LcByEHm5mkCgYEA6xzS2Qqx7RqGNjeo +Lqxd/uJUPrVQKFlJNF+MDLKKXdWdVlgAJnIhxvUF1DTmBgeVh228qJajTOuJiJP9 +AA7zb1ENdVZurxJn2A7CuVOkvRz780jhD6qli7f9j2lFvrCvXWmljnah9gL4cZIx +4d+RzRpn789B83ND6V/fJ/NLlQcCgYEA1mpWSVcAKQMS2Cx7ZEi7Qdb0CdRTYyl/ +82rk/2pXDztKYmGaPIx6TOUPlhTWr4wua3xnYnxR+sgORrHqC+auWxA5VO0Wp4Vn +igJUVaPgkxw3n1PZZVgaC0m5CTUqjhIZSYImPnf3PwKmJA3Pg8pyNS0WRN+SVnm6 +wgrnmCIiCgUCgYEAl6HITlh6dhukMXVlz2w1VvxrLuJK5yrmbpOsxEelu2zYg2ZP ++nujUyiVcM4JCBx+EJDympxEh4hk9CPViOMbl1Bj6KgszFaHiK3EYjgSyDDYQYhg +NnVtPRYVvxc69wgGoa1QK/hQ7lPuHXkXGMDSzL/aBqzZsQRG6U1+o8pilaMCgYEA +g9rUwTkdQhs/xWxlXSBU94ImhLzrorlsk9aSiHdunlFJxwJahQ2mUA807IhYFZBR +I4xXT3tANsY78UGLulHbuuhZOV6rZc1mBLq1/gxPGGhr1DEOKYJqUbK+dWkaiE+c ++VVuC1Be3YLVhKpxiIxAe28EmMocBc3KCXYHQckLwbkCgYEAuf6aPGC7XpzKpGVl +ImBC7TXjlj2ZDxLDP7TebYMYi66G4BGCAjiUPDf0J8xgQF5TnkDWg8rWcNTg4bLE +oy1yr+toMKidUbencyKmdPSYNvhXb1PSNA/BCS/hTRDT1YsGvYh4Xh+obu+uwOrr +jEfUk2F+9Z0Oj9cOOIIIcWKM1jg= +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_dashboard/dashboard.yml b/production_cluster/wazuh_dashboard/dashboard.yml index c231a6f3..b079cc16 100644 --- a/production_cluster/wazuh_dashboard/dashboard.yml +++ b/production_cluster/wazuh_dashboard/dashboard.yml @@ -1,5 +1,5 @@ server.host: 0.0.0.0 -server.port: 5601 +server.port: 443 opensearch.hosts: https://wazuh1.indexer:9700 opensearch.ssl.verificationMode: certificate opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"] diff --git a/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem b/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem new file mode 100644 index 00000000..abb489e3 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDOGscN7zq6n2Ka +w81Exh6VeTFr0r5OoJD1kc3SgRRCilR1CioqAIMlvNMFw1ilxzgKlhnBEGxnELQc +wbppOA01VlCskNiEyye+mQPaJgLAfCHk9Q40WbgDRO9uFhjU/WQZZQlPXxUZ28QL +CmCQTUxwECbH18y7eO4D/FGCimee7vUGOq5QmBrVyVO2CbJvT5/2FTL7/4V+t+7b +bxldAzuz9jvd/EjVpmiQzLSa3STFfNsbD2GwU86YDMIsnvr+fWd6gw2mMSeHHtnW +HRFrlJwsvGfdmB37+qFVftL1tIuS4teJXoVT28KaE+aAMsIfDw1MoVsh4rAu9EDH +z5Kw6T4PAgMBAAECggEBALxiIVsNNMLrd/c5zN91rvK0qYWCRMwdWyH6OQSVUu1W +/sdTmSJ3AWh25PK5kMdGBmU2uSeMWWkDDX3TXQ1bXEdKM8bnReBqyFMgDTNR1uYV +D+30Rx12fAkQ8z/OFrhnOx0zCoVvxRuzkcb9nzGGVb2AJdI33zvj1rnx4JbO5tOO +toprs22y9sh1QmEXAxmoB/AY3BBYxmSuPF8rHkAiSlQLIevFcm/EETiJbFY1uIkU +rjKI/FZTaZiEfrOjaDyy+R8fCVXpJATh8F9gW+HrZjQz3CV21UsIworak7CC69Jk +PSZGUFmqlgqN2O24f5oJTT3RgU4BXpk0/Je6GWF2/XECgYEA6pmi+c8nythfx8PY +azSfWJLZrHTr2rNXLjxPJ+Vr1wiAwwoi1ylagFdQ+kmWgcV9FFekYJ0Thkul2QG2 +bC6TDNEDV9fVWZ+dEjKgzcsJNHONYhpNE1KCBGAynXxQa82K6D6uI6LqjNfhGxFV +oc6EG5a7hGXn732tdMd2EfvVZuUCgYEA4Oe3ICceJ2AotAxo3niDzxwMGIthjjTB +PQNNHj/nSGcF4yBZsf6qJTcn26dLr1sgC6hrqssPzXCgApQBZ8a2oG7qQBAlJQkL +9WUsKX8yMlAjHVkFO4/HGs9pSwI7DY0M/ng0o8douDGn1cBhu1oI8WO2XvIxLeYX +kL1r3bzp7eMCgYAh0+mGL/LC8xRMj9bjDoFzmik9Dtb7gCSwDA416IT2SsmWVh3T +/KiKHQ0WKgpDyCBTEJgpPj0Ufk/5zJ9rVgPqMzFSN1MSS0uw1hAN3JsFLyxR2w0G +Hj2VN/HUd5p5EPhYqMEfblx31qEk8Ajy/f5apA+B9dfN1sduMVy7Fx8caQKBgA4p +qVeF/xkdrhKAgY4Y6rv9GSnmhRMucUjFT3LrNUZS7oT6AYv67H4BdioX4+U8CM2T +IoyT0v/t6rWe2mPNmKyLr4avPZeSdUVTxK8sSl3uu/daJsE0caZXj1rg3hUhX8Ma +kL4LjaWjwtzsC3t/1PZWgCKEf+JTDgLYWtWQ0u5fAoGAH3h4iC62JXLNaooxRgn+ +wZjZr5LXEs/NYhlxa0KTEb30HtgHnYIKZI4XoaYuenrJHypVbQEwE96yj/R88DP1 +dzugD+BBKGihHy404CCmdx5zwZPAjEcklK9soV8CJvCONsFYAnK8fqYfdFLA4Chr +Uh0OxZrrrgwpD3OSqgxYz0k= +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/admin.pem b/production_cluster/wazuh_indexer_ssl_certs/admin.pem new file mode 100644 index 00000000..db1e5779 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/admin.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDDjCCAfYCFE3rWLXolsfQcmQjc54CO0E8lndsMA0GCSqGSIb3DQEBCwUAMDUx +DjAMBgNVBAsMBVdhenVoMQ4wDAYDVQQKDAVXYXp1aDETMBEGA1UEBwwKQ2FsaWZv +cm5pYTAeFw0yMjAyMjIxMzQxMDNaFw0zMjAyMjAxMzQxMDNaMFIxCzAJBgNVBAYT +AlVTMRMwEQYDVQQHDApDYWxpZm9ybmlhMQ4wDAYDVQQKDAVXYXp1aDEOMAwGA1UE +CwwFV2F6dWgxDjAMBgNVBAMMBWFkbWluMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEAzhrHDe86up9imsPNRMYelXkxa9K+TqCQ9ZHN0oEUQopUdQoqKgCD +JbzTBcNYpcc4CpYZwRBsZxC0HMG6aTgNNVZQrJDYhMsnvpkD2iYCwHwh5PUONFm4 +A0TvbhYY1P1kGWUJT18VGdvECwpgkE1McBAmx9fMu3juA/xRgopnnu71BjquUJga +1clTtgmyb0+f9hUy+/+Ffrfu228ZXQM7s/Y73fxI1aZokMy0mt0kxXzbGw9hsFPO +mAzCLJ76/n1neoMNpjEnhx7Z1h0Ra5ScLLxn3Zgd+/qhVX7S9bSLkuLXiV6FU9vC +mhPmgDLCHw8NTKFbIeKwLvRAx8+SsOk+DwIDAQABMA0GCSqGSIb3DQEBCwUAA4IB +AQC8M9fPEwQ5Dc3cQg/uVmtbI/fKSpP+2C6nCSKBXJPI3Fp4I0mD1Spchj2uolRA +GjMqKJoqXZ4LjsCGEpOM9ptXqXGYgFf8+l3yEa7i+2xKddCWQi2Jc8q2WE9RkVsH +hH0MDEsLJxoZ6ohfhmT51TkCGXP0g32zNxthxYuWp4fjxWpKcy/gnaNy0PYgwxux +WDVI6AAzH8E5IFnfWvD5pdGq/ehhilKdpX3PLByy9P78Z4QwT3k0qydkw8qYG7yl +ZGi03uflmeHpTTG1ywRm9RbAFa0Zvk91DvjGbTAzgN6AXMkZbe8eerzQFlz3MBO0 +URLcOmlmwM4C8FIrlHJfXuOH +-----END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/root-ca.key b/production_cluster/wazuh_indexer_ssl_certs/root-ca.key new file mode 100644 index 00000000..db860b85 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/root-ca.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDN9U0eB7UP1YPU ++ZL4W/oN4c2XMQtqOykkdnscmcz0qYCd37iKROLW9Ay/R4ZYRHlGhEekBFrjkSBH +s3EW3wJNo30f2+8f/WIvU45wFInT4ERv6YHgBha4GAZc2zX45UrR3ZsYUIy+Arum +p8ap4emgh91/MmOMC27tE97ODQeYY37o01gcr/pB2mCrDeLtgpnshtf5997JBp/f +6H4avBQGFLDbukCI0hWYDICYMLm/O9X9OepKEbb9m1ZBBWfY5B01B+LzeSCztKLo +ng/cJgshiKEreAXjQGREw3jGH8tWFejjNccDyRzKkE+28BObbAFC69gttU5q57lW +UZ9qhEqNAgMBAAECggEAZwi6xbUxXXSBeUBJyDmrRNqb0XFVtpVWJcmoGUzP/e32 +TASp+3Iu0T5SSjbr/Kh0y1RNyr3rAkGOFpCsmLaEHncVl6SdYjGOtwJkFaoQsZBW +bG4y7PHe18YdGMMJozSCU687cdSKNFyFp//zIPXFvOt7YbDBoEPwAGaaZhaaoB7w +lLt9sTECkjugqvayRtQoTlE/J3nD3nVYfUZfKg4kN4dUM6vAFF4zACt81B7L3umr +rmLKNTBnmLdXShm8IXs8leOe6I6aVQMvu68hcpzZxgGiatksZMmBEASSa7F161Cs +cZRPJDDyBbceyookCHMS98Hk8nXJ48IN9VyVqiDVuQKBgQDmuZByanGSGhQD7Dfr +E/ZTWjOAqUZPRFVuHPTJHUIVmNjVbKYVFn03r/N8hrAa1rFOAwb3WPWMfbeBlt9L +axZiBTq5iZNoOoGa0doLz13x7adEr6PNG7zWQ4GPqTpVB12Olj9+lxCP8UjHMHOR +EpOgrV9HZXd3ETRaTMLasd+p2wKBgQDkhS6rsQksHbtgfSB65BHtgeaLq+Ll5BlZ +OCmAi/9XIWttSJGuS7G+G9TDq1e8rO/Ui1GZcbzaVOv/gT3Qogem6GbKNu3djME+ +mVvsbJ4GWNFZ4zp/6Zb3k14YRbv0610jnCWkUswFrvcyzzhq9vqs7SaFuRaALt2B +rdqUAhFNtwKBgG3YEIX4WUOGeNr5PhID+fTq77QkYt3gGZAH5x5MeKbRkwHg7R0D +DPBTK2ews+zDI7yRQmLGDnkpbREcJAjC3fAirzef4PbxS7zKhbWzrvU8ALN5r1E6 +EGgt0WP03FmY3RjCPU5mWzM8WzrBvXNm1bPcdo0GKJ8eKL+I5ge6QVKbAoGADpQk +jxWDRUo8SwKQkOZ98k4IPD7iAdKUf2mi1C2aQ5/BL76idKElnMA/yZ/jwAi0YDXn +JcfoyXEDgVBodifwHwjSjfIFKM4zAeBcye+AAV2nNXnWoJRxaif/p8LDI/PkBEKQ +8DPMCkzIPniT29cX1PJoM73EHrdesEg8GpcrLW8CgYA7Njt+YhF5Qfvz/NMxmYi9 +yEOqghjOcpOKLy0Z+tvMM6geOfy+yEOFo1nV7AvhN/BqMYupgODBosqdq8VZkbBG +9U1cNGDgUFef6ObqHVw5wQq12Qu/ulNjElVPlDwUe4pBNFIlqAG8qFwVLHOwmAB4 +0i2+YfQwE+MEVzhsIEwhCQ== +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem b/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem new file mode 100644 index 00000000..c047ef8b --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDSzCCAjOgAwIBAgIUKVfmxq2uU+J9O2rgYYIAx27rSQswDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDIyMjEzNDEwM1oXDTMyMDIyMDEzNDEwM1owNTEOMAwG +A1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApDYWxpZm9ybmlh +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfVNHge1D9WD1PmS+Fv6 +DeHNlzELajspJHZ7HJnM9KmAnd+4ikTi1vQMv0eGWER5RoRHpARa45EgR7NxFt8C +TaN9H9vvH/1iL1OOcBSJ0+BEb+mB4AYWuBgGXNs1+OVK0d2bGFCMvgK7pqfGqeHp +oIfdfzJjjAtu7RPezg0HmGN+6NNYHK/6Qdpgqw3i7YKZ7IbX+ffeyQaf3+h+GrwU +BhSw27pAiNIVmAyAmDC5vzvV/TnqShG2/ZtWQQVn2OQdNQfi83kgs7Si6J4P3CYL +IYihK3gF40BkRMN4xh/LVhXo4zXHA8kcypBPtvATm2wBQuvYLbVOaue5VlGfaoRK +jQIDAQABo1MwUTAdBgNVHQ4EFgQUvJutn1v7UjY8slquwXoraQwQjJ0wHwYDVR0j +BBgwFoAUvJutn1v7UjY8slquwXoraQwQjJ0wDwYDVR0TAQH/BAUwAwEB/zANBgkq +hkiG9w0BAQsFAAOCAQEANvHcw5N6qJbzU7AxDfcvQEmM33oJiO8404EPtfPv0e/Z +keQIAEyX4PKvMGz96xmhTEsXn8V4bD5j++o1CVx6uzdFAczrsw3BIiNg1jPC/f9o +g0ZD01XW49UFxPzRU7JPl2UbQo2Zf3L1W5HOiLLMaSymHm+cN+DrK6e/MbjR6xu4 +GcaM9cE1EhVjINGRBs+dSoQEaEq1WbDgEfYCMT3yZBm0qQgImswHQXZGEszjUoQU +uh/YsMrIX+2l9iHbaV8kJVqrVPX1HfKN+oXLHPaTN3VxyrV8s4L5G66rbWfTXIo+ +/S3A76GyH+pYiq61aRY8A3rEpv1bRcq4RE4gkytuCw== +-----END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem new file mode 100644 index 00000000..b86118f6 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC7CJ3nrAew4aSX +TZ+fXOL7HLayqzRUk/sZS5LX/RVuulY1waJa+zp5WQVnQSWGp63y8AE1fJIZPDZj +mEjjsRMG5fBo4DrPHi703Cy22IBKR6h88baGLdF1wgZsA7CFLsbEp4bZzm45aR0w +3K6cQngnKlQgI+UUhEXryQJufJLUT62978KrwmyU9HV28PuncDSlQ3aYPiYdVgeq +MNNA5rFtfv9aNSDlx+qZvjC1Ua0k/TutMKzJq954LtIP/GhzAcMIKlWGQQHLA4E8 +cDfTITcL+jxnJfAg8wXiepC+TveAFWH0rfFCh2WLnT582IvJKqV+M5OU/1GR1ABJ +ZE6Q/lXfAgMBAAECggEAUOpkbjMlzKeCLpc9hJOJ+3urqtaYuDKhQotIhzsNx67D +11Pjapsf7BnQVaCAnKX0gpLE4x/2kQZUvXfHqQIVqjlWbfj8WFjFldefXKeDsR8Z +TJzCC4DNCrYbUyWxe50GD1Qu6hH968aHA3ml7SJwmvkcFh+RXvPu0BhRff1VBJaK +ppAD1//YjOAxYcDGuP+OdmrzimW2tGbLBdwz8d5UiFaM4CUCLmCrEq6CN10Bn5GU +e8bR1oCe9xhnJwQ8TD736Vxenbecw+kxRd8W+FugLvT9XaAn/i8pET3/DX6826I4 +tenkMBDe10NcryT2NClqf0WhUxABaQ38AycZBEKSqQKBgQDjxD7LjiAMZDwNFNxo +2/ITP4+fBG3CTJF90IwiS1Y1wrLNH90fxstftOfmHQVf998iMVvLr3EWK6pZf7iy +VL7zCdgMkV90TRHNlxnP+2vIvF0YZ1ff5OD0Z8AS0VS3oaAnCGrPfkLq1tq9mdDB +JGuV28OIOmC00N3DwBLd6NHwIwKBgQDSN8lyxvVbR/IAZ8Roz9w3wN1nMKC72PPb +FBPAAo3/GMCcKxFUzG96XhwWMQyTIMFH2oQnfWZ6iyFkqOa1p0PZcaDrQvZHbAfr +pv7e4uPqngwj/BI8a20rPE9sS+29uKJ2ZVhXFV2d8fc5dCFN8UnwipdC1MLi/XGZ +dj9xlWyBFQKBgQDEJN5HAbALu84THeHp02+Wr+gI8xFqf/HTPWNQrTwis/ayuzv7 +/4BofSwveNKGILnhgkwhDob+pr/eryTpPh3qwpFx0Uc4qp4oRHWQLF5X0g8B0w1T +3JD1KNu52NdyBBgdRRxmb79E6Z4aJXomuiyEM2shx9Q8Ipq31pLo03TnrQKBgQCq +/5IweUMQU3+5cK9GCv85ovr2e4nkA+CpLrW6FNnozfuvjSD1964evfre2ls+OwC+ +MDQb41e/CvnI5dN1pG/+qv2ZIckv4+K1gAwGxk1bheCeTOeQmlodN1vr3f+vukb9 +RAcOH2Udm7vc0mhc/I+GyVWtmWBGQJ9tk9Cb1k6C2QKBgHBZCuT+MBdIVP8AQ6CS +at9ZzBGJK6XPY0wIFY/E/56kFjbtdhgPQ9q/AC+QppxuxuwCuFQuOEqhclfEyhiu +33GTh+/BvvP5zM7AgBB96CVtunwnpFvGezSV+JdtMO669Js8XkYBi6bGE3ZgJfjJ +/iDvX2uKSZFaZ9R0vHoezhtA +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem new file mode 100644 index 00000000..6b67af83 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDdjCCAl6gAwIBAgIUTetYteiWx9ByZCNzngI7QTyWd3IwDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDIyMjEzNDEwNFoXDTMyMDIyMDEzNDEwNFowXDELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEYMBYGA1UEAwwPd2F6dWguZGFzaGJvYXJkMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwid56wHsOGkl02fn1zi+xy2sqs0VJP7 +GUuS1/0VbrpWNcGiWvs6eVkFZ0Elhqet8vABNXySGTw2Y5hI47ETBuXwaOA6zx4u +9NwsttiASkeofPG2hi3RdcIGbAOwhS7GxKeG2c5uOWkdMNyunEJ4JypUICPlFIRF +68kCbnyS1E+tve/Cq8JslPR1dvD7p3A0pUN2mD4mHVYHqjDTQOaxbX7/WjUg5cfq +mb4wtVGtJP07rTCsyaveeC7SD/xocwHDCCpVhkEBywOBPHA30yE3C/o8ZyXwIPMF +4nqQvk73gBVh9K3xQodli50+fNiLySqlfjOTlP9RkdQASWROkP5V3wIDAQABo1cw +VTAfBgNVHSMEGDAWgBS8m62fW/tSNjyyWq7BeitpDBCMnTAJBgNVHRMEAjAAMAsG +A1UdDwQEAwIE8DAaBgNVHREEEzARgg93YXp1aC5kYXNoYm9hcmQwDQYJKoZIhvcN +AQELBQADggEBAElSHV4I9mpdsTzeoYsnhEjcNw2EbY/GQgWu9oEsS3oVZzraPZaX +GP+9Jb53dnOAgV546qFRAjK/tryDyN7oWgkq4V4BjqlC2bKRlwRml3Vg2vGDihBd +XCk4KX+p8mQ6GPpy8G3LQV2dEcznN8ABEqoyb6OVUWDXG9YUaosKzbza9Y0ELzwV +lU8kWxASKeeLKMFxl93qtcHyiYNX+/1SvW7hw1S72/I1GuQzfu8bSwiTBQPy2a4S +w/JJPjTpvgkWrfgYGmaq8awHTfhygqW9BboPH2gVNU4RD39rM0CuOt1yGERZfAhR +jTAY4LBfYBJQqYFao8VT8Gs5oEt+FUNIxvE= +-----END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem new file mode 100644 index 00000000..5a8027d3 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCpn/2kjd+TbXUh +gfVmJn1CsLgyn0lcf0f0LWNgX++M64xEEmR2adDpFrOZcjuYKcmf+h+fVmdwI2YQ +JKr8iXdYdFoRCc7cz91uHPxJhtPE3XUKMue70RPNRzyq7QFdsIufYGEQvR/bMkq1 +E+Zyiud45BDTu5WHGIrQL9lo9SKU5yDl54kv8M3ZfVucIe5rXLoWzh4ND+E/+j5B +CAlptOcXm/UpAvQIl+2nk10XErBRbVfwmC/+ABqzhR7NOZ7AN+0uMmumCwDh911i +V92r4Lnbfv9rEFoK3v+0zB/tcWFcoZ9NKYb38DEarGLgJur2N4sfOSXXwZu/78t8 +6fnEWE7VAgMBAAECggEBAJxAZtO4ZOVXhPhS0I1Ck0xloafwFxH/pXaGgO58MRys +tk7WanixzOGKKfMFyWPHypV1QL/0ReCEmzXvsRpkPu3acEUVtdquGBmg1b2dV2IX +ZgL5FYJrfEQyhO4m2IVHZbZwf7l9neS7FRpstHF7BvLTk7SXLYx+zRAto6YNeceT +CSjmMbnm3sdOShv1zsBPzPi22ESLnjuQzn5Jd4pWNOZyBFymq4OVuuREXOYzCK4E +0srOlIMhNdHVsoiZ7jO0Ji9+fAf/VzX+6xQsI0y+lYIPkCCT2lTVXxSdBif9prSv +OIV/z85NHcezQCsEIhLHxMgxqO3z6go9hIR8Drhqm8ECgYEA1jsH5FOJVPsMiSau +rP5n2qyCugqSPbDAucBWF3bSimMDZd26LrtoFXBuZd11Uo08szojHkVD9qNEUUm/ +VmknH89d9QH8MU5N6rhX7k2Vml34gNxPVzruX3wQXLJwc5OMMGt3yzZ0bQyb7yzX +oelbr90N2TyJgH4K8rhmhC6Y5w0CgYEAyrKLD1tc3AdFuVY/tG+4ERYhJqTAGfmh +vaKCV4BiA25rg3f7wPVIwFmL7/8wbHWkCpjRmaX8CpuDhYIivOnYa7iof/FHw6wY +YBGqr5h/0Imj5bY7tfIcfXmSDLSy5FPkovpBAafvRvTLfkREKX81khnqkTYHQ6S3 +gQGBtQVlFOkCgYEAw0z5etv1HPXpjbcoEymywBX472XnwDm82RpQ4f8/HU36sQkc +TLIoxzLCUjc8V8/OgI4Fqfj3ZoedJoYW2s3uDv/a5huzL7f1LIB2GRe9xQbaH4+4 +/QsKeR3/RKKgBZ2Ddjji8u1n4mpWVgsJYd/96CucDmkz6WH+1RvqyaI5XpkCgYAp +DgSwdZbXUfnDUj7Q8xfbDhpk01W9bRxfZnzz8CLqAwFvvWuWZ5f2rax0TcGnFiTF +qLI7Zq0oENuQvQ0AKnUVTG+EioA4l7DQNIPX0RGCUX6K1mA9t+4hU/BK9oaNTJiw +kfN8vGDwhEB7MKSFqyhUkT87bjAGeWRZks6Mta0FkQKBgGVH3YIOk36Q5wuXLX6X +iYGZzNNP7OqNqprpSia3yCQmHaieHW7qq8Uot96H/h0Z+vhX0RsF0vNlY3RQUlV6 +YDdToyZ7X31+RB8Cca+eQ3ycpo6JCQMqdtzQxPAzRz0yb+ZKj5hd8tpzooWEM/Jh +Gw5SBm45mSxIh7QG2y1qm+gj +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem new file mode 100644 index 00000000..a0b98cfb --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDcDCCAligAwIBAgIUTetYteiWx9ByZCNzngI7QTyWd3AwDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDIyMjEzNDEwNFoXDTMyMDIyMDEzNDEwNFowWTELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEVMBMGA1UEAwwMd2F6dWgubWFzdGVyMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZ/9pI3fk211IYH1ZiZ9QrC4Mp9JXH9H9C1j +YF/vjOuMRBJkdmnQ6RazmXI7mCnJn/ofn1ZncCNmECSq/Il3WHRaEQnO3M/dbhz8 +SYbTxN11CjLnu9ETzUc8qu0BXbCLn2BhEL0f2zJKtRPmcorneOQQ07uVhxiK0C/Z +aPUilOcg5eeJL/DN2X1bnCHua1y6Fs4eDQ/hP/o+QQgJabTnF5v1KQL0CJftp5Nd +FxKwUW1X8Jgv/gAas4UezTmewDftLjJrpgsA4fddYlfdq+C5237/axBaCt7/tMwf +7XFhXKGfTSmG9/AxGqxi4Cbq9jeLHzkl18Gbv+/LfOn5xFhO1QIDAQABo1QwUjAf +BgNVHSMEGDAWgBS8m62fW/tSNjyyWq7BeitpDBCMnTAJBgNVHRMEAjAAMAsGA1Ud +DwQEAwIE8DAXBgNVHREEEDAOggx3YXp1aC5tYXN0ZXIwDQYJKoZIhvcNAQELBQAD +ggEBAAD39eT4wm1Axx0oUii+4dmyAFoXrhVdpqr6jCg3HXcIFEOjithLhBqikdj7 +kNRdQT5vTDAmFjXbpoWuWmT6VopNb1xNmbr37RXYVQdSaiBpgLffiXmGBUb1Bs45 +HXLT7sUxWrmB5/7mh3P13KQUPbGZkmIGahVztdmLdu1g81nBs85H8kFM39XGPizB +PNhzf/rhy+XFFjSnbv22inPAzYZw5cqTLx3/ebnTkFr7SuJp29gQmw66cTnw7+hh +DlgoRlBG0Bla87cXNanDydhhPJJRxhzEClNXJtpyn3DVD+cBHwznFAAOA2dy5sMO +aiZvy7tmKCaounLhLm7KJA+TYgo= +-----END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem new file mode 100644 index 00000000..8d5dad39 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC85Fg84pfT19Zp +2n91JPmDD+Ax6A/BkPjo+07a/hQXAo37tDIpHbEr3+AJoGzYWMeB68echn9/vhrW +86Xqlql0Ubqpb/cSXECG+cn4Gt4B3RKKv3MJl1Pj6eW+sjEJhpvyrPkUae1gD6yi +nv39XzWNMOw56JQV1I2vcU9PbEpEfXNrBqIamnVPPe3+cEW8C87s9ro0GAlxvssd +yTkAMArdW9jVoq2Bw3WSnsMWFr0qdn3aRe4G616+G9N+vnIRgs9zv2p41U/pfImI +KNxKVL9Uz/PbNyAuHK46aouAyQqRltOvNOHgtlOca1KXC6dwTGCTZn39HV8I/PqV +6lW6ecVRAgMBAAECggEAImht8llMUtiERC/6+7nKgadIrY6aICZqUPZGPPn/atma +R3lhkb/I4DcdtmM0sIwre20ZpVeSrhBRD0q+tGbRY1Dn8alllkCbuHqT4c/zFN/S +WtfY+qxIKcIXiY8oA5YznhcIIEHTbaYtSkov9hF7zcZVoY7OOtPHI2g+jDcrqCHp +4SoXEhWgN1QUq1Nmy3z9sL7C1Bmij4eAVm7vbx0wNQOlIP9Pj15nFnBWPFufzPmk +H79JFOKC81k4etmMGuRQyUlmvBj9Rzt1i2vh28SFGjlknfy/iNt2bzniLEpm2hOZ +pq5uC27iE+bFUJnYflDWiIQFeJs31v+aRK45mS6tSQKBgQDcHDoKpa4JfQVVWCWn +IPIffJctsFcHGAjjISs4BbfChe+2sXNfI/SmDmAVCCaTyXP1zkxPqzu6hh4WE6X1 +DEGP/xx/OtAs+W6XigDAvTr+IT10L9BTc/D+C3rd3MOuR8jRj3WuuY+7wnBXwC7Q ++YqW+rhfaGCPrB99Ff9NmMWvZwKBgQDbsQORv7So9Zj3XAzmmJ4OWzg6wE1eRyN9 +EVkK13WuU07sY3p6LwR/NjNXypBNkFPd7BQxCEb0bDmzjXLVXGURBCLwnTHs2dKS +P1Dz4xVchtnCzY3hlFJje//nJm6Kd/xVXTQ57qWjgBGDUr3vSvCEeXITgJuw0lkc +IyPlRrXKhwKBgGASXe8Zw63WiMZoc/7PrX66xc2mY0XwYqioaJHKRRu9lBScvWuw +aO815RAo/5WP33JRehNn/Oj78xPVvaEImXE9e3W4+PY4ZOH11UBLF/2mCom0+OwD +9hMcdaNy4WInaOq3ADmkOq1MP/a9JnIGCUy+4EycZVEwYooZWNbIsLhPAoGBANO7 +v//prrmksr+8ZOaeMr8NZZ0iF68EiwyP+qx7Sf0wZ4FmwvUdeY0NdOBo5zkKH/pj +/HXhT1llMRt++Szvdqy2uuIB7ssiiFLRWTklJEJf6WJZcCP4KoudR97E6Ibl6zlu +sdYfzl5NIRPbXBlTtYlH7w0ix2rc4GtA5uijhLPjAoGBAJXivATWIAEIVlgJQtKF +3wlhCrSOv6f0vEeqywLQsmXK2NlaanZBor9RGkIaKsBWLIuz1nNvjhhi70fcNmpQ +BG0XYYVHBB9jmYGRJre6EHWnNh6ykxFxZhULWKCjs11Lq0TiT7kKDywEAgfOG4Fb +khCMJaNC+iknIFDgcUvJKcsp +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem new file mode 100644 index 00000000..b1196517 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDcDCCAligAwIBAgIUTetYteiWx9ByZCNzngI7QTyWd3EwDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDIyMjEzNDEwNFoXDTMyMDIyMDEzNDEwNFowWTELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEVMBMGA1UEAwwMd2F6dWgud29ya2VyMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvORYPOKX09fWadp/dST5gw/gMegPwZD46PtO +2v4UFwKN+7QyKR2xK9/gCaBs2FjHgevHnIZ/f74a1vOl6papdFG6qW/3ElxAhvnJ ++BreAd0Sir9zCZdT4+nlvrIxCYab8qz5FGntYA+sop79/V81jTDsOeiUFdSNr3FP +T2xKRH1zawaiGpp1Tz3t/nBFvAvO7Pa6NBgJcb7LHck5ADAK3VvY1aKtgcN1kp7D +Fha9KnZ92kXuButevhvTfr5yEYLPc79qeNVP6XyJiCjcSlS/VM/z2zcgLhyuOmqL +gMkKkZbTrzTh4LZTnGtSlwuncExgk2Z9/R1fCPz6lepVunnFUQIDAQABo1QwUjAf +BgNVHSMEGDAWgBS8m62fW/tSNjyyWq7BeitpDBCMnTAJBgNVHRMEAjAAMAsGA1Ud +DwQEAwIE8DAXBgNVHREEEDAOggx3YXp1aC53b3JrZXIwDQYJKoZIhvcNAQELBQAD +ggEBAGspKwhrEWbR5v1tTSjXuJJKR/x0ZHw2U49pI6kCQq8+8YsomuYwmcNxTwKD +dSpvGgknmhcnFr2PcHOh91tatLfzOGsAGPj6kd19KpZhqTV+wEwdaRfwgOpLBhqM +ud33LhjwRdNLQHkdOQkmp/fsyZRpT8MR1cD54mMnmHUpAnazMUGMS7WHeKXCx/Zh +P5FJabo1LUO0WrVgAizoE9b/ZFC159ZhYPbmULVR6tsgHWy8hD43nOYMbSi5xcea +WtKGVrmDsgyspGoCCVVoD/zCzcXjmbWhysA2Ypa+74gGG399ImisDGzsZA8+MJxi +6fNRX9guAFkStUOw9F+WsLKgMMg= +-----END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem new file mode 100644 index 00000000..c7dc097b --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDPjUfxFq6DTf8R +WNiL+xTFLMpoFsl1Ql9+FfJThC5tSXdqRr1AAFMGEWZtsKwtB8nK7VjpNTXoNQdF ++BHLYThfR08iYBZjrBG9/AS08lzRzokHsX5T98aUSjEJy89zDj7HumOlrR2PSDQ+ +c/Tby1Bo+Qc4obzFUo/xbW3Z0QAoPazJrG2thouYZe91I0iq1THdLH44Q7CaAACc +JYWyhnbVul3DCsQmsHJqlSI0RHc+APB34xfXIKnHkdiKuJxteU2dTvMuh0UuQ/YA +LvbND9zEYeT0mke1WRyezlz0zs9j0i7ycHgL0T/S2QOEMi8PPhGdI4/hxkDMA1Dm +3wD6qRaxAgMBAAECggEAJql6rT48Y9kzmleifvDWfaRKT/lurZkfkK0l5sjInTMC +O5nRxwpIbOjw2539dKXuwQ5VcZun3wmBwVbkea4ygg0WgKDFiuuSooE/nzVGdQ60 +F+rITXvqUdVALUL58cTFjQ77YPFOgFJC6R9QjWDiKau53KLENz2Z8q8ft2NnVBdT +H5LVdhHeH3FAAdkElhWMMwPE5/ohWPpiF7sp7RQh9FpRbGhkLinZBiK2eP9um75f +1CL1loH7/5b/0ZIY/xiaC25KXJL9hApf6c1qAyMjoyJYE2sZgszYhyEC+YpuZaKL +8T6HMNfcmiXkXtq5smrj8A99mPcWKjVp/BQ2AsDwwQKBgQDs8xv3ArxeLPYSzAZe +tBr+qsL91txKx1NMJbTKbnPN92t5zujDpvLqC+UcKFfOMtnPD+WrpfcCB7re5+f6 +PqVbgroCSgPqvJL3fpcmvbIPlnimJMC3kIpKwi8dkr36F6+5hn4PUqZrl114s6h8 +6VU42btenm7NHIdfDNSj0WkjnwKBgQDgPRuZCexP81Wz/3y8sA5d9rDM97xsd9a/ +fYsz4SLI5nBSMqs3Yu1catsKf43ihKxsgm/3O72Q5rJqhpdfubLfkNhCMhK+R+v2 +Xb+oyvsEaIBUKgmbQokhS9BbWGPgCFcaFNQJHSvjn8AE1/AvWykiAxVeYXCiS5e0 +a7FobDUjrwKBgHkTgKanbzlwIA1a06ZwwZqAB0NOFyLe12GBovANoH8OfoyvfaD8 +HgQaL+hDdRqYQVPc+67KD32qFYLxXUgx2qz4D7Q7veSklzSAKxxQsjvk16GOBivG +X+Pzdb/Wy9yPXeufHasWwJMZtVmH9ABf+nwiRewDaPrGKSYYmE9dIixhAoGAJX8y +cTnukUQAjdPoOOk7zcylrfCzSnQTrfvBXlCEb5HRMH2WkfFx/aVEsZG42SsUZiS9 +slsEDQn2xcdx4qj711SyRQd4iOcf9xegKAqhRRBwfSJ2bscGhVHXKp8yPFFIt2zK +NCfzoeGhy22MlW6qByz60sh6fDklyh7EENEfZbMCgYEAhxniNrybnm2w2jB/uqMh +ufDJ6FiavXxaLn2UTc3IZZZYFUxNTOzyDZPHAiib3+EyeRkKQHJTKk1XjaPjcfUj +/1CtInHP2FNyys4+/vydE1+fBi0HA3FtFRtelhz7YLkF6EVphcK8prdVaH644RvO +K4dqSYB4ttbijHqvjQna1tg= +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem new file mode 100644 index 00000000..795c0431 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDdDCCAlygAwIBAgIUTetYteiWx9ByZCNzngI7QTyWd20wDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDIyMjEzNDEwM1oXDTMyMDIyMDEzNDEwM1owWzELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEXMBUGA1UEAwwOd2F6dWgxLmluZGV4ZXIwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPjUfxFq6DTf8RWNiL+xTFLMpoFsl1Ql9+ +FfJThC5tSXdqRr1AAFMGEWZtsKwtB8nK7VjpNTXoNQdF+BHLYThfR08iYBZjrBG9 +/AS08lzRzokHsX5T98aUSjEJy89zDj7HumOlrR2PSDQ+c/Tby1Bo+Qc4obzFUo/x +bW3Z0QAoPazJrG2thouYZe91I0iq1THdLH44Q7CaAACcJYWyhnbVul3DCsQmsHJq +lSI0RHc+APB34xfXIKnHkdiKuJxteU2dTvMuh0UuQ/YALvbND9zEYeT0mke1WRye +zlz0zs9j0i7ycHgL0T/S2QOEMi8PPhGdI4/hxkDMA1Dm3wD6qRaxAgMBAAGjVjBU +MB8GA1UdIwQYMBaAFLybrZ9b+1I2PLJarsF6K2kMEIydMAkGA1UdEwQCMAAwCwYD +VR0PBAQDAgTwMBkGA1UdEQQSMBCCDndhenVoMS5pbmRleGVyMA0GCSqGSIb3DQEB +CwUAA4IBAQB+6/7sw+hlx3MCNyZaoZEJfmBaal78qm26QBQ7Q9FNrNonp8absLSg +8xXYuOi5x1pW6yJX8wxd7ZpNGJTnTQXvwVfxyFuy7JVfVau5AGJa7AbVhi2PFUMp +iyh7LW7DTueOTgSDCKuuc7oyFBUZRWpQJDsNQXGO54nRzZAzlsI76xxwPshkcU+U +cL2yrvjEdQv6pwhDBwdno2u+JlAcGvSvNbCo19qzXRWSSguxQjIA20X3ypW6GSSK +RuNmAgAaW3yB/MKrZbI10UrJ31TW3ebdIbH727rMLdfFtqP/a8yyTZwmE1MxOiEA +hPa3nBKQM+XfNmDAuZkZqzOfYMwU175x +-----END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem new file mode 100644 index 00000000..9d2efd2d --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDPqSr1rjbVKnw/ +FC/3HwOfXoZPh2yjo3K0NYXEeoloVLCnPSHzQg9NEbvFs8k6StNvS/wcFtGs3PRf +YqHR3XTlJsEbMgiX4gqAgqfR7ikKnc5wovQ6xdazgoc1JsXLDawngizxws77A7MG +mvTvAOWmiecpY/yftW87Kbv9F2bp9qtI8WPr4kgWnQttLfpzSTvpZJhb9Y4KTyKe +7LurBGriNw+m5eJF1l/ng3bZXTWtQVH06/VbFuKPvMf42iLrBvDzw87tjnp5kWco +PywKODTkiKa3+bmL9H+uCwgX0XEGevgBG4MxzrU1ixmSpV4nCdaOe6Jx9RbyP3Ao +jBJAskdZAgMBAAECggEAJALdHU/B2IOOmk3A56TsNuXoesAsWdBNYuzpLqJlU79k +Bwx1575r8tyBaI599erl8aYGqURXxhdnFWeAUmmKDPcEg9fQX65mTdTaj3Ayk9G7 +7BKGMe7/BZA8LD52DHlpgkxzyNUUmbkRgbK7iPrp2FCP0sCxHW0URfk9zW0Sfr3l +AfNrNaZ61zfEINTQLrZsEvs285rsLVSie49kaMvmRv6uTyWszRsh8+e+2gFeRJjd +K+dSosP0CMa7zizVm2nAQcLQYM7cNMkaQNR5+5bBUWu9UhRbkB1dFClVS80LuURX +5OtEuXA71ctxOipXPlpVsXJkrAuqvhuO0acpaeOFEQKBgQDuDDJfZW+u2xSoSio2 +oTjj84xdROcfV5hkE10OLHbtxXffdeJoUDYpIjWQ239wXt9x78JBFBO8i4fAAuIj +6Tr6LaGz28glurgwLqfD5p/rw4Su3o0YUfpNkkLVdfUuMCi2gv+HEMjVnJanqhva +HdFbIXI24OF+g0CU0+Aj3AFo7QKBgQDfUlDXxA+zkklaiorTiAg3fgat81tLK4Vw +zlQ78Kis0sCOMYJuHbjsQZVJWzqL2E0/Qyn2XVgYjWn5l3u02SFo665ppWw0/ij/ +m/t9q/gK9IbYkNUh+G4sk/e9BlDFys8zNKaRi7+trkeyrWsB3oWs37YNJz68dOPw +0Kx+K9DmnQKBgQCj40HK68s4VxyhwG3Prq+8QLEihY2ZxnTkcXBfkb1PdeRRtJdr +uc2QBD1cvcG/W5H6n1bd9zSfWnDbgSCwGKLCGyh465egYizs/zIBbYYsiy+ONSpu +1AG/5jKdQ9jJM97TyNyj4KpkZqpSRItoX58DXsODhM+6iiKsVDK8fXt7AQKBgQDT +d3UJ+6QKnJlNXSc8SvHM6k+U5H4sXhfLy/VDlQ2EKUUg4IzrjMWRIkEk53g2+Cmd +oBHaMmW7Sh1xtRn1FC5o1dOgQn6GZ62W7bNlOzRz2zzdUbggpMhe+fZ7TcGqqfMu +P8sCw1xMMF3AOiq76GSYYHZZWjIz7lPxswfDqeX0mQKBgQDLLsLt9lhep1nrDCIS +Oss+nMIvokVLeqX9NGNMcRjnJONYWmfBWwLPVYZ6J2n9zF1GY0jzRHq7vKNHXw/W +uNq/S2bQx6sZXjoDdXB4ZvByrgU0SVWpazVV/W3cGe38iOPZlQWcMZf7RobiBoyM +N+8YajD3XUvcOnJfzp32VXYFZw== +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem new file mode 100644 index 00000000..3fb1fd7d --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDdDCCAlygAwIBAgIUTetYteiWx9ByZCNzngI7QTyWd24wDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDIyMjEzNDEwNFoXDTMyMDIyMDEzNDEwNFowWzELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEXMBUGA1UEAwwOd2F6dWgyLmluZGV4ZXIwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPqSr1rjbVKnw/FC/3HwOfXoZPh2yjo3K0 +NYXEeoloVLCnPSHzQg9NEbvFs8k6StNvS/wcFtGs3PRfYqHR3XTlJsEbMgiX4gqA +gqfR7ikKnc5wovQ6xdazgoc1JsXLDawngizxws77A7MGmvTvAOWmiecpY/yftW87 +Kbv9F2bp9qtI8WPr4kgWnQttLfpzSTvpZJhb9Y4KTyKe7LurBGriNw+m5eJF1l/n +g3bZXTWtQVH06/VbFuKPvMf42iLrBvDzw87tjnp5kWcoPywKODTkiKa3+bmL9H+u +CwgX0XEGevgBG4MxzrU1ixmSpV4nCdaOe6Jx9RbyP3AojBJAskdZAgMBAAGjVjBU +MB8GA1UdIwQYMBaAFLybrZ9b+1I2PLJarsF6K2kMEIydMAkGA1UdEwQCMAAwCwYD +VR0PBAQDAgTwMBkGA1UdEQQSMBCCDndhenVoMi5pbmRleGVyMA0GCSqGSIb3DQEB +CwUAA4IBAQARo4+BNlrZLMi+nch0lWzl8Yme4GaoYfnMRrbBVP1GEEvo62o0xuYP +XCIbgL7HJm01YOiNoeQ6qU05Vr74xfRxsE+yKrlFO7nFV/Q0uCmQkwdtXKCp+dHP +99Sa6pwtwFseh0hTQaBO0G89d/E8eEkIovfs2XdrmiPdgWBWkhwJAxVXU7wYgH2u +naONyx8Ep/SeLOs4i7svS4RfUXY5+pu9WWwa+XwWkXK0vxgpgg34lnHlSJ7YoPDo +/++w8Pvo2rYqgESYbk0miWUzGGFpPR5Qw/OFNYlpeolZNtId5jZaWYz6OBPxT1ms +MKxGyv6o2LttdEIaKbJ/xatbvcOVYums +-----END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem new file mode 100644 index 00000000..e3d27825 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQD3agVIx5Y/uVyL +6iAx9oalgm361LvMANcQlT7YgZPU8IMK8AXQ1rNnABMcc9ASdJmd5HMCcBGEEvgM +8zRzOnRMCfmlPuHnCkbQBk0ms59BnfG67ZBAVHkPeA1oZQxG8maDBJfLNezE5hMu +xsoqQ+7wRMLCyYnEkBKMM5SvKNGEStk+LhKqZj5DFuZ45t1tAJ+H2MBE7G+dZZR7 +CsSAeaZvaVQgX18vXAkjzyjtK4MOLIkvBW/Rt+Km94oCjAuPHnHQJbxNHI966YzN +sb53zv+nc/QWo4/yZvnahQVkbqlMrIHZNQpb+19UMrlpDIoPGVEKAjqDfaZ0fY+x +IzEbUBEJAgMBAAECggEACxSFbg/6K5pqiZ2PmY031Hu13zDdxDIZb5WvfdS3wSaQ +R9IeAI9M84TuVizdmaX9JzQO7oIEVszerP3LUInCoZEkzAC37zfnmfNeSyhqLm8b +X0q6VhcyYL34o786wIakjqOLBL/CfcLsAwFGFoR6U+pQapbKA7KMEhlRRFLopyr4 +amF+mMy0Jy4PJagrrnYJ+082axwIURmIRyANmO7S/m7yRBdrpbi91kHRSjMhKP1a +dAQFytHz32YBb6xNrlMtkD65pmG/KLaT3MRugKRbVD5kGqY+svQWN7kH3BVFLlyW +akNHHBiJqUz1Nrr47VK9eUTE1eEONyjrnXSMoYfysQKBgQD/Qz+uBQJ2ZsCOg0H3 +TY7otPhlloSpoQDigOIyItqjhWkl9KZ2MCZaWvNMG6GtdaG8UjAawJcFv4AZPHDU +6moQCPz1VjGGn1h/5d26aUjipNB0rZZ112pnDoMzctDwY4CLRkc9+qMG3zAB8vx4 +9FSs0Vp2DO63BIEOmybc/u4c5QKBgQD4IPfnBN93oCKBJ1VoumB+GSlL6Zcvg7CL +4/mVKHcoIsnHgX1yXGrXFPKUgk2edd6rmTGhk0mfd+szOOopxEqtXRIbvHGo9ZUD +MZflQrITia8+E6EW3GEKIoLFuP82+vxFhiJGMsx1893GwJ9RMBRhlQDmgsdymjDF +Qvp9RfAFVQKBgQDmU8je/fg13At9zGQ2gM4lnj3QdJup7/Q7bS4tLRP5nsS9Ed8u +H85Lk2ubTgd52/2fTs3HJeZfsmck3ku1YvtnEqUlvqubnKafaUvEC4JPt4W88nEk +TcbdzNOIFd8AOdhgU36vJzv5VGQeLiGwBk9tTM6CXLL9g1vsUQUlPgafHQKBgA3+ +TfzJWZD1hvyhqz9sw2RZJusREWWsl5hMExdGYPHyhE6sDtcUPzJCDCwz7QyyuQwU +Z6glFlHYAXuyCgKw/0Unqo3F4uMUdoLnmRlk2YYgjbGCieMwKojXyWg9NqdzICcL +mYM7+ivsxOUgl9uMSpn2PUbCuVzNNVLqpBXMi+zBAoGAWR8HYyJaoIuUtnqWR9MP +n+6Mn7fdLmRl3Vs0u+4xXv3T67dTYB4wwQACKGnaaihhQcPBqlTTDjIPkifNTdZU +QdsMDkB7uFyI1aS6DWTmLSKz9Tm14O1/i+jsogOEyzxy4KhK4HNfqAdZid1g0Kl+ +lcxmkZZwFYK90ynOXMfB/2w= +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem new file mode 100644 index 00000000..2c6780d6 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDdDCCAlygAwIBAgIUTetYteiWx9ByZCNzngI7QTyWd28wDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDIyMjEzNDEwNFoXDTMyMDIyMDEzNDEwNFowWzELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEXMBUGA1UEAwwOd2F6dWgzLmluZGV4ZXIwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQD3agVIx5Y/uVyL6iAx9oalgm361LvMANcQ +lT7YgZPU8IMK8AXQ1rNnABMcc9ASdJmd5HMCcBGEEvgM8zRzOnRMCfmlPuHnCkbQ +Bk0ms59BnfG67ZBAVHkPeA1oZQxG8maDBJfLNezE5hMuxsoqQ+7wRMLCyYnEkBKM +M5SvKNGEStk+LhKqZj5DFuZ45t1tAJ+H2MBE7G+dZZR7CsSAeaZvaVQgX18vXAkj +zyjtK4MOLIkvBW/Rt+Km94oCjAuPHnHQJbxNHI966YzNsb53zv+nc/QWo4/yZvna +hQVkbqlMrIHZNQpb+19UMrlpDIoPGVEKAjqDfaZ0fY+xIzEbUBEJAgMBAAGjVjBU +MB8GA1UdIwQYMBaAFLybrZ9b+1I2PLJarsF6K2kMEIydMAkGA1UdEwQCMAAwCwYD +VR0PBAQDAgTwMBkGA1UdEQQSMBCCDndhenVoMy5pbmRleGVyMA0GCSqGSIb3DQEB +CwUAA4IBAQCk1QHWGi1Gu0heX37M1/OOGHQ1uSjzytkODWRCWnuuffTnyZZgH8OL +X0173vmsGxE/aAv9QEX/5NG7oEqKs+sBUg/7RRTscpaE1VZLbpEipL7iZKha4L9+ +E+6EEbOyDaE/vRuDlDBt5BBpYDts07ei7aRdB6e/cWbZF03/jU4YG339NdyOs/NJ +g5Dd5EVLhNc9pibecTP+Qgi557E10TDDsUEjr59LUyC2ZosRij4Kg/WUW/lCRxCL +kztfZ5MP3NhNFRl1mk97fkQ0OKoJsV+s5FYAyYNzggNG1efnWBz+6//BJnydyhV4 +gMjzbqvkfBCg6Wui/B3dYaH32L+CRaI5 +-----END CERTIFICATE----- diff --git a/wazuh-dashboard/config/dashboard.yml b/wazuh-dashboard/config/dashboard.yml index 243b8f7e..ffd1257a 100644 --- a/wazuh-dashboard/config/dashboard.yml +++ b/wazuh-dashboard/config/dashboard.yml @@ -1,5 +1,5 @@ server.host: 0.0.0.0 -server.port: 5601 +server.port: 443 opensearch.hosts: https://wazuh1.indexer:9700 opensearch.ssl.verificationMode: none opensearch.requestHeadersWhitelist: [ authorization,securitytenant ] diff --git a/wazuh-manager/Dockerfile b/wazuh-manager/Dockerfile index 473cf6b5..c0f3757d 100644 --- a/wazuh-manager/Dockerfile +++ b/wazuh-manager/Dockerfile @@ -18,10 +18,10 @@ RUN yum --enablerepo=updates clean metadata && \ sed -i "s/^enabled=1/enabled=0/" /etc/yum.repos.d/wazuh.repo && \ yum clean all && rm -rf /var/cache/yum -RUN curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm &&\ +RUN curl -L -O https://packages.wazuh.com/4.x/yum/${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm &&\ rpm -i ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm && rm -f ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm -RUN curl -s https://packages-dev.wazuh.com/pre-release/filebeat/${WAZUH_FILEBEAT_MODULE} | tar -xvz -C /usr/share/filebeat/module +RUN curl -s https://packages.wazuh.com/4.x/filebeat/${WAZUH_FILEBEAT_MODULE} | tar -xvz -C /usr/share/filebeat/module RUN curl -L https://github.com/aelsabbahy/goss/releases/latest/download/goss-linux-amd64 -o /usr/local/bin/goss && chmod +rx /usr/local/bin/goss diff --git a/wazuh-manager/config/etc/cont-init.d/1-config-filebeat b/wazuh-manager/config/etc/cont-init.d/1-config-filebeat index b77a550d..e475e357 100644 --- a/wazuh-manager/config/etc/cont-init.d/1-config-filebeat +++ b/wazuh-manager/config/etc/cont-init.d/1-config-filebeat @@ -3,21 +3,21 @@ set -e -if [ "$ELASTICSEARCH_URL" != "" ]; then +if [ "$INDEXER_URL" != "" ]; then >&2 echo "Customize Elasticsearch ouput IP" - sed -i "s|hosts:.*|hosts: ['$ELASTICSEARCH_URL']|g" /etc/filebeat/filebeat.yml + sed -i "s|hosts:.*|hosts: ['$INDEXER_URL']|g" /etc/filebeat/filebeat.yml fi # Configure filebeat.yml security settings -if [ "$ELASTIC_USERNAME" != "" ]; then +if [ "$INDEXER_USERNAME" != "" ]; then >&2 echo "Configuring username." - sed -i "s|#username:.*|username: '$ELASTIC_USERNAME'|g" /etc/filebeat/filebeat.yml + sed -i "s|#username:.*|username: '$INDEXER_USERNAME'|g" /etc/filebeat/filebeat.yml fi -if [ "$ELASTIC_PASSWORD" != "" ]; then +if [ "$INDEXER_PASSWORD" != "" ]; then >&2 echo "Configuring password." - sed -i "s|#password:.*|password: '$ELASTIC_PASSWORD'|g" /etc/filebeat/filebeat.yml + sed -i "s|#password:.*|password: '$INDEXER_PASSWORD'|g" /etc/filebeat/filebeat.yml fi if [ "$FILEBEAT_SSL_VERIFICATION_MODE" != "" ]; then diff --git a/wazuh-manager/config/filebeat.yml b/wazuh-manager/config/filebeat.yml index 5ecd1732..a1f25710 100644 --- a/wazuh-manager/config/filebeat.yml +++ b/wazuh-manager/config/filebeat.yml @@ -13,7 +13,7 @@ setup.template.json.name: 'wazuh' setup.template.overwrite: true setup.ilm.enabled: false output.elasticsearch: - hosts: ['https://elasticsearch:9700'] + hosts: ['https://wazuh1.indexer:9700'] #username: #password: #ssl.verification_mode: From 485ccfcb0536edd97754f1da0a35f86da4e2073b Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 22 Feb 2022 10:59:19 -0300 Subject: [PATCH 045/163] Fix PR --- wazuh-dashboard/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index a3740f94..528dfa9c 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -30,6 +30,6 @@ RUN mkdir -p /usr/share/wazuh-dashboard/data/wazuh/config && chown -R 101:101 /u RUN mkdir -p /usr/share/wazuh-dashboard/data/wazuh/logs && chown -R 101:101 /usr/share/wazuh-dashboard/data/wazuh/logs && chmod -R 775 /usr/share/wazuh-dashboard/data/wazuh/logs # Services ports -EXPOSE 5601 +EXPOSE 443 ENTRYPOINT [ "/entrypoint.sh" ] \ No newline at end of file From f65c993cb6e0e6ee4fe3450acee7675ba051153f Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 22 Feb 2022 11:14:33 -0300 Subject: [PATCH 046/163] Fix PR --- production_cluster/nginx/ssl/cert.pem | 21 -------------- production_cluster/nginx/ssl/key.pem | 28 ------------------- .../wazuh_indexer_ssl_certs/admin-key.pem | 28 ------------------- .../wazuh_indexer_ssl_certs/admin.pem | 19 ------------- .../wazuh_indexer_ssl_certs/root-ca.key | 28 ------------------- .../wazuh_indexer_ssl_certs/root-ca.pem | 20 ------------- .../wazuh.dashboard-key.pem | 28 ------------------- .../wazuh.dashboard.pem | 21 -------------- .../wazuh.master-key.pem | 28 ------------------- .../wazuh_indexer_ssl_certs/wazuh.master.pem | 21 -------------- .../wazuh.worker-key.pem | 28 ------------------- .../wazuh_indexer_ssl_certs/wazuh.worker.pem | 21 -------------- .../wazuh1.indexer-key.pem | 28 ------------------- .../wazuh1.indexer.pem | 21 -------------- .../wazuh2.indexer-key.pem | 28 ------------------- .../wazuh2.indexer.pem | 21 -------------- .../wazuh3.indexer-key.pem | 28 ------------------- .../wazuh3.indexer.pem | 21 -------------- 18 files changed, 438 deletions(-) delete mode 100644 production_cluster/nginx/ssl/cert.pem delete mode 100644 production_cluster/nginx/ssl/key.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/admin-key.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/admin.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/root-ca.key delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/root-ca.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem diff --git a/production_cluster/nginx/ssl/cert.pem b/production_cluster/nginx/ssl/cert.pem deleted file mode 100644 index dc566e80..00000000 --- a/production_cluster/nginx/ssl/cert.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDazCCAlOgAwIBAgIUBG8TQXNgpjsqz+1Lj1KMSrgnzvUwDQYJKoZIhvcNAQEL -BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM -GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMjAyMjIxMzQxMTZaFw0yMzAy -MjIxMzQxMTZaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw -HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB -AQUAA4IBDwAwggEKAoIBAQDE68FvxsMkrl6crXUyjW+q2+cTNuDlf6318aOY6SHh -m0ROKxsTlbEvxo6IavvqjUg0rgPyOX2jbLYGGV4sTdTQlUmYX7V/9Ij1DOuknpjy -dWKOxGikY9Q08ouA47RQarVFHlukpXsYH0foM52qCMSpdqHlBAHZPxe3ho9RwKUi -0fISOGTgkTOCLunWp8s8AHydFJ/g6X/2qdBmSJWNOU9l3liKXTyWXeePCX+slPsx -yzjUZudceLcyIuzsqfBO1jUlgQGj78mlXDKS50QwXr1SvxpGaUyLJIr7ULazawY7 -Td0nki7GlGQl73D8UT3Ius9tFOSHvjKMCwfVEkVtOi8jAgMBAAGjUzBRMB0GA1Ud -DgQWBBS3bpa3iXkZQUjtKte4ccE3IHOmOzAfBgNVHSMEGDAWgBS3bpa3iXkZQUjt -Kte4ccE3IHOmOzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBT -AJjLaiE9TIcknBRHkvIU+uTj7Wp94xhhiVUL7qMiuBrMRN8nfA8+09tzsT+Ckqcd -vvvUzeMU9ZeC9L6LyZYaxqpkwLwX30+tVaTgguZAVptWXWG58e+HtblY+E2Owhi4 -lLnmcGod0d4JEeoaIReS8z0wcJKQjhKsPfzTczRi017TSuZQydg95h5HvO5TGlsp -0MuxVV1c4A0TDLzqT40T5qKVyV/Vddf0fYHQwR+WSwCZ/LaVsIefllaB+F6n/nv1 -2mS+NAkdXzG8pODhXVWi4P9HbqcyJi32NgS3t7jHLqFwgTxBwUyDh7xh9lqeRAF4 -Zln7qoe91reJD1M42jWr ------END CERTIFICATE----- diff --git a/production_cluster/nginx/ssl/key.pem b/production_cluster/nginx/ssl/key.pem deleted file mode 100644 index 7ac53735..00000000 --- a/production_cluster/nginx/ssl/key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQDE68FvxsMkrl6c -rXUyjW+q2+cTNuDlf6318aOY6SHhm0ROKxsTlbEvxo6IavvqjUg0rgPyOX2jbLYG -GV4sTdTQlUmYX7V/9Ij1DOuknpjydWKOxGikY9Q08ouA47RQarVFHlukpXsYH0fo -M52qCMSpdqHlBAHZPxe3ho9RwKUi0fISOGTgkTOCLunWp8s8AHydFJ/g6X/2qdBm -SJWNOU9l3liKXTyWXeePCX+slPsxyzjUZudceLcyIuzsqfBO1jUlgQGj78mlXDKS -50QwXr1SvxpGaUyLJIr7ULazawY7Td0nki7GlGQl73D8UT3Ius9tFOSHvjKMCwfV -EkVtOi8jAgMBAAECggEBALAZIEgEGFjCMkusdqT5hIXn1zIAnoe9cWUCbUl+GlV1 -k1TQCYuvDt/pkWb/PT7Yj1zEzTSdIvS1b+XuY5/9DjZleoXv+RBvLtbtcgEp7x7L -yJJhpC52M7wRtp1Rg9tyQZ6I8m0/qt+8gYJuPi1jX/Mn6skxlzGe0WfGxn3WaBbE -1NRWliF9Bvz/Ylp7URRfDti80NJz9ZJ2snGDAx5bCUTvs6VtykaDB/7HVCSrwT37 -xRMkLXj0OA2S/LY3jRsU2/GVGhZ3u2G/rmqYNjAbiAwTEgO1HnuTw/ZPU11xhdD4 -V7KGytLphpBAnppjsKJu2PAnXCP/sY4h8LcByEHm5mkCgYEA6xzS2Qqx7RqGNjeo -Lqxd/uJUPrVQKFlJNF+MDLKKXdWdVlgAJnIhxvUF1DTmBgeVh228qJajTOuJiJP9 -AA7zb1ENdVZurxJn2A7CuVOkvRz780jhD6qli7f9j2lFvrCvXWmljnah9gL4cZIx -4d+RzRpn789B83ND6V/fJ/NLlQcCgYEA1mpWSVcAKQMS2Cx7ZEi7Qdb0CdRTYyl/ -82rk/2pXDztKYmGaPIx6TOUPlhTWr4wua3xnYnxR+sgORrHqC+auWxA5VO0Wp4Vn -igJUVaPgkxw3n1PZZVgaC0m5CTUqjhIZSYImPnf3PwKmJA3Pg8pyNS0WRN+SVnm6 -wgrnmCIiCgUCgYEAl6HITlh6dhukMXVlz2w1VvxrLuJK5yrmbpOsxEelu2zYg2ZP -+nujUyiVcM4JCBx+EJDympxEh4hk9CPViOMbl1Bj6KgszFaHiK3EYjgSyDDYQYhg -NnVtPRYVvxc69wgGoa1QK/hQ7lPuHXkXGMDSzL/aBqzZsQRG6U1+o8pilaMCgYEA -g9rUwTkdQhs/xWxlXSBU94ImhLzrorlsk9aSiHdunlFJxwJahQ2mUA807IhYFZBR -I4xXT3tANsY78UGLulHbuuhZOV6rZc1mBLq1/gxPGGhr1DEOKYJqUbK+dWkaiE+c -+VVuC1Be3YLVhKpxiIxAe28EmMocBc3KCXYHQckLwbkCgYEAuf6aPGC7XpzKpGVl -ImBC7TXjlj2ZDxLDP7TebYMYi66G4BGCAjiUPDf0J8xgQF5TnkDWg8rWcNTg4bLE -oy1yr+toMKidUbencyKmdPSYNvhXb1PSNA/BCS/hTRDT1YsGvYh4Xh+obu+uwOrr -jEfUk2F+9Z0Oj9cOOIIIcWKM1jg= ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem b/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem deleted file mode 100644 index abb489e3..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDOGscN7zq6n2Ka -w81Exh6VeTFr0r5OoJD1kc3SgRRCilR1CioqAIMlvNMFw1ilxzgKlhnBEGxnELQc -wbppOA01VlCskNiEyye+mQPaJgLAfCHk9Q40WbgDRO9uFhjU/WQZZQlPXxUZ28QL -CmCQTUxwECbH18y7eO4D/FGCimee7vUGOq5QmBrVyVO2CbJvT5/2FTL7/4V+t+7b -bxldAzuz9jvd/EjVpmiQzLSa3STFfNsbD2GwU86YDMIsnvr+fWd6gw2mMSeHHtnW -HRFrlJwsvGfdmB37+qFVftL1tIuS4teJXoVT28KaE+aAMsIfDw1MoVsh4rAu9EDH -z5Kw6T4PAgMBAAECggEBALxiIVsNNMLrd/c5zN91rvK0qYWCRMwdWyH6OQSVUu1W -/sdTmSJ3AWh25PK5kMdGBmU2uSeMWWkDDX3TXQ1bXEdKM8bnReBqyFMgDTNR1uYV -D+30Rx12fAkQ8z/OFrhnOx0zCoVvxRuzkcb9nzGGVb2AJdI33zvj1rnx4JbO5tOO -toprs22y9sh1QmEXAxmoB/AY3BBYxmSuPF8rHkAiSlQLIevFcm/EETiJbFY1uIkU -rjKI/FZTaZiEfrOjaDyy+R8fCVXpJATh8F9gW+HrZjQz3CV21UsIworak7CC69Jk -PSZGUFmqlgqN2O24f5oJTT3RgU4BXpk0/Je6GWF2/XECgYEA6pmi+c8nythfx8PY -azSfWJLZrHTr2rNXLjxPJ+Vr1wiAwwoi1ylagFdQ+kmWgcV9FFekYJ0Thkul2QG2 -bC6TDNEDV9fVWZ+dEjKgzcsJNHONYhpNE1KCBGAynXxQa82K6D6uI6LqjNfhGxFV -oc6EG5a7hGXn732tdMd2EfvVZuUCgYEA4Oe3ICceJ2AotAxo3niDzxwMGIthjjTB -PQNNHj/nSGcF4yBZsf6qJTcn26dLr1sgC6hrqssPzXCgApQBZ8a2oG7qQBAlJQkL -9WUsKX8yMlAjHVkFO4/HGs9pSwI7DY0M/ng0o8douDGn1cBhu1oI8WO2XvIxLeYX -kL1r3bzp7eMCgYAh0+mGL/LC8xRMj9bjDoFzmik9Dtb7gCSwDA416IT2SsmWVh3T -/KiKHQ0WKgpDyCBTEJgpPj0Ufk/5zJ9rVgPqMzFSN1MSS0uw1hAN3JsFLyxR2w0G -Hj2VN/HUd5p5EPhYqMEfblx31qEk8Ajy/f5apA+B9dfN1sduMVy7Fx8caQKBgA4p -qVeF/xkdrhKAgY4Y6rv9GSnmhRMucUjFT3LrNUZS7oT6AYv67H4BdioX4+U8CM2T -IoyT0v/t6rWe2mPNmKyLr4avPZeSdUVTxK8sSl3uu/daJsE0caZXj1rg3hUhX8Ma -kL4LjaWjwtzsC3t/1PZWgCKEf+JTDgLYWtWQ0u5fAoGAH3h4iC62JXLNaooxRgn+ -wZjZr5LXEs/NYhlxa0KTEb30HtgHnYIKZI4XoaYuenrJHypVbQEwE96yj/R88DP1 -dzugD+BBKGihHy404CCmdx5zwZPAjEcklK9soV8CJvCONsFYAnK8fqYfdFLA4Chr -Uh0OxZrrrgwpD3OSqgxYz0k= ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/admin.pem b/production_cluster/wazuh_indexer_ssl_certs/admin.pem deleted file mode 100644 index db1e5779..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/admin.pem +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDDjCCAfYCFE3rWLXolsfQcmQjc54CO0E8lndsMA0GCSqGSIb3DQEBCwUAMDUx -DjAMBgNVBAsMBVdhenVoMQ4wDAYDVQQKDAVXYXp1aDETMBEGA1UEBwwKQ2FsaWZv -cm5pYTAeFw0yMjAyMjIxMzQxMDNaFw0zMjAyMjAxMzQxMDNaMFIxCzAJBgNVBAYT -AlVTMRMwEQYDVQQHDApDYWxpZm9ybmlhMQ4wDAYDVQQKDAVXYXp1aDEOMAwGA1UE -CwwFV2F6dWgxDjAMBgNVBAMMBWFkbWluMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A -MIIBCgKCAQEAzhrHDe86up9imsPNRMYelXkxa9K+TqCQ9ZHN0oEUQopUdQoqKgCD -JbzTBcNYpcc4CpYZwRBsZxC0HMG6aTgNNVZQrJDYhMsnvpkD2iYCwHwh5PUONFm4 -A0TvbhYY1P1kGWUJT18VGdvECwpgkE1McBAmx9fMu3juA/xRgopnnu71BjquUJga -1clTtgmyb0+f9hUy+/+Ffrfu228ZXQM7s/Y73fxI1aZokMy0mt0kxXzbGw9hsFPO -mAzCLJ76/n1neoMNpjEnhx7Z1h0Ra5ScLLxn3Zgd+/qhVX7S9bSLkuLXiV6FU9vC -mhPmgDLCHw8NTKFbIeKwLvRAx8+SsOk+DwIDAQABMA0GCSqGSIb3DQEBCwUAA4IB -AQC8M9fPEwQ5Dc3cQg/uVmtbI/fKSpP+2C6nCSKBXJPI3Fp4I0mD1Spchj2uolRA -GjMqKJoqXZ4LjsCGEpOM9ptXqXGYgFf8+l3yEa7i+2xKddCWQi2Jc8q2WE9RkVsH -hH0MDEsLJxoZ6ohfhmT51TkCGXP0g32zNxthxYuWp4fjxWpKcy/gnaNy0PYgwxux -WDVI6AAzH8E5IFnfWvD5pdGq/ehhilKdpX3PLByy9P78Z4QwT3k0qydkw8qYG7yl -ZGi03uflmeHpTTG1ywRm9RbAFa0Zvk91DvjGbTAzgN6AXMkZbe8eerzQFlz3MBO0 -URLcOmlmwM4C8FIrlHJfXuOH ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/root-ca.key b/production_cluster/wazuh_indexer_ssl_certs/root-ca.key deleted file mode 100644 index db860b85..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/root-ca.key +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDN9U0eB7UP1YPU -+ZL4W/oN4c2XMQtqOykkdnscmcz0qYCd37iKROLW9Ay/R4ZYRHlGhEekBFrjkSBH -s3EW3wJNo30f2+8f/WIvU45wFInT4ERv6YHgBha4GAZc2zX45UrR3ZsYUIy+Arum -p8ap4emgh91/MmOMC27tE97ODQeYY37o01gcr/pB2mCrDeLtgpnshtf5997JBp/f -6H4avBQGFLDbukCI0hWYDICYMLm/O9X9OepKEbb9m1ZBBWfY5B01B+LzeSCztKLo -ng/cJgshiKEreAXjQGREw3jGH8tWFejjNccDyRzKkE+28BObbAFC69gttU5q57lW -UZ9qhEqNAgMBAAECggEAZwi6xbUxXXSBeUBJyDmrRNqb0XFVtpVWJcmoGUzP/e32 -TASp+3Iu0T5SSjbr/Kh0y1RNyr3rAkGOFpCsmLaEHncVl6SdYjGOtwJkFaoQsZBW -bG4y7PHe18YdGMMJozSCU687cdSKNFyFp//zIPXFvOt7YbDBoEPwAGaaZhaaoB7w -lLt9sTECkjugqvayRtQoTlE/J3nD3nVYfUZfKg4kN4dUM6vAFF4zACt81B7L3umr -rmLKNTBnmLdXShm8IXs8leOe6I6aVQMvu68hcpzZxgGiatksZMmBEASSa7F161Cs -cZRPJDDyBbceyookCHMS98Hk8nXJ48IN9VyVqiDVuQKBgQDmuZByanGSGhQD7Dfr -E/ZTWjOAqUZPRFVuHPTJHUIVmNjVbKYVFn03r/N8hrAa1rFOAwb3WPWMfbeBlt9L -axZiBTq5iZNoOoGa0doLz13x7adEr6PNG7zWQ4GPqTpVB12Olj9+lxCP8UjHMHOR -EpOgrV9HZXd3ETRaTMLasd+p2wKBgQDkhS6rsQksHbtgfSB65BHtgeaLq+Ll5BlZ -OCmAi/9XIWttSJGuS7G+G9TDq1e8rO/Ui1GZcbzaVOv/gT3Qogem6GbKNu3djME+ -mVvsbJ4GWNFZ4zp/6Zb3k14YRbv0610jnCWkUswFrvcyzzhq9vqs7SaFuRaALt2B -rdqUAhFNtwKBgG3YEIX4WUOGeNr5PhID+fTq77QkYt3gGZAH5x5MeKbRkwHg7R0D -DPBTK2ews+zDI7yRQmLGDnkpbREcJAjC3fAirzef4PbxS7zKhbWzrvU8ALN5r1E6 -EGgt0WP03FmY3RjCPU5mWzM8WzrBvXNm1bPcdo0GKJ8eKL+I5ge6QVKbAoGADpQk -jxWDRUo8SwKQkOZ98k4IPD7iAdKUf2mi1C2aQ5/BL76idKElnMA/yZ/jwAi0YDXn -JcfoyXEDgVBodifwHwjSjfIFKM4zAeBcye+AAV2nNXnWoJRxaif/p8LDI/PkBEKQ -8DPMCkzIPniT29cX1PJoM73EHrdesEg8GpcrLW8CgYA7Njt+YhF5Qfvz/NMxmYi9 -yEOqghjOcpOKLy0Z+tvMM6geOfy+yEOFo1nV7AvhN/BqMYupgODBosqdq8VZkbBG -9U1cNGDgUFef6ObqHVw5wQq12Qu/ulNjElVPlDwUe4pBNFIlqAG8qFwVLHOwmAB4 -0i2+YfQwE+MEVzhsIEwhCQ== ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem b/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem deleted file mode 100644 index c047ef8b..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDSzCCAjOgAwIBAgIUKVfmxq2uU+J9O2rgYYIAx27rSQswDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDIyMjEzNDEwM1oXDTMyMDIyMDEzNDEwM1owNTEOMAwG -A1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApDYWxpZm9ybmlh -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfVNHge1D9WD1PmS+Fv6 -DeHNlzELajspJHZ7HJnM9KmAnd+4ikTi1vQMv0eGWER5RoRHpARa45EgR7NxFt8C -TaN9H9vvH/1iL1OOcBSJ0+BEb+mB4AYWuBgGXNs1+OVK0d2bGFCMvgK7pqfGqeHp -oIfdfzJjjAtu7RPezg0HmGN+6NNYHK/6Qdpgqw3i7YKZ7IbX+ffeyQaf3+h+GrwU -BhSw27pAiNIVmAyAmDC5vzvV/TnqShG2/ZtWQQVn2OQdNQfi83kgs7Si6J4P3CYL -IYihK3gF40BkRMN4xh/LVhXo4zXHA8kcypBPtvATm2wBQuvYLbVOaue5VlGfaoRK -jQIDAQABo1MwUTAdBgNVHQ4EFgQUvJutn1v7UjY8slquwXoraQwQjJ0wHwYDVR0j -BBgwFoAUvJutn1v7UjY8slquwXoraQwQjJ0wDwYDVR0TAQH/BAUwAwEB/zANBgkq -hkiG9w0BAQsFAAOCAQEANvHcw5N6qJbzU7AxDfcvQEmM33oJiO8404EPtfPv0e/Z -keQIAEyX4PKvMGz96xmhTEsXn8V4bD5j++o1CVx6uzdFAczrsw3BIiNg1jPC/f9o -g0ZD01XW49UFxPzRU7JPl2UbQo2Zf3L1W5HOiLLMaSymHm+cN+DrK6e/MbjR6xu4 -GcaM9cE1EhVjINGRBs+dSoQEaEq1WbDgEfYCMT3yZBm0qQgImswHQXZGEszjUoQU -uh/YsMrIX+2l9iHbaV8kJVqrVPX1HfKN+oXLHPaTN3VxyrV8s4L5G66rbWfTXIo+ -/S3A76GyH+pYiq61aRY8A3rEpv1bRcq4RE4gkytuCw== ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem deleted file mode 100644 index b86118f6..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC7CJ3nrAew4aSX -TZ+fXOL7HLayqzRUk/sZS5LX/RVuulY1waJa+zp5WQVnQSWGp63y8AE1fJIZPDZj -mEjjsRMG5fBo4DrPHi703Cy22IBKR6h88baGLdF1wgZsA7CFLsbEp4bZzm45aR0w -3K6cQngnKlQgI+UUhEXryQJufJLUT62978KrwmyU9HV28PuncDSlQ3aYPiYdVgeq -MNNA5rFtfv9aNSDlx+qZvjC1Ua0k/TutMKzJq954LtIP/GhzAcMIKlWGQQHLA4E8 -cDfTITcL+jxnJfAg8wXiepC+TveAFWH0rfFCh2WLnT582IvJKqV+M5OU/1GR1ABJ -ZE6Q/lXfAgMBAAECggEAUOpkbjMlzKeCLpc9hJOJ+3urqtaYuDKhQotIhzsNx67D -11Pjapsf7BnQVaCAnKX0gpLE4x/2kQZUvXfHqQIVqjlWbfj8WFjFldefXKeDsR8Z -TJzCC4DNCrYbUyWxe50GD1Qu6hH968aHA3ml7SJwmvkcFh+RXvPu0BhRff1VBJaK -ppAD1//YjOAxYcDGuP+OdmrzimW2tGbLBdwz8d5UiFaM4CUCLmCrEq6CN10Bn5GU -e8bR1oCe9xhnJwQ8TD736Vxenbecw+kxRd8W+FugLvT9XaAn/i8pET3/DX6826I4 -tenkMBDe10NcryT2NClqf0WhUxABaQ38AycZBEKSqQKBgQDjxD7LjiAMZDwNFNxo -2/ITP4+fBG3CTJF90IwiS1Y1wrLNH90fxstftOfmHQVf998iMVvLr3EWK6pZf7iy -VL7zCdgMkV90TRHNlxnP+2vIvF0YZ1ff5OD0Z8AS0VS3oaAnCGrPfkLq1tq9mdDB -JGuV28OIOmC00N3DwBLd6NHwIwKBgQDSN8lyxvVbR/IAZ8Roz9w3wN1nMKC72PPb -FBPAAo3/GMCcKxFUzG96XhwWMQyTIMFH2oQnfWZ6iyFkqOa1p0PZcaDrQvZHbAfr -pv7e4uPqngwj/BI8a20rPE9sS+29uKJ2ZVhXFV2d8fc5dCFN8UnwipdC1MLi/XGZ -dj9xlWyBFQKBgQDEJN5HAbALu84THeHp02+Wr+gI8xFqf/HTPWNQrTwis/ayuzv7 -/4BofSwveNKGILnhgkwhDob+pr/eryTpPh3qwpFx0Uc4qp4oRHWQLF5X0g8B0w1T -3JD1KNu52NdyBBgdRRxmb79E6Z4aJXomuiyEM2shx9Q8Ipq31pLo03TnrQKBgQCq -/5IweUMQU3+5cK9GCv85ovr2e4nkA+CpLrW6FNnozfuvjSD1964evfre2ls+OwC+ -MDQb41e/CvnI5dN1pG/+qv2ZIckv4+K1gAwGxk1bheCeTOeQmlodN1vr3f+vukb9 -RAcOH2Udm7vc0mhc/I+GyVWtmWBGQJ9tk9Cb1k6C2QKBgHBZCuT+MBdIVP8AQ6CS -at9ZzBGJK6XPY0wIFY/E/56kFjbtdhgPQ9q/AC+QppxuxuwCuFQuOEqhclfEyhiu -33GTh+/BvvP5zM7AgBB96CVtunwnpFvGezSV+JdtMO669Js8XkYBi6bGE3ZgJfjJ -/iDvX2uKSZFaZ9R0vHoezhtA ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem deleted file mode 100644 index 6b67af83..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDdjCCAl6gAwIBAgIUTetYteiWx9ByZCNzngI7QTyWd3IwDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDIyMjEzNDEwNFoXDTMyMDIyMDEzNDEwNFowXDELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEYMBYGA1UEAwwPd2F6dWguZGFzaGJvYXJkMIIBIjANBgkq -hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwid56wHsOGkl02fn1zi+xy2sqs0VJP7 -GUuS1/0VbrpWNcGiWvs6eVkFZ0Elhqet8vABNXySGTw2Y5hI47ETBuXwaOA6zx4u -9NwsttiASkeofPG2hi3RdcIGbAOwhS7GxKeG2c5uOWkdMNyunEJ4JypUICPlFIRF -68kCbnyS1E+tve/Cq8JslPR1dvD7p3A0pUN2mD4mHVYHqjDTQOaxbX7/WjUg5cfq -mb4wtVGtJP07rTCsyaveeC7SD/xocwHDCCpVhkEBywOBPHA30yE3C/o8ZyXwIPMF -4nqQvk73gBVh9K3xQodli50+fNiLySqlfjOTlP9RkdQASWROkP5V3wIDAQABo1cw -VTAfBgNVHSMEGDAWgBS8m62fW/tSNjyyWq7BeitpDBCMnTAJBgNVHRMEAjAAMAsG -A1UdDwQEAwIE8DAaBgNVHREEEzARgg93YXp1aC5kYXNoYm9hcmQwDQYJKoZIhvcN -AQELBQADggEBAElSHV4I9mpdsTzeoYsnhEjcNw2EbY/GQgWu9oEsS3oVZzraPZaX -GP+9Jb53dnOAgV546qFRAjK/tryDyN7oWgkq4V4BjqlC2bKRlwRml3Vg2vGDihBd -XCk4KX+p8mQ6GPpy8G3LQV2dEcznN8ABEqoyb6OVUWDXG9YUaosKzbza9Y0ELzwV -lU8kWxASKeeLKMFxl93qtcHyiYNX+/1SvW7hw1S72/I1GuQzfu8bSwiTBQPy2a4S -w/JJPjTpvgkWrfgYGmaq8awHTfhygqW9BboPH2gVNU4RD39rM0CuOt1yGERZfAhR -jTAY4LBfYBJQqYFao8VT8Gs5oEt+FUNIxvE= ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem deleted file mode 100644 index 5a8027d3..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCpn/2kjd+TbXUh -gfVmJn1CsLgyn0lcf0f0LWNgX++M64xEEmR2adDpFrOZcjuYKcmf+h+fVmdwI2YQ -JKr8iXdYdFoRCc7cz91uHPxJhtPE3XUKMue70RPNRzyq7QFdsIufYGEQvR/bMkq1 -E+Zyiud45BDTu5WHGIrQL9lo9SKU5yDl54kv8M3ZfVucIe5rXLoWzh4ND+E/+j5B -CAlptOcXm/UpAvQIl+2nk10XErBRbVfwmC/+ABqzhR7NOZ7AN+0uMmumCwDh911i -V92r4Lnbfv9rEFoK3v+0zB/tcWFcoZ9NKYb38DEarGLgJur2N4sfOSXXwZu/78t8 -6fnEWE7VAgMBAAECggEBAJxAZtO4ZOVXhPhS0I1Ck0xloafwFxH/pXaGgO58MRys -tk7WanixzOGKKfMFyWPHypV1QL/0ReCEmzXvsRpkPu3acEUVtdquGBmg1b2dV2IX -ZgL5FYJrfEQyhO4m2IVHZbZwf7l9neS7FRpstHF7BvLTk7SXLYx+zRAto6YNeceT -CSjmMbnm3sdOShv1zsBPzPi22ESLnjuQzn5Jd4pWNOZyBFymq4OVuuREXOYzCK4E -0srOlIMhNdHVsoiZ7jO0Ji9+fAf/VzX+6xQsI0y+lYIPkCCT2lTVXxSdBif9prSv -OIV/z85NHcezQCsEIhLHxMgxqO3z6go9hIR8Drhqm8ECgYEA1jsH5FOJVPsMiSau -rP5n2qyCugqSPbDAucBWF3bSimMDZd26LrtoFXBuZd11Uo08szojHkVD9qNEUUm/ -VmknH89d9QH8MU5N6rhX7k2Vml34gNxPVzruX3wQXLJwc5OMMGt3yzZ0bQyb7yzX -oelbr90N2TyJgH4K8rhmhC6Y5w0CgYEAyrKLD1tc3AdFuVY/tG+4ERYhJqTAGfmh -vaKCV4BiA25rg3f7wPVIwFmL7/8wbHWkCpjRmaX8CpuDhYIivOnYa7iof/FHw6wY -YBGqr5h/0Imj5bY7tfIcfXmSDLSy5FPkovpBAafvRvTLfkREKX81khnqkTYHQ6S3 -gQGBtQVlFOkCgYEAw0z5etv1HPXpjbcoEymywBX472XnwDm82RpQ4f8/HU36sQkc -TLIoxzLCUjc8V8/OgI4Fqfj3ZoedJoYW2s3uDv/a5huzL7f1LIB2GRe9xQbaH4+4 -/QsKeR3/RKKgBZ2Ddjji8u1n4mpWVgsJYd/96CucDmkz6WH+1RvqyaI5XpkCgYAp -DgSwdZbXUfnDUj7Q8xfbDhpk01W9bRxfZnzz8CLqAwFvvWuWZ5f2rax0TcGnFiTF -qLI7Zq0oENuQvQ0AKnUVTG+EioA4l7DQNIPX0RGCUX6K1mA9t+4hU/BK9oaNTJiw -kfN8vGDwhEB7MKSFqyhUkT87bjAGeWRZks6Mta0FkQKBgGVH3YIOk36Q5wuXLX6X -iYGZzNNP7OqNqprpSia3yCQmHaieHW7qq8Uot96H/h0Z+vhX0RsF0vNlY3RQUlV6 -YDdToyZ7X31+RB8Cca+eQ3ycpo6JCQMqdtzQxPAzRz0yb+ZKj5hd8tpzooWEM/Jh -Gw5SBm45mSxIh7QG2y1qm+gj ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem deleted file mode 100644 index a0b98cfb..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDcDCCAligAwIBAgIUTetYteiWx9ByZCNzngI7QTyWd3AwDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDIyMjEzNDEwNFoXDTMyMDIyMDEzNDEwNFowWTELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEVMBMGA1UEAwwMd2F6dWgubWFzdGVyMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZ/9pI3fk211IYH1ZiZ9QrC4Mp9JXH9H9C1j -YF/vjOuMRBJkdmnQ6RazmXI7mCnJn/ofn1ZncCNmECSq/Il3WHRaEQnO3M/dbhz8 -SYbTxN11CjLnu9ETzUc8qu0BXbCLn2BhEL0f2zJKtRPmcorneOQQ07uVhxiK0C/Z -aPUilOcg5eeJL/DN2X1bnCHua1y6Fs4eDQ/hP/o+QQgJabTnF5v1KQL0CJftp5Nd -FxKwUW1X8Jgv/gAas4UezTmewDftLjJrpgsA4fddYlfdq+C5237/axBaCt7/tMwf -7XFhXKGfTSmG9/AxGqxi4Cbq9jeLHzkl18Gbv+/LfOn5xFhO1QIDAQABo1QwUjAf -BgNVHSMEGDAWgBS8m62fW/tSNjyyWq7BeitpDBCMnTAJBgNVHRMEAjAAMAsGA1Ud -DwQEAwIE8DAXBgNVHREEEDAOggx3YXp1aC5tYXN0ZXIwDQYJKoZIhvcNAQELBQAD -ggEBAAD39eT4wm1Axx0oUii+4dmyAFoXrhVdpqr6jCg3HXcIFEOjithLhBqikdj7 -kNRdQT5vTDAmFjXbpoWuWmT6VopNb1xNmbr37RXYVQdSaiBpgLffiXmGBUb1Bs45 -HXLT7sUxWrmB5/7mh3P13KQUPbGZkmIGahVztdmLdu1g81nBs85H8kFM39XGPizB -PNhzf/rhy+XFFjSnbv22inPAzYZw5cqTLx3/ebnTkFr7SuJp29gQmw66cTnw7+hh -DlgoRlBG0Bla87cXNanDydhhPJJRxhzEClNXJtpyn3DVD+cBHwznFAAOA2dy5sMO -aiZvy7tmKCaounLhLm7KJA+TYgo= ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem deleted file mode 100644 index 8d5dad39..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC85Fg84pfT19Zp -2n91JPmDD+Ax6A/BkPjo+07a/hQXAo37tDIpHbEr3+AJoGzYWMeB68echn9/vhrW -86Xqlql0Ubqpb/cSXECG+cn4Gt4B3RKKv3MJl1Pj6eW+sjEJhpvyrPkUae1gD6yi -nv39XzWNMOw56JQV1I2vcU9PbEpEfXNrBqIamnVPPe3+cEW8C87s9ro0GAlxvssd -yTkAMArdW9jVoq2Bw3WSnsMWFr0qdn3aRe4G616+G9N+vnIRgs9zv2p41U/pfImI -KNxKVL9Uz/PbNyAuHK46aouAyQqRltOvNOHgtlOca1KXC6dwTGCTZn39HV8I/PqV -6lW6ecVRAgMBAAECggEAImht8llMUtiERC/6+7nKgadIrY6aICZqUPZGPPn/atma -R3lhkb/I4DcdtmM0sIwre20ZpVeSrhBRD0q+tGbRY1Dn8alllkCbuHqT4c/zFN/S -WtfY+qxIKcIXiY8oA5YznhcIIEHTbaYtSkov9hF7zcZVoY7OOtPHI2g+jDcrqCHp -4SoXEhWgN1QUq1Nmy3z9sL7C1Bmij4eAVm7vbx0wNQOlIP9Pj15nFnBWPFufzPmk -H79JFOKC81k4etmMGuRQyUlmvBj9Rzt1i2vh28SFGjlknfy/iNt2bzniLEpm2hOZ -pq5uC27iE+bFUJnYflDWiIQFeJs31v+aRK45mS6tSQKBgQDcHDoKpa4JfQVVWCWn -IPIffJctsFcHGAjjISs4BbfChe+2sXNfI/SmDmAVCCaTyXP1zkxPqzu6hh4WE6X1 -DEGP/xx/OtAs+W6XigDAvTr+IT10L9BTc/D+C3rd3MOuR8jRj3WuuY+7wnBXwC7Q -+YqW+rhfaGCPrB99Ff9NmMWvZwKBgQDbsQORv7So9Zj3XAzmmJ4OWzg6wE1eRyN9 -EVkK13WuU07sY3p6LwR/NjNXypBNkFPd7BQxCEb0bDmzjXLVXGURBCLwnTHs2dKS -P1Dz4xVchtnCzY3hlFJje//nJm6Kd/xVXTQ57qWjgBGDUr3vSvCEeXITgJuw0lkc -IyPlRrXKhwKBgGASXe8Zw63WiMZoc/7PrX66xc2mY0XwYqioaJHKRRu9lBScvWuw -aO815RAo/5WP33JRehNn/Oj78xPVvaEImXE9e3W4+PY4ZOH11UBLF/2mCom0+OwD -9hMcdaNy4WInaOq3ADmkOq1MP/a9JnIGCUy+4EycZVEwYooZWNbIsLhPAoGBANO7 -v//prrmksr+8ZOaeMr8NZZ0iF68EiwyP+qx7Sf0wZ4FmwvUdeY0NdOBo5zkKH/pj -/HXhT1llMRt++Szvdqy2uuIB7ssiiFLRWTklJEJf6WJZcCP4KoudR97E6Ibl6zlu -sdYfzl5NIRPbXBlTtYlH7w0ix2rc4GtA5uijhLPjAoGBAJXivATWIAEIVlgJQtKF -3wlhCrSOv6f0vEeqywLQsmXK2NlaanZBor9RGkIaKsBWLIuz1nNvjhhi70fcNmpQ -BG0XYYVHBB9jmYGRJre6EHWnNh6ykxFxZhULWKCjs11Lq0TiT7kKDywEAgfOG4Fb -khCMJaNC+iknIFDgcUvJKcsp ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem deleted file mode 100644 index b1196517..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDcDCCAligAwIBAgIUTetYteiWx9ByZCNzngI7QTyWd3EwDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDIyMjEzNDEwNFoXDTMyMDIyMDEzNDEwNFowWTELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEVMBMGA1UEAwwMd2F6dWgud29ya2VyMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvORYPOKX09fWadp/dST5gw/gMegPwZD46PtO -2v4UFwKN+7QyKR2xK9/gCaBs2FjHgevHnIZ/f74a1vOl6papdFG6qW/3ElxAhvnJ -+BreAd0Sir9zCZdT4+nlvrIxCYab8qz5FGntYA+sop79/V81jTDsOeiUFdSNr3FP -T2xKRH1zawaiGpp1Tz3t/nBFvAvO7Pa6NBgJcb7LHck5ADAK3VvY1aKtgcN1kp7D -Fha9KnZ92kXuButevhvTfr5yEYLPc79qeNVP6XyJiCjcSlS/VM/z2zcgLhyuOmqL -gMkKkZbTrzTh4LZTnGtSlwuncExgk2Z9/R1fCPz6lepVunnFUQIDAQABo1QwUjAf -BgNVHSMEGDAWgBS8m62fW/tSNjyyWq7BeitpDBCMnTAJBgNVHRMEAjAAMAsGA1Ud -DwQEAwIE8DAXBgNVHREEEDAOggx3YXp1aC53b3JrZXIwDQYJKoZIhvcNAQELBQAD -ggEBAGspKwhrEWbR5v1tTSjXuJJKR/x0ZHw2U49pI6kCQq8+8YsomuYwmcNxTwKD -dSpvGgknmhcnFr2PcHOh91tatLfzOGsAGPj6kd19KpZhqTV+wEwdaRfwgOpLBhqM -ud33LhjwRdNLQHkdOQkmp/fsyZRpT8MR1cD54mMnmHUpAnazMUGMS7WHeKXCx/Zh -P5FJabo1LUO0WrVgAizoE9b/ZFC159ZhYPbmULVR6tsgHWy8hD43nOYMbSi5xcea -WtKGVrmDsgyspGoCCVVoD/zCzcXjmbWhysA2Ypa+74gGG399ImisDGzsZA8+MJxi -6fNRX9guAFkStUOw9F+WsLKgMMg= ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem deleted file mode 100644 index c7dc097b..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDPjUfxFq6DTf8R -WNiL+xTFLMpoFsl1Ql9+FfJThC5tSXdqRr1AAFMGEWZtsKwtB8nK7VjpNTXoNQdF -+BHLYThfR08iYBZjrBG9/AS08lzRzokHsX5T98aUSjEJy89zDj7HumOlrR2PSDQ+ -c/Tby1Bo+Qc4obzFUo/xbW3Z0QAoPazJrG2thouYZe91I0iq1THdLH44Q7CaAACc -JYWyhnbVul3DCsQmsHJqlSI0RHc+APB34xfXIKnHkdiKuJxteU2dTvMuh0UuQ/YA -LvbND9zEYeT0mke1WRyezlz0zs9j0i7ycHgL0T/S2QOEMi8PPhGdI4/hxkDMA1Dm -3wD6qRaxAgMBAAECggEAJql6rT48Y9kzmleifvDWfaRKT/lurZkfkK0l5sjInTMC -O5nRxwpIbOjw2539dKXuwQ5VcZun3wmBwVbkea4ygg0WgKDFiuuSooE/nzVGdQ60 -F+rITXvqUdVALUL58cTFjQ77YPFOgFJC6R9QjWDiKau53KLENz2Z8q8ft2NnVBdT -H5LVdhHeH3FAAdkElhWMMwPE5/ohWPpiF7sp7RQh9FpRbGhkLinZBiK2eP9um75f -1CL1loH7/5b/0ZIY/xiaC25KXJL9hApf6c1qAyMjoyJYE2sZgszYhyEC+YpuZaKL -8T6HMNfcmiXkXtq5smrj8A99mPcWKjVp/BQ2AsDwwQKBgQDs8xv3ArxeLPYSzAZe -tBr+qsL91txKx1NMJbTKbnPN92t5zujDpvLqC+UcKFfOMtnPD+WrpfcCB7re5+f6 -PqVbgroCSgPqvJL3fpcmvbIPlnimJMC3kIpKwi8dkr36F6+5hn4PUqZrl114s6h8 -6VU42btenm7NHIdfDNSj0WkjnwKBgQDgPRuZCexP81Wz/3y8sA5d9rDM97xsd9a/ -fYsz4SLI5nBSMqs3Yu1catsKf43ihKxsgm/3O72Q5rJqhpdfubLfkNhCMhK+R+v2 -Xb+oyvsEaIBUKgmbQokhS9BbWGPgCFcaFNQJHSvjn8AE1/AvWykiAxVeYXCiS5e0 -a7FobDUjrwKBgHkTgKanbzlwIA1a06ZwwZqAB0NOFyLe12GBovANoH8OfoyvfaD8 -HgQaL+hDdRqYQVPc+67KD32qFYLxXUgx2qz4D7Q7veSklzSAKxxQsjvk16GOBivG -X+Pzdb/Wy9yPXeufHasWwJMZtVmH9ABf+nwiRewDaPrGKSYYmE9dIixhAoGAJX8y -cTnukUQAjdPoOOk7zcylrfCzSnQTrfvBXlCEb5HRMH2WkfFx/aVEsZG42SsUZiS9 -slsEDQn2xcdx4qj711SyRQd4iOcf9xegKAqhRRBwfSJ2bscGhVHXKp8yPFFIt2zK -NCfzoeGhy22MlW6qByz60sh6fDklyh7EENEfZbMCgYEAhxniNrybnm2w2jB/uqMh -ufDJ6FiavXxaLn2UTc3IZZZYFUxNTOzyDZPHAiib3+EyeRkKQHJTKk1XjaPjcfUj -/1CtInHP2FNyys4+/vydE1+fBi0HA3FtFRtelhz7YLkF6EVphcK8prdVaH644RvO -K4dqSYB4ttbijHqvjQna1tg= ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem deleted file mode 100644 index 795c0431..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDdDCCAlygAwIBAgIUTetYteiWx9ByZCNzngI7QTyWd20wDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDIyMjEzNDEwM1oXDTMyMDIyMDEzNDEwM1owWzELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEXMBUGA1UEAwwOd2F6dWgxLmluZGV4ZXIwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPjUfxFq6DTf8RWNiL+xTFLMpoFsl1Ql9+ -FfJThC5tSXdqRr1AAFMGEWZtsKwtB8nK7VjpNTXoNQdF+BHLYThfR08iYBZjrBG9 -/AS08lzRzokHsX5T98aUSjEJy89zDj7HumOlrR2PSDQ+c/Tby1Bo+Qc4obzFUo/x -bW3Z0QAoPazJrG2thouYZe91I0iq1THdLH44Q7CaAACcJYWyhnbVul3DCsQmsHJq -lSI0RHc+APB34xfXIKnHkdiKuJxteU2dTvMuh0UuQ/YALvbND9zEYeT0mke1WRye -zlz0zs9j0i7ycHgL0T/S2QOEMi8PPhGdI4/hxkDMA1Dm3wD6qRaxAgMBAAGjVjBU -MB8GA1UdIwQYMBaAFLybrZ9b+1I2PLJarsF6K2kMEIydMAkGA1UdEwQCMAAwCwYD -VR0PBAQDAgTwMBkGA1UdEQQSMBCCDndhenVoMS5pbmRleGVyMA0GCSqGSIb3DQEB -CwUAA4IBAQB+6/7sw+hlx3MCNyZaoZEJfmBaal78qm26QBQ7Q9FNrNonp8absLSg -8xXYuOi5x1pW6yJX8wxd7ZpNGJTnTQXvwVfxyFuy7JVfVau5AGJa7AbVhi2PFUMp -iyh7LW7DTueOTgSDCKuuc7oyFBUZRWpQJDsNQXGO54nRzZAzlsI76xxwPshkcU+U -cL2yrvjEdQv6pwhDBwdno2u+JlAcGvSvNbCo19qzXRWSSguxQjIA20X3ypW6GSSK -RuNmAgAaW3yB/MKrZbI10UrJ31TW3ebdIbH727rMLdfFtqP/a8yyTZwmE1MxOiEA -hPa3nBKQM+XfNmDAuZkZqzOfYMwU175x ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem deleted file mode 100644 index 9d2efd2d..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDPqSr1rjbVKnw/ -FC/3HwOfXoZPh2yjo3K0NYXEeoloVLCnPSHzQg9NEbvFs8k6StNvS/wcFtGs3PRf -YqHR3XTlJsEbMgiX4gqAgqfR7ikKnc5wovQ6xdazgoc1JsXLDawngizxws77A7MG -mvTvAOWmiecpY/yftW87Kbv9F2bp9qtI8WPr4kgWnQttLfpzSTvpZJhb9Y4KTyKe -7LurBGriNw+m5eJF1l/ng3bZXTWtQVH06/VbFuKPvMf42iLrBvDzw87tjnp5kWco -PywKODTkiKa3+bmL9H+uCwgX0XEGevgBG4MxzrU1ixmSpV4nCdaOe6Jx9RbyP3Ao -jBJAskdZAgMBAAECggEAJALdHU/B2IOOmk3A56TsNuXoesAsWdBNYuzpLqJlU79k -Bwx1575r8tyBaI599erl8aYGqURXxhdnFWeAUmmKDPcEg9fQX65mTdTaj3Ayk9G7 -7BKGMe7/BZA8LD52DHlpgkxzyNUUmbkRgbK7iPrp2FCP0sCxHW0URfk9zW0Sfr3l -AfNrNaZ61zfEINTQLrZsEvs285rsLVSie49kaMvmRv6uTyWszRsh8+e+2gFeRJjd -K+dSosP0CMa7zizVm2nAQcLQYM7cNMkaQNR5+5bBUWu9UhRbkB1dFClVS80LuURX -5OtEuXA71ctxOipXPlpVsXJkrAuqvhuO0acpaeOFEQKBgQDuDDJfZW+u2xSoSio2 -oTjj84xdROcfV5hkE10OLHbtxXffdeJoUDYpIjWQ239wXt9x78JBFBO8i4fAAuIj -6Tr6LaGz28glurgwLqfD5p/rw4Su3o0YUfpNkkLVdfUuMCi2gv+HEMjVnJanqhva -HdFbIXI24OF+g0CU0+Aj3AFo7QKBgQDfUlDXxA+zkklaiorTiAg3fgat81tLK4Vw -zlQ78Kis0sCOMYJuHbjsQZVJWzqL2E0/Qyn2XVgYjWn5l3u02SFo665ppWw0/ij/ -m/t9q/gK9IbYkNUh+G4sk/e9BlDFys8zNKaRi7+trkeyrWsB3oWs37YNJz68dOPw -0Kx+K9DmnQKBgQCj40HK68s4VxyhwG3Prq+8QLEihY2ZxnTkcXBfkb1PdeRRtJdr -uc2QBD1cvcG/W5H6n1bd9zSfWnDbgSCwGKLCGyh465egYizs/zIBbYYsiy+ONSpu -1AG/5jKdQ9jJM97TyNyj4KpkZqpSRItoX58DXsODhM+6iiKsVDK8fXt7AQKBgQDT -d3UJ+6QKnJlNXSc8SvHM6k+U5H4sXhfLy/VDlQ2EKUUg4IzrjMWRIkEk53g2+Cmd -oBHaMmW7Sh1xtRn1FC5o1dOgQn6GZ62W7bNlOzRz2zzdUbggpMhe+fZ7TcGqqfMu -P8sCw1xMMF3AOiq76GSYYHZZWjIz7lPxswfDqeX0mQKBgQDLLsLt9lhep1nrDCIS -Oss+nMIvokVLeqX9NGNMcRjnJONYWmfBWwLPVYZ6J2n9zF1GY0jzRHq7vKNHXw/W -uNq/S2bQx6sZXjoDdXB4ZvByrgU0SVWpazVV/W3cGe38iOPZlQWcMZf7RobiBoyM -N+8YajD3XUvcOnJfzp32VXYFZw== ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem deleted file mode 100644 index 3fb1fd7d..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDdDCCAlygAwIBAgIUTetYteiWx9ByZCNzngI7QTyWd24wDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDIyMjEzNDEwNFoXDTMyMDIyMDEzNDEwNFowWzELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEXMBUGA1UEAwwOd2F6dWgyLmluZGV4ZXIwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPqSr1rjbVKnw/FC/3HwOfXoZPh2yjo3K0 -NYXEeoloVLCnPSHzQg9NEbvFs8k6StNvS/wcFtGs3PRfYqHR3XTlJsEbMgiX4gqA -gqfR7ikKnc5wovQ6xdazgoc1JsXLDawngizxws77A7MGmvTvAOWmiecpY/yftW87 -Kbv9F2bp9qtI8WPr4kgWnQttLfpzSTvpZJhb9Y4KTyKe7LurBGriNw+m5eJF1l/n -g3bZXTWtQVH06/VbFuKPvMf42iLrBvDzw87tjnp5kWcoPywKODTkiKa3+bmL9H+u -CwgX0XEGevgBG4MxzrU1ixmSpV4nCdaOe6Jx9RbyP3AojBJAskdZAgMBAAGjVjBU -MB8GA1UdIwQYMBaAFLybrZ9b+1I2PLJarsF6K2kMEIydMAkGA1UdEwQCMAAwCwYD -VR0PBAQDAgTwMBkGA1UdEQQSMBCCDndhenVoMi5pbmRleGVyMA0GCSqGSIb3DQEB -CwUAA4IBAQARo4+BNlrZLMi+nch0lWzl8Yme4GaoYfnMRrbBVP1GEEvo62o0xuYP -XCIbgL7HJm01YOiNoeQ6qU05Vr74xfRxsE+yKrlFO7nFV/Q0uCmQkwdtXKCp+dHP -99Sa6pwtwFseh0hTQaBO0G89d/E8eEkIovfs2XdrmiPdgWBWkhwJAxVXU7wYgH2u -naONyx8Ep/SeLOs4i7svS4RfUXY5+pu9WWwa+XwWkXK0vxgpgg34lnHlSJ7YoPDo -/++w8Pvo2rYqgESYbk0miWUzGGFpPR5Qw/OFNYlpeolZNtId5jZaWYz6OBPxT1ms -MKxGyv6o2LttdEIaKbJ/xatbvcOVYums ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem deleted file mode 100644 index e3d27825..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQD3agVIx5Y/uVyL -6iAx9oalgm361LvMANcQlT7YgZPU8IMK8AXQ1rNnABMcc9ASdJmd5HMCcBGEEvgM -8zRzOnRMCfmlPuHnCkbQBk0ms59BnfG67ZBAVHkPeA1oZQxG8maDBJfLNezE5hMu -xsoqQ+7wRMLCyYnEkBKMM5SvKNGEStk+LhKqZj5DFuZ45t1tAJ+H2MBE7G+dZZR7 -CsSAeaZvaVQgX18vXAkjzyjtK4MOLIkvBW/Rt+Km94oCjAuPHnHQJbxNHI966YzN -sb53zv+nc/QWo4/yZvnahQVkbqlMrIHZNQpb+19UMrlpDIoPGVEKAjqDfaZ0fY+x -IzEbUBEJAgMBAAECggEACxSFbg/6K5pqiZ2PmY031Hu13zDdxDIZb5WvfdS3wSaQ -R9IeAI9M84TuVizdmaX9JzQO7oIEVszerP3LUInCoZEkzAC37zfnmfNeSyhqLm8b -X0q6VhcyYL34o786wIakjqOLBL/CfcLsAwFGFoR6U+pQapbKA7KMEhlRRFLopyr4 -amF+mMy0Jy4PJagrrnYJ+082axwIURmIRyANmO7S/m7yRBdrpbi91kHRSjMhKP1a -dAQFytHz32YBb6xNrlMtkD65pmG/KLaT3MRugKRbVD5kGqY+svQWN7kH3BVFLlyW -akNHHBiJqUz1Nrr47VK9eUTE1eEONyjrnXSMoYfysQKBgQD/Qz+uBQJ2ZsCOg0H3 -TY7otPhlloSpoQDigOIyItqjhWkl9KZ2MCZaWvNMG6GtdaG8UjAawJcFv4AZPHDU -6moQCPz1VjGGn1h/5d26aUjipNB0rZZ112pnDoMzctDwY4CLRkc9+qMG3zAB8vx4 -9FSs0Vp2DO63BIEOmybc/u4c5QKBgQD4IPfnBN93oCKBJ1VoumB+GSlL6Zcvg7CL -4/mVKHcoIsnHgX1yXGrXFPKUgk2edd6rmTGhk0mfd+szOOopxEqtXRIbvHGo9ZUD -MZflQrITia8+E6EW3GEKIoLFuP82+vxFhiJGMsx1893GwJ9RMBRhlQDmgsdymjDF -Qvp9RfAFVQKBgQDmU8je/fg13At9zGQ2gM4lnj3QdJup7/Q7bS4tLRP5nsS9Ed8u -H85Lk2ubTgd52/2fTs3HJeZfsmck3ku1YvtnEqUlvqubnKafaUvEC4JPt4W88nEk -TcbdzNOIFd8AOdhgU36vJzv5VGQeLiGwBk9tTM6CXLL9g1vsUQUlPgafHQKBgA3+ -TfzJWZD1hvyhqz9sw2RZJusREWWsl5hMExdGYPHyhE6sDtcUPzJCDCwz7QyyuQwU -Z6glFlHYAXuyCgKw/0Unqo3F4uMUdoLnmRlk2YYgjbGCieMwKojXyWg9NqdzICcL -mYM7+ivsxOUgl9uMSpn2PUbCuVzNNVLqpBXMi+zBAoGAWR8HYyJaoIuUtnqWR9MP -n+6Mn7fdLmRl3Vs0u+4xXv3T67dTYB4wwQACKGnaaihhQcPBqlTTDjIPkifNTdZU -QdsMDkB7uFyI1aS6DWTmLSKz9Tm14O1/i+jsogOEyzxy4KhK4HNfqAdZid1g0Kl+ -lcxmkZZwFYK90ynOXMfB/2w= ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem deleted file mode 100644 index 2c6780d6..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDdDCCAlygAwIBAgIUTetYteiWx9ByZCNzngI7QTyWd28wDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDIyMjEzNDEwNFoXDTMyMDIyMDEzNDEwNFowWzELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEXMBUGA1UEAwwOd2F6dWgzLmluZGV4ZXIwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQD3agVIx5Y/uVyL6iAx9oalgm361LvMANcQ -lT7YgZPU8IMK8AXQ1rNnABMcc9ASdJmd5HMCcBGEEvgM8zRzOnRMCfmlPuHnCkbQ -Bk0ms59BnfG67ZBAVHkPeA1oZQxG8maDBJfLNezE5hMuxsoqQ+7wRMLCyYnEkBKM -M5SvKNGEStk+LhKqZj5DFuZ45t1tAJ+H2MBE7G+dZZR7CsSAeaZvaVQgX18vXAkj -zyjtK4MOLIkvBW/Rt+Km94oCjAuPHnHQJbxNHI966YzNsb53zv+nc/QWo4/yZvna -hQVkbqlMrIHZNQpb+19UMrlpDIoPGVEKAjqDfaZ0fY+xIzEbUBEJAgMBAAGjVjBU -MB8GA1UdIwQYMBaAFLybrZ9b+1I2PLJarsF6K2kMEIydMAkGA1UdEwQCMAAwCwYD -VR0PBAQDAgTwMBkGA1UdEQQSMBCCDndhenVoMy5pbmRleGVyMA0GCSqGSIb3DQEB -CwUAA4IBAQCk1QHWGi1Gu0heX37M1/OOGHQ1uSjzytkODWRCWnuuffTnyZZgH8OL -X0173vmsGxE/aAv9QEX/5NG7oEqKs+sBUg/7RRTscpaE1VZLbpEipL7iZKha4L9+ -E+6EEbOyDaE/vRuDlDBt5BBpYDts07ei7aRdB6e/cWbZF03/jU4YG339NdyOs/NJ -g5Dd5EVLhNc9pibecTP+Qgi557E10TDDsUEjr59LUyC2ZosRij4Kg/WUW/lCRxCL -kztfZ5MP3NhNFRl1mk97fkQ0OKoJsV+s5FYAyYNzggNG1efnWBz+6//BJnydyhV4 -gMjzbqvkfBCg6Wui/B3dYaH32L+CRaI5 ------END CERTIFICATE----- From bfff9d13907b26cfc5dbf2bf254873b71ac410f5 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 22 Feb 2022 12:21:33 -0300 Subject: [PATCH 047/163] Fix PR --- build-wazuh-images.yml | 4 ++-- docker-compose.yml | 4 ++-- wazuh-indexer/config/entrypoint.sh | 11 +++++------ wazuh-manager/config/permanent_data.env | 1 - 4 files changed, 9 insertions(+), 11 deletions(-) diff --git a/build-wazuh-images.yml b/build-wazuh-images.yml index cad9c561..e5af8246 100644 --- a/build-wazuh-images.yml +++ b/build-wazuh-images.yml @@ -55,8 +55,8 @@ services: ports: - 443:443 environment: - - ELASTICSEARCH_USERNAME=admin - - ELASTICSEARCH_PASSWORD=admin + - INDEXER_USERNAME=admin + - INDEXER_PASSWORD=admin - SERVER_SSL_ENABLED=false - WAZUH_API_URL=https://wazuh.manager depends_on: diff --git a/docker-compose.yml b/docker-compose.yml index fd767315..f0fc7f15 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -52,8 +52,8 @@ services: ports: - 443:443 environment: - - ELASTICSEARCH_USERNAME=admin - - ELASTICSEARCH_PASSWORD=admin + - INDEXER_USERNAME=admin + - INDEXER_PASSWORD=admin - WAZUH_API_URL=https://wazuh.manager depends_on: - wazuh1.indexer diff --git a/wazuh-indexer/config/entrypoint.sh b/wazuh-indexer/config/entrypoint.sh index 14062a13..d16fd5c4 100644 --- a/wazuh-indexer/config/entrypoint.sh +++ b/wazuh-indexer/config/entrypoint.sh @@ -2,7 +2,6 @@ # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) set -e -# Files created by Elasticsearch should always be group writable too umask 0002 export USER=wazuh-indexer @@ -52,29 +51,29 @@ fi # the values being specified explicitly when running the container. # # This is also sourced in opensearch-env, and is only needed here -# as well because we use ELASTIC_PASSWORD below. Sourcing this script +# as well because we use INDEXER_PASSWORD below. Sourcing this script # is idempotent. source /usr/share/wazuh-indexer/bin/opensearch-env-from-file if [[ -f bin/opensearch-users ]]; then - # Check for the ELASTIC_PASSWORD environment variable to set the + # Check for the INDEXER_PASSWORD environment variable to set the # bootstrap password for Security. # # This is only required for the first node in a cluster with Security # enabled, but we have no way of knowing which node we are yet. We'll just # honor the variable if it's present. - if [[ -n "$ELASTIC_PASSWORD" ]]; then + if [[ -n "$INDEXER_PASSWORD" ]]; then [[ -f /usr/share/wazuh-indexer/config/opensearch.keystore ]] || (run_as_other_user_if_needed opensearch-keystore create) if ! (run_as_other_user_if_needed opensearch-keystore has-passwd --silent) ; then # keystore is unencrypted if ! (run_as_other_user_if_needed opensearch-keystore list | grep -q '^bootstrap.password$'); then - (run_as_other_user_if_needed echo "$ELASTIC_PASSWORD" | opensearch-keystore add -x 'bootstrap.password') + (run_as_other_user_if_needed echo "$INDEXER_PASSWORD" | opensearch-keystore add -x 'bootstrap.password') fi else # keystore requires password if ! (run_as_other_user_if_needed echo "$KEYSTORE_PASSWORD" \ | opensearch-keystore list | grep -q '^bootstrap.password$') ; then - COMMANDS="$(printf "%s\n%s" "$KEYSTORE_PASSWORD" "$ELASTIC_PASSWORD")" + COMMANDS="$(printf "%s\n%s" "$KEYSTORE_PASSWORD" "$INDEXER_PASSWORD")" (run_as_other_user_if_needed echo "$COMMANDS" | opensearch-keystore add -x 'bootstrap.password') fi fi diff --git a/wazuh-manager/config/permanent_data.env b/wazuh-manager/config/permanent_data.env index 34f646c3..0a3ebd35 100644 --- a/wazuh-manager/config/permanent_data.env +++ b/wazuh-manager/config/permanent_data.env @@ -59,7 +59,6 @@ PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/gcloud" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/gcloud.py" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/integration.py" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/tools.py" -PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/utils.py" export PERMANENT_DATA_EXCP # Files mounted in a volume that should be deleted From 8fd4e1dc18c0c27e97a3ed3fff33b68be3a7585f Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 22 Feb 2022 13:13:23 -0300 Subject: [PATCH 048/163] Fix PR --- README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index d02255b6..b008b442 100644 --- a/README.md +++ b/README.md @@ -9,11 +9,11 @@ In this repository you will find the containers to run: * wazuh manager: It runs the Wazuh manager, Wazuh API and Filebeat OSS * Wazuh dashboard: Provides a web user interface to browse through alerts data and allows you to visualize agents configuration and status. -* Wazuh indexer: An Elasticsearch container (working as a single-node cluster). **Be aware to increase the `vm.max_map_count` setting, as it's detailed in the [Wazuh documentation](https://documentation.wazuh.com/current/docker/wazuh-container.html#increase-max-map-count-on-your-host-linux).** +* Wazuh indexer: An Wazuh indexer container (working as a single-node cluster). **Be aware to increase the `vm.max_map_count` setting, as it's detailed in the [Wazuh documentation](https://documentation.wazuh.com/current/docker/wazuh-container.html#increase-max-map-count-on-your-host-linux).** In addition, a docker-compose file is provided to launch the containers mentioned above. -* Elasticsearch cluster. In the Elasticsearch Dockerfile we can visualize variables to configure an Elasticsearch Cluster. These variables are used in the file *config_cluster.sh* to set them in the *elasticsearch.yml* configuration file. You can see the meaning of the node variables [here](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-node.html) and other cluster settings [here](https://github.com/elastic/elasticsearch/blob/master/distribution/src/config/elasticsearch.yml). +* Wazuh indexer cluster. In the Wazuh indexer Dockerfile we can visualize variables to configure an Wazuh indexer Cluster. These variables are used in the file *config_cluster.sh* to set them in the *opensearch.yml* configuration file. You can see the meaning of the node variables [here](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-node.html) and other cluster settings [here](https://github.com/elastic/elasticsearch/blob/master/distribution/src/config/elasticsearch.yml). ## Documentation @@ -39,9 +39,9 @@ API_USERNAME="wazuh" # Wazuh API username API_PASSWORD="wazuh" # Wazuh API password - Must comply with requirements # (8+ length, uppercase, lowercase, specials chars) -ELASTICSEARCH_URL=https://elasticsearch:9200 # Elasticsearch URL -ELASTIC_USERNAME=admin # Elasticsearch Username -ELASTIC_PASSWORD=admin # Elasticsearch Password +INDEXER_URL=https://elasticsearch:9200 # Wazuh indexer URL +INDEXER_USERNAME=admin # Wazuh indexer Username +INDEXER_PASSWORD=admin # Wazuh indexer Password FILEBEAT_SSL_VERIFICATION_MODE=full # Filebeat SSL Verification mode (full or none) SSL_CERTIFICATE_AUTHORITIES="" # Path of Filebeat SSL CA SSL_CERTIFICATE="" # Path of Filebeat SSL Certificate From e3e8cb49b876dfe0fbdf2e6c8d82fdaee6e4b0d5 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 22 Feb 2022 13:34:21 -0300 Subject: [PATCH 049/163] Fix PR --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index b008b442..f1c5d6e3 100644 --- a/README.md +++ b/README.md @@ -39,7 +39,7 @@ API_USERNAME="wazuh" # Wazuh API username API_PASSWORD="wazuh" # Wazuh API password - Must comply with requirements # (8+ length, uppercase, lowercase, specials chars) -INDEXER_URL=https://elasticsearch:9200 # Wazuh indexer URL +INDEXER_URL=https://wazuh1.indexer:9700 # Wazuh indexer URL INDEXER_USERNAME=admin # Wazuh indexer Username INDEXER_PASSWORD=admin # Wazuh indexer Password FILEBEAT_SSL_VERIFICATION_MODE=full # Filebeat SSL Verification mode (full or none) From 0b6e2b10359fe64a55d154a86d228fe62f0a1ec5 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 24 Feb 2022 14:04:26 -0300 Subject: [PATCH 050/163] Fix PR --- wazuh-indexer/config/entrypoint.sh | 4 ---- 1 file changed, 4 deletions(-) diff --git a/wazuh-indexer/config/entrypoint.sh b/wazuh-indexer/config/entrypoint.sh index d16fd5c4..0cd39db0 100644 --- a/wazuh-indexer/config/entrypoint.sh +++ b/wazuh-indexer/config/entrypoint.sh @@ -30,10 +30,6 @@ run_as_other_user_if_needed() { if [[ "$1" != "opensearchwrapper" ]]; then if [[ "$(id -u)" == "0" && $(basename "$1") == "opensearch" ]]; then # Rewrite CMD args to replace $1 with `opensearch` explicitly, - # so that we are backwards compatible with the docs - # from the previous Elasticsearch versions<6 - # and configuration option D: - # https://www.elastic.co/guide/en/elasticsearch/reference/5.6/docker.html#_d_override_the_image_8217_s_default_ulink_url_https_docs_docker_com_engine_reference_run_cmd_default_command_or_options_cmd_ulink # Without this, user could specify `opensearch -E x.y=z` but # `bin/opensearch -E x.y=z` would not work. set -- "opensearch" "${@:2}" From 24de8345998380e31a573e452f12911b1cb285d9 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Wed, 2 Mar 2022 16:30:07 -0300 Subject: [PATCH 051/163] update dashboard.yml and indexer ports --- README.md | 6 +++--- build-wazuh-images.yml | 4 ++-- docker-compose.yml | 4 ++-- production-cluster.yml | 10 +++++----- production_cluster/wazuh-indexer/wazuh1.indexer.yml | 2 -- production_cluster/wazuh-indexer/wazuh2.indexer.yml | 2 -- production_cluster/wazuh-indexer/wazuh3.indexer.yml | 2 -- .../{dashboard.yml => opensearch_dashboard.yml} | 2 +- wazuh-dashboard/Dockerfile | 4 ++-- wazuh-dashboard/config/entrypoint.sh | 2 +- .../config/{dashboard.yml => opensearch_dashboard.yml} | 2 +- wazuh-indexer/Dockerfile | 2 +- wazuh-indexer/config/opensearch.yml | 2 -- wazuh-indexer/config/securityadmin.sh | 2 +- wazuh-manager/config/filebeat.yml | 2 +- 15 files changed, 20 insertions(+), 28 deletions(-) rename production_cluster/wazuh_dashboard/{dashboard.yml => opensearch_dashboard.yml} (92%) rename wazuh-dashboard/config/{dashboard.yml => opensearch_dashboard.yml} (93%) diff --git a/README.md b/README.md index f1c5d6e3..2934e600 100644 --- a/README.md +++ b/README.md @@ -39,7 +39,7 @@ API_USERNAME="wazuh" # Wazuh API username API_PASSWORD="wazuh" # Wazuh API password - Must comply with requirements # (8+ length, uppercase, lowercase, specials chars) -INDEXER_URL=https://wazuh1.indexer:9700 # Wazuh indexer URL +INDEXER_URL=https://wazuh1.indexer:9200 # Wazuh indexer URL INDEXER_USERNAME=admin # Wazuh indexer Username INDEXER_PASSWORD=admin # Wazuh indexer Password FILEBEAT_SSL_VERIFICATION_MODE=full # Filebeat SSL Verification mode (full or none) @@ -102,7 +102,7 @@ ADMIN_PRIVILEGES=true # App privileges │   │   ├── wazuh_manager.conf │   │   └── wazuh_worker.conf │   ├── wazuh_dashboard -│   │   └── dashboard.yml +│   │   └── opensearch_dashboard.yml │   ├── wazuh-indexer │   │   ├── internal_users.yml │   │   ├── opensearch.yml @@ -116,7 +116,7 @@ ADMIN_PRIVILEGES=true # App privileges ├── VERSION ├── wazuh-dashboard │   ├── config -│   │   ├── dashboard.yml +│   │   ├── opensearch_dashboard.yml │   │   ├── entrypoint.sh │   │   ├── wazuh_app_config.sh │   │   └── wazuh.yml diff --git a/build-wazuh-images.yml b/build-wazuh-images.yml index e5af8246..e6ec7ed7 100644 --- a/build-wazuh-images.yml +++ b/build-wazuh-images.yml @@ -13,7 +13,7 @@ services: - "514:514/udp" - "55000:55000" environment: - - INDEXER_URL=https://wazuh1.indexer:9700 + - INDEXER_URL=https://wazuh1.indexer:9200 - INDEXER_USERNAME=admin - INDEXER_PASSWORD=admin - FILEBEAT_SSL_VERIFICATION_MODE=none @@ -36,7 +36,7 @@ services: hostname: wazuh1.indexer restart: always ports: - - "9700:9700" + - "9200:9200" environment: - "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m" ulimits: diff --git a/docker-compose.yml b/docker-compose.yml index f0fc7f15..49515e47 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -12,7 +12,7 @@ services: - "514:514/udp" - "55000:55000" environment: - - INDEXER_URL=https://wazuh1.indexer:9700 + - INDEXER_URL=https://wazuh1.indexer:9200 - INDEXER_USERNAME=admin - INDEXER_PASSWORD=admin - FILEBEAT_SSL_VERIFICATION_MODE=none @@ -34,7 +34,7 @@ services: hostname: wazuh1.indexer restart: always ports: - - "9700:9700" + - "9200:9200" environment: - "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m" ulimits: diff --git a/production-cluster.yml b/production-cluster.yml index c2d14aa1..bf8448fd 100644 --- a/production-cluster.yml +++ b/production-cluster.yml @@ -11,7 +11,7 @@ services: - "514:514/udp" - "55000:55000" environment: - - INDEXER_URL=https://wazuh1.indexer:9700 + - INDEXER_URL=https://wazuh1.indexer:9200 - INDEXER_USERNAME=admin - INDEXER_PASSWORD=SecretPassword - FILEBEAT_SSL_VERIFICATION_MODE=full @@ -42,7 +42,7 @@ services: hostname: wazuh.worker restart: always environment: - - INDEXER_URL=https://wazuh1.indexer:9700 + - INDEXER_URL=https://wazuh1.indexer:9200 - INDEXER_USERNAME=admin - INDEXER_PASSWORD=SecretPassword - FILEBEAT_SSL_VERIFICATION_MODE=full @@ -71,7 +71,7 @@ services: hostname: wazuh1.indexer restart: always ports: - - "9700:9700" + - "9200:9200" environment: - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g" - "bootstrap.memory_lock=true" @@ -141,7 +141,7 @@ services: hostname: wazuh.dashboard restart: always environment: - - OPENSEARCH_HOSTS="https://wazuh1.indexer:9700" + - OPENSEARCH_HOSTS="https://wazuh1.indexer:9200" - WAZUH_API_URL="https://wazuh.master" - API_USERNAME=acme-user - API_PASSWORD=MyS3cr37P450r.*- @@ -149,7 +149,7 @@ services: - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/etc/wazuh-dashboard/certs/wazuh-dashboard.pem - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/etc/wazuh-dashboard/certs/wazuh-dashboard-key.pem - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-dashboard/certs/root-ca.pem - - ./production_cluster/wazuh_dashboard/dashboard.yml:/etc/wazuh-dashboard/dashboard.yml + - ./production_cluster/wazuh_dashboard/opensearch_dashboard.yml:/etc/wazuh-dashboard/opensearch_dashboard.yml depends_on: - wazuh1.indexer links: diff --git a/production_cluster/wazuh-indexer/wazuh1.indexer.yml b/production_cluster/wazuh-indexer/wazuh1.indexer.yml index d8c33040..6cbf52df 100644 --- a/production_cluster/wazuh-indexer/wazuh1.indexer.yml +++ b/production_cluster/wazuh-indexer/wazuh1.indexer.yml @@ -9,8 +9,6 @@ discovery.seed_hosts: - wazuh1.indexer - wazuh2.indexer - wazuh3.indexer -http.port: 9700-9799 -transport.tcp.port: 9800-9899 node.max_local_storage_nodes: "3" path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer diff --git a/production_cluster/wazuh-indexer/wazuh2.indexer.yml b/production_cluster/wazuh-indexer/wazuh2.indexer.yml index 37e09c2e..d4fb85d9 100644 --- a/production_cluster/wazuh-indexer/wazuh2.indexer.yml +++ b/production_cluster/wazuh-indexer/wazuh2.indexer.yml @@ -9,8 +9,6 @@ discovery.seed_hosts: - wazuh1.indexer - wazuh2.indexer - wazuh3.indexer -http.port: 9700-9799 -transport.tcp.port: 9800-9899 node.max_local_storage_nodes: "3" path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer diff --git a/production_cluster/wazuh-indexer/wazuh3.indexer.yml b/production_cluster/wazuh-indexer/wazuh3.indexer.yml index f3df5540..2eb2b9b1 100644 --- a/production_cluster/wazuh-indexer/wazuh3.indexer.yml +++ b/production_cluster/wazuh-indexer/wazuh3.indexer.yml @@ -9,8 +9,6 @@ discovery.seed_hosts: - wazuh1.indexer - wazuh2.indexer - wazuh3.indexer -http.port: 9700-9799 -transport.tcp.port: 9800-9899 node.max_local_storage_nodes: "3" path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer diff --git a/production_cluster/wazuh_dashboard/dashboard.yml b/production_cluster/wazuh_dashboard/opensearch_dashboard.yml similarity index 92% rename from production_cluster/wazuh_dashboard/dashboard.yml rename to production_cluster/wazuh_dashboard/opensearch_dashboard.yml index b079cc16..f7a27b1c 100644 --- a/production_cluster/wazuh_dashboard/dashboard.yml +++ b/production_cluster/wazuh_dashboard/opensearch_dashboard.yml @@ -1,6 +1,6 @@ server.host: 0.0.0.0 server.port: 443 -opensearch.hosts: https://wazuh1.indexer:9700 +opensearch.hosts: https://wazuh1.indexer:9200 opensearch.ssl.verificationMode: certificate opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"] opensearch_security.multitenancy.enabled: false diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index 528dfa9c..d19c83b6 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -15,7 +15,7 @@ COPY config/entrypoint.sh / COPY config/wazuh_app_config.sh / -COPY config/dashboard.yml /etc/wazuh-dashboard/ +COPY config/opensearch_dashboard.yml /etc/wazuh-dashboard/ COPY config/wazuh.yml /usr/share/wazuh-dashboard/data/wazuh/config/ @@ -23,7 +23,7 @@ RUN chmod 700 /entrypoint.sh RUN chmod 700 /wazuh_app_config.sh -RUN chown 101:101 /etc/wazuh-dashboard/dashboard.yml && chmod 664 /etc/wazuh-dashboard/dashboard.yml +RUN chown 101:101 /etc/wazuh-dashboard/opensearch_dashboard.yml && chmod 664 /etc/wazuh-dashboard/opensearch_dashboard.yml RUN mkdir -p /usr/share/wazuh-dashboard/data/wazuh/config && chown -R 101:101 /usr/share/wazuh-dashboard/data/wazuh/config && chmod -R 775 /usr/share/wazuh-dashboard/data/wazuh/config diff --git a/wazuh-dashboard/config/entrypoint.sh b/wazuh-dashboard/config/entrypoint.sh index 4d34f7e0..82b7911d 100644 --- a/wazuh-dashboard/config/entrypoint.sh +++ b/wazuh-dashboard/config/entrypoint.sh @@ -7,4 +7,4 @@ /wazuh_app_config.sh -runuser wazuh-dashboard --shell="/bin/bash" --command="/usr/share/wazuh-dashboard/bin/opensearch-dashboards -c /etc/wazuh-dashboard/dashboard.yml" +runuser wazuh-dashboard --shell="/bin/bash" --command="/usr/share/wazuh-dashboard/bin/opensearch-dashboards -c /etc/wazuh-dashboard/opensearch_dashboard.yml" diff --git a/wazuh-dashboard/config/dashboard.yml b/wazuh-dashboard/config/opensearch_dashboard.yml similarity index 93% rename from wazuh-dashboard/config/dashboard.yml rename to wazuh-dashboard/config/opensearch_dashboard.yml index ffd1257a..e63def82 100644 --- a/wazuh-dashboard/config/dashboard.yml +++ b/wazuh-dashboard/config/opensearch_dashboard.yml @@ -1,6 +1,6 @@ server.host: 0.0.0.0 server.port: 443 -opensearch.hosts: https://wazuh1.indexer:9700 +opensearch.hosts: https://wazuh1.indexer:9200 opensearch.ssl.verificationMode: none opensearch.requestHeadersWhitelist: [ authorization,securitytenant ] opensearch_security.multitenancy.enabled: true diff --git a/wazuh-indexer/Dockerfile b/wazuh-indexer/Dockerfile index 59514c3c..14c49358 100644 --- a/wazuh-indexer/Dockerfile +++ b/wazuh-indexer/Dockerfile @@ -64,7 +64,7 @@ RUN mkdir -p /var/lib/wazuh-indexer && chown 1000:1000 /var/lib/wazuh-indexer && mkdir -p /var/log/wazuh-indexer && chown 1000:1000 /var/log/wazuh-indexer # Services ports -EXPOSE 9700 +EXPOSE 9200 ENTRYPOINT ["/entrypoint.sh"] diff --git a/wazuh-indexer/config/opensearch.yml b/wazuh-indexer/config/opensearch.yml index 1ef919cc..e7fda548 100644 --- a/wazuh-indexer/config/opensearch.yml +++ b/wazuh-indexer/config/opensearch.yml @@ -1,7 +1,5 @@ network.host: "0.0.0.0" node.name: "wazuh1.indexer" -http.port: 9700-9799 -transport.tcp.port: 9800-9899 path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer discovery.type: single-node diff --git a/wazuh-indexer/config/securityadmin.sh b/wazuh-indexer/config/securityadmin.sh index 0283ae8d..f9a5bb10 100644 --- a/wazuh-indexer/config/securityadmin.sh +++ b/wazuh-indexer/config/securityadmin.sh @@ -1,3 +1,3 @@ # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) sleep 30 -bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/ -nhnv -cacert $CACERT -cert $CERT -key $KEY -p 9800 -icl \ No newline at end of file +bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/ -nhnv -cacert $CACERT -cert $CERT -key $KEY -p 9300 -icl \ No newline at end of file diff --git a/wazuh-manager/config/filebeat.yml b/wazuh-manager/config/filebeat.yml index a1f25710..37003366 100644 --- a/wazuh-manager/config/filebeat.yml +++ b/wazuh-manager/config/filebeat.yml @@ -13,7 +13,7 @@ setup.template.json.name: 'wazuh' setup.template.overwrite: true setup.ilm.enabled: false output.elasticsearch: - hosts: ['https://wazuh1.indexer:9700'] + hosts: ['https://wazuh1.indexer:9200'] #username: #password: #ssl.verification_mode: From 01ce184cd099f6ac438a40dded356470535f6468 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 3 Mar 2022 14:15:20 -0300 Subject: [PATCH 052/163] Fix wazuh.yml persistence --- README.md | 4 +- production-cluster.yml | 3 +- ...ashboard.yml => opensearch_dashboards.yml} | 0 production_cluster/wazuh_dashboard/wazuh.yml | 7 +++ wazuh-dashboard/Dockerfile | 6 ++- wazuh-dashboard/config/entrypoint.sh | 48 ++++++++++++++++++- ...ashboard.yml => opensearch_dashboards.yml} | 0 wazuh-dashboard/config/wazuh_app_config.sh | 10 +++- 8 files changed, 71 insertions(+), 7 deletions(-) rename production_cluster/wazuh_dashboard/{opensearch_dashboard.yml => opensearch_dashboards.yml} (100%) create mode 100644 production_cluster/wazuh_dashboard/wazuh.yml rename wazuh-dashboard/config/{opensearch_dashboard.yml => opensearch_dashboards.yml} (100%) diff --git a/README.md b/README.md index 2934e600..a581006e 100644 --- a/README.md +++ b/README.md @@ -102,7 +102,7 @@ ADMIN_PRIVILEGES=true # App privileges │   │   ├── wazuh_manager.conf │   │   └── wazuh_worker.conf │   ├── wazuh_dashboard -│   │   └── opensearch_dashboard.yml +│   │   └── opensearch_dashboards.yml │   ├── wazuh-indexer │   │   ├── internal_users.yml │   │   ├── opensearch.yml @@ -116,7 +116,7 @@ ADMIN_PRIVILEGES=true # App privileges ├── VERSION ├── wazuh-dashboard │   ├── config -│   │   ├── opensearch_dashboard.yml +│   │   ├── opensearch_dashboards.yml │   │   ├── entrypoint.sh │   │   ├── wazuh_app_config.sh │   │   └── wazuh.yml diff --git a/production-cluster.yml b/production-cluster.yml index bf8448fd..72482b77 100644 --- a/production-cluster.yml +++ b/production-cluster.yml @@ -149,7 +149,8 @@ services: - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/etc/wazuh-dashboard/certs/wazuh-dashboard.pem - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/etc/wazuh-dashboard/certs/wazuh-dashboard-key.pem - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-dashboard/certs/root-ca.pem - - ./production_cluster/wazuh_dashboard/opensearch_dashboard.yml:/etc/wazuh-dashboard/opensearch_dashboard.yml + - ./production_cluster/wazuh_dashboard/opensearch_dashboards.yml:/etc/wazuh-dashboard/opensearch_dashboards.yml + - ./production_cluster/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml depends_on: - wazuh1.indexer links: diff --git a/production_cluster/wazuh_dashboard/opensearch_dashboard.yml b/production_cluster/wazuh_dashboard/opensearch_dashboards.yml similarity index 100% rename from production_cluster/wazuh_dashboard/opensearch_dashboard.yml rename to production_cluster/wazuh_dashboard/opensearch_dashboards.yml diff --git a/production_cluster/wazuh_dashboard/wazuh.yml b/production_cluster/wazuh_dashboard/wazuh.yml new file mode 100644 index 00000000..72ec6612 --- /dev/null +++ b/production_cluster/wazuh_dashboard/wazuh.yml @@ -0,0 +1,7 @@ +hosts: + - 1513629884013: + url: "https://wazuh.master" + port: 55000 + username: acme-user + password: MyS3cr37P450r.*- + run_as: false diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index d19c83b6..67799585 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -15,7 +15,7 @@ COPY config/entrypoint.sh / COPY config/wazuh_app_config.sh / -COPY config/opensearch_dashboard.yml /etc/wazuh-dashboard/ +COPY config/opensearch_dashboards.yml /etc/wazuh-dashboard/ COPY config/wazuh.yml /usr/share/wazuh-dashboard/data/wazuh/config/ @@ -23,7 +23,9 @@ RUN chmod 700 /entrypoint.sh RUN chmod 700 /wazuh_app_config.sh -RUN chown 101:101 /etc/wazuh-dashboard/opensearch_dashboard.yml && chmod 664 /etc/wazuh-dashboard/opensearch_dashboard.yml +RUN chown 101:101 /etc/wazuh-dashboard/opensearch_dashboards.yml && chmod 664 /etc/wazuh-dashboard/opensearch_dashboards.yml + +RUN mkdir -p /usr/share/wazuh-dashboard/data/wazuh && chown -R 101:101 /usr/share/wazuh-dashboard/data/wazuh && chmod -R 775 /usr/share/wazuh-dashboard/data/wazuh RUN mkdir -p /usr/share/wazuh-dashboard/data/wazuh/config && chown -R 101:101 /usr/share/wazuh-dashboard/data/wazuh/config && chmod -R 775 /usr/share/wazuh-dashboard/data/wazuh/config diff --git a/wazuh-dashboard/config/entrypoint.sh b/wazuh-dashboard/config/entrypoint.sh index 82b7911d..57649251 100644 --- a/wazuh-dashboard/config/entrypoint.sh +++ b/wazuh-dashboard/config/entrypoint.sh @@ -1,10 +1,56 @@ #!/bin/bash # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) +set -e + +############################################################################## +# Waiting for Wazuh indexer +############################################################################## + +if [ "x${INDEXER_URL}" == "x" ]; then + if [[ ${ENABLED_SECURITY} == "false" ]]; then + export idx_url="http://wazuh1.indexer:9200" + else + export idx_url="https://wazuh1.indexer:9200" + fi +else + export idx_url="${INDEXER_URL}" +fi + +export auth="--user ${INDEXER_USERNAME}:${INDEXER_PASSWORD} -k" + +until curl -XGET $idx_url ${auth}; do + >&2 echo "Wazuh indexer is unavailable - sleeping" + sleep 5 +done + +sleep 2 + +>&2 echo "Elasticsearch is up." + + +############################################################################## +# Waiting for wazuh alerts template +############################################################################## + +strlen=0 + +while [[ $strlen -eq 0 ]] +do + template=$(curl ${auth} $idx_url/_cat/templates/wazuh -s) + strlen=${#template} + >&2 echo "Wazuh alerts template not loaded - sleeping." + sleep 2 +done + +sleep 2 + +>&2 echo "Wazuh alerts template is loaded." + ############################################################################## # Start Wazuh dashboard ############################################################################## /wazuh_app_config.sh -runuser wazuh-dashboard --shell="/bin/bash" --command="/usr/share/wazuh-dashboard/bin/opensearch-dashboards -c /etc/wazuh-dashboard/opensearch_dashboard.yml" +runuser wazuh-dashboard --shell="/bin/bash" --command="/usr/share/wazuh-dashboard/bin/opensearch-dashboards -c /etc/wazuh-dashboard/opensearch_dashboards.yml" diff --git a/wazuh-dashboard/config/opensearch_dashboard.yml b/wazuh-dashboard/config/opensearch_dashboards.yml similarity index 100% rename from wazuh-dashboard/config/opensearch_dashboard.yml rename to wazuh-dashboard/config/opensearch_dashboards.yml diff --git a/wazuh-dashboard/config/wazuh_app_config.sh b/wazuh-dashboard/config/wazuh_app_config.sh index 033b2f4d..9674bdff 100644 --- a/wazuh-dashboard/config/wazuh_app_config.sh +++ b/wazuh-dashboard/config/wazuh_app_config.sh @@ -5,9 +5,14 @@ wazuh_url="${WAZUH_API_URL:-https://wazuh}" wazuh_port="${API_PORT:-55000}" api_username="${API_USERNAME:-wazuh-wui}" api_password="${API_PASSWORD:-wazuh-wui}" +api_run_as="${RUN_AS:-false}" dashboard_config_file="/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml" +grep -q 1513629884013 $dashboard_config_file +_config_exists=$? + +if [[ $_config_exists -ne 0 ]]; then cat << EOF > $dashboard_config_file hosts: - 1513629884013: @@ -15,6 +20,9 @@ hosts: port: $wazuh_port username: $api_username password: $api_password + run_as: $api_run_as EOF - +else + echo "Wazuh APP already configured" +fi From 8e42f30b19f8175854eb66614d4b02aa1a590e01 Mon Sep 17 00:00:00 2001 From: Alberto R Date: Fri, 4 Mar 2022 17:56:20 +0100 Subject: [PATCH 053/163] Minor fix --- wazuh-indexer/config/config.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wazuh-indexer/config/config.sh b/wazuh-indexer/config/config.sh index 0b53cc41..9a4fc27b 100644 --- a/wazuh-indexer/config/config.sh +++ b/wazuh-indexer/config/config.sh @@ -24,7 +24,7 @@ rm -rf ${INSTALLATION_DIR}/ curl -o ${INDEXER_FILE} https://packages-dev.wazuh.com/stack/indexer/base/${BASE_FILE} tar -xf ${INDEXER_FILE} -# copy to target +# Copy to target mkdir -p ${TARGET_DIR}${INSTALLATION_DIR} mkdir -p ${TARGET_DIR}${CONFIG_DIR} mkdir -p ${TARGET_DIR}${LIB_DIR} From 9f1dec3338ed0b1db9078a7625b8c56819f50873 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 4 Mar 2022 18:20:15 -0300 Subject: [PATCH 054/163] Update config and certs path --- generate-indexer-certs.yml | 2 +- indexer_certs_creator/Dockerfile | 8 +- indexer_certs_creator/config/entrypoint.sh | 4 +- .../config/unattended_installer.tar.gz | Bin 9234 -> 0 bytes .../config/wazuh-cert-tool.sh | 434 ++++++++++++++++++ production-cluster.yml | 28 +- .../wazuh-indexer/wazuh1.indexer.yml | 12 +- .../wazuh-indexer/wazuh2.indexer.yml | 12 +- .../wazuh-indexer/wazuh3.indexer.yml | 12 +- wazuh-indexer/Dockerfile | 16 +- wazuh-indexer/config/config.sh | 29 +- wazuh-indexer/config/entrypoint.sh | 11 +- wazuh-indexer/config/internal_users.yml | 74 +++ wazuh-indexer/config/opensearch.yml | 12 +- wazuh-indexer/config/roles.yml | 163 +++++++ wazuh-indexer/config/roles_mapping.yml | 71 +++ .../config/unattended_installer.tar.gz | Bin 9234 -> 0 bytes 17 files changed, 818 insertions(+), 70 deletions(-) delete mode 100644 indexer_certs_creator/config/unattended_installer.tar.gz create mode 100644 indexer_certs_creator/config/wazuh-cert-tool.sh create mode 100644 wazuh-indexer/config/internal_users.yml create mode 100644 wazuh-indexer/config/roles.yml create mode 100644 wazuh-indexer/config/roles_mapping.yml delete mode 100644 wazuh-indexer/config/unattended_installer.tar.gz diff --git a/generate-indexer-certs.yml b/generate-indexer-certs.yml index b93dbfff..ce8a0174 100644 --- a/generate-indexer-certs.yml +++ b/generate-indexer-certs.yml @@ -6,5 +6,5 @@ services: image: wazuh/wazuh-certs-generator:0.0.1 hostname: wazuh-certs-generator volumes: - - ./production_cluster/wazuh_indexer_ssl_certs/certs.yml:/unattended_installer/install_functions/config.yml + - ./production_cluster/wazuh_indexer_ssl_certs/certs.yml:/config.yml - ./production_cluster/wazuh_indexer_ssl_certs/:/certificates/ \ No newline at end of file diff --git a/indexer_certs_creator/Dockerfile b/indexer_certs_creator/Dockerfile index eefe7bea..1ed3a78a 100644 --- a/indexer_certs_creator/Dockerfile +++ b/indexer_certs_creator/Dockerfile @@ -1,16 +1,14 @@ # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) FROM ubuntu:focal -RUN apt-get update && apt-get install openssl -y +RUN apt-get update && apt-get install openssl curl -y WORKDIR / -COPY config/unattended_installer.tar.gz / +RUN curl -o wazuh-cert-tool.sh https://s3.us-west-1.amazonaws.com/packages.wazuh.com/4.x/wazuh-cert-tool.sh COPY config/entrypoint.sh / -RUN tar -xzvf /unattended_installer.tar.gz - -RUN chmod 700 /entrypoint.sh && chmod -R 700 unattended_installer +RUN chmod 700 /entrypoint.sh && chmod 700 /wazuh-cert-tool.sh ENTRYPOINT ["/entrypoint.sh"] \ No newline at end of file diff --git a/indexer_certs_creator/config/entrypoint.sh b/indexer_certs_creator/config/entrypoint.sh index 959f9e6d..8642171f 100644 --- a/indexer_certs_creator/config/entrypoint.sh +++ b/indexer_certs_creator/config/entrypoint.sh @@ -5,8 +5,8 @@ # Creating Cluster certificates ############################################################################## -/unattended_installer/install_functions/wazuh-cert-tool.sh +/wazuh-cert-tool.sh echo "Moving created certificates to destination directory" -cp /unattended_installer/install_functions/certs/* /certificates/ +cp /certs/* /certificates/ echo "changing certificate permissions" chmod -R 666 /certificates/* diff --git a/indexer_certs_creator/config/unattended_installer.tar.gz b/indexer_certs_creator/config/unattended_installer.tar.gz deleted file mode 100644 index 0a2de7fdb283502c7b8f2917f9cb068a7a03ad05..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 9234 zcmV+tB<OjSQRQ+tSRMxo_~FCNS@N&f>YEw)H@0gVcS!B#hns)?pUdC%Y#Qv82)Rps zH@`%E;(#uEralR%KZZZ79;!t#wj{(ghjfQkmFuj)8SRi?M3XWrcScWG&0V!|Llm** zbYKRdV+GXot^S-&8wENk^k?Y4OU?tzezn8P5hb2GxFi!N?31DAQxf(~7s{yUJTzUi zM}6ow!QX8TEKoy7XJ-?w>+%b)$*9-5<(<1Xh2F7W>vjm<_z{+kbL_3!@Qw|L6sa_KHPbiosH0@8H` zltke51P@5Zv@Sp~nAnNw+NAFVVL&W!m^zf89#ETv9yuOSm+Uz~=zHXhT9NOBmxT4I z0OS+u51k-zJQtvQK5K3B#sV^UVO-xL9{@V8=nD!~Dz%3+G|`da?vKH$gbEr^%saNx zM*|Eyq)`Htd$j9-M|bH(zQ7@RkUoeIT40l*m#!<7K=s?EWzm4Sdp>2ppS?r6<{&`F zO7Nr2x?z(tF-&{txJU>%o0jj4LPmx0${fMKunrlN05(b`Z{oJuywW3KycfXl=K;3{ z18+jQ(O^J0L`d+w%>}3~d9l};3 zVHDpqqydF~loc;;%^O2!!4`)zLfgCV*fw=%QAOT=#5Ood#e1IXvA*W;6P)7hJj8^q zy!>yBEU64y68>%r`R{&;um6r4qCFWfX$8wT01MXtjg6fDx4FIjJ^u4e9=`s+#>F50 zkIROXGn=QxHbb)mR)RI6qz_918JmNMVsn#pEdO#8@?!K6gm=)RF7?e2RwEW_84aSI z<5ok@8w6EsTM7F4#a$w1`c-IkPmvmAmUmVL%epkDh!?P|G|ZKHW95ytyVvVCj`l8U z+b^CU)%;J-JFhA&d$a!Mo73vsXD_VY!Kilr+zqx~>|GAWmCEbm=Z4PwE#Vh1y0~8; zRxZ^D=ZV~GS-n=c@p*FmyJ@$!g00Tr7-cf&eOoM&T+t{G*LjTXkQSGgN zzHv~|5~-m>MV%(c_wuB?cyac}QTMes`LcZ;ZH3_qfewAuAf0iVaz@ zF+(_#0g@rAO?eEXEo+aZyS2_Tk@Bh{7 z8xOPbpN-n~_xR5@d9)Fhna5l?YYMw9xU~d-?_*nL*>!+L1+EFcEES;duZmwLj+dgIhDle^ z2>Lq~9uuf^rRxN3zzo=YDB7rPC8D#UnPhgtYn(8o<$6OCtj`_|DWeG{8oqfxpJl+= zXn?xG+uhPEv#Sy-ESz1hfJl@cQrnm4Q*l+&u!au2pV{$-bJm{DwPc02yHhGE>@SpI}sM*xp5YPqlHy*#}x z-{*%6_5gqw{JlGn00}1lUVuot4jtG@sa8@VppGy?>Y8q-p)eEwn{68?Tf6dFN{Pe;N0GkT&(5B~qVf!BIukTO?`Iz1Vj=KKspNFY z`}d^$g%~Se2VM_TW~T=E`0+6UaM`ki%NIKj5%o=@IyU_({K`xuK98W>D0Q8ZO*>Jq zjde}q$rF-*CyggR)(wW4lwCl)W_d&0J&^L4Tt>rnz^|YWE(3O7sA)i*QKAEV$1j&7 zSS)Au<<+yho1?G{4%p28qMnVcBrSEKVpk6F{)AESA#wXUC2qEfa1w@G}5HN z3X?o1$sP3Tm36 zDw&JD|D779N<+$?4|kzj=~OBab)rftxW#&;(V=OMTKRV##pJKQ=9)vDy5UOEp|DD+ z+NL3raoHQ#&6TyDPe;U%r0y7`N<*tE0mUy&!0Ra>zS%TL>>9w1Pmcn~lJC{(if>NS z?J&mx+N_}luQL5ih#{5x#sh^o0=gVaZMtf#Pf<~4(z~9vcQQ5`N8tAiE`*9>jds=^FaN9K;Mkgm*yFjr?XJ+-PcO}R+a zx;T`wMpr50CIM~I%@TG4{k)v$^Xm@?A6gO&%96McoXe_B$5j_^75zn+cBCxvx>)6A z;1+&jG4#AK7!K>g?9o7rPZl~qEx;^2%wnjaH6MAoyzJPsCc6mtbLO}(^JUK~@?D2` z2HR!R>vLR(RLk(i1HKBg^CoghRgVE&k?C3j<|=#g;f8B7UyHmj_q7a234!l*=eo0B z7A{m@iux$9>Fr@u8tfh^gZbPwUDpeNBG`7OK2h=@_X!Nx96pmO?YTV9?=lGKu#y;E z`q>Fd{qYq%cg@ObnIk$(mQ;4lC8)@p!AcMeDxq(>0UlIUplRr1$lbQgppC2;nIR@# zs|$?uewEctv;K0tS4OBA1Fm=Yg6lGS$*j$4)PuWW*o1uK{!FUof?j3=A}QjjX}7SQ z#S-?^DzP9cuiCZo)bqmJlDL048ki*e&k|A$OqUnv_(tH zIXHF+EvfJX--cpn;;|Z&n6XPuHUc`v0UbdYH0xRZuuW)ort-!GrWPjG_M90sk4#LQ;kqN0iA& z%6<5Gcrw*7OQ_#}8{~&(p{YWJtiU~w1~$_Vm@ZuI_Dm(wX~9Wa_z8@ZM#;N_2VmBh zjt^#0@<4D}^>{E&ndDapD!K>+3_r%rucImAG9>DTkqJB*a)B<7$?vVxqr;=;>p7E5 z6j9C$ZDnPOoRw^5DVruN4R*!IbyQ`VF+B3&%>1djh6W6OOpSGgX)c{9nv=9Vk~^c) zD5#6G+Igl>lL6ekbd-qBJh>E-$(7`hm4zaQxtz`MHEY3T{oI)RthH&*d;>Sc_J*;9 zl;OxCkkBuL`J<6&9QpvoBCYZ}v;3u2egv%UV{`J8nOZuZ8#B$%45tB~lh)bUO|VQAfta}nTAjEtXJ;=IH_2Nae-$3%6Ppq! zo2R|#|0f#ExY=A2cdk=6p5vRo@l{%RTQz$DRJr*{l8ckVCC}n7><02E6S|K(26^%X zn*yvhKTgcFlArODP9yA4rno>X?3M(^)Wv0PckWT9SsWhFf#TgU=qPI={qv~xYClsX z31YUG;wTVh4Rno^$t#x0qZ}~H4+Mz=W*+f3=Hfhidvttqc6e4C@B8DE*N4YPXCLPS z-rGOhJw0SiXTUC-58$6NcSp+N7PO|Fe0EvGfMp`$)>J)9XBw3-0*_cnzT<}MlMF-L z%))jBrqBXz#H2-xGzRq-{P)QM+72-}5Y(7|0)p{N9H%oFlfD-y(|Y2-5YP!^BZApX z7C`TU4M@6+`+4}ar;x*vvxu0|P=Xc~9qWjVHHQ9+d|PtNbP`keAl?49=P51ySBF-ZYoqbMwjz00t(@1MmA#LOaw zUly@L&g^u$3|ccR0aXsfHrwGrDF$}|%ze}1Uw1$+4jJ4x$5ec!&GUz5SWpkuhp#q^ z+u_4koI=J!KFMk`a}Lg8e-HRyE=x0TRXIGDW+XNS3=o^YSqF@X2h+`Mj2y<_oGCzS zpQ%b8mc&9@s%a>GGLI*>)*jIiKl6Lw1w6=wO%G3Gkg?qNiQ)1l75u8!PJ!?tcU6uK zn(3Y*5D35x3>Q?ZD@O<51+c=qEHxMPjs;$w5$7WN)?7&au4&PDkMLeZ8=C)1+Lin5 zeCRLkA`!I}Uxkeg;Fp0nn_xn0pU15+3@f_fmWv+>vPF@sY))692qrrCzEzmKbxqV- z(9|SGt-}77-@V|-2cBgPkR9>vNR@};-NwRjy$Mi^S3k&4tM}~cyw#Jptin!LaX%+7!wfZHjHlpR-Hv)h{VQJpg_GP?u|{2hXo z!1bJyZIo%o%a@O!cmMSC_;e@lo#PYqoh~Y@uI}+;4X(+2Tw?QlQ`qeO40LHe>me?W zZ5A>`$~S`Q{tO<{AOPpN$@Sp6h-hG1+O3wNmHdb&8QxSRGpr?P2$@PXLjkMyU6cbq z6k5-k2qoV^mDj9zxHzL1Y+%8%kW%o;m9)uZJEU&X)$TBrF-Xc3lD!lHmz+(grebJ1 zt~Pd3a3(AK&rfL4C^Myv^4R#xNSvm;s)!oOIj_;kSxS;o5Tk4|Ov+{_k1P(%UI$Oa z@UZlmJO&nqYOZ{3O!Wu~mgbO-7*gpQXb>kMs~g8{amIqvtidaT{I`JjBF2kO`V7=i zbqlDw3^h(F9jlqUcMDj19BsW__ZU?-U^qb(xEV{1= zTdP$$gf|EJ%Z#z)6*;cBajnvTz-an8yBMUF#yJzqNSd?1htmEwyH=qIhOnkpo{Ry$R6aftds)Wf-U|+=**S=(iG(^LWNKH) z$$+9yj~PcSMU6);S$u`X3q_>a!U$N{FNa<#W;`c5X$eMPly?p@(C=Ho3<*Ipq^JZi z_Izce*!!vyK*Y;S;UbX&04OSntjfl-P01C5BFpoAYK3ud@8pX`RzI}XSfKVpaGwQX z;qQmZPw;OXUxoMg@qusqL-`}tuK)Dm-KskE*OQH?NWB#3raVusUMTq|9ZJO%F?TiO z!Dy2RfHERoDjkZ1x@@p|r*tkp&cNf!OgbesWE|h^VD=*2T0OW;by6$h-CL>jUx`Rk zb0fep@H1h-aSmU#mon1G&)-N8b%M}eBP)#ur2c>msM`zsYb%X)vQDNV))(;9N)cF= zpp{z@R|g+!ia5z$`I?Mjx*pdi$YqPTWV)UUNG$Z;Q`t65ZPk+tJWP&>cz<8bl1gnGC{_CZGfr2DM<>@);zWRW0nh{CAlxEH7dlR~)s@6YSv*KSl zWlHH$rWIn8QbGA^dx=J=9MYs=Ha@Cz6f#aikXo(EPhrvKUu(ZoR-=50zwe#9#+#%z zax}?rqda@@s-+gM+IqRJtd5d@d?@SLA**-ga!LJni+U=VJ9jdD!{XOom{V6Lrr(Q( z)cwEquJyTX8;O6u{uQXI8%eGyzmiPrT5WuaGv~Qn;;AQJ&T=%2MA^Jblp;!Y+}Qv7 z?Jht7BmqA3NZUCgGZ~q9Ef%}L0$BWz_U}(lKQk&cYWo>;KC#+|9@{zSvGxwXQ8KL8 z5+rdibRIicjM>ojCey%~djvXY@WeJ{678S^ymlyBW68Uc>mwBW;VJIQO*N)`^2EVz zlU~hr7U*aJ%|R&sF|PkwG^|Dam@%Fu^4T;~b%xsROdZ=K{VRE61pTRdm9!+u>`DZ; zv-Be^LomKQ+@sS})iYIRtlAkc6MPn|oezMq8h>#g#NH9f)Kzb++Z&0CZ|gS4))bqU zx`Ew9Yn#E+JsS7KQ`lgDErVg93w@~>HL=}fzoGO725I!u*4+R@F=L0ZYf6KB%!-|j zOwabKPJhT1rs($4V7Qsqt#Q4HZd2vmamrHv)E!ePg)~`{V_~f84T7e+V?JTde3UB{ zNlNwYy7-zS2xvyo zJb5RBW z+rm;d(ul>W=Wi&r2jN_rM))me>Sp8%=i`;~A=g&OC=WdySbxmu>@-nG8XW?!cwJt; zk*?!PV00u+vX;Yf%X$z)CNbKnqCB!xAAzHCXTJ@?A7HT`pbG)JIQutMq5eQ4x=?j6 zoy~rOl7cCJt=zdgU>E;5b1wgRdf*(rI=jrL-89^%DV}?u@Vw$a+Oo(gFSAyf7M+jo zVsOixaQX4Stg+YayuaLg)9JcnAJ`E1?%ul&Syg-Q-isgIw;jsf$fx%6^Zg%T<>Ees z?C8bwedZAP8C>Ngbx%zR5I4ygxV&B6Q%n1!R2U7ZxH}mvwtS$=32)uQ=Pz=&lGzV~ zTQCXPvuDq&`FC>X?MV8&O7OXvwdCj=N(&&0{mg2Hs_66vbJf_%iNns`y_PC>MM9!3 zdw>Bv0g>#$WUR(5Z{#k=i~dJ{5kd@VODb+Mgc!~-73bqqoi|G|WBX)acCfmBIzr|_ zA?SObVF^f2Wykqkm>!U{PPX`sU%c>eg~gPMAet~sZZUv@M%B< zY8>MfX-spMi`yygCH~8MI3Iceb`(rgAXWZw*AK&`=3fe(;}5#fw8h+|3-v(V>GA8+ zHe$hTaM)PqCp0vp3FUL?k|NHvO;qFuG`+AMF(wl|Y3X>~_fzzr-kkjI? z2GUrD*Q@ZG@{HqT1D^`gZIF0hy$C$%Llk=qB{} z1zlIh$EBxp<}z%G)wRGh$D9j~7;SSU;Q~?r@}1bB?FZAL#|H}ZDq+se!VcfY+oJ>T z;f_WOJu|kY)2_wcrlh-*x$?B{Q{JqpZ8hskdK5e$nbC@aa*Bow4^9Ax%A;r(4U^Vr(mKY5Jh6Gz5 z3bKeQFd$@Q&mR`Db8m5Q$S3>j4-uI(@Og_dWJ8&hV5dR<7L zZ3L{Q%f`|oJx)Y!U59PN6wqH=)_mQy=iH*+W|RB%b=FExzP{%0Z>v*#uE4B17$7h? zFweAQnyJyqeO-+sEjDNgmy#8ACDzM1X{Zb1+mCXSG1_&EZACURx@hBgl4*Ygi6<#= z;fTKo12>8vUW=n)K8PZE9CT{1SQBQ_K+dLNCQ~?lNw_kW2wkqjW?;U&_R7i!E&{U& zp;)zgk$ois%D@8hbD1zgy+H?o!YGpWL#im@G_-1qbLQw`6!{uOVmY!NJ(i_^F=|4M z8g6H;M@+_Q#Dt7zfLAK?=!3SkQ|{4+*vX-OnjhOp92&+@tCyjq<@Iztq+3j>tnL^+ zG#v~qBT|ld8TeQ$@s?bd4LzG^QEdB*Ke=GoG_!gdZWGLkLrfV4 zIs?=crCJAPYQSqVjBLj0)~RX}us``wU;4@PI@I0|siMq*(7+*?a;>_3t#0FxXQ)}E zTdUqstJgHR8LH*UR->nhYlacB<@?c^S&M{N@p6+ON!`%rLW; zAuQ&5o<*B+?xm-nL7t#;K7}Y_2ugT zmZGz{H}XF#U_Aac>@=>fj>DNd@Q$yqcN$vMJw(Za*?v536h>#gFCQ0k_L4Pv`$x|r zNDXgDW?e0O{LpLG!(Qw7v3KxTW4&1aI(iED|Gw9%hsX8ss#j}V_nPgUUWT|N~{BPPGB8*HTs~ncc^B8JKTA=;)$*y zRb7k2&ATS;-cc&(2+$Gu@UtisJ`6nqJ{P52KRxN{)QqY;YC)d;$mLU2-Ko`n618;p ze`5X#FBg7&|2?FJ1kJmk)r?ASHEaD^D-KOTx4=iu+TTO`*XhBJUac44scxgrWu;Nu zy$f~;-UKL7&Eo|8PO}H+(V`z-Q|k0NQ>V!?i-?>eX#b}#^P`K&BPmWJ+)KxG_VyYr zma5*iZ(fdwL@5SR(kUzinKtLj5u=r0AS50uiOA{|f3{+u_%mCN__N~uQM&qg8EGPt z@x^+gG#M&?ngl)0)&~YwpnL0jq8XKvBcD;SG;Pbk|Fo2Hsl1geo)TzL&shWi^#TN~ z4-tFSS&HxY4gR$f4_ZNa-{}?cqG&?2dW6Vfj%AK>ua>hhhd`4SB$h)+SYbPFq)W1a zgu=oEJowoN3uHk?2FTd8nh&LvZhT4xG7rtSAqm+PmSsrHdf%K-SkCpgBN|zit(lVpE1!aJ)A7A)yH^>k!Y zak>C~eo>+^x^sbTqBi>%02{uI95;RC;p+@J~vnbHsB5SvFD+A9P(yLhr;v=7%L!rgj_flGr zBlyLeG~QH`=$ z48y%?&Mr6BXL`%OowB%V82S4UTvI!-my+oi|7QZks6rL0P=zW~p$b)~LKUh|g(_5` o3RS2=6{=8$Dpa8gRj5K0s!)Y0RG|u0_=|=A0R*>>xB&0~0D~nz1ONa4 diff --git a/indexer_certs_creator/config/wazuh-cert-tool.sh b/indexer_certs_creator/config/wazuh-cert-tool.sh new file mode 100644 index 00000000..072369df --- /dev/null +++ b/indexer_certs_creator/config/wazuh-cert-tool.sh @@ -0,0 +1,434 @@ +#!/bin/bash + +# Program to generate the certificates necessary for Wazuh installation +# Copyright (C) 2015, Wazuh Inc. +# +# This program is a free software; you can redistribute it +# and/or modify it under the terms of the GNU General Public +# License (version 2) as published by the FSF - Free Software +# Foundation. + +if [ -z "${base_path}" ]; then + readonly base_path="$(dirname "$(readlink -f "$0")")" + readonly config_file="${base_path}/config.yml" +fi + +if [[ -z "${logfile}" ]]; then + readonly logfile="/var/log/wazuh-cert-tool.log" +fi + +debug_cert=">> ${logfile} 2>&1" + +function cleanFiles() { + + eval "rm -f ${base_path}/certs/*.csr ${debug_cert}" + eval "rm -f ${base_path}/certs/*.srl ${debug_cert}" + eval "rm -f ${base_path}/certs/*.conf ${debug_cert}" + eval "rm -f ${base_path}/certs/admin-key-temp.pem ${debug_cert}" + +} + +function checkOpenSSL() { + if [ -z "$(command -v openssl)" ]; then + logger_cert -e "OpenSSL not installed." + exit 1 + fi +} + +function logger_cert() { + now=$(date +'%d/%m/%Y %H:%M:%S') + mtype="INFO:" + debugLogger= + disableHeader= + if [ -n "${1}" ]; then + while [ -n "${1}" ]; do + case ${1} in + "-e") + mtype="ERROR:" + shift 1 + ;; + "-w") + mtype="WARNING:" + shift 1 + ;; + "-dh") + disableHeader=1 + shift 1 + ;; + "-d") + debugLogger=1 + shift 1 + ;; + *) + message="${1}" + shift 1 + ;; + esac + done + fi + + if [ -z "${debugLogger}" ] || ( [ -n "${debugLogger}" ] && [ -n "${debugEnabled}" ] ); then + if [ -n "${disableHeader}" ]; then + echo "${message}" | tee -a ${logfile} + else + echo "${now} ${mtype} ${message}" | tee -a ${logfile} + fi + fi +} + +function generateAdmincertificate() { + + eval "openssl genrsa -out ${base_path}/certs/admin-key-temp.pem 2048 ${debug_cert}" + eval "openssl pkcs8 -inform PEM -outform PEM -in ${base_path}/certs/admin-key-temp.pem -topk8 -nocrypt -v1 PBE-SHA1-3DES -out ${base_path}/certs/admin-key.pem ${debug_cert}" + eval "openssl req -new -key ${base_path}/certs/admin-key.pem -out ${base_path}/certs/admin.csr -batch -subj '/C=US/L=California/O=Wazuh/OU=Wazuh/CN=admin' ${debug_cert}" + eval "openssl x509 -days 3650 -req -in ${base_path}/certs/admin.csr -CA ${base_path}/certs/root-ca.pem -CAkey ${base_path}/certs/root-ca.key -CAcreateserial -sha256 -out ${base_path}/certs/admin.pem ${debug_cert}" + eval "chmod 444 ${base_path}/certs/admin*.pem ${debug_cert}" + +} + +function generateCertificateconfiguration() { + + cat > "${base_path}/certs/${1}.conf" <<- EOF + [ req ] + prompt = no + default_bits = 2048 + default_md = sha256 + distinguished_name = req_distinguished_name + x509_extensions = v3_req + + [req_distinguished_name] + C = US + L = California + O = Wazuh + OU = Wazuh + CN = cname + + [ v3_req ] + authorityKeyIdentifier=keyid,issuer + basicConstraints = CA:FALSE + keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment + subjectAltName = @alt_names + + [alt_names] + IP.1 = cip + EOF + + conf="$(awk '{sub("CN = cname", "CN = '${1}'")}1' "${base_path}/certs/${1}.conf")" + echo "${conf}" > "${base_path}/certs/${1}.conf" + + isIP=$(echo "${2}" | grep -P "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$") + isDNS=$(echo "${2}" | grep -P "^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9](?:\.[a-zA-Z]{2,})+$" ) + + if [[ -n "${isIP}" ]]; then + conf="$(awk '{sub("IP.1 = cip", "IP.1 = '${2}'")}1' "${base_path}/certs/${1}.conf")" + echo "${conf}" > "${base_path}/certs/${1}.conf" + elif [[ -n "${isDNS}" ]]; then + conf="$(awk '{sub("CN = cname", "CN = '${2}'")}1' "${base_path}/certs/${1}.conf")" + echo "${conf}" > "${base_path}/certs/${1}.conf" + conf="$(awk '{sub("IP.1 = cip", "DNS.1 = '${2}'")}1' "${base_path}/certs/${1}.conf")" + echo "${conf}" > "${base_path}/certs/${1}.conf" + else + logger_cert -e "The given information does not match with an IP address or a DNS." + exit 1 + fi + +} + +function generateIndexercertificates() { + + if [ ${#indexer_node_names[@]} -gt 0 ]; then + logger_cert -d "Creating the Wazuh indexer certificates." + + for i in "${!indexer_node_names[@]}"; do + generateCertificateconfiguration "${indexer_node_names[i]}" "${indexer_node_ips[i]}" + eval "openssl req -new -nodes -newkey rsa:2048 -keyout ${base_path}/certs/${indexer_node_names[i]}-key.pem -out ${base_path}/certs/${indexer_node_names[i]}.csr -config ${base_path}/certs/${indexer_node_names[i]}.conf -days 3650 ${debug_cert}" + eval "openssl x509 -req -in ${base_path}/certs/${indexer_node_names[i]}.csr -CA ${base_path}/certs/root-ca.pem -CAkey ${base_path}/certs/root-ca.key -CAcreateserial -out ${base_path}/certs/${indexer_node_names[i]}.pem -extfile ${base_path}/certs/${indexer_node_names[i]}.conf -extensions v3_req -days 3650 ${debug_cert}" + eval "chmod 444 ${base_path}/certs/${indexer_node_names[i]}-key.pem ${debug_cert}" + done + fi + +} + +function generateFilebeatcertificates() { + + if [ ${#wazuh_servers_node_names[@]} -gt 0 ]; then + logger_cert -d "Creating the Wazuh server certificates." + + for i in "${!wazuh_servers_node_names[@]}"; do + generateCertificateconfiguration "${wazuh_servers_node_names[i]}" "${wazuh_servers_node_ips[i]}" + eval "openssl req -new -nodes -newkey rsa:2048 -keyout ${base_path}/certs/${wazuh_servers_node_names[i]}-key.pem -out ${base_path}/certs/${wazuh_servers_node_names[i]}.csr -config ${base_path}/certs/${wazuh_servers_node_names[i]}.conf -days 3650 ${debug_cert}" + eval "openssl x509 -req -in ${base_path}/certs/${wazuh_servers_node_names[i]}.csr -CA ${base_path}/certs/root-ca.pem -CAkey ${base_path}/certs/root-ca.key -CAcreateserial -out ${base_path}/certs/${wazuh_servers_node_names[i]}.pem -extfile ${base_path}/certs/${wazuh_servers_node_names[i]}.conf -extensions v3_req -days 3650 ${debug_cert}" + done + fi + +} + +function generateDashboardcertificates() { + + if [ ${#dashboard_node_names[@]} -gt 0 ]; then + logger_cert -d "Creating the Wazuh dashboard certificates." + + for i in "${!dashboard_node_names[@]}"; do + generateCertificateconfiguration "${dashboard_node_names[i]}" "${dashboard_node_ips[i]}" + eval "openssl req -new -nodes -newkey rsa:2048 -keyout ${base_path}/certs/${dashboard_node_names[i]}-key.pem -out ${base_path}/certs/${dashboard_node_names[i]}.csr -config ${base_path}/certs/${dashboard_node_names[i]}.conf -days 3650 ${debug_cert}" + eval "openssl x509 -req -in ${base_path}/certs/${dashboard_node_names[i]}.csr -CA ${base_path}/certs/root-ca.pem -CAkey ${base_path}/certs/root-ca.key -CAcreateserial -out ${base_path}/certs/${dashboard_node_names[i]}.pem -extfile ${base_path}/certs/${dashboard_node_names[i]}.conf -extensions v3_req -days 3650 ${debug_cert}" + eval "chmod 444 ${base_path}/certs/${dashboard_node_names[i]}-key.pem ${debug_cert}" + done + fi + +} + +function generateRootCAcertificate() { + + logger_cert -d "Creating the root certificate." + + eval "openssl req -x509 -new -nodes -newkey rsa:2048 -keyout ${base_path}/certs/root-ca.key -out ${base_path}/certs/root-ca.pem -batch -subj '/OU=Wazuh/O=Wazuh/L=California/' -days 3650 ${debug_cert}" + +} + +function getHelp() { + + echo -e "" + echo -e "NAME" + echo -e " wazuh-cert-tool.sh - Manages the creation of certificates of the Wazuh components." + echo -e "" + echo -e "SYNOPSIS" + echo -e " wazuh-cert-tool.sh [OPTIONS]" + echo -e "" + echo -e "DESCRIPTION" + echo -e " -a, --admin-certificates" + echo -e " Creates the admin certificates." + echo -e "" + echo -e " -ca, --root-ca-certificates" + echo -e " Creates the root-ca certificates." + echo -e "" + echo -e " -v, --verbose" + echo -e " Enables verbose mode." + echo -e "" + echo -e " -wd, --wazuh-dashboard-certificates" + echo -e " Creates the Wazuh dashboard certificates." + echo -e "" + echo -e " -wi, --wazuh-indexer-certificates" + echo -e " Creates the Wazuh indexer certificates." + echo -e "" + echo -e " -ws, --wazuh-server-certificates" + echo -e " Creates the Wazuh server certificates." + + exit 1 + +} + +function main() { + + if [ "$EUID" -ne 0 ]; then + logger_cert -e "This script must be run as root." + exit 1 + fi + + checkOpenSSL + + if [[ -d ${base_path}/certs ]]; then + logger_cert -e "Folder ${base_path}/certs already exists. Please, remove the /certs folder to create new certificates." + exit 1 + else + mkdir "${base_path}/certs" + fi + + if [ -n "${1}" ]; then + while [ -n "${1}" ] + do + case "${1}" in + "-a"|"--admin-certificates") + cadmin=1 + shift 1 + ;; + "-ca"|"--root-ca-certificate") + ca=1 + shift 1 + ;; + "-h"|"--help") + getHelp + ;; + "-v"|"--verbose") + debugEnabled=1 + shift 1 + ;; + "-wd"|"--wazuh-dashboard-certificates") + cdashboard=1 + shift 1 + ;; + "-wi"|"--wazuh-indexer-certificates") + cindexer=1 + shift 1 + ;; + "-ws"|"--wazuh-server-certificates") + cserver=1 + shift 1 + ;; + *) + getHelp + esac + done + + readConfig + + if [ -n "${debugEnabled}" ]; then + debug_cert="2>&1 | tee -a ${logfile}" + fi + + if [[ -n "${cadmin}" ]]; then + generateAdmincertificate + logger_cert "Admin certificates created." + fi + + if [[ -n "${ca}" ]]; then + generateRootCAcertificate + logger_cert "Authority certificates created." + fi + + if [[ -n "${cindexer}" ]]; then + generateIndexercertificates + logger_cert "Wazuh indexer certificates created." + fi + + if [[ -n "${cserver}" ]]; then + generateFilebeatcertificates + logger_cert "Wazuh server certificates created." + fi + + if [[ -n "${cdashboard}" ]]; then + generateDashboardcertificates + logger_cert "Wazuh dashboard certificates created." + fi + + else + readConfig + generateRootCAcertificate + generateAdmincertificate + generateIndexercertificates + generateFilebeatcertificates + generateDashboardcertificates + cleanFiles + fi + +} + +function parse_yaml() { + + local prefix=${2} + local s='[[:space:]]*' + local w='[a-zA-Z0-9_]*' + local fs=$(echo @|tr @ '\034') + sed -ne "s|^\($s\):|\1|" \ + -e "s|^\($s\)\($w\)$s:$s[\"']\(.*\)[\"']$s\$|\1$fs\2$fs\3|p" \ + -e "s|^\($s\)\($w\)$s:$s\(.*\)$s\$|\1$fs\2$fs\3|p" ${1} | + awk -F$fs '{ + indent = length($1)/2; + vname[indent] = $2; + for (i in vname) {if (i > indent) {delete vname[i]}} + if (length($3) > 0) { + vn=""; for (i=0; iOjSQRQ+tSRMxo_~FCNS@N&f>YEw)H@0gVcS!B#hns)?pUdC%Y#Qv82)Rps zH@`%E;(#uEralR%KZZZ79;!t#wj{(ghjfQkmFuj)8SRi?M3XWrcScWG&0V!|Llm** zbYKRdV+GXot^S-&8wENk^k?Y4OU?tzezn8P5hb2GxFi!N?31DAQxf(~7s{yUJTzUi zM}6ow!QX8TEKoy7XJ-?w>+%b)$*9-5<(<1Xh2F7W>vjm<_z{+kbL_3!@Qw|L6sa_KHPbiosH0@8H` zltke51P@5Zv@Sp~nAnNw+NAFVVL&W!m^zf89#ETv9yuOSm+Uz~=zHXhT9NOBmxT4I z0OS+u51k-zJQtvQK5K3B#sV^UVO-xL9{@V8=nD!~Dz%3+G|`da?vKH$gbEr^%saNx zM*|Eyq)`Htd$j9-M|bH(zQ7@RkUoeIT40l*m#!<7K=s?EWzm4Sdp>2ppS?r6<{&`F zO7Nr2x?z(tF-&{txJU>%o0jj4LPmx0${fMKunrlN05(b`Z{oJuywW3KycfXl=K;3{ z18+jQ(O^J0L`d+w%>}3~d9l};3 zVHDpqqydF~loc;;%^O2!!4`)zLfgCV*fw=%QAOT=#5Ood#e1IXvA*W;6P)7hJj8^q zy!>yBEU64y68>%r`R{&;um6r4qCFWfX$8wT01MXtjg6fDx4FIjJ^u4e9=`s+#>F50 zkIROXGn=QxHbb)mR)RI6qz_918JmNMVsn#pEdO#8@?!K6gm=)RF7?e2RwEW_84aSI z<5ok@8w6EsTM7F4#a$w1`c-IkPmvmAmUmVL%epkDh!?P|G|ZKHW95ytyVvVCj`l8U z+b^CU)%;J-JFhA&d$a!Mo73vsXD_VY!Kilr+zqx~>|GAWmCEbm=Z4PwE#Vh1y0~8; zRxZ^D=ZV~GS-n=c@p*FmyJ@$!g00Tr7-cf&eOoM&T+t{G*LjTXkQSGgN zzHv~|5~-m>MV%(c_wuB?cyac}QTMes`LcZ;ZH3_qfewAuAf0iVaz@ zF+(_#0g@rAO?eEXEo+aZyS2_Tk@Bh{7 z8xOPbpN-n~_xR5@d9)Fhna5l?YYMw9xU~d-?_*nL*>!+L1+EFcEES;duZmwLj+dgIhDle^ z2>Lq~9uuf^rRxN3zzo=YDB7rPC8D#UnPhgtYn(8o<$6OCtj`_|DWeG{8oqfxpJl+= zXn?xG+uhPEv#Sy-ESz1hfJl@cQrnm4Q*l+&u!au2pV{$-bJm{DwPc02yHhGE>@SpI}sM*xp5YPqlHy*#}x z-{*%6_5gqw{JlGn00}1lUVuot4jtG@sa8@VppGy?>Y8q-p)eEwn{68?Tf6dFN{Pe;N0GkT&(5B~qVf!BIukTO?`Iz1Vj=KKspNFY z`}d^$g%~Se2VM_TW~T=E`0+6UaM`ki%NIKj5%o=@IyU_({K`xuK98W>D0Q8ZO*>Jq zjde}q$rF-*CyggR)(wW4lwCl)W_d&0J&^L4Tt>rnz^|YWE(3O7sA)i*QKAEV$1j&7 zSS)Au<<+yho1?G{4%p28qMnVcBrSEKVpk6F{)AESA#wXUC2qEfa1w@G}5HN z3X?o1$sP3Tm36 zDw&JD|D779N<+$?4|kzj=~OBab)rftxW#&;(V=OMTKRV##pJKQ=9)vDy5UOEp|DD+ z+NL3raoHQ#&6TyDPe;U%r0y7`N<*tE0mUy&!0Ra>zS%TL>>9w1Pmcn~lJC{(if>NS z?J&mx+N_}luQL5ih#{5x#sh^o0=gVaZMtf#Pf<~4(z~9vcQQ5`N8tAiE`*9>jds=^FaN9K;Mkgm*yFjr?XJ+-PcO}R+a zx;T`wMpr50CIM~I%@TG4{k)v$^Xm@?A6gO&%96McoXe_B$5j_^75zn+cBCxvx>)6A z;1+&jG4#AK7!K>g?9o7rPZl~qEx;^2%wnjaH6MAoyzJPsCc6mtbLO}(^JUK~@?D2` z2HR!R>vLR(RLk(i1HKBg^CoghRgVE&k?C3j<|=#g;f8B7UyHmj_q7a234!l*=eo0B z7A{m@iux$9>Fr@u8tfh^gZbPwUDpeNBG`7OK2h=@_X!Nx96pmO?YTV9?=lGKu#y;E z`q>Fd{qYq%cg@ObnIk$(mQ;4lC8)@p!AcMeDxq(>0UlIUplRr1$lbQgppC2;nIR@# zs|$?uewEctv;K0tS4OBA1Fm=Yg6lGS$*j$4)PuWW*o1uK{!FUof?j3=A}QjjX}7SQ z#S-?^DzP9cuiCZo)bqmJlDL048ki*e&k|A$OqUnv_(tH zIXHF+EvfJX--cpn;;|Z&n6XPuHUc`v0UbdYH0xRZuuW)ort-!GrWPjG_M90sk4#LQ;kqN0iA& z%6<5Gcrw*7OQ_#}8{~&(p{YWJtiU~w1~$_Vm@ZuI_Dm(wX~9Wa_z8@ZM#;N_2VmBh zjt^#0@<4D}^>{E&ndDapD!K>+3_r%rucImAG9>DTkqJB*a)B<7$?vVxqr;=;>p7E5 z6j9C$ZDnPOoRw^5DVruN4R*!IbyQ`VF+B3&%>1djh6W6OOpSGgX)c{9nv=9Vk~^c) zD5#6G+Igl>lL6ekbd-qBJh>E-$(7`hm4zaQxtz`MHEY3T{oI)RthH&*d;>Sc_J*;9 zl;OxCkkBuL`J<6&9QpvoBCYZ}v;3u2egv%UV{`J8nOZuZ8#B$%45tB~lh)bUO|VQAfta}nTAjEtXJ;=IH_2Nae-$3%6Ppq! zo2R|#|0f#ExY=A2cdk=6p5vRo@l{%RTQz$DRJr*{l8ckVCC}n7><02E6S|K(26^%X zn*yvhKTgcFlArODP9yA4rno>X?3M(^)Wv0PckWT9SsWhFf#TgU=qPI={qv~xYClsX z31YUG;wTVh4Rno^$t#x0qZ}~H4+Mz=W*+f3=Hfhidvttqc6e4C@B8DE*N4YPXCLPS z-rGOhJw0SiXTUC-58$6NcSp+N7PO|Fe0EvGfMp`$)>J)9XBw3-0*_cnzT<}MlMF-L z%))jBrqBXz#H2-xGzRq-{P)QM+72-}5Y(7|0)p{N9H%oFlfD-y(|Y2-5YP!^BZApX z7C`TU4M@6+`+4}ar;x*vvxu0|P=Xc~9qWjVHHQ9+d|PtNbP`keAl?49=P51ySBF-ZYoqbMwjz00t(@1MmA#LOaw zUly@L&g^u$3|ccR0aXsfHrwGrDF$}|%ze}1Uw1$+4jJ4x$5ec!&GUz5SWpkuhp#q^ z+u_4koI=J!KFMk`a}Lg8e-HRyE=x0TRXIGDW+XNS3=o^YSqF@X2h+`Mj2y<_oGCzS zpQ%b8mc&9@s%a>GGLI*>)*jIiKl6Lw1w6=wO%G3Gkg?qNiQ)1l75u8!PJ!?tcU6uK zn(3Y*5D35x3>Q?ZD@O<51+c=qEHxMPjs;$w5$7WN)?7&au4&PDkMLeZ8=C)1+Lin5 zeCRLkA`!I}Uxkeg;Fp0nn_xn0pU15+3@f_fmWv+>vPF@sY))692qrrCzEzmKbxqV- z(9|SGt-}77-@V|-2cBgPkR9>vNR@};-NwRjy$Mi^S3k&4tM}~cyw#Jptin!LaX%+7!wfZHjHlpR-Hv)h{VQJpg_GP?u|{2hXo z!1bJyZIo%o%a@O!cmMSC_;e@lo#PYqoh~Y@uI}+;4X(+2Tw?QlQ`qeO40LHe>me?W zZ5A>`$~S`Q{tO<{AOPpN$@Sp6h-hG1+O3wNmHdb&8QxSRGpr?P2$@PXLjkMyU6cbq z6k5-k2qoV^mDj9zxHzL1Y+%8%kW%o;m9)uZJEU&X)$TBrF-Xc3lD!lHmz+(grebJ1 zt~Pd3a3(AK&rfL4C^Myv^4R#xNSvm;s)!oOIj_;kSxS;o5Tk4|Ov+{_k1P(%UI$Oa z@UZlmJO&nqYOZ{3O!Wu~mgbO-7*gpQXb>kMs~g8{amIqvtidaT{I`JjBF2kO`V7=i zbqlDw3^h(F9jlqUcMDj19BsW__ZU?-U^qb(xEV{1= zTdP$$gf|EJ%Z#z)6*;cBajnvTz-an8yBMUF#yJzqNSd?1htmEwyH=qIhOnkpo{Ry$R6aftds)Wf-U|+=**S=(iG(^LWNKH) z$$+9yj~PcSMU6);S$u`X3q_>a!U$N{FNa<#W;`c5X$eMPly?p@(C=Ho3<*Ipq^JZi z_Izce*!!vyK*Y;S;UbX&04OSntjfl-P01C5BFpoAYK3ud@8pX`RzI}XSfKVpaGwQX z;qQmZPw;OXUxoMg@qusqL-`}tuK)Dm-KskE*OQH?NWB#3raVusUMTq|9ZJO%F?TiO z!Dy2RfHERoDjkZ1x@@p|r*tkp&cNf!OgbesWE|h^VD=*2T0OW;by6$h-CL>jUx`Rk zb0fep@H1h-aSmU#mon1G&)-N8b%M}eBP)#ur2c>msM`zsYb%X)vQDNV))(;9N)cF= zpp{z@R|g+!ia5z$`I?Mjx*pdi$YqPTWV)UUNG$Z;Q`t65ZPk+tJWP&>cz<8bl1gnGC{_CZGfr2DM<>@);zWRW0nh{CAlxEH7dlR~)s@6YSv*KSl zWlHH$rWIn8QbGA^dx=J=9MYs=Ha@Cz6f#aikXo(EPhrvKUu(ZoR-=50zwe#9#+#%z zax}?rqda@@s-+gM+IqRJtd5d@d?@SLA**-ga!LJni+U=VJ9jdD!{XOom{V6Lrr(Q( z)cwEquJyTX8;O6u{uQXI8%eGyzmiPrT5WuaGv~Qn;;AQJ&T=%2MA^Jblp;!Y+}Qv7 z?Jht7BmqA3NZUCgGZ~q9Ef%}L0$BWz_U}(lKQk&cYWo>;KC#+|9@{zSvGxwXQ8KL8 z5+rdibRIicjM>ojCey%~djvXY@WeJ{678S^ymlyBW68Uc>mwBW;VJIQO*N)`^2EVz zlU~hr7U*aJ%|R&sF|PkwG^|Dam@%Fu^4T;~b%xsROdZ=K{VRE61pTRdm9!+u>`DZ; zv-Be^LomKQ+@sS})iYIRtlAkc6MPn|oezMq8h>#g#NH9f)Kzb++Z&0CZ|gS4))bqU zx`Ew9Yn#E+JsS7KQ`lgDErVg93w@~>HL=}fzoGO725I!u*4+R@F=L0ZYf6KB%!-|j zOwabKPJhT1rs($4V7Qsqt#Q4HZd2vmamrHv)E!ePg)~`{V_~f84T7e+V?JTde3UB{ zNlNwYy7-zS2xvyo zJb5RBW z+rm;d(ul>W=Wi&r2jN_rM))me>Sp8%=i`;~A=g&OC=WdySbxmu>@-nG8XW?!cwJt; zk*?!PV00u+vX;Yf%X$z)CNbKnqCB!xAAzHCXTJ@?A7HT`pbG)JIQutMq5eQ4x=?j6 zoy~rOl7cCJt=zdgU>E;5b1wgRdf*(rI=jrL-89^%DV}?u@Vw$a+Oo(gFSAyf7M+jo zVsOixaQX4Stg+YayuaLg)9JcnAJ`E1?%ul&Syg-Q-isgIw;jsf$fx%6^Zg%T<>Ees z?C8bwedZAP8C>Ngbx%zR5I4ygxV&B6Q%n1!R2U7ZxH}mvwtS$=32)uQ=Pz=&lGzV~ zTQCXPvuDq&`FC>X?MV8&O7OXvwdCj=N(&&0{mg2Hs_66vbJf_%iNns`y_PC>MM9!3 zdw>Bv0g>#$WUR(5Z{#k=i~dJ{5kd@VODb+Mgc!~-73bqqoi|G|WBX)acCfmBIzr|_ zA?SObVF^f2Wykqkm>!U{PPX`sU%c>eg~gPMAet~sZZUv@M%B< zY8>MfX-spMi`yygCH~8MI3Iceb`(rgAXWZw*AK&`=3fe(;}5#fw8h+|3-v(V>GA8+ zHe$hTaM)PqCp0vp3FUL?k|NHvO;qFuG`+AMF(wl|Y3X>~_fzzr-kkjI? z2GUrD*Q@ZG@{HqT1D^`gZIF0hy$C$%Llk=qB{} z1zlIh$EBxp<}z%G)wRGh$D9j~7;SSU;Q~?r@}1bB?FZAL#|H}ZDq+se!VcfY+oJ>T z;f_WOJu|kY)2_wcrlh-*x$?B{Q{JqpZ8hskdK5e$nbC@aa*Bow4^9Ax%A;r(4U^Vr(mKY5Jh6Gz5 z3bKeQFd$@Q&mR`Db8m5Q$S3>j4-uI(@Og_dWJ8&hV5dR<7L zZ3L{Q%f`|oJx)Y!U59PN6wqH=)_mQy=iH*+W|RB%b=FExzP{%0Z>v*#uE4B17$7h? zFweAQnyJyqeO-+sEjDNgmy#8ACDzM1X{Zb1+mCXSG1_&EZACURx@hBgl4*Ygi6<#= z;fTKo12>8vUW=n)K8PZE9CT{1SQBQ_K+dLNCQ~?lNw_kW2wkqjW?;U&_R7i!E&{U& zp;)zgk$ois%D@8hbD1zgy+H?o!YGpWL#im@G_-1qbLQw`6!{uOVmY!NJ(i_^F=|4M z8g6H;M@+_Q#Dt7zfLAK?=!3SkQ|{4+*vX-OnjhOp92&+@tCyjq<@Iztq+3j>tnL^+ zG#v~qBT|ld8TeQ$@s?bd4LzG^QEdB*Ke=GoG_!gdZWGLkLrfV4 zIs?=crCJAPYQSqVjBLj0)~RX}us``wU;4@PI@I0|siMq*(7+*?a;>_3t#0FxXQ)}E zTdUqstJgHR8LH*UR->nhYlacB<@?c^S&M{N@p6+ON!`%rLW; zAuQ&5o<*B+?xm-nL7t#;K7}Y_2ugT zmZGz{H}XF#U_Aac>@=>fj>DNd@Q$yqcN$vMJw(Za*?v536h>#gFCQ0k_L4Pv`$x|r zNDXgDW?e0O{LpLG!(Qw7v3KxTW4&1aI(iED|Gw9%hsX8ss#j}V_nPgUUWT|N~{BPPGB8*HTs~ncc^B8JKTA=;)$*y zRb7k2&ATS;-cc&(2+$Gu@UtisJ`6nqJ{P52KRxN{)QqY;YC)d;$mLU2-Ko`n618;p ze`5X#FBg7&|2?FJ1kJmk)r?ASHEaD^D-KOTx4=iu+TTO`*XhBJUac44scxgrWu;Nu zy$f~;-UKL7&Eo|8PO}H+(V`z-Q|k0NQ>V!?i-?>eX#b}#^P`K&BPmWJ+)KxG_VyYr zma5*iZ(fdwL@5SR(kUzinKtLj5u=r0AS50uiOA{|f3{+u_%mCN__N~uQM&qg8EGPt z@x^+gG#M&?ngl)0)&~YwpnL0jq8XKvBcD;SG;Pbk|Fo2Hsl1geo)TzL&shWi^#TN~ z4-tFSS&HxY4gR$f4_ZNa-{}?cqG&?2dW6Vfj%AK>ua>hhhd`4SB$h)+SYbPFq)W1a zgu=oEJowoN3uHk?2FTd8nh&LvZhT4xG7rtSAqm+PmSsrHdf%K-SkCpgBN|zit(lVpE1!aJ)A7A)yH^>k!Y zak>C~eo>+^x^sbTqBi>%02{uI95;RC;p+@J~vnbHsB5SvFD+A9P(yLhr;v=7%L!rgj_flGr zBlyLeG~QH`=$ z48y%?&Mr6BXL`%OowB%V82S4UTvI!-my+oi|7QZks6rL0P=zW~p$b)~LKUh|g(_5` o3RS2=6{=8$Dpa8gRj5K0s!)Y0RG|u0_=|=A0R*>>xB&0~0D~nz1ONa4 From 0c9563ce946ea01ec34dbe5daf4c655130b8b5fc Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 4 Mar 2022 18:49:49 -0300 Subject: [PATCH 055/163] Change Dockerfile from Wazuh dashboard with multistage build --- wazuh-dashboard/Dockerfile | 47 +++++++++++++++++++++++----- wazuh-dashboard/config/entrypoint.sh | 46 --------------------------- 2 files changed, 39 insertions(+), 54 deletions(-) diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index 67799585..8599e4ab 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -1,5 +1,5 @@ # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) -FROM ubuntu:focal +FROM ubuntu:focal AS builder ARG WAZUH_VERSION=4.3.0-1 @@ -11,18 +11,11 @@ RUN curl https://packages-dev.wazuh.com/pre-release/apt/pool/main/w/wazuh-dashbo dpkg -i wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ apt-get clean -y && rm -rf wazuh-dashboard_${WAZUH_VERSION}_amd64.deb -COPY config/entrypoint.sh / - -COPY config/wazuh_app_config.sh / COPY config/opensearch_dashboards.yml /etc/wazuh-dashboard/ COPY config/wazuh.yml /usr/share/wazuh-dashboard/data/wazuh/config/ -RUN chmod 700 /entrypoint.sh - -RUN chmod 700 /wazuh_app_config.sh - RUN chown 101:101 /etc/wazuh-dashboard/opensearch_dashboards.yml && chmod 664 /etc/wazuh-dashboard/opensearch_dashboards.yml RUN mkdir -p /usr/share/wazuh-dashboard/data/wazuh && chown -R 101:101 /usr/share/wazuh-dashboard/data/wazuh && chmod -R 775 /usr/share/wazuh-dashboard/data/wazuh @@ -31,6 +24,44 @@ RUN mkdir -p /usr/share/wazuh-dashboard/data/wazuh/config && chown -R 101:101 /u RUN mkdir -p /usr/share/wazuh-dashboard/data/wazuh/logs && chown -R 101:101 /usr/share/wazuh-dashboard/data/wazuh/logs && chmod -R 775 /usr/share/wazuh-dashboard/data/wazuh/logs +################################################################################ +# Build stage 1 (the actual Wazuh dashboard image): +# +# Copy wazuh-dashboard from stage 0 +# Add entrypoint +# Add wazuh_app_config +################################################################################ +FROM ubuntu:focal + +ENV USER="wazuh-dashboard" \ + GROUP="wazuh-dashboard" \ + NAME="wazuh-dashboard" \ + INSTALL_DIR="/usr/share/wazuh-dashboard" + +RUN getent group $GROUP || groupadd -r -g 1000 $GROUP + +RUN useradd --system \ + --uid 1000 \ + --no-create-home \ + --home-dir $INSTALL_DIR \ + --gid $GROUP \ + --shell /sbin/nologin \ + --comment "$USER user" \ + $USER + +COPY config/entrypoint.sh / + +COPY config/wazuh_app_config.sh / + +RUN chmod 700 /entrypoint.sh + +RUN chmod 700 /wazuh_app_config.sh + +COPY --from=builder --chown=1000:1000 /usr/share/wazuh-dashboard /usr/share/wazuh-dashboard +COPY --from=builder --chown=1000:1000 /var/log/wazuh-dashboard /var/log/wazuh-dashboard +COPY --from=builder --chown=1000:1000 /run/wazuh-dashboard /run/wazuh-dashboard +COPY --from=builder --chown=1000:1000 /etc/wazuh-dashboard /etc/wazuh-dashboard + # Services ports EXPOSE 443 diff --git a/wazuh-dashboard/config/entrypoint.sh b/wazuh-dashboard/config/entrypoint.sh index 57649251..b05f93da 100644 --- a/wazuh-dashboard/config/entrypoint.sh +++ b/wazuh-dashboard/config/entrypoint.sh @@ -1,52 +1,6 @@ #!/bin/bash # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) -set -e - -############################################################################## -# Waiting for Wazuh indexer -############################################################################## - -if [ "x${INDEXER_URL}" == "x" ]; then - if [[ ${ENABLED_SECURITY} == "false" ]]; then - export idx_url="http://wazuh1.indexer:9200" - else - export idx_url="https://wazuh1.indexer:9200" - fi -else - export idx_url="${INDEXER_URL}" -fi - -export auth="--user ${INDEXER_USERNAME}:${INDEXER_PASSWORD} -k" - -until curl -XGET $idx_url ${auth}; do - >&2 echo "Wazuh indexer is unavailable - sleeping" - sleep 5 -done - -sleep 2 - ->&2 echo "Elasticsearch is up." - - -############################################################################## -# Waiting for wazuh alerts template -############################################################################## - -strlen=0 - -while [[ $strlen -eq 0 ]] -do - template=$(curl ${auth} $idx_url/_cat/templates/wazuh -s) - strlen=${#template} - >&2 echo "Wazuh alerts template not loaded - sleeping." - sleep 2 -done - -sleep 2 - ->&2 echo "Wazuh alerts template is loaded." - ############################################################################## # Start Wazuh dashboard ############################################################################## From ad678638adc4c36ef89bc80e6878628e2b0cc97c Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 4 Mar 2022 18:52:59 -0300 Subject: [PATCH 056/163] change production key and repository --- kibana/Dockerfile | 2 +- wazuh-dashboard/Dockerfile | 2 +- wazuh-indexer/config/config.sh | 2 +- wazuh-manager/Dockerfile | 2 +- wazuh-manager/config/wazuh.repo | 4 ++-- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/kibana/Dockerfile b/kibana/Dockerfile index 76f39d0d..d98443ae 100644 --- a/kibana/Dockerfile +++ b/kibana/Dockerfile @@ -6,7 +6,7 @@ ARG WAZUH_VERSION=4.3.0 ARG WAZUH_APP_VERSION="${WAZUH_VERSION}_${ELASTIC_VERSION}" WORKDIR /usr/share/kibana -RUN ./bin/kibana-plugin install https://packages-dev.wazuh.com/pre-release/ui/kibana/wazuh_kibana-${WAZUH_APP_VERSION}-1.zip +RUN ./bin/kibana-plugin install https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana-${WAZUH_APP_VERSION}-1.zip ENV PATTERN="" \ CHECKS_PATTERN="" \ diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index 8599e4ab..bd380cce 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -7,7 +7,7 @@ ARG WAZUH_VERSION=4.3.0-1 RUN apt-get update && apt install curl libcap2-bin -y #Download and install Wazuh Dashboard -RUN curl https://packages-dev.wazuh.com/pre-release/apt/pool/main/w/wazuh-dashboard/wazuh-dashboard_${WAZUH_VERSION}_amd64.deb --output wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ +RUN curl https://packages.wazuh.com/4.x/apt/pool/main/w/wazuh-dashboard/wazuh-dashboard_${WAZUH_VERSION}_amd64.deb --output wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ dpkg -i wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ apt-get clean -y && rm -rf wazuh-dashboard_${WAZUH_VERSION}_amd64.deb diff --git a/wazuh-indexer/config/config.sh b/wazuh-indexer/config/config.sh index a2753f01..4eb8dca6 100644 --- a/wazuh-indexer/config/config.sh +++ b/wazuh-indexer/config/config.sh @@ -22,7 +22,7 @@ export REPO_DIR=/unattended_installer rm -rf ${INSTALLATION_DIR}/ -curl -o ${INDEXER_FILE} https://packages-dev.wazuh.com/stack/indexer/base/${BASE_FILE} +curl -o ${INDEXER_FILE} https://packages.wazuh.com/stack/indexer/base/${BASE_FILE} tar -xf ${INDEXER_FILE} curl -o wazuh-cert-tool.sh https://s3.us-west-1.amazonaws.com/packages.wazuh.com/4.x/wazuh-cert-tool.sh diff --git a/wazuh-manager/Dockerfile b/wazuh-manager/Dockerfile index c0f3757d..1da3d314 100644 --- a/wazuh-manager/Dockerfile +++ b/wazuh-manager/Dockerfile @@ -8,7 +8,7 @@ ARG TEMPLATE_VERSION="master" ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" # Set repositories. -RUN rpm --import https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH +RUN rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH COPY config/wazuh.repo /etc/yum.repos.d/wazuh.repo diff --git a/wazuh-manager/config/wazuh.repo b/wazuh-manager/config/wazuh.repo index 4b673ff0..ec15e1e3 100644 --- a/wazuh-manager/config/wazuh.repo +++ b/wazuh-manager/config/wazuh.repo @@ -1,7 +1,7 @@ [wazuh_repo] gpgcheck=1 -gpgkey=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH +gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH enabled=1 name=Wazuh repository -baseurl=https://packages-dev.wazuh.com/pre-release/yum/ +baseurl=https://packages.wazuh.com/pre-release/yum/ protect=1 From 19ad1520c89d5afa45159e66820e5f339e8c0960 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Mon, 14 Mar 2022 14:53:48 -0300 Subject: [PATCH 057/163] Cert tool URL updates --- indexer_certs_creator/Dockerfile | 2 +- indexer_certs_creator/config/entrypoint.sh | 15 + .../config/wazuh-cert-tool.sh | 434 ------------------ production_cluster/nginx/nginx.conf | 2 +- .../nginx/ssl/generate-self-signed-cert.sh | 2 +- wazuh-indexer/config/config.sh | 4 +- 6 files changed, 20 insertions(+), 439 deletions(-) delete mode 100644 indexer_certs_creator/config/wazuh-cert-tool.sh diff --git a/indexer_certs_creator/Dockerfile b/indexer_certs_creator/Dockerfile index 1ed3a78a..e2e22598 100644 --- a/indexer_certs_creator/Dockerfile +++ b/indexer_certs_creator/Dockerfile @@ -5,7 +5,7 @@ RUN apt-get update && apt-get install openssl curl -y WORKDIR / -RUN curl -o wazuh-cert-tool.sh https://s3.us-west-1.amazonaws.com/packages.wazuh.com/4.x/wazuh-cert-tool.sh +#RUN curl -o wazuh-cert-tool.sh https://s3.us-west-1.amazonaws.com/packages.wazuh.com/4.x/wazuh-cert-tool.sh COPY config/entrypoint.sh / diff --git a/indexer_certs_creator/config/entrypoint.sh b/indexer_certs_creator/config/entrypoint.sh index 8642171f..30df30d7 100644 --- a/indexer_certs_creator/config/entrypoint.sh +++ b/indexer_certs_creator/config/entrypoint.sh @@ -1,6 +1,21 @@ #!/bin/bash # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) +############################################################################## +# Downloading Cert Gen Tool +############################################################################## + +FILE=wazuh-cert-tool.sh + +#Download from packages.wazuh.com with first parameter +curl -o $FILE https://packages.wazuh.com/4.x/wazuh-cert-tool.sh +var=`grep NoSuchKey $FILE` + +#If the content of the file contains NoSuchKey, download from packages-dev.wazuh.com +if [ ! -z "$var" ]; then + curl -o $FILE https://packages-dev.wazuh.com/4.3/wazuh-certs-tool.sh +fi + ############################################################################## # Creating Cluster certificates ############################################################################## diff --git a/indexer_certs_creator/config/wazuh-cert-tool.sh b/indexer_certs_creator/config/wazuh-cert-tool.sh deleted file mode 100644 index 072369df..00000000 --- a/indexer_certs_creator/config/wazuh-cert-tool.sh +++ /dev/null @@ -1,434 +0,0 @@ -#!/bin/bash - -# Program to generate the certificates necessary for Wazuh installation -# Copyright (C) 2015, Wazuh Inc. -# -# This program is a free software; you can redistribute it -# and/or modify it under the terms of the GNU General Public -# License (version 2) as published by the FSF - Free Software -# Foundation. - -if [ -z "${base_path}" ]; then - readonly base_path="$(dirname "$(readlink -f "$0")")" - readonly config_file="${base_path}/config.yml" -fi - -if [[ -z "${logfile}" ]]; then - readonly logfile="/var/log/wazuh-cert-tool.log" -fi - -debug_cert=">> ${logfile} 2>&1" - -function cleanFiles() { - - eval "rm -f ${base_path}/certs/*.csr ${debug_cert}" - eval "rm -f ${base_path}/certs/*.srl ${debug_cert}" - eval "rm -f ${base_path}/certs/*.conf ${debug_cert}" - eval "rm -f ${base_path}/certs/admin-key-temp.pem ${debug_cert}" - -} - -function checkOpenSSL() { - if [ -z "$(command -v openssl)" ]; then - logger_cert -e "OpenSSL not installed." - exit 1 - fi -} - -function logger_cert() { - now=$(date +'%d/%m/%Y %H:%M:%S') - mtype="INFO:" - debugLogger= - disableHeader= - if [ -n "${1}" ]; then - while [ -n "${1}" ]; do - case ${1} in - "-e") - mtype="ERROR:" - shift 1 - ;; - "-w") - mtype="WARNING:" - shift 1 - ;; - "-dh") - disableHeader=1 - shift 1 - ;; - "-d") - debugLogger=1 - shift 1 - ;; - *) - message="${1}" - shift 1 - ;; - esac - done - fi - - if [ -z "${debugLogger}" ] || ( [ -n "${debugLogger}" ] && [ -n "${debugEnabled}" ] ); then - if [ -n "${disableHeader}" ]; then - echo "${message}" | tee -a ${logfile} - else - echo "${now} ${mtype} ${message}" | tee -a ${logfile} - fi - fi -} - -function generateAdmincertificate() { - - eval "openssl genrsa -out ${base_path}/certs/admin-key-temp.pem 2048 ${debug_cert}" - eval "openssl pkcs8 -inform PEM -outform PEM -in ${base_path}/certs/admin-key-temp.pem -topk8 -nocrypt -v1 PBE-SHA1-3DES -out ${base_path}/certs/admin-key.pem ${debug_cert}" - eval "openssl req -new -key ${base_path}/certs/admin-key.pem -out ${base_path}/certs/admin.csr -batch -subj '/C=US/L=California/O=Wazuh/OU=Wazuh/CN=admin' ${debug_cert}" - eval "openssl x509 -days 3650 -req -in ${base_path}/certs/admin.csr -CA ${base_path}/certs/root-ca.pem -CAkey ${base_path}/certs/root-ca.key -CAcreateserial -sha256 -out ${base_path}/certs/admin.pem ${debug_cert}" - eval "chmod 444 ${base_path}/certs/admin*.pem ${debug_cert}" - -} - -function generateCertificateconfiguration() { - - cat > "${base_path}/certs/${1}.conf" <<- EOF - [ req ] - prompt = no - default_bits = 2048 - default_md = sha256 - distinguished_name = req_distinguished_name - x509_extensions = v3_req - - [req_distinguished_name] - C = US - L = California - O = Wazuh - OU = Wazuh - CN = cname - - [ v3_req ] - authorityKeyIdentifier=keyid,issuer - basicConstraints = CA:FALSE - keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment - subjectAltName = @alt_names - - [alt_names] - IP.1 = cip - EOF - - conf="$(awk '{sub("CN = cname", "CN = '${1}'")}1' "${base_path}/certs/${1}.conf")" - echo "${conf}" > "${base_path}/certs/${1}.conf" - - isIP=$(echo "${2}" | grep -P "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$") - isDNS=$(echo "${2}" | grep -P "^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9](?:\.[a-zA-Z]{2,})+$" ) - - if [[ -n "${isIP}" ]]; then - conf="$(awk '{sub("IP.1 = cip", "IP.1 = '${2}'")}1' "${base_path}/certs/${1}.conf")" - echo "${conf}" > "${base_path}/certs/${1}.conf" - elif [[ -n "${isDNS}" ]]; then - conf="$(awk '{sub("CN = cname", "CN = '${2}'")}1' "${base_path}/certs/${1}.conf")" - echo "${conf}" > "${base_path}/certs/${1}.conf" - conf="$(awk '{sub("IP.1 = cip", "DNS.1 = '${2}'")}1' "${base_path}/certs/${1}.conf")" - echo "${conf}" > "${base_path}/certs/${1}.conf" - else - logger_cert -e "The given information does not match with an IP address or a DNS." - exit 1 - fi - -} - -function generateIndexercertificates() { - - if [ ${#indexer_node_names[@]} -gt 0 ]; then - logger_cert -d "Creating the Wazuh indexer certificates." - - for i in "${!indexer_node_names[@]}"; do - generateCertificateconfiguration "${indexer_node_names[i]}" "${indexer_node_ips[i]}" - eval "openssl req -new -nodes -newkey rsa:2048 -keyout ${base_path}/certs/${indexer_node_names[i]}-key.pem -out ${base_path}/certs/${indexer_node_names[i]}.csr -config ${base_path}/certs/${indexer_node_names[i]}.conf -days 3650 ${debug_cert}" - eval "openssl x509 -req -in ${base_path}/certs/${indexer_node_names[i]}.csr -CA ${base_path}/certs/root-ca.pem -CAkey ${base_path}/certs/root-ca.key -CAcreateserial -out ${base_path}/certs/${indexer_node_names[i]}.pem -extfile ${base_path}/certs/${indexer_node_names[i]}.conf -extensions v3_req -days 3650 ${debug_cert}" - eval "chmod 444 ${base_path}/certs/${indexer_node_names[i]}-key.pem ${debug_cert}" - done - fi - -} - -function generateFilebeatcertificates() { - - if [ ${#wazuh_servers_node_names[@]} -gt 0 ]; then - logger_cert -d "Creating the Wazuh server certificates." - - for i in "${!wazuh_servers_node_names[@]}"; do - generateCertificateconfiguration "${wazuh_servers_node_names[i]}" "${wazuh_servers_node_ips[i]}" - eval "openssl req -new -nodes -newkey rsa:2048 -keyout ${base_path}/certs/${wazuh_servers_node_names[i]}-key.pem -out ${base_path}/certs/${wazuh_servers_node_names[i]}.csr -config ${base_path}/certs/${wazuh_servers_node_names[i]}.conf -days 3650 ${debug_cert}" - eval "openssl x509 -req -in ${base_path}/certs/${wazuh_servers_node_names[i]}.csr -CA ${base_path}/certs/root-ca.pem -CAkey ${base_path}/certs/root-ca.key -CAcreateserial -out ${base_path}/certs/${wazuh_servers_node_names[i]}.pem -extfile ${base_path}/certs/${wazuh_servers_node_names[i]}.conf -extensions v3_req -days 3650 ${debug_cert}" - done - fi - -} - -function generateDashboardcertificates() { - - if [ ${#dashboard_node_names[@]} -gt 0 ]; then - logger_cert -d "Creating the Wazuh dashboard certificates." - - for i in "${!dashboard_node_names[@]}"; do - generateCertificateconfiguration "${dashboard_node_names[i]}" "${dashboard_node_ips[i]}" - eval "openssl req -new -nodes -newkey rsa:2048 -keyout ${base_path}/certs/${dashboard_node_names[i]}-key.pem -out ${base_path}/certs/${dashboard_node_names[i]}.csr -config ${base_path}/certs/${dashboard_node_names[i]}.conf -days 3650 ${debug_cert}" - eval "openssl x509 -req -in ${base_path}/certs/${dashboard_node_names[i]}.csr -CA ${base_path}/certs/root-ca.pem -CAkey ${base_path}/certs/root-ca.key -CAcreateserial -out ${base_path}/certs/${dashboard_node_names[i]}.pem -extfile ${base_path}/certs/${dashboard_node_names[i]}.conf -extensions v3_req -days 3650 ${debug_cert}" - eval "chmod 444 ${base_path}/certs/${dashboard_node_names[i]}-key.pem ${debug_cert}" - done - fi - -} - -function generateRootCAcertificate() { - - logger_cert -d "Creating the root certificate." - - eval "openssl req -x509 -new -nodes -newkey rsa:2048 -keyout ${base_path}/certs/root-ca.key -out ${base_path}/certs/root-ca.pem -batch -subj '/OU=Wazuh/O=Wazuh/L=California/' -days 3650 ${debug_cert}" - -} - -function getHelp() { - - echo -e "" - echo -e "NAME" - echo -e " wazuh-cert-tool.sh - Manages the creation of certificates of the Wazuh components." - echo -e "" - echo -e "SYNOPSIS" - echo -e " wazuh-cert-tool.sh [OPTIONS]" - echo -e "" - echo -e "DESCRIPTION" - echo -e " -a, --admin-certificates" - echo -e " Creates the admin certificates." - echo -e "" - echo -e " -ca, --root-ca-certificates" - echo -e " Creates the root-ca certificates." - echo -e "" - echo -e " -v, --verbose" - echo -e " Enables verbose mode." - echo -e "" - echo -e " -wd, --wazuh-dashboard-certificates" - echo -e " Creates the Wazuh dashboard certificates." - echo -e "" - echo -e " -wi, --wazuh-indexer-certificates" - echo -e " Creates the Wazuh indexer certificates." - echo -e "" - echo -e " -ws, --wazuh-server-certificates" - echo -e " Creates the Wazuh server certificates." - - exit 1 - -} - -function main() { - - if [ "$EUID" -ne 0 ]; then - logger_cert -e "This script must be run as root." - exit 1 - fi - - checkOpenSSL - - if [[ -d ${base_path}/certs ]]; then - logger_cert -e "Folder ${base_path}/certs already exists. Please, remove the /certs folder to create new certificates." - exit 1 - else - mkdir "${base_path}/certs" - fi - - if [ -n "${1}" ]; then - while [ -n "${1}" ] - do - case "${1}" in - "-a"|"--admin-certificates") - cadmin=1 - shift 1 - ;; - "-ca"|"--root-ca-certificate") - ca=1 - shift 1 - ;; - "-h"|"--help") - getHelp - ;; - "-v"|"--verbose") - debugEnabled=1 - shift 1 - ;; - "-wd"|"--wazuh-dashboard-certificates") - cdashboard=1 - shift 1 - ;; - "-wi"|"--wazuh-indexer-certificates") - cindexer=1 - shift 1 - ;; - "-ws"|"--wazuh-server-certificates") - cserver=1 - shift 1 - ;; - *) - getHelp - esac - done - - readConfig - - if [ -n "${debugEnabled}" ]; then - debug_cert="2>&1 | tee -a ${logfile}" - fi - - if [[ -n "${cadmin}" ]]; then - generateAdmincertificate - logger_cert "Admin certificates created." - fi - - if [[ -n "${ca}" ]]; then - generateRootCAcertificate - logger_cert "Authority certificates created." - fi - - if [[ -n "${cindexer}" ]]; then - generateIndexercertificates - logger_cert "Wazuh indexer certificates created." - fi - - if [[ -n "${cserver}" ]]; then - generateFilebeatcertificates - logger_cert "Wazuh server certificates created." - fi - - if [[ -n "${cdashboard}" ]]; then - generateDashboardcertificates - logger_cert "Wazuh dashboard certificates created." - fi - - else - readConfig - generateRootCAcertificate - generateAdmincertificate - generateIndexercertificates - generateFilebeatcertificates - generateDashboardcertificates - cleanFiles - fi - -} - -function parse_yaml() { - - local prefix=${2} - local s='[[:space:]]*' - local w='[a-zA-Z0-9_]*' - local fs=$(echo @|tr @ '\034') - sed -ne "s|^\($s\):|\1|" \ - -e "s|^\($s\)\($w\)$s:$s[\"']\(.*\)[\"']$s\$|\1$fs\2$fs\3|p" \ - -e "s|^\($s\)\($w\)$s:$s\(.*\)$s\$|\1$fs\2$fs\3|p" ${1} | - awk -F$fs '{ - indent = length($1)/2; - vname[indent] = $2; - for (i in vname) {if (i > indent) {delete vname[i]}} - if (length($3) > 0) { - vn=""; for (i=0; i Date: Tue, 15 Mar 2022 11:13:36 -0300 Subject: [PATCH 058/163] Tools download logic updated --- indexer_certs_creator/Dockerfile | 4 +- indexer_certs_creator/config/entrypoint.sh | 30 ++++++++---- .../wazuh_indexer_ssl_certs/certs.yml | 2 +- wazuh-indexer/config/config.sh | 48 +++++++++++++++++-- wazuh-manager/config/wazuh.repo | 2 +- 5 files changed, 68 insertions(+), 18 deletions(-) diff --git a/indexer_certs_creator/Dockerfile b/indexer_certs_creator/Dockerfile index e2e22598..d9ac2941 100644 --- a/indexer_certs_creator/Dockerfile +++ b/indexer_certs_creator/Dockerfile @@ -5,10 +5,8 @@ RUN apt-get update && apt-get install openssl curl -y WORKDIR / -#RUN curl -o wazuh-cert-tool.sh https://s3.us-west-1.amazonaws.com/packages.wazuh.com/4.x/wazuh-cert-tool.sh - COPY config/entrypoint.sh / -RUN chmod 700 /entrypoint.sh && chmod 700 /wazuh-cert-tool.sh +RUN chmod 700 /entrypoint.sh ENTRYPOINT ["/entrypoint.sh"] \ No newline at end of file diff --git a/indexer_certs_creator/config/entrypoint.sh b/indexer_certs_creator/config/entrypoint.sh index 30df30d7..1aae8d99 100644 --- a/indexer_certs_creator/config/entrypoint.sh +++ b/indexer_certs_creator/config/entrypoint.sh @@ -5,22 +5,36 @@ # Downloading Cert Gen Tool ############################################################################## -FILE=wazuh-cert-tool.sh +## Variables +CERT_TOOL=wazuh-certs-tool.sh +PASSWORD_TOOL=wazuh-passwords-tool.sh +PACKAGES_URL=https://packages.wazuh.com/resources/4.3/ +PACKAGES_DEV_URL=https://packages-dev.wazuh.com/resources/4.3/ -#Download from packages.wazuh.com with first parameter -curl -o $FILE https://packages.wazuh.com/4.x/wazuh-cert-tool.sh -var=`grep NoSuchKey $FILE` +## Check if the cert tool exists in S3 buckets +CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') +CERT_TOOL_PACKAGES_DEV=$(curl --silent -I $PACKAGES_DEV_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') -#If the content of the file contains NoSuchKey, download from packages-dev.wazuh.com -if [ ! -z "$var" ]; then - curl -o $FILE https://packages-dev.wazuh.com/4.3/wazuh-certs-tool.sh +## If cert tool exists in some bucket, download it, if not exit 1 +if [ "$CERT_TOOL_PACKAGES" = "200" ]; then + curl -o $CERT_TOOL $PACKAGES_URL$CERT_TOOL + echo "Cert tool exists in Packages bucket" +elif [ "$CERT_TOOL_PACKAGES_DEV" = "200" ]; then + curl -o $CERT_TOOL $PACKAGES_DEV_URL$CERT_TOOL + echo "Cert tool exists in Packages-dev bucket" +else + echo "Cert tool does not exist in any bucket" + echo "ERROR: certificates were not created" + exit 1 fi +chmod 700 /$CERT_TOOL + ############################################################################## # Creating Cluster certificates ############################################################################## -/wazuh-cert-tool.sh +/$CERT_TOOL echo "Moving created certificates to destination directory" cp /certs/* /certificates/ echo "changing certificate permissions" diff --git a/production_cluster/wazuh_indexer_ssl_certs/certs.yml b/production_cluster/wazuh_indexer_ssl_certs/certs.yml index 86f92925..984a96a2 100644 --- a/production_cluster/wazuh_indexer_ssl_certs/certs.yml +++ b/production_cluster/wazuh_indexer_ssl_certs/certs.yml @@ -10,7 +10,7 @@ nodes: # Wazuh server nodes # Use node_type only with more than one Wazuh manager - wazuh_servers: + server: name: wazuh.master ip: wazuh.master node_type: master diff --git a/wazuh-indexer/config/config.sh b/wazuh-indexer/config/config.sh index 5b858632..ab2d40cf 100644 --- a/wazuh-indexer/config/config.sh +++ b/wazuh-indexer/config/config.sh @@ -25,10 +25,48 @@ rm -rf ${INSTALLATION_DIR}/ curl -o ${INDEXER_FILE} https://packages.wazuh.com/stack/indexer/base/${BASE_FILE} tar -xf ${INDEXER_FILE} -curl -o wazuh-cert-tool.sh https://packages.wazuh.com/4.x/wazuh-cert-tool.sh -curl -o wazuh-password-tool.sh https://packages.wazuh.com/4.x/wazuh-passwords-tool.sh +## TOOLS -chmod 755 wazuh-cert-tool.sh && bash /wazuh-cert-tool.sh +## Variables +CERT_TOOL=wazuh-certs-tool.sh +PASSWORD_TOOL=wazuh-passwords-tool.sh +PACKAGES_URL=https://packages.wazuh.com/resources/4.3/ +PACKAGES_DEV_URL=https://packages-dev.wazuh.com/resources/4.3/ + +## Check if the cert tool exists in S3 buckets +CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') +CERT_TOOL_PACKAGES_DEV=$(curl --silent -I $PACKAGES_DEV_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') + +## If cert tool exists in some bucket, download it, if not exit 1 +if [ "$CERT_TOOL_PACKAGES" = "200" ]; then + curl -o $CERT_TOOL $PACKAGES_URL$CERT_TOOL + echo "Cert tool exists in Packages bucket" +elif [ "$CERT_TOOL_PACKAGES_DEV" = "200" ]; then + curl -o $CERT_TOOL $PACKAGES_DEV_URL$CERT_TOOL + echo "Cert tool exists in Packages-dev bucket" +else + echo "Cert tool does not exist in any bucket" + exit 1 +fi + + +## Check if the password tool exists in S3 buckets +PASSWORD_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$PASSWORD_TOOL | grep -E "^HTTP" | awk '{print $2}') +PASSWORD_TOOL_PACKAGES_DEV=$(curl --silent -I $PACKAGES_DEV_URL$PASSWORD_TOOL | grep -E "^HTTP" | awk '{print $2}') + +## If password tool exists in some bucket, download it, if not exit 1 +if [ "$PASSWORD_TOOL_PACKAGES" = "200" ]; then + curl -o $PASSWORD_TOOL $PACKAGES_URL$PASSWORD_TOOL + echo "Password tool exists in Packages bucket" +elif [ "$PASSWORD_TOOL_PACKAGES_DEV" = "200" ]; then + curl -o $PASSWORD_TOOL $PACKAGES_DEV_URL$PASSWORD_TOOL + echo "Password tool exists in Packages-dev bucket" +else + echo "Password tool does not exist in any bucket" + exit 1 +fi + +chmod 755 $CERT_TOOL && bash /$CERT_TOOL # copy to target mkdir -p ${TARGET_DIR}${INSTALLATION_DIR} @@ -52,8 +90,8 @@ rm -rf ${BASE_DIR}/usr # Copy installation files to final location cp -pr ${BASE_DIR}/* ${TARGET_DIR}${INSTALLATION_DIR} # Copy the security tools -cp /wazuh-cert-tool.sh ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/ -cp /wazuh-password-tool.sh ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/ +cp /$CERT_TOOL ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/ +cp /$PASSWORD_TOOL ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/ # Copy Wazuh's config files for the security plugin cp -pr /roles_mapping.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ cp -pr /roles.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ diff --git a/wazuh-manager/config/wazuh.repo b/wazuh-manager/config/wazuh.repo index ec15e1e3..e230d6a9 100644 --- a/wazuh-manager/config/wazuh.repo +++ b/wazuh-manager/config/wazuh.repo @@ -3,5 +3,5 @@ gpgcheck=1 gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH enabled=1 name=Wazuh repository -baseurl=https://packages.wazuh.com/pre-release/yum/ +baseurl=https://packages.wazuh.com/4.x/yum/ protect=1 From a31d5c7c1a0a6d7bfade01371a4343c920535e1b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Tue, 15 Mar 2022 16:17:10 -0300 Subject: [PATCH 059/163] Workdir and User updated for docker images --- wazuh-dashboard/Dockerfile | 4 +++- wazuh-indexer/Dockerfile | 2 ++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index bd380cce..821d23d2 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -58,10 +58,12 @@ RUN chmod 700 /entrypoint.sh RUN chmod 700 /wazuh_app_config.sh COPY --from=builder --chown=1000:1000 /usr/share/wazuh-dashboard /usr/share/wazuh-dashboard -COPY --from=builder --chown=1000:1000 /var/log/wazuh-dashboard /var/log/wazuh-dashboard COPY --from=builder --chown=1000:1000 /run/wazuh-dashboard /run/wazuh-dashboard COPY --from=builder --chown=1000:1000 /etc/wazuh-dashboard /etc/wazuh-dashboard +WORKDIR /usr/share/wazuh-dashboard/ +USER wazuh-dashboard + # Services ports EXPOSE 443 diff --git a/wazuh-indexer/Dockerfile b/wazuh-indexer/Dockerfile index 5020be24..8ae49e70 100644 --- a/wazuh-indexer/Dockerfile +++ b/wazuh-indexer/Dockerfile @@ -62,6 +62,8 @@ RUN mkdir -p /var/lib/wazuh-indexer && chown 1000:1000 /var/lib/wazuh-indexer && mkdir -p /run/wazuh-indexer && chown 1000:1000 /run/wazuh-indexer && \ mkdir -p /var/log/wazuh-indexer && chown 1000:1000 /var/log/wazuh-indexer +USER wazuh-indexer + # Services ports EXPOSE 9200 From 7102d732442327c4a330dc9f8e932c835c109ec7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Tue, 15 Mar 2022 18:04:41 -0300 Subject: [PATCH 060/163] Indexer and dashboard user and workdir update --- production_cluster/nginx/nginx.conf | 2 +- wazuh-dashboard/Dockerfile | 4 +++- wazuh-dashboard/config/entrypoint.sh | 2 +- wazuh-indexer/Dockerfile | 2 ++ 4 files changed, 7 insertions(+), 3 deletions(-) diff --git a/production_cluster/nginx/nginx.conf b/production_cluster/nginx/nginx.conf index 864aa77b..b2103bb0 100644 --- a/production_cluster/nginx/nginx.conf +++ b/production_cluster/nginx/nginx.conf @@ -28,7 +28,7 @@ http { server_tokens off; gzip on; - # kibana UI + # Dashboard UI server { listen 80; listen [::]:80; diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index 821d23d2..566b3aba 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -7,7 +7,7 @@ ARG WAZUH_VERSION=4.3.0-1 RUN apt-get update && apt install curl libcap2-bin -y #Download and install Wazuh Dashboard -RUN curl https://packages.wazuh.com/4.x/apt/pool/main/w/wazuh-dashboard/wazuh-dashboard_${WAZUH_VERSION}_amd64.deb --output wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ +RUN curl https://packages-dev.wazuh.com/pre-release/apt/pool/main/w/wazuh-dashboard/wazuh-dashboard_${WAZUH_VERSION}_amd64.deb --output wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ dpkg -i wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ apt-get clean -y && rm -rf wazuh-dashboard_${WAZUH_VERSION}_amd64.deb @@ -57,6 +57,8 @@ RUN chmod 700 /entrypoint.sh RUN chmod 700 /wazuh_app_config.sh +RUN chown 1000:1000 /*.sh + COPY --from=builder --chown=1000:1000 /usr/share/wazuh-dashboard /usr/share/wazuh-dashboard COPY --from=builder --chown=1000:1000 /run/wazuh-dashboard /run/wazuh-dashboard COPY --from=builder --chown=1000:1000 /etc/wazuh-dashboard /etc/wazuh-dashboard diff --git a/wazuh-dashboard/config/entrypoint.sh b/wazuh-dashboard/config/entrypoint.sh index b05f93da..ec31aafe 100644 --- a/wazuh-dashboard/config/entrypoint.sh +++ b/wazuh-dashboard/config/entrypoint.sh @@ -7,4 +7,4 @@ /wazuh_app_config.sh -runuser wazuh-dashboard --shell="/bin/bash" --command="/usr/share/wazuh-dashboard/bin/opensearch-dashboards -c /etc/wazuh-dashboard/opensearch_dashboards.yml" +/usr/share/wazuh-dashboard/bin/opensearch-dashboards -c /etc/wazuh-dashboard/opensearch_dashboards.yml \ No newline at end of file diff --git a/wazuh-indexer/Dockerfile b/wazuh-indexer/Dockerfile index 8ae49e70..8aff4760 100644 --- a/wazuh-indexer/Dockerfile +++ b/wazuh-indexer/Dockerfile @@ -49,6 +49,8 @@ COPY config/securityadmin.sh / RUN chmod 700 /entrypoint.sh && chmod 700 /securityadmin.sh +RUN chown 1000:1000 /*.sh + COPY --from=builder --chown=1000:1000 /debian/wazuh-indexer/usr/share/wazuh-indexer /usr/share/wazuh-indexer COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/systemd /usr/lib/systemd COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/sysctl.d /usr/lib/sysctl.d From 923c47c4e124a7fde8a4898d204396a3134c085d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Wed, 16 Mar 2022 09:11:45 -0300 Subject: [PATCH 061/163] Readme corrected --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index a581006e..477def69 100644 --- a/README.md +++ b/README.md @@ -7,9 +7,9 @@ In this repository you will find the containers to run: -* wazuh manager: It runs the Wazuh manager, Wazuh API and Filebeat OSS -* Wazuh dashboard: Provides a web user interface to browse through alerts data and allows you to visualize agents configuration and status. -* Wazuh indexer: An Wazuh indexer container (working as a single-node cluster). **Be aware to increase the `vm.max_map_count` setting, as it's detailed in the [Wazuh documentation](https://documentation.wazuh.com/current/docker/wazuh-container.html#increase-max-map-count-on-your-host-linux).** +* Wazuh manager: it runs the Wazuh manager, Wazuh API and Filebeat OSS +* Wazuh dashboard: provides a web user interface to browse through alerts data and allows you to visualize agents configuration and status. +* Wazuh indexer: Wazuh indexer container (working as a single-node cluster). **Be aware to increase the `vm.max_map_count` setting, as it's detailed in the [Wazuh documentation](https://documentation.wazuh.com/current/docker/wazuh-container.html#increase-max-map-count-on-your-host-linux).** In addition, a docker-compose file is provided to launch the containers mentioned above. From c6ce62e38f218ee21aad919ffaeae25cdb4dd554 Mon Sep 17 00:00:00 2001 From: Alberto R Date: Thu, 17 Mar 2022 11:09:57 +0100 Subject: [PATCH 062/163] Fixed wazuh-certs-tool.sh and wazuh-passwords-tool.sh URLs --- indexer_certs_creator/config/entrypoint.sh | 4 ++-- wazuh-indexer/config/config.sh | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/indexer_certs_creator/config/entrypoint.sh b/indexer_certs_creator/config/entrypoint.sh index 1aae8d99..567bf267 100644 --- a/indexer_certs_creator/config/entrypoint.sh +++ b/indexer_certs_creator/config/entrypoint.sh @@ -8,8 +8,8 @@ ## Variables CERT_TOOL=wazuh-certs-tool.sh PASSWORD_TOOL=wazuh-passwords-tool.sh -PACKAGES_URL=https://packages.wazuh.com/resources/4.3/ -PACKAGES_DEV_URL=https://packages-dev.wazuh.com/resources/4.3/ +PACKAGES_URL=https://packages.wazuh.com/4.3/ +PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.3/ ## Check if the cert tool exists in S3 buckets CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') diff --git a/wazuh-indexer/config/config.sh b/wazuh-indexer/config/config.sh index ab2d40cf..12f37d60 100644 --- a/wazuh-indexer/config/config.sh +++ b/wazuh-indexer/config/config.sh @@ -30,8 +30,8 @@ tar -xf ${INDEXER_FILE} ## Variables CERT_TOOL=wazuh-certs-tool.sh PASSWORD_TOOL=wazuh-passwords-tool.sh -PACKAGES_URL=https://packages.wazuh.com/resources/4.3/ -PACKAGES_DEV_URL=https://packages-dev.wazuh.com/resources/4.3/ +PACKAGES_URL=https://packages.wazuh.com/4.3/ +PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.3/ ## Check if the cert tool exists in S3 buckets CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') From f8cf7b134f231cd725d0902a39fc99bc34e85e4d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Thu, 17 Mar 2022 09:55:49 -0300 Subject: [PATCH 063/163] Wazuh dashboard image changes --- indexer_certs_creator/config/entrypoint.sh | 2 +- wazuh-dashboard/Dockerfile | 64 ++++++++++++------- wazuh-dashboard/config/entrypoint.sh | 2 +- .../config/opensearch_dashboards.yml | 6 +- wazuh-indexer/config/config.sh | 4 +- wazuh-manager/Dockerfile | 2 +- wazuh-manager/config/wazuh.repo | 4 +- 7 files changed, 52 insertions(+), 32 deletions(-) diff --git a/indexer_certs_creator/config/entrypoint.sh b/indexer_certs_creator/config/entrypoint.sh index 1aae8d99..cd9bb7a7 100644 --- a/indexer_certs_creator/config/entrypoint.sh +++ b/indexer_certs_creator/config/entrypoint.sh @@ -9,7 +9,7 @@ CERT_TOOL=wazuh-certs-tool.sh PASSWORD_TOOL=wazuh-passwords-tool.sh PACKAGES_URL=https://packages.wazuh.com/resources/4.3/ -PACKAGES_DEV_URL=https://packages-dev.wazuh.com/resources/4.3/ +PACKAGES_DEV_URL=https://packages-dev.wazuh.com/ ## Check if the cert tool exists in S3 buckets CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index 566b3aba..da692df4 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -1,31 +1,53 @@ # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) FROM ubuntu:focal AS builder -ARG WAZUH_VERSION=4.3.0-1 +ARG WAZUH_VERSION=4.3.0 +ARG INSTALL_DIR=/usr/share/wazuh-dashboard # Update and install dependencies -RUN apt-get update && apt install curl libcap2-bin -y +RUN apt-get update && apt install curl libcap2-bin xz-utils -y -#Download and install Wazuh Dashboard -RUN curl https://packages-dev.wazuh.com/pre-release/apt/pool/main/w/wazuh-dashboard/wazuh-dashboard_${WAZUH_VERSION}_amd64.deb --output wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ - dpkg -i wazuh-dashboard_${WAZUH_VERSION}_amd64.deb && \ - apt-get clean -y && rm -rf wazuh-dashboard_${WAZUH_VERSION}_amd64.deb +# Create Install dir +RUN mkdir -p $INSTALL_DIR +# Download and extract Wazuh dashboard base +RUN curl -o wazuh-dashboard-base.tar.xz https://packages-dev.wazuh.com/stack/dashboard/base/wazuh-dashboard-base-$WAZUH_VERSION-linux-x64.tar.xz && \ + tar -xf wazuh-dashboard-base.tar.xz --directory $INSTALL_DIR --strip-components=1 -COPY config/opensearch_dashboards.yml /etc/wazuh-dashboard/ +# Download and extract demo certificates +RUN curl -O https://packages-dev.wazuh.com/stack/demo-certs.tar.gz && \ + tar -xf demo-certs.tar.gz && rm -f demo-certs.tar.gz -COPY config/wazuh.yml /usr/share/wazuh-dashboard/data/wazuh/config/ +# Create certs dir +RUN mkdir -p $INSTALL_DIR/config/certs -RUN chown 101:101 /etc/wazuh-dashboard/opensearch_dashboards.yml && chmod 664 /etc/wazuh-dashboard/opensearch_dashboards.yml +# Copy Wazuh dashboard demo certs to install config dir +RUN cp certs/demo-dashboard.pem $INSTALL_DIR/config/certs/demo-dashboard.pem && \ + cp certs/demo-dashboard-key.pem $INSTALL_DIR/config/certs/demo-dashboard-key.pem && \ + cp certs/root-ca.pem $INSTALL_DIR/config/certs/root-ca.pem -RUN mkdir -p /usr/share/wazuh-dashboard/data/wazuh && chown -R 101:101 /usr/share/wazuh-dashboard/data/wazuh && chmod -R 775 /usr/share/wazuh-dashboard/data/wazuh +RUN chmod 640 $INSTALL_DIR/config/certs/* -RUN mkdir -p /usr/share/wazuh-dashboard/data/wazuh/config && chown -R 101:101 /usr/share/wazuh-dashboard/data/wazuh/config && chmod -R 775 /usr/share/wazuh-dashboard/data/wazuh/config +# Create and configure Wazuh dashboard keystore +RUN $INSTALL_DIR/bin/opensearch-dashboards-keystore create --allow-root && \ + echo kibanaserver | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.username --stdin --allow-root && \ + echo kibanaserver | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.password --stdin --allow-root -RUN mkdir -p /usr/share/wazuh-dashboard/data/wazuh/logs && chown -R 101:101 /usr/share/wazuh-dashboard/data/wazuh/logs && chmod -R 775 /usr/share/wazuh-dashboard/data/wazuh/logs +# Install Wazuh App +RUN $INSTALL_DIR/bin/opensearch-dashboards-plugin install https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-$WAZUH_VERSION.zip --allow-root + +# Copy and set permissions to config files +COPY config/opensearch_dashboards.yml $INSTALL_DIR/config/ +COPY config/wazuh.yml $INSTALL_DIR/data/wazuh/config/ +RUN chown 101:101 $INSTALL_DIR/config/opensearch_dashboards.yml && chmod 664 $INSTALL_DIR/config/opensearch_dashboards.yml + +# Create and set permissions to data directories +RUN mkdir -p $INSTALL_DIR/data/wazuh && chown -R 101:101 $INSTALL_DIR/data/wazuh && chmod -R 775 $INSTALL_DIR/data/wazuh +RUN mkdir -p $INSTALL_DIR/data/wazuh/config && chown -R 101:101 $INSTALL_DIR/data/wazuh/config && chmod -R 775 $INSTALL_DIR/data/wazuh/config +RUN mkdir -p $INSTALL_DIR/data/wazuh/logs && chown -R 101:101 $INSTALL_DIR/data/wazuh/logs && chmod -R 775 $INSTALL_DIR/data/wazuh/logs ################################################################################ -# Build stage 1 (the actual Wazuh dashboard image): +# Build stage 1 (the current Wazuh dashboard image): # # Copy wazuh-dashboard from stage 0 # Add entrypoint @@ -33,13 +55,14 @@ RUN mkdir -p /usr/share/wazuh-dashboard/data/wazuh/logs && chown -R 101:101 /usr ################################################################################ FROM ubuntu:focal +# Set environment variables ENV USER="wazuh-dashboard" \ GROUP="wazuh-dashboard" \ NAME="wazuh-dashboard" \ INSTALL_DIR="/usr/share/wazuh-dashboard" +# Create wazuh-dashboard user and group RUN getent group $GROUP || groupadd -r -g 1000 $GROUP - RUN useradd --system \ --uid 1000 \ --no-create-home \ @@ -49,21 +72,18 @@ RUN useradd --system \ --comment "$USER user" \ $USER +# Copy and set permissions to scripts COPY config/entrypoint.sh / - COPY config/wazuh_app_config.sh / - RUN chmod 700 /entrypoint.sh - RUN chmod 700 /wazuh_app_config.sh - RUN chown 1000:1000 /*.sh -COPY --from=builder --chown=1000:1000 /usr/share/wazuh-dashboard /usr/share/wazuh-dashboard -COPY --from=builder --chown=1000:1000 /run/wazuh-dashboard /run/wazuh-dashboard -COPY --from=builder --chown=1000:1000 /etc/wazuh-dashboard /etc/wazuh-dashboard +# Copy Install dir from builder to current image +COPY --from=builder --chown=1000:1000 $INSTALL_DIR $INSTALL_DIR -WORKDIR /usr/share/wazuh-dashboard/ +# Set workdir and user +WORKDIR $INSTALL_DIR USER wazuh-dashboard # Services ports diff --git a/wazuh-dashboard/config/entrypoint.sh b/wazuh-dashboard/config/entrypoint.sh index ec31aafe..d25432fa 100644 --- a/wazuh-dashboard/config/entrypoint.sh +++ b/wazuh-dashboard/config/entrypoint.sh @@ -7,4 +7,4 @@ /wazuh_app_config.sh -/usr/share/wazuh-dashboard/bin/opensearch-dashboards -c /etc/wazuh-dashboard/opensearch_dashboards.yml \ No newline at end of file +/usr/share/wazuh-dashboard/bin/opensearch-dashboards -c /usr/share/wazuh-dashboard/config/opensearch_dashboards.yml \ No newline at end of file diff --git a/wazuh-dashboard/config/opensearch_dashboards.yml b/wazuh-dashboard/config/opensearch_dashboards.yml index e63def82..4b713d5a 100644 --- a/wazuh-dashboard/config/opensearch_dashboards.yml +++ b/wazuh-dashboard/config/opensearch_dashboards.yml @@ -7,8 +7,8 @@ opensearch_security.multitenancy.enabled: true opensearch_security.multitenancy.tenants.preferred: ["Private", "Global"] opensearch_security.readonly_mode.roles: ["kibana_read_only"] server.ssl.enabled: true -server.ssl.key: "/etc/wazuh-dashboard/certs/demo-dashboard-key.pem" -server.ssl.certificate: "/etc/wazuh-dashboard/certs/demo-dashboard.pem" -opensearch.ssl.certificateAuthorities: ["/etc/wazuh-dashboard/certs/root-ca.pem"] +server.ssl.key: "/usr/share/wazuh-dashboard/config/certs/demo-dashboard-key.pem" +server.ssl.certificate: "/usr/share/wazuh-dashboard/config/certs/demo-dashboard.pem" +opensearch.ssl.certificateAuthorities: ["/usr/share/wazuh-dashboard/config/certs/root-ca.pem"] uiSettings.overrides.defaultRoute: /app/wazuh?security_tenant=global diff --git a/wazuh-indexer/config/config.sh b/wazuh-indexer/config/config.sh index ab2d40cf..f7a40d8c 100644 --- a/wazuh-indexer/config/config.sh +++ b/wazuh-indexer/config/config.sh @@ -22,7 +22,7 @@ export REPO_DIR=/unattended_installer rm -rf ${INSTALLATION_DIR}/ -curl -o ${INDEXER_FILE} https://packages.wazuh.com/stack/indexer/base/${BASE_FILE} +curl -o ${INDEXER_FILE} https://packages-dev.wazuh.com/stack/indexer/base/${BASE_FILE} tar -xf ${INDEXER_FILE} ## TOOLS @@ -31,7 +31,7 @@ tar -xf ${INDEXER_FILE} CERT_TOOL=wazuh-certs-tool.sh PASSWORD_TOOL=wazuh-passwords-tool.sh PACKAGES_URL=https://packages.wazuh.com/resources/4.3/ -PACKAGES_DEV_URL=https://packages-dev.wazuh.com/resources/4.3/ +PACKAGES_DEV_URL=https://packages-dev.wazuh.com/ ## Check if the cert tool exists in S3 buckets CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') diff --git a/wazuh-manager/Dockerfile b/wazuh-manager/Dockerfile index 1da3d314..c0f3757d 100644 --- a/wazuh-manager/Dockerfile +++ b/wazuh-manager/Dockerfile @@ -8,7 +8,7 @@ ARG TEMPLATE_VERSION="master" ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" # Set repositories. -RUN rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH +RUN rpm --import https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH COPY config/wazuh.repo /etc/yum.repos.d/wazuh.repo diff --git a/wazuh-manager/config/wazuh.repo b/wazuh-manager/config/wazuh.repo index e230d6a9..4b673ff0 100644 --- a/wazuh-manager/config/wazuh.repo +++ b/wazuh-manager/config/wazuh.repo @@ -1,7 +1,7 @@ [wazuh_repo] gpgcheck=1 -gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH +gpgkey=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH enabled=1 name=Wazuh repository -baseurl=https://packages.wazuh.com/4.x/yum/ +baseurl=https://packages-dev.wazuh.com/pre-release/yum/ protect=1 From 16d2aa1c7a1d98374833bcbf969debb68733ebf4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Thu, 17 Mar 2022 10:45:17 -0300 Subject: [PATCH 064/163] Production deployment update --- production-cluster.yml | 8 ++++---- .../wazuh_dashboard/opensearch_dashboards.yml | 6 +++--- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/production-cluster.yml b/production-cluster.yml index f1d514e2..18c59a9a 100644 --- a/production-cluster.yml +++ b/production-cluster.yml @@ -146,10 +146,10 @@ services: - API_USERNAME=acme-user - API_PASSWORD=MyS3cr37P450r.*- volumes: - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/etc/wazuh-dashboard/certs/wazuh-dashboard.pem - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/etc/wazuh-dashboard/certs/wazuh-dashboard-key.pem - - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/wazuh-dashboard/certs/root-ca.pem - - ./production_cluster/wazuh_dashboard/opensearch_dashboards.yml:/etc/wazuh-dashboard/opensearch_dashboards.yml + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem + - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem + - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem + - ./production_cluster/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/opensearch_dashboards.yml - ./production_cluster/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml depends_on: - wazuh1.indexer diff --git a/production_cluster/wazuh_dashboard/opensearch_dashboards.yml b/production_cluster/wazuh_dashboard/opensearch_dashboards.yml index f7a27b1c..ba6bc3ea 100644 --- a/production_cluster/wazuh_dashboard/opensearch_dashboards.yml +++ b/production_cluster/wazuh_dashboard/opensearch_dashboards.yml @@ -6,7 +6,7 @@ opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"] opensearch_security.multitenancy.enabled: false opensearch_security.readonly_mode.roles: ["kibana_read_only"] server.ssl.enabled: true -server.ssl.key: "/etc/wazuh-dashboard/certs/wazuh-dashboard-key.pem" -server.ssl.certificate: "/etc/wazuh-dashboard/certs/wazuh-dashboard.pem" -opensearch.ssl.certificateAuthorities: ["/etc/wazuh-dashboard/certs/root-ca.pem"] +server.ssl.key: "/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem" +server.ssl.certificate: "/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem" +opensearch.ssl.certificateAuthorities: ["/usr/share/wazuh-dashboard/certs/root-ca.pem"] uiSettings.overrides.defaultRoute: /app/wazuh?security_tenant=global From 036f515116abaa60ecb0fe1ddb8dbee75c1776f7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Thu, 17 Mar 2022 10:59:01 -0300 Subject: [PATCH 065/163] Elastic and kibana files removed --- .goss.kibana.yaml | 53 --------- generate-elasticsearch-certs.yml | 17 --- kibana/Dockerfile | 64 ---------- kibana/config/entrypoint.sh | 60 ---------- kibana/config/kibana_settings.sh | 79 ------------ kibana/config/wazuh.yml | 162 ------------------------- kibana/config/wazuh_app_config.sh | 65 ---------- kibana/config/xpack_config.sh | 35 ------ xpack-compose.yml | 185 ---------------------------- xpack-from-sources.yml | 192 ------------------------------ xpack/instances.yml | 35 ------ 11 files changed, 947 deletions(-) delete mode 100644 .goss.kibana.yaml delete mode 100644 generate-elasticsearch-certs.yml delete mode 100644 kibana/Dockerfile delete mode 100644 kibana/config/entrypoint.sh delete mode 100644 kibana/config/kibana_settings.sh delete mode 100644 kibana/config/wazuh.yml delete mode 100644 kibana/config/wazuh_app_config.sh delete mode 100644 kibana/config/xpack_config.sh delete mode 100644 xpack-compose.yml delete mode 100644 xpack-from-sources.yml delete mode 100644 xpack/instances.yml diff --git a/.goss.kibana.yaml b/.goss.kibana.yaml deleted file mode 100644 index 8a29ce3c..00000000 --- a/.goss.kibana.yaml +++ /dev/null @@ -1,53 +0,0 @@ -file: - /usr/share/kibana/config/kibana.yml: - exists: true - mode: "0664" - owner: kibana - group: root - filetype: file - contains: [] - /usr/share/kibana/src/core/server/core_app/assets/legacy_light_theme.css: - exists: true - mode: "0664" - owner: kibana - group: root - filetype: file - contains: [] - /usr/share/kibana/src/core/server/core_app/assets/wazuh_logo_circle.svg: - exists: true - mode: "0644" - owner: kibana - group: root - filetype: file - contains: [] - /usr/share/kibana/src/core/server/core_app/assets/wazuh_wazuh_bg.svg: - exists: true - mode: "0644" - owner: kibana - group: root - filetype: file - contains: [] - /usr/share/kibana/data/wazuh/config/wazuh.yml: - exists: true - mode: "0644" - owner: kibana - group: kibana - filetype: file - contains: [] - /usr/share/kibana/src/legacy/ui/ui_render/bootstrap/template.js.hbs: - exists: true - mode: "0664" - owner: kibana - group: root - filetype: file - contains: [] -user: - kibana: - exists: true - groups: - - kibana - home: /usr/share/kibana - shell: /bin/bash -group: - kibana: - exists: true diff --git a/generate-elasticsearch-certs.yml b/generate-elasticsearch-certs.yml deleted file mode 100644 index e68bbf62..00000000 --- a/generate-elasticsearch-certs.yml +++ /dev/null @@ -1,17 +0,0 @@ -version: '2.2' - -services: - generator: - container_name: generator - image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2 - command: > - bash -c ' - if [[ ! -f config/certificates/bundle.zip ]]; then - bin/elasticsearch-certutil cert --silent --pem --in config/certificates/instances.yml -out config/certificates/bundle.zip; - unzip config/certificates/bundle.zip -d config/certificates/; - fi; - chown -R 1000:0 config/certificates - ' - user: "0" - working_dir: /usr/share/elasticsearch - volumes: ['./xpack:/usr/share/elasticsearch/config/certificates'] diff --git a/kibana/Dockerfile b/kibana/Dockerfile deleted file mode 100644 index d98443ae..00000000 --- a/kibana/Dockerfile +++ /dev/null @@ -1,64 +0,0 @@ -# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) -FROM docker.elastic.co/kibana/kibana:7.10.2 -USER kibana -ARG ELASTIC_VERSION=7.10.2 -ARG WAZUH_VERSION=4.3.0 -ARG WAZUH_APP_VERSION="${WAZUH_VERSION}_${ELASTIC_VERSION}" - -WORKDIR /usr/share/kibana -RUN ./bin/kibana-plugin install https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana-${WAZUH_APP_VERSION}-1.zip - -ENV PATTERN="" \ - CHECKS_PATTERN="" \ - CHECKS_TEMPLATE="" \ - CHECKS_API="" \ - CHECKS_SETUP="" \ - EXTENSIONS_PCI="" \ - EXTENSIONS_GDPR="" \ - EXTENSIONS_HIPAA="" \ - EXTENSIONS_NIST="" \ - EXTENSIONS_TSC="" \ - EXTENSIONS_AUDIT="" \ - EXTENSIONS_OSCAP="" \ - EXTENSIONS_CISCAT="" \ - EXTENSIONS_AWS="" \ - EXTENSIONS_GCP="" \ - EXTENSIONS_VIRUSTOTAL="" \ - EXTENSIONS_OSQUERY="" \ - EXTENSIONS_DOCKER="" \ - APP_TIMEOUT="" \ - API_SELECTOR="" \ - IP_SELECTOR="" \ - IP_IGNORE="" \ - WAZUH_MONITORING_ENABLED="" \ - WAZUH_MONITORING_FREQUENCY="" \ - WAZUH_MONITORING_SHARDS="" \ - WAZUH_MONITORING_REPLICAS="" \ - ADMIN_PRIVILEGES="" \ - XPACK_CANVAS="true" \ - XPACK_LOGS="true" \ - XPACK_INFRA="true" \ - XPACK_ML="true" \ - XPACK_DEVTOOLS="true" \ - XPACK_MONITORING="true" \ - XPACK_APM="true" - -WORKDIR / -USER kibana - -COPY --chown=kibana:kibana config/entrypoint.sh ./entrypoint.sh -RUN chmod 755 ./entrypoint.sh - -RUN printf "\nserver.defaultRoute: /app/wazuh\n" >> /usr/share/kibana/config/kibana.yml - -COPY --chown=kibana:kibana ./config/wazuh.yml /usr/share/kibana/data/wazuh/config/wazuh.yml -COPY --chown=kibana:kibana ./config/wazuh_app_config.sh ./ -RUN chmod +x ./wazuh_app_config.sh - -COPY --chown=kibana:kibana ./config/kibana_settings.sh ./ -RUN chmod +x ./kibana_settings.sh - -COPY --chown=kibana:kibana ./config/xpack_config.sh ./ -RUN chmod +x ./xpack_config.sh - -ENTRYPOINT ./entrypoint.sh diff --git a/kibana/config/entrypoint.sh b/kibana/config/entrypoint.sh deleted file mode 100644 index 2edeaaf2..00000000 --- a/kibana/config/entrypoint.sh +++ /dev/null @@ -1,60 +0,0 @@ -#!/bin/bash -# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) - -set -e - -############################################################################## -# Waiting for elasticsearch -############################################################################## - -if [ "x${ELASTICSEARCH_URL}" = "x" ]; then - export el_url="http://elasticsearch:9200" -else - export el_url="${ELASTICSEARCH_URL}" -fi - -if [[ ${ENABLED_SECURITY} == "false" || "x${ELASTICSEARCH_USERNAME}" = "x" || "x${ELASTICSEARCH_PASSWORD}" = "x" ]]; then - export auth="" -else - export auth="--user ${ELASTICSEARCH_USERNAME}:${ELASTICSEARCH_PASSWORD} -k" -fi - -until curl -XGET $el_url ${auth}; do - >&2 echo "Elastic is unavailable - sleeping" - sleep 5 -done - -sleep 2 - ->&2 echo "Elasticsearch is up." - - -############################################################################## -# Waiting for wazuh alerts template -############################################################################## - -strlen=0 - -while [[ $strlen -eq 0 ]] -do - template=$(curl ${auth} $el_url/_cat/templates/wazuh -s) - strlen=${#template} - >&2 echo "Wazuh alerts template not loaded - sleeping." - sleep 2 -done - -sleep 2 - ->&2 echo "Wazuh alerts template is loaded." - -./xpack_config.sh - -./wazuh_app_config.sh - -sleep 5 - -./kibana_settings.sh & - -sleep 2 - -/usr/local/bin/kibana-docker diff --git a/kibana/config/kibana_settings.sh b/kibana/config/kibana_settings.sh deleted file mode 100644 index 146ff53e..00000000 --- a/kibana/config/kibana_settings.sh +++ /dev/null @@ -1,79 +0,0 @@ -#!/bin/bash -# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) - -WAZUH_MAJOR=4 - -############################################################################## -# Wait for the Kibana API to start. It is necessary to do it in this container -# because the others are running Elastic Stack and we can not interrupt them. -# -# The following actions are performed: -# -# Add the wazuh alerts index as default. -# Set the Discover time interval to 24 hours instead of 15 minutes. -# Do not ask user to help providing usage statistics to Elastic. -############################################################################## - -############################################################################## -# Customize elasticsearch ip -############################################################################## -sed -i "s|elasticsearch.hosts:.*|elasticsearch.hosts: $el_url|g" /usr/share/kibana/config/kibana.yml - -# If KIBANA_INDEX was set, then change the default index in kibana.yml configuration file. If there was an index, then delete it and recreate. -if [ "$KIBANA_INDEX" != "" ]; then - if grep -q 'kibana.index' /usr/share/kibana/config/kibana.yml; then - sed -i '/kibana.index/d' /usr/share/kibana/config/kibana.yml - fi - echo "kibana.index: $KIBANA_INDEX" >> /usr/share/kibana/config/kibana.yml -fi - -kibana_proto="http" - -if [ "$XPACK_SECURITY_ENABLED" != "" ]; then - kibana_proto="https" - if grep -q 'xpack.security.enabled' /usr/share/kibana/config/kibana.yml; then - sed -i '/xpack.security.enabled/d' /usr/share/kibana/config/kibana.yml - fi - echo "xpack.security.enabled: $XPACK_SECURITY_ENABLED" >> /usr/share/kibana/config/kibana.yml -fi - -# Add auth headers if required -if [ "$ELASTICSEARCH_USERNAME" != "" ] && [ "$ELASTICSEARCH_PASSWORD" != "" ]; then - curl_auth="-u $ELASTICSEARCH_USERNAME:$ELASTICSEARCH_PASSWORD" -fi - -while [[ "$(curl $curl_auth -XGET -I -s -o /dev/null -w ''%{http_code}'' -k $kibana_proto://127.0.0.1:5601/status)" != "200" ]]; do - echo "Waiting for Kibana API. Sleeping 5 seconds" - sleep 5 -done - - - -# Prepare index selection. -echo "Kibana API is running" - -default_index="/tmp/default_index.json" - -cat > ${default_index} << EOF -{ - "changes": { - "defaultIndex": "wazuh-alerts-${WAZUH_MAJOR}.x-*" - } -} -EOF - -sleep 5 -# Add the wazuh alerts index as default. -curl ${auth} -POST -k "$kibana_proto://127.0.0.1:5601/api/kibana/settings" -H "Content-Type: application/json" -H "kbn-xsrf: true" -d@${default_index} -rm -f ${default_index} - -sleep 5 -# Configuring Kibana TimePicker. -curl ${auth} -POST -k "$kibana_proto://127.0.0.1:5601/api/kibana/settings" -H "Content-Type: application/json" -H "kbn-xsrf: true" -d \ -'{"changes":{"timepicker:timeDefaults":"{\n \"from\": \"now-12h\",\n \"to\": \"now\"}"}}' - -sleep 5 -# Do not ask user to help providing usage statistics to Elastic -curl ${auth} -POST -k "$kibana_proto://127.0.0.1:5601/api/telemetry/v2/optIn" -H "Content-Type: application/json" -H "kbn-xsrf: true" -d '{"enabled":false}' - -echo "End settings" diff --git a/kibana/config/wazuh.yml b/kibana/config/wazuh.yml deleted file mode 100644 index 3b074c61..00000000 --- a/kibana/config/wazuh.yml +++ /dev/null @@ -1,162 +0,0 @@ ---- -# -# Wazuh app - App configuration file -# Copyright (C) 2015-2021 Wazuh, Inc. -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# Find more information about this on the LICENSE file. -# -# ======================== Wazuh app configuration file ======================== -# -# Please check the documentation for more information on configuration options: -# https://documentation.wazuh.com/current/installation-guide/index.html -# -# Also, you can check our repository: -# https://github.com/wazuh/wazuh-kibana-app -# -# ------------------------------- Index patterns ------------------------------- -# -# Default index pattern to use. -#pattern: wazuh-alerts-* -# -# ----------------------------------- Checks ----------------------------------- -# -# Defines which checks must to be consider by the healthcheck -# step once the Wazuh app starts. Values must to be true or false. -#checks.pattern : true -#checks.template: true -#checks.api : true -#checks.setup : true -#checks.metaFields: true -# -# --------------------------------- Extensions --------------------------------- -# -# Defines which extensions should be activated when you add a new API entry. -# You can change them after Wazuh app starts. -# Values must to be true or false. -#extensions.pci : true -#extensions.gdpr : true -#extensions.hipaa : true -#extensions.nist : true -#extensions.tsc : true -#extensions.audit : true -#extensions.oscap : false -#extensions.ciscat : false -#extensions.aws : false -#extensions.gcp : false -#extensions.virustotal: false -#extensions.osquery : false -#extensions.docker : false -# -# ---------------------------------- Time out ---------------------------------- -# -# Defines maximum timeout to be used on the Wazuh app requests. -# It will be ignored if it is bellow 1500. -# It means milliseconds before we consider a request as failed. -# Default: 20000 -#timeout: 20000 -# -# -------------------------------- API selector -------------------------------- -# -# Defines if the user is allowed to change the selected -# API directly from the Wazuh app top menu. -# Default: true -#api.selector: true -# -# --------------------------- Index pattern selector --------------------------- -# -# Defines if the user is allowed to change the selected -# index pattern directly from the Wazuh app top menu. -# Default: true -#ip.selector: true -# -# List of index patterns to be ignored -#ip.ignore: [] -# -# -------------------------------- X-Pack RBAC --------------------------------- -# -# Custom setting to enable/disable built-in X-Pack RBAC security capabilities. -# Default: enabled -#xpack.rbac.enabled: true -# -# ------------------------------ wazuh-monitoring ------------------------------ -# -# Custom setting to enable/disable wazuh-monitoring indices. -# Values: true, false, worker -# If worker is given as value, the app will show the Agents status -# visualization but won't insert data on wazuh-monitoring indices. -# Default: true -#wazuh.monitoring.enabled: true -# -# Custom setting to set the frequency for wazuh-monitoring indices cron task. -# Default: 900 (s) -#wazuh.monitoring.frequency: 900 -# -# Configure wazuh-monitoring-* indices shards and replicas. -#wazuh.monitoring.shards: 2 -#wazuh.monitoring.replicas: 0 -# -# Configure wazuh-monitoring-* indices custom creation interval. -# Values: h (hourly), d (daily), w (weekly), m (monthly) -# Default: d -#wazuh.monitoring.creation: d -# -# Default index pattern to use for Wazuh monitoring -#wazuh.monitoring.pattern: wazuh-monitoring-* -# -# --------------------------------- wazuh-cron ---------------------------------- -# -# Customize the index prefix of predefined jobs -# This change is not retroactive, if you change it new indexes will be created -# cron.prefix: test -# -# ------------------------------ wazuh-statistics ------------------------------- -# -# Custom setting to enable/disable statistics tasks. -#cron.statistics.status: true -# -# Enter the ID of the APIs you want to save data from, leave this empty to run -# the task on all configured APIs -#cron.statistics.apis: [] -# -# Define the frequency of task execution using cron schedule expressions -#cron.statistics.interval: 0 0 * * * * -# -# Define the name of the index in which the documents are to be saved. -#cron.statistics.index.name: statistics -# -# Define the interval in which the index will be created -#cron.statistics.index.creation: w -# -# ------------------------------- App privileges -------------------------------- -#admin: true -# -# ---------------------------- Hide manager alerts ------------------------------ -# Hide the alerts of the manager in all dashboards and discover -#hideManagerAlerts: false -# -# ------------------------------- App logging level ----------------------------- -# Set the logging level for the Wazuh App log files. -# Default value: info -# Allowed values: info, debug -#logs.level: info -# -# -------------------------------- Enrollment DNS ------------------------------- -# Set the variable WAZUH_REGISTRATION_SERVER in agents deployment. -# Default value: '' -#enrollment.dns: '' -# -#-------------------------------- API entries ----------------------------------- -#The following configuration is the default structure to define an API entry. -# -#hosts: -# - : -# url: http(s):// -# port: -# username: -# password: - diff --git a/kibana/config/wazuh_app_config.sh b/kibana/config/wazuh_app_config.sh deleted file mode 100644 index 3144aef4..00000000 --- a/kibana/config/wazuh_app_config.sh +++ /dev/null @@ -1,65 +0,0 @@ -#!/bin/bash -# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) - -wazuh_url="${WAZUH_API_URL:-https://wazuh}" -wazuh_port="${API_PORT:-55000}" -api_username="${API_USERNAME:-wazuh-wui}" -api_password="${API_PASSWORD:-wazuh-wui}" - -kibana_config_file="/usr/share/kibana/data/wazuh/config/wazuh.yml" - -declare -A CONFIG_MAP=( - [pattern]=$PATTERN - [checks.pattern]=$CHECKS_PATTERN - [checks.template]=$CHECKS_TEMPLATE - [checks.api]=$CHECKS_API - [checks.setup]=$CHECKS_SETUP - [extensions.pci]=$EXTENSIONS_PCI - [extensions.gdpr]=$EXTENSIONS_GDPR - [extensions.hipaa]=$EXTENSIONS_HIPAA - [extensions.nist]=$EXTENSIONS_NIST - [extensions.tsc]=$EXTENSIONS_TSC - [extensions.audit]=$EXTENSIONS_AUDIT - [extensions.oscap]=$EXTENSIONS_OSCAP - [extensions.ciscat]=$EXTENSIONS_CISCAT - [extensions.aws]=$EXTENSIONS_AWS - [extensions.gcp]=$EXTENSIONS_GCP - [extensions.virustotal]=$EXTENSIONS_VIRUSTOTAL - [extensions.osquery]=$EXTENSIONS_OSQUERY - [extensions.docker]=$EXTENSIONS_DOCKER - [timeout]=$APP_TIMEOUT - [api.selector]=$API_SELECTOR - [ip.selector]=$IP_SELECTOR - [ip.ignore]=$IP_IGNORE - [wazuh.monitoring.enabled]=$WAZUH_MONITORING_ENABLED - [wazuh.monitoring.creation]=$WAZUH_MONITORING_CREATION - [wazuh.monitoring.frequency]=$WAZUH_MONITORING_FREQUENCY - [wazuh.monitoring.shards]=$WAZUH_MONITORING_SHARDS - [wazuh.monitoring.replicas]=$WAZUH_MONITORING_REPLICAS - [admin]=$ADMIN_PRIVILEGES -) - -for i in "${!CONFIG_MAP[@]}" -do - if [ "${CONFIG_MAP[$i]}" != "" ]; then - sed -i 's/.*#'"$i"'.*/'"$i"': '"${CONFIG_MAP[$i]}"'/' $kibana_config_file - fi -done - -CONFIG_CODE=$(curl ${auth} -s -o /dev/null -w "%{http_code}" -XGET $el_url/.wazuh/_doc/1513629884013) - -grep -q 1513629884013 $kibana_config_file -_config_exists=$? - -if [[ "x$CONFIG_CODE" != "x200" && $_config_exists -ne 0 ]]; then -cat << EOF >> $kibana_config_file -hosts: - - 1513629884013: - url: $wazuh_url - port: $wazuh_port - username: $api_username - password: $api_password -EOF -else - echo "Wazuh APP already configured" -fi diff --git a/kibana/config/xpack_config.sh b/kibana/config/xpack_config.sh deleted file mode 100644 index afc593e9..00000000 --- a/kibana/config/xpack_config.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/bash -# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) - -kibana_config_file="/usr/share/kibana/config/kibana.yml" -if grep -Fq "#xpack features" "$kibana_config_file"; -then - declare -A CONFIG_MAP=( - [xpack.apm.ui.enabled]=$XPACK_APM - [xpack.grokdebugger.enabled]=$XPACK_DEVTOOLS - [xpack.searchprofiler.enabled]=$XPACK_DEVTOOLS - [xpack.ml.enabled]=$XPACK_ML - [xpack.canvas.enabled]=$XPACK_CANVAS - [xpack.infra.enabled]=$XPACK_INFRA - [xpack.monitoring.enabled]=$XPACK_MONITORING - [console.enabled]=$XPACK_DEVTOOLS - ) - for i in "${!CONFIG_MAP[@]}" - do - if [ "${CONFIG_MAP[$i]}" != "" ]; then - sed -i 's/.'"$i"'.*/'"$i"': '"${CONFIG_MAP[$i]}"'/' $kibana_config_file - fi - done -else - echo " -#xpack features -xpack.apm.ui.enabled: $XPACK_APM -xpack.grokdebugger.enabled: $XPACK_DEVTOOLS -xpack.searchprofiler.enabled: $XPACK_DEVTOOLS -xpack.ml.enabled: $XPACK_ML -xpack.canvas.enabled: $XPACK_CANVAS -xpack.infra.enabled: $XPACK_INFRA -xpack.monitoring.enabled: $XPACK_MONITORING -console.enabled: $XPACK_DEVTOOLS -" >> $kibana_config_file -fi diff --git a/xpack-compose.yml b/xpack-compose.yml deleted file mode 100644 index 28849a66..00000000 --- a/xpack-compose.yml +++ /dev/null @@ -1,185 +0,0 @@ -# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2) -version: '3.7' - -services: - wazuh: - image: wazuh/wazuh:4.3.0 - hostname: wazuh-manager - restart: always - ports: - - "1514:1514" - - "1515:1515" - - "514:514/udp" - - "55000:55000" - environment: - - ELASTICSEARCH_URL=https://elasticsearch:9200 - - ELASTIC_USERNAME=elastic - - ELASTIC_PASSWORD=SecretPassword - - FILEBEAT_SSL_VERIFICATION_MODE=none - - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/ca.crt - - SSL_CERTIFICATE=/etc/ssl/wazuh.crt - - SSL_KEY=/etc/ssl/wazuh.key - volumes: - - ossec_api_configuration:/var/ossec/api/configuration - - ossec_etc:/var/ossec/etc - - ossec_logs:/var/ossec/logs - - ossec_queue:/var/ossec/queue - - ossec_var_multigroups:/var/ossec/var/multigroups - - ossec_integrations:/var/ossec/integrations - - ossec_active_response:/var/ossec/active-response/bin - - ossec_agentless:/var/ossec/agentless - - ossec_wodles:/var/ossec/wodles - - filebeat_etc:/etc/filebeat - - filebeat_var:/var/lib/filebeat - - ./xpack/ca/ca.crt:/etc/ssl/ca.crt - - ./xpack/wazuh/wazuh.crt:/etc/ssl/wazuh.crt - - ./xpack/wazuh/wazuh.key:/etc/ssl/wazuh.key - - - elasticsearch: - image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2 - hostname: elasticsearch - restart: always - ports: - - "9200:9200" - environment: - - cluster.name=wazuh-cluster - - node.name=elasticsearch - - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3 - - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3 - - ELASTIC_PASSWORD=SecretPassword - - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Dlog4j2.formatMsgNoLookups=true" - - bootstrap.memory_lock=true - - xpack.license.self_generated.type=basic - - xpack.security.enabled=true - - xpack.security.http.ssl.enabled=true - - xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt - - xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key - - xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt - - xpack.security.transport.ssl.enabled=true - - xpack.security.transport.ssl.verification_mode=certificate - - xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt - - xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key - - xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt - ulimits: - memlock: - soft: -1 - hard: -1 - nofile: - soft: 65536 - hard: 65536 - volumes: - - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt - - ./xpack/elasticsearch/elasticsearch.key:/usr/share/elasticsearch/config/elasticsearch.key - - ./xpack/elasticsearch/elasticsearch.crt:/usr/share/elasticsearch/config/elasticsearch.crt - - elasticsearch2: - image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2 - hostname: elasticsearch2 - restart: always - environment: - - cluster.name=wazuh-cluster - - node.name=elasticsearch2 - - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3 - - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3 - - ELASTIC_PASSWORD=SecretPassword - - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Dlog4j2.formatMsgNoLookups=true" - - bootstrap.memory_lock=true - - xpack.license.self_generated.type=basic - - xpack.security.enabled=true - - xpack.security.http.ssl.enabled=true - - xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt - - xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key - - xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt - - xpack.security.transport.ssl.enabled=true - - xpack.security.transport.ssl.verification_mode=certificate - - xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt - - xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key - - xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt - ulimits: - memlock: - soft: -1 - hard: -1 - nofile: - soft: 65536 - hard: 65536 - volumes: - - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt - - ./xpack/elasticsearch2/elasticsearch2.key:/usr/share/elasticsearch/config/elasticsearch.key - - ./xpack/elasticsearch2/elasticsearch2.crt:/usr/share/elasticsearch/config/elasticsearch.crt - - elasticsearch3: - image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2 - hostname: elasticsearch3 - restart: always - environment: - - cluster.name=wazuh-cluster - - node.name=elasticsearch3 - - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3 - - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3 - - ELASTIC_PASSWORD=SecretPassword - - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Dlog4j2.formatMsgNoLookups=true" - - bootstrap.memory_lock=true - - xpack.license.self_generated.type=basic - - xpack.security.enabled=true - - xpack.security.http.ssl.enabled=true - - xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt - - xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key - - xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt - - xpack.security.transport.ssl.enabled=true - - xpack.security.transport.ssl.verification_mode=certificate - - xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt - - xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key - - xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt - ulimits: - memlock: - soft: -1 - hard: -1 - nofile: - soft: 65536 - hard: 65536 - volumes: - - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt - - ./xpack/elasticsearch3/elasticsearch3.key:/usr/share/elasticsearch/config/elasticsearch.key - - ./xpack/elasticsearch3/elasticsearch3.crt:/usr/share/elasticsearch/config/elasticsearch.crt - - - kibana: - image: wazuh/wazuh-kibana:4.3.0 - hostname: kibana - restart: always - ports: - - 443:5601 - environment: - - SERVERNAME=localhost - - ELASTICSEARCH_USERNAME=elastic - - ELASTICSEARCH_PASSWORD=SecretPassword - - ELASTICSEARCH_URL=https://elasticsearch:9200 - - ELASTICSEARCH_HOSTS=https://elasticsearch:9200 - - ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=/usr/share/kibana/config/ca.crt - - SERVER_SSL_ENABLED=true - - XPACK_SECURITY_ENABLED=true - - SERVER_SSL_KEY=/usr/share/kibana/config/kibana.key - - SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/kibana.crt - volumes: - - ./xpack/ca/ca.crt:/usr/share/kibana/config/ca.crt - - ./xpack/kibana/kibana.key:/usr/share/kibana/config/kibana.key - - ./xpack/kibana/kibana.crt:/usr/share/kibana/config/kibana.crt - depends_on: - - elasticsearch - links: - - elasticsearch:elasticsearch - - wazuh:wazuh - -volumes: - ossec_api_configuration: - ossec_etc: - ossec_logs: - ossec_queue: - ossec_var_multigroups: - ossec_integrations: - ossec_active_response: - ossec_agentless: - ossec_wodles: - filebeat_etc: - filebeat_var: diff --git a/xpack-from-sources.yml b/xpack-from-sources.yml deleted file mode 100644 index 922eee93..00000000 --- a/xpack-from-sources.yml +++ /dev/null @@ -1,192 +0,0 @@ -# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2) -version: '3.7' - -services: - wazuh: - build: - context: wazuh-odfe/ - args: - - FILEBEAT_CHANNEL=filebeat - - FILEBEAT_VERSION=7.11.2 - image: wazuh/wazuh:4.3.0 - hostname: wazuh-manager - restart: always - ports: - - "1514:1514" - - "1515:1515" - - "514:514/udp" - - "55000:55000" - environment: - - ELASTICSEARCH_URL=https://elasticsearch:9200 - - ELASTIC_USERNAME=elastic - - ELASTIC_PASSWORD=SecretPassword - - FILEBEAT_SSL_VERIFICATION_MODE=none - - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/ca.crt - - SSL_CERTIFICATE=/etc/ssl/wazuh.crt - - SSL_KEY=/etc/ssl/wazuh.key - volumes: - - ossec_api_configuration:/var/ossec/api/configuration - - ossec_etc:/var/ossec/etc - - ossec_logs:/var/ossec/logs - - ossec_queue:/var/ossec/queue - - ossec_var_multigroups:/var/ossec/var/multigroups - - ossec_integrations:/var/ossec/integrations - - ossec_active_response:/var/ossec/active-response/bin - - ossec_agentless:/var/ossec/agentless - - ossec_wodles:/var/ossec/wodles - - filebeat_etc:/etc/filebeat - - filebeat_var:/var/lib/filebeat - - ./xpack/ca/ca.crt:/etc/ssl/ca.crt - - ./xpack/wazuh/wazuh.crt:/etc/ssl/wazuh.crt - - ./xpack/wazuh/wazuh.key:/etc/ssl/wazuh.key - - - elasticsearch: - image: docker.elastic.co/elasticsearch/elasticsearch:7.11.2 - hostname: elasticsearch - restart: always - ports: - - "9200:9200" - environment: - - cluster.name=wazuh-cluster - - node.name=elasticsearch - - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3 - - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3 - - ELASTIC_PASSWORD=SecretPassword - - "ES_JAVA_OPTS=-Xms512m -Xmx512m" - - bootstrap.memory_lock=true - - xpack.license.self_generated.type=basic - - xpack.security.enabled=true - - xpack.security.http.ssl.enabled=true - - xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt - - xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key - - xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt - - xpack.security.transport.ssl.enabled=true - - xpack.security.transport.ssl.verification_mode=certificate - - xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt - - xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key - - xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt - ulimits: - memlock: - soft: -1 - hard: -1 - nofile: - soft: 65536 - hard: 65536 - volumes: - - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt - - ./xpack/elasticsearch/elasticsearch.key:/usr/share/elasticsearch/config/elasticsearch.key - - ./xpack/elasticsearch/elasticsearch.crt:/usr/share/elasticsearch/config/elasticsearch.crt - - elasticsearch2: - image: docker.elastic.co/elasticsearch/elasticsearch:7.11.2 - hostname: elasticsearch2 - restart: always - environment: - - cluster.name=wazuh-cluster - - node.name=elasticsearch2 - - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3 - - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3 - - ELASTIC_PASSWORD=SecretPassword - - "ES_JAVA_OPTS=-Xms512m -Xmx512m" - - bootstrap.memory_lock=true - - xpack.license.self_generated.type=basic - - xpack.security.enabled=true - - xpack.security.http.ssl.enabled=true - - xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt - - xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key - - xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt - - xpack.security.transport.ssl.enabled=true - - xpack.security.transport.ssl.verification_mode=certificate - - xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt - - xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key - - xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt - ulimits: - memlock: - soft: -1 - hard: -1 - nofile: - soft: 65536 - hard: 65536 - volumes: - - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt - - ./xpack/elasticsearch2/elasticsearch2.key:/usr/share/elasticsearch/config/elasticsearch.key - - ./xpack/elasticsearch2/elasticsearch2.crt:/usr/share/elasticsearch/config/elasticsearch.crt - - elasticsearch3: - image: docker.elastic.co/elasticsearch/elasticsearch:7.11.2 - hostname: elasticsearch3 - restart: always - environment: - - cluster.name=wazuh-cluster - - node.name=elasticsearch3 - - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3 - - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3 - - ELASTIC_PASSWORD=SecretPassword - - "ES_JAVA_OPTS=-Xms512m -Xmx512m" - - bootstrap.memory_lock=true - - xpack.license.self_generated.type=basic - - xpack.security.enabled=true - - xpack.security.http.ssl.enabled=true - - xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt - - xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key - - xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt - - xpack.security.transport.ssl.enabled=true - - xpack.security.transport.ssl.verification_mode=certificate - - xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt - - xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key - - xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt - ulimits: - memlock: - soft: -1 - hard: -1 - nofile: - soft: 65536 - hard: 65536 - volumes: - - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt - - ./xpack/elasticsearch3/elasticsearch3.key:/usr/share/elasticsearch/config/elasticsearch.key - - ./xpack/elasticsearch3/elasticsearch3.crt:/usr/share/elasticsearch/config/elasticsearch.crt - - - - kibana: - build: kibana/ - image: wazuh/wazuh-kibana:4.3.0 - hostname: kibana - restart: always - ports: - - 443:5601 - environment: - - SERVERNAME=localhost - - ELASTICSEARCH_USERNAME=elastic - - ELASTICSEARCH_PASSWORD=SecretPassword - - ELASTICSEARCH_URL=https://elasticsearch:9200 - - ELASTICSEARCH_HOSTS=https://elasticsearch:9200 - - ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=/usr/share/kibana/config/ca.crt - - SERVER_SSL_ENABLED=true - - XPACK_SECURITY_ENABLED=true - - SERVER_SSL_KEY=/usr/share/kibana/config/kibana.key - - SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/kibana.crt - volumes: - - ./xpack/ca/ca.crt:/usr/share/kibana/config/ca.crt - - ./xpack/kibana/kibana.key:/usr/share/kibana/config/kibana.key - - ./xpack/kibana/kibana.crt:/usr/share/kibana/config/kibana.crt - depends_on: - - elasticsearch - links: - - elasticsearch:elasticsearch - - wazuh:wazuh - -volumes: - ossec_api_configuration: - ossec_etc: - ossec_logs: - ossec_queue: - ossec_var_multigroups: - ossec_integrations: - ossec_active_response: - ossec_agentless: - ossec_wodles: - filebeat_etc: - filebeat_var: diff --git a/xpack/instances.yml b/xpack/instances.yml deleted file mode 100644 index a6a61904..00000000 --- a/xpack/instances.yml +++ /dev/null @@ -1,35 +0,0 @@ -instances: - - name: elasticsearch - dns: - - elasticsearch - - localhost - ip: - - 127.0.0.1 - - - name: elasticsearch2 - dns: - - elasticsearch2 - - localhost - ip: - - 127.0.0.1 - - - name: elasticsearch3 - dns: - - elasticsearch3 - - localhost - ip: - - 127.0.0.1 - - - name: kibana - dns: - - kibana - - localhost - ip: - - 127.0.0.1 - - - name: wazuh - dns: - - wazuh - - localhost - ip: - - 127.0.0.1 \ No newline at end of file From f0fd00bd7f541798369c2332eded35d09d9c91e4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Thu, 17 Mar 2022 13:04:38 -0300 Subject: [PATCH 066/163] Repositories URLs updated to packages bucket --- wazuh-dashboard/Dockerfile | 6 +++--- wazuh-indexer/config/config.sh | 2 +- wazuh-manager/Dockerfile | 2 +- wazuh-manager/config/wazuh.repo | 4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index da692df4..3f824888 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -11,11 +11,11 @@ RUN apt-get update && apt install curl libcap2-bin xz-utils -y RUN mkdir -p $INSTALL_DIR # Download and extract Wazuh dashboard base -RUN curl -o wazuh-dashboard-base.tar.xz https://packages-dev.wazuh.com/stack/dashboard/base/wazuh-dashboard-base-$WAZUH_VERSION-linux-x64.tar.xz && \ +RUN curl -o wazuh-dashboard-base.tar.xz https://packages.wazuh.com/stack/dashboard/base/wazuh-dashboard-base-$WAZUH_VERSION-linux-x64.tar.xz && \ tar -xf wazuh-dashboard-base.tar.xz --directory $INSTALL_DIR --strip-components=1 # Download and extract demo certificates -RUN curl -O https://packages-dev.wazuh.com/stack/demo-certs.tar.gz && \ +RUN curl -O https://packages.wazuh.com/stack/demo-certs.tar.gz && \ tar -xf demo-certs.tar.gz && rm -f demo-certs.tar.gz # Create certs dir @@ -34,7 +34,7 @@ RUN $INSTALL_DIR/bin/opensearch-dashboards-keystore create --allow-root && \ echo kibanaserver | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.password --stdin --allow-root # Install Wazuh App -RUN $INSTALL_DIR/bin/opensearch-dashboards-plugin install https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-$WAZUH_VERSION.zip --allow-root +RUN $INSTALL_DIR/bin/opensearch-dashboards-plugin install https://packages.wazuh.com/4.x/ui/dashboard/wazuh-$WAZUH_VERSION.zip --allow-root # Copy and set permissions to config files COPY config/opensearch_dashboards.yml $INSTALL_DIR/config/ diff --git a/wazuh-indexer/config/config.sh b/wazuh-indexer/config/config.sh index 721c7209..12f37d60 100644 --- a/wazuh-indexer/config/config.sh +++ b/wazuh-indexer/config/config.sh @@ -22,7 +22,7 @@ export REPO_DIR=/unattended_installer rm -rf ${INSTALLATION_DIR}/ -curl -o ${INDEXER_FILE} https://packages-dev.wazuh.com/stack/indexer/base/${BASE_FILE} +curl -o ${INDEXER_FILE} https://packages.wazuh.com/stack/indexer/base/${BASE_FILE} tar -xf ${INDEXER_FILE} ## TOOLS diff --git a/wazuh-manager/Dockerfile b/wazuh-manager/Dockerfile index c0f3757d..1da3d314 100644 --- a/wazuh-manager/Dockerfile +++ b/wazuh-manager/Dockerfile @@ -8,7 +8,7 @@ ARG TEMPLATE_VERSION="master" ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" # Set repositories. -RUN rpm --import https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH +RUN rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH COPY config/wazuh.repo /etc/yum.repos.d/wazuh.repo diff --git a/wazuh-manager/config/wazuh.repo b/wazuh-manager/config/wazuh.repo index 4b673ff0..e230d6a9 100644 --- a/wazuh-manager/config/wazuh.repo +++ b/wazuh-manager/config/wazuh.repo @@ -1,7 +1,7 @@ [wazuh_repo] gpgcheck=1 -gpgkey=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH +gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH enabled=1 name=Wazuh repository -baseurl=https://packages-dev.wazuh.com/pre-release/yum/ +baseurl=https://packages.wazuh.com/4.x/yum/ protect=1 From f9ea4ae8ab405de22fb22626a663ffd728ae7cbf Mon Sep 17 00:00:00 2001 From: Alberto R Date: Thu, 17 Mar 2022 17:11:11 +0100 Subject: [PATCH 067/163] Removed X-Pack support from readme --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 477def69..20947916 100644 --- a/README.md +++ b/README.md @@ -160,7 +160,7 @@ ADMIN_PRIVILEGES=true # App privileges | Wazuh version | ODFE | XPACK | |---------------|---------|--------| -| v4.3.0 | | 7.11.2 | +| v4.3.0 | | | | v4.2.5 | 1.13.2 | 7.11.2 | | v4.2.4 | 1.13.2 | 7.11.2 | | v4.2.3 | 1.13.2 | 7.11.2 | From 42f1d8d3e34429ecb3e6a421a6f086f993204eb7 Mon Sep 17 00:00:00 2001 From: Alberto R Date: Thu, 17 Mar 2022 17:14:18 +0100 Subject: [PATCH 068/163] Removed comments --- wazuh-indexer/Dockerfile | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/wazuh-indexer/Dockerfile b/wazuh-indexer/Dockerfile index 8aff4760..a09d9e56 100644 --- a/wazuh-indexer/Dockerfile +++ b/wazuh-indexer/Dockerfile @@ -55,9 +55,7 @@ COPY --from=builder --chown=1000:1000 /debian/wazuh-indexer/usr/share/wazuh-inde COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/systemd /usr/lib/systemd COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/sysctl.d /usr/lib/sysctl.d COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/tmpfiles.d /usr/lib/tmpfiles.d -#COPY --from=builder --chown=1000:1000 /debian/wazuh-indexer/etc/wazuh-indexer /etc/wazuh-indexer -#COPY config/opensearch.yml /etc/wazuh-indexer/ -#RUN chmod 660 /etc/wazuh-indexer/opensearch.yml && chown 1000:1000 /etc/wazuh-indexer/opensearch.yml + RUN mkdir -p /var/lib/wazuh-indexer && chown 1000:1000 /var/lib/wazuh-indexer && \ mkdir -p /usr/share/wazuh-indexer/logs && chown 1000:1000 /usr/share/wazuh-indexer/logs && \ From 45e9218c60d2921212c096f5b8e263f067afb781 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alberto=20Rodr=C3=ADguez?= Date: Thu, 17 Mar 2022 17:21:45 +0100 Subject: [PATCH 069/163] Updated base URL --- wazuh-indexer/config/config.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wazuh-indexer/config/config.sh b/wazuh-indexer/config/config.sh index 12f37d60..721c7209 100644 --- a/wazuh-indexer/config/config.sh +++ b/wazuh-indexer/config/config.sh @@ -22,7 +22,7 @@ export REPO_DIR=/unattended_installer rm -rf ${INSTALLATION_DIR}/ -curl -o ${INDEXER_FILE} https://packages.wazuh.com/stack/indexer/base/${BASE_FILE} +curl -o ${INDEXER_FILE} https://packages-dev.wazuh.com/stack/indexer/base/${BASE_FILE} tar -xf ${INDEXER_FILE} ## TOOLS From 06d7eb1528c170e0d71591c6193e7f5985543276 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alberto=20Rodr=C3=ADguez?= Date: Thu, 17 Mar 2022 17:23:50 +0100 Subject: [PATCH 070/163] Update Dockerfile --- wazuh-dashboard/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index 3f824888..5ab44a2b 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -11,7 +11,7 @@ RUN apt-get update && apt install curl libcap2-bin xz-utils -y RUN mkdir -p $INSTALL_DIR # Download and extract Wazuh dashboard base -RUN curl -o wazuh-dashboard-base.tar.xz https://packages.wazuh.com/stack/dashboard/base/wazuh-dashboard-base-$WAZUH_VERSION-linux-x64.tar.xz && \ +RUN curl -o wazuh-dashboard-base.tar.xz https://packages-dev.wazuh.com/stack/dashboard/base/wazuh-dashboard-base-$WAZUH_VERSION-linux-x64.tar.xz && \ tar -xf wazuh-dashboard-base.tar.xz --directory $INSTALL_DIR --strip-components=1 # Download and extract demo certificates @@ -89,4 +89,4 @@ USER wazuh-dashboard # Services ports EXPOSE 443 -ENTRYPOINT [ "/entrypoint.sh" ] \ No newline at end of file +ENTRYPOINT [ "/entrypoint.sh" ] From 370826d560214e1630004d3fae2d1e3661073332 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alberto=20Rodr=C3=ADguez?= Date: Thu, 17 Mar 2022 17:24:30 +0100 Subject: [PATCH 071/163] Update Dockerfile --- wazuh-dashboard/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index 5ab44a2b..4f42ed51 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -15,7 +15,7 @@ RUN curl -o wazuh-dashboard-base.tar.xz https://packages-dev.wazuh.com/stack/das tar -xf wazuh-dashboard-base.tar.xz --directory $INSTALL_DIR --strip-components=1 # Download and extract demo certificates -RUN curl -O https://packages.wazuh.com/stack/demo-certs.tar.gz && \ +RUN curl -O https://packages-dev.wazuh.com/stack/demo-certs.tar.gz && \ tar -xf demo-certs.tar.gz && rm -f demo-certs.tar.gz # Create certs dir From 2c2c32e8b74268ad7bd6fd1d74134f7a64a5b8b1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Fri, 18 Mar 2022 09:52:40 -0300 Subject: [PATCH 072/163] README update --- README.md | 144 +++++++++++++++++++++--------------------------------- 1 file changed, 56 insertions(+), 88 deletions(-) diff --git a/README.md b/README.md index 20947916..5b5ae345 100644 --- a/README.md +++ b/README.md @@ -13,7 +13,7 @@ In this repository you will find the containers to run: In addition, a docker-compose file is provided to launch the containers mentioned above. -* Wazuh indexer cluster. In the Wazuh indexer Dockerfile we can visualize variables to configure an Wazuh indexer Cluster. These variables are used in the file *config_cluster.sh* to set them in the *opensearch.yml* configuration file. You can see the meaning of the node variables [here](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-node.html) and other cluster settings [here](https://github.com/elastic/elasticsearch/blob/master/distribution/src/config/elasticsearch.yml). +* Wazuh indexer cluster. In the Wazuh indexer Dockerfile we can visualize variables to configure an Wazuh indexer Cluster. These variables are used in the file *config_cluster.sh* to set them in the *opensearch.yml* configuration file. You can see the meaning of the node variables and other cluster settings [here](https://opensearch.org/docs/latest/opensearch/cluster/). ## Documentation @@ -48,107 +48,75 @@ SSL_CERTIFICATE="" # Path of Filebeat SSL Certi SSL_KEY="" # Path of Filebeat SSL Key ``` -### Kibana -``` -PATTERN="wazuh-alerts-*" # Default index pattern to use - -CHECKS_PATTERN=true # Defines which checks must to be consider by the healthcheck -CHECKS_TEMPLATE=true # step once the Wazuh app starts. Values must to be true or false -CHECKS_API=true -CHECKS_SETUP=true - -EXTENSIONS_PCI=true # Enable PCI Extension -EXTENSIONS_GDPR=true # Enable GDPR Extension -EXTENSIONS_HIPAA=true # Enable HIPAA Extension -EXTENSIONS_NIST=true # Enable NIST Extension -EXTENSIONS_TSC=true # Enable TSC Extension -EXTENSIONS_AUDIT=true # Enable Audit Extension -EXTENSIONS_OSCAP=false # Enable OpenSCAP Extension -EXTENSIONS_CISCAT=false # Enable CISCAT Extension -EXTENSIONS_AWS=false # Enable AWS Extension -EXTENSIONS_GCP=false # Enable GCP Extension -EXTENSIONS_VIRUSTOTAL=false # Enable Virustotal Extension -EXTENSIONS_OSQUERY=false # Enable OSQuery Extension -EXTENSIONS_DOCKER=false # Enable Docker Extension - -APP_TIMEOUT=20000 # Defines maximum timeout to be used on the Wazuh app requests - -API_SELECTOR=true Defines if the user is allowed to change the selected API directly from the Wazuh app top menu -IP_SELECTOR=true # Defines if the user is allowed to change the selected index pattern directly from the Wazuh app top menu -IP_IGNORE="[]" # List of index patterns to be ignored - -WAZUH_MONITORING_ENABLED=true # Custom settings to enable/disable wazuh-monitoring indices -WAZUH_MONITORING_CREATION=d # Custom setting to set the wazuh-monitoring-* indices creation interval -WAZUH_MONITORING_FREQUENCY=900 # Custom setting to set the frequency for wazuh-monitoring indices cron task -WAZUH_MONITORING_SHARDS=2 # Configure wazuh-monitoring-* indices shards and replicas -WAZUH_MONITORING_REPLICAS=0 # - -ADMIN_PRIVILEGES=true # App privileges -``` - ## Directory structure ├── build-wazuh-images.yml ├── CHANGELOG.md ├── docker-compose.yml ├── generate-indexer-certs.yml +├── indexer_certs_creator +│ ├── config +│ │ └── entrypoint.sh +│ └── Dockerfile ├── LICENSE ├── production_cluster -│   ├── nginx -│   │   ├── nginx.conf -│   │   └── ssl -│   │   └── generate-self-signed-cert.sh -│   ├── wazuh_cluster -│   │   ├── wazuh_manager.conf -│   │   └── wazuh_worker.conf -│   ├── wazuh_dashboard -│   │   └── opensearch_dashboards.yml -│   ├── wazuh-indexer -│   │   ├── internal_users.yml -│   │   ├── opensearch.yml -│   │   ├── wazuh1.indexer.yml -│   │   ├── wazuh2.indexer.yml -│   │   └── wazuh3.indexer.yml -│   └── wazuh_indexer_ssl_certs -│   └── certs.yml +│ ├── nginx +│ │ ├── nginx.conf +│ │ └── ssl +│ │ └── generate-self-signed-cert.sh +│ ├── wazuh_cluster +│ │ ├── wazuh_manager.conf +│ │ └── wazuh_worker.conf +│ ├── wazuh_dashboard +│ │ ├── opensearch_dashboards.yml +│ │ └── wazuh.yml +│ ├── wazuh-indexer +│ │ ├── internal_users.yml +│ │ ├── wazuh1.indexer.yml +│ │ ├── wazuh2.indexer.yml +│ │ └── wazuh3.indexer.yml +│ └── wazuh_indexer_ssl_certs +│ └── certs.yml ├── production-cluster.yml ├── README.md ├── VERSION ├── wazuh-dashboard -│   ├── config -│   │   ├── opensearch_dashboards.yml -│   │   ├── entrypoint.sh -│   │   ├── wazuh_app_config.sh -│   │   └── wazuh.yml -│   └── Dockerfile +│ ├── config +│ │ ├── entrypoint.sh +│ │ ├── opensearch_dashboards.yml +│ │ ├── wazuh_app_config.sh +│ │ └── wazuh.yml +│ └── Dockerfile ├── wazuh-indexer -│   ├── config -│   │   ├── config.sh -│   │   ├── config.yml -│   │   ├── entrypoint.sh -│   │   ├── opensearch.yml -│   │   ├── securityadmin.sh -│   │   └── unattended_installer.tar.gz -│   └── Dockerfile +│ ├── config +│ │ ├── config.sh +│ │ ├── config.yml +│ │ ├── entrypoint.sh +│ │ ├── internal_users.yml +│ │ ├── opensearch.yml +│ │ ├── roles_mapping.yml +│ │ ├── roles.yml +│ │ └── securityadmin.sh +│ └── Dockerfile └── wazuh-manager -    ├── config -    │   ├── create_user.py -    │   ├── etc -    │   │   ├── cont-init.d -    │   │   │   ├── 0-wazuh-init -    │   │   │   ├── 1-config-filebeat -    │   │   │   └── 2-manager -    │   │   └── services.d -    │   │   ├── filebeat -    │   │   │   ├── finish -    │   │   │   └── run -    │   │   └── ossec-logs -    │   │   └── run -    │   ├── filebeat.yml -    │   ├── permanent_data.env -    │   ├── permanent_data.sh -    │   └── wazuh.repo -    └── Dockerfile + ├── config + │ ├── create_user.py + │ ├── etc + │ │ ├── cont-init.d + │ │ │ ├── 0-wazuh-init + │ │ │ ├── 1-config-filebeat + │ │ │ └── 2-manager + │ │ └── services.d + │ │ ├── filebeat + │ │ │ ├── finish + │ │ │ └── run + │ │ └── ossec-logs + │ │ └── run + │ ├── filebeat.yml + │ ├── permanent_data.env + │ ├── permanent_data.sh + │ └── wazuh.repo + └── Dockerfile ## Branches From 9ba1692e98fad7380d82e106adee77d235c710d4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Fri, 18 Mar 2022 09:55:16 -0300 Subject: [PATCH 073/163] README format update --- README.md | 134 +++++++++++++++++++++++++++--------------------------- 1 file changed, 67 insertions(+), 67 deletions(-) diff --git a/README.md b/README.md index 5b5ae345..79f14f05 100644 --- a/README.md +++ b/README.md @@ -50,73 +50,73 @@ SSL_KEY="" # Path of Filebeat SSL Key ## Directory structure -├── build-wazuh-images.yml -├── CHANGELOG.md -├── docker-compose.yml -├── generate-indexer-certs.yml -├── indexer_certs_creator -│ ├── config -│ │ └── entrypoint.sh -│ └── Dockerfile -├── LICENSE -├── production_cluster -│ ├── nginx -│ │ ├── nginx.conf -│ │ └── ssl -│ │ └── generate-self-signed-cert.sh -│ ├── wazuh_cluster -│ │ ├── wazuh_manager.conf -│ │ └── wazuh_worker.conf -│ ├── wazuh_dashboard -│ │ ├── opensearch_dashboards.yml -│ │ └── wazuh.yml -│ ├── wazuh-indexer -│ │ ├── internal_users.yml -│ │ ├── wazuh1.indexer.yml -│ │ ├── wazuh2.indexer.yml -│ │ └── wazuh3.indexer.yml -│ └── wazuh_indexer_ssl_certs -│ └── certs.yml -├── production-cluster.yml -├── README.md -├── VERSION -├── wazuh-dashboard -│ ├── config -│ │ ├── entrypoint.sh -│ │ ├── opensearch_dashboards.yml -│ │ ├── wazuh_app_config.sh -│ │ └── wazuh.yml -│ └── Dockerfile -├── wazuh-indexer -│ ├── config -│ │ ├── config.sh -│ │ ├── config.yml -│ │ ├── entrypoint.sh -│ │ ├── internal_users.yml -│ │ ├── opensearch.yml -│ │ ├── roles_mapping.yml -│ │ ├── roles.yml -│ │ └── securityadmin.sh -│ └── Dockerfile -└── wazuh-manager - ├── config - │ ├── create_user.py - │ ├── etc - │ │ ├── cont-init.d - │ │ │ ├── 0-wazuh-init - │ │ │ ├── 1-config-filebeat - │ │ │ └── 2-manager - │ │ └── services.d - │ │ ├── filebeat - │ │ │ ├── finish - │ │ │ └── run - │ │ └── ossec-logs - │ │ └── run - │ ├── filebeat.yml - │ ├── permanent_data.env - │ ├── permanent_data.sh - │ └── wazuh.repo - └── Dockerfile + ├── build-wazuh-images.yml + ├── CHANGELOG.md + ├── docker-compose.yml + ├── generate-indexer-certs.yml + ├── indexer_certs_creator + │ ├── config + │ │ └── entrypoint.sh + │ └── Dockerfile + ├── LICENSE + ├── production_cluster + │ ├── nginx + │ │ ├── nginx.conf + │ │ └── ssl + │ │ └── generate-self-signed-cert.sh + │ ├── wazuh_cluster + │ │ ├── wazuh_manager.conf + │ │ └── wazuh_worker.conf + │ ├── wazuh_dashboard + │ │ ├── opensearch_dashboards.yml + │ │ └── wazuh.yml + │ ├── wazuh-indexer + │ │ ├── internal_users.yml + │ │ ├── wazuh1.indexer.yml + │ │ ├── wazuh2.indexer.yml + │ │ └── wazuh3.indexer.yml + │ └── wazuh_indexer_ssl_certs + │ └── certs.yml + ├── production-cluster.yml + ├── README.md + ├── VERSION + ├── wazuh-dashboard + │ ├── config + │ │ ├── entrypoint.sh + │ │ ├── opensearch_dashboards.yml + │ │ ├── wazuh_app_config.sh + │ │ └── wazuh.yml + │ └── Dockerfile + ├── wazuh-indexer + │ ├── config + │ │ ├── config.sh + │ │ ├── config.yml + │ │ ├── entrypoint.sh + │ │ ├── internal_users.yml + │ │ ├── opensearch.yml + │ │ ├── roles_mapping.yml + │ │ ├── roles.yml + │ │ └── securityadmin.sh + │ └── Dockerfile + └── wazuh-manager + ├── config + │ ├── create_user.py + │ ├── etc + │ │ ├── cont-init.d + │ │ │ ├── 0-wazuh-init + │ │ │ ├── 1-config-filebeat + │ │ │ └── 2-manager + │ │ └── services.d + │ │ ├── filebeat + │ │ │ ├── finish + │ │ │ └── run + │ │ └── ossec-logs + │ │ └── run + │ ├── filebeat.yml + │ ├── permanent_data.env + │ ├── permanent_data.sh + │ └── wazuh.repo + └── Dockerfile ## Branches From 6eb2e37f414a64890c1fe255b792154ef38faf96 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Fri, 18 Mar 2022 10:17:47 -0300 Subject: [PATCH 074/163] Dashboard variables restored --- README.md | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/README.md b/README.md index 79f14f05..3fa14934 100644 --- a/README.md +++ b/README.md @@ -48,6 +48,43 @@ SSL_CERTIFICATE="" # Path of Filebeat SSL Certi SSL_KEY="" # Path of Filebeat SSL Key ``` +### Dashboard +``` +PATTERN="wazuh-alerts-*" # Default index pattern to use + +CHECKS_PATTERN=true # Defines which checks must to be consider by the healthcheck +CHECKS_TEMPLATE=true # step once the Wazuh app starts. Values must to be true or false +CHECKS_API=true +CHECKS_SETUP=true + +EXTENSIONS_PCI=true # Enable PCI Extension +EXTENSIONS_GDPR=true # Enable GDPR Extension +EXTENSIONS_HIPAA=true # Enable HIPAA Extension +EXTENSIONS_NIST=true # Enable NIST Extension +EXTENSIONS_TSC=true # Enable TSC Extension +EXTENSIONS_AUDIT=true # Enable Audit Extension +EXTENSIONS_OSCAP=false # Enable OpenSCAP Extension +EXTENSIONS_CISCAT=false # Enable CISCAT Extension +EXTENSIONS_AWS=false # Enable AWS Extension +EXTENSIONS_GCP=false # Enable GCP Extension +EXTENSIONS_VIRUSTOTAL=false # Enable Virustotal Extension +EXTENSIONS_OSQUERY=false # Enable OSQuery Extension +EXTENSIONS_DOCKER=false # Enable Docker Extension + +APP_TIMEOUT=20000 # Defines maximum timeout to be used on the Wazuh app requests + +API_SELECTOR=true Defines if the user is allowed to change the selected API directly from the Wazuh app top menu +IP_SELECTOR=true # Defines if the user is allowed to change the selected index pattern directly from the Wazuh app top menu +IP_IGNORE="[]" # List of index patterns to be ignored + +WAZUH_MONITORING_ENABLED=true # Custom settings to enable/disable wazuh-monitoring indices +WAZUH_MONITORING_FREQUENCY=900 # Custom setting to set the frequency for wazuh-monitoring indices cron task +WAZUH_MONITORING_SHARDS=2 # Configure wazuh-monitoring-* indices shards and replicas +WAZUH_MONITORING_REPLICAS=0 # + +ADMIN_PRIVILEGES=true # App privileges +``` + ## Directory structure ├── build-wazuh-images.yml From b3b638a83cab34d4f94afe2812e9ec6fcc9662e5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Fri, 18 Mar 2022 10:20:08 -0300 Subject: [PATCH 075/163] Wazuh app options added --- wazuh-dashboard/Dockerfile | 36 ++++++++++++++++++++ wazuh-dashboard/config/wazuh_app_config.sh | 38 ++++++++++++++++++++++ 2 files changed, 74 insertions(+) diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index 4f42ed51..1be5a8be 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -60,6 +60,42 @@ ENV USER="wazuh-dashboard" \ GROUP="wazuh-dashboard" \ NAME="wazuh-dashboard" \ INSTALL_DIR="/usr/share/wazuh-dashboard" + +# Set Wazuh app variables +ENV PATTERN="" \ + CHECKS_PATTERN="" \ + CHECKS_TEMPLATE="" \ + CHECKS_API="" \ + CHECKS_SETUP="" \ + EXTENSIONS_PCI="" \ + EXTENSIONS_GDPR="" \ + EXTENSIONS_HIPAA="" \ + EXTENSIONS_NIST="" \ + EXTENSIONS_TSC="" \ + EXTENSIONS_AUDIT="" \ + EXTENSIONS_OSCAP="" \ + EXTENSIONS_CISCAT="" \ + EXTENSIONS_AWS="" \ + EXTENSIONS_GCP="" \ + EXTENSIONS_VIRUSTOTAL="" \ + EXTENSIONS_OSQUERY="" \ + EXTENSIONS_DOCKER="" \ + APP_TIMEOUT="" \ + API_SELECTOR="" \ + IP_SELECTOR="" \ + IP_IGNORE="" \ + WAZUH_MONITORING_ENABLED="" \ + WAZUH_MONITORING_FREQUENCY="" \ + WAZUH_MONITORING_SHARDS="" \ + WAZUH_MONITORING_REPLICAS="" \ + ADMIN_PRIVILEGES="" \ + XPACK_CANVAS="true" \ + XPACK_LOGS="true" \ + XPACK_INFRA="true" \ + XPACK_ML="true" \ + XPACK_DEVTOOLS="true" \ + XPACK_MONITORING="true" \ + XPACK_APM="true" # Create wazuh-dashboard user and group RUN getent group $GROUP || groupadd -r -g 1000 $GROUP diff --git a/wazuh-dashboard/config/wazuh_app_config.sh b/wazuh-dashboard/config/wazuh_app_config.sh index 9674bdff..e00fd4c7 100644 --- a/wazuh-dashboard/config/wazuh_app_config.sh +++ b/wazuh-dashboard/config/wazuh_app_config.sh @@ -9,6 +9,44 @@ api_run_as="${RUN_AS:-false}" dashboard_config_file="/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml" +declare -A CONFIG_MAP=( + [pattern]=$PATTERN + [checks.pattern]=$CHECKS_PATTERN + [checks.template]=$CHECKS_TEMPLATE + [checks.api]=$CHECKS_API + [checks.setup]=$CHECKS_SETUP + [extensions.pci]=$EXTENSIONS_PCI + [extensions.gdpr]=$EXTENSIONS_GDPR + [extensions.hipaa]=$EXTENSIONS_HIPAA + [extensions.nist]=$EXTENSIONS_NIST + [extensions.tsc]=$EXTENSIONS_TSC + [extensions.audit]=$EXTENSIONS_AUDIT + [extensions.oscap]=$EXTENSIONS_OSCAP + [extensions.ciscat]=$EXTENSIONS_CISCAT + [extensions.aws]=$EXTENSIONS_AWS + [extensions.gcp]=$EXTENSIONS_GCP + [extensions.virustotal]=$EXTENSIONS_VIRUSTOTAL + [extensions.osquery]=$EXTENSIONS_OSQUERY + [extensions.docker]=$EXTENSIONS_DOCKER + [timeout]=$APP_TIMEOUT + [api.selector]=$API_SELECTOR + [ip.selector]=$IP_SELECTOR + [ip.ignore]=$IP_IGNORE + [wazuh.monitoring.enabled]=$WAZUH_MONITORING_ENABLED + [wazuh.monitoring.frequency]=$WAZUH_MONITORING_FREQUENCY + [wazuh.monitoring.shards]=$WAZUH_MONITORING_SHARDS + [wazuh.monitoring.replicas]=$WAZUH_MONITORING_REPLICAS + [admin]=$ADMIN_PRIVILEGES +) + +for i in "${!CONFIG_MAP[@]}" +do + if [ "${CONFIG_MAP[$i]}" != "" ]; then + sed -i 's/.*#'"$i"'.*/'"$i"': '"${CONFIG_MAP[$i]}"'/' $dashboard_config_file + fi +done + + grep -q 1513629884013 $dashboard_config_file _config_exists=$? From 0b1659c60bfa19324f7b62ca05e0dd19a9a76fd3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Fri, 18 Mar 2022 10:43:34 -0300 Subject: [PATCH 076/163] Wazuh app options config updated --- wazuh-dashboard/Dockerfile | 2 +- wazuh-dashboard/config/wazuh.yml | 168 ++++++++++++++++++++- wazuh-dashboard/config/wazuh_app_config.sh | 2 +- 3 files changed, 163 insertions(+), 9 deletions(-) diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index 1be5a8be..a81579ed 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -60,7 +60,7 @@ ENV USER="wazuh-dashboard" \ GROUP="wazuh-dashboard" \ NAME="wazuh-dashboard" \ INSTALL_DIR="/usr/share/wazuh-dashboard" - + # Set Wazuh app variables ENV PATTERN="" \ CHECKS_PATTERN="" \ diff --git a/wazuh-dashboard/config/wazuh.yml b/wazuh-dashboard/config/wazuh.yml index 62a72893..e2f3f755 100644 --- a/wazuh-dashboard/config/wazuh.yml +++ b/wazuh-dashboard/config/wazuh.yml @@ -1,7 +1,161 @@ -hosts: - - default: - url: https://wazuh.manager - port: 55000 - username: wazuh-wui - password: wazuh-wui - run_as: false +--- +# +# Wazuh app - App configuration file +# Copyright (C) 2015-2021 Wazuh, Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# Find more information about this on the LICENSE file. +# +# ======================== Wazuh app configuration file ======================== +# +# Please check the documentation for more information on configuration options: +# https://documentation.wazuh.com/current/installation-guide/index.html +# +# Also, you can check our repository: +# https://github.com/wazuh/wazuh-kibana-app +# +# ------------------------------- Index patterns ------------------------------- +# +# Default index pattern to use. +#pattern: wazuh-alerts-* +# +# ----------------------------------- Checks ----------------------------------- +# +# Defines which checks must to be consider by the healthcheck +# step once the Wazuh app starts. Values must to be true or false. +#checks.pattern : true +#checks.template: true +#checks.api : true +#checks.setup : true +#checks.metaFields: true +# +# --------------------------------- Extensions --------------------------------- +# +# Defines which extensions should be activated when you add a new API entry. +# You can change them after Wazuh app starts. +# Values must to be true or false. +#extensions.pci : true +#extensions.gdpr : true +#extensions.hipaa : true +#extensions.nist : true +#extensions.tsc : true +#extensions.audit : true +#extensions.oscap : false +#extensions.ciscat : false +#extensions.aws : false +#extensions.gcp : false +#extensions.virustotal: false +#extensions.osquery : false +#extensions.docker : false +# +# ---------------------------------- Time out ---------------------------------- +# +# Defines maximum timeout to be used on the Wazuh app requests. +# It will be ignored if it is bellow 1500. +# It means milliseconds before we consider a request as failed. +# Default: 20000 +#timeout: 20000 +# +# -------------------------------- API selector -------------------------------- +# +# Defines if the user is allowed to change the selected +# API directly from the Wazuh app top menu. +# Default: true +#api.selector: true +# +# --------------------------- Index pattern selector --------------------------- +# +# Defines if the user is allowed to change the selected +# index pattern directly from the Wazuh app top menu. +# Default: true +#ip.selector: true +# +# List of index patterns to be ignored +#ip.ignore: [] +# +# -------------------------------- X-Pack RBAC --------------------------------- +# +# Custom setting to enable/disable built-in X-Pack RBAC security capabilities. +# Default: enabled +#xpack.rbac.enabled: true +# +# ------------------------------ wazuh-monitoring ------------------------------ +# +# Custom setting to enable/disable wazuh-monitoring indices. +# Values: true, false, worker +# If worker is given as value, the app will show the Agents status +# visualization but won't insert data on wazuh-monitoring indices. +# Default: true +#wazuh.monitoring.enabled: true +# +# Custom setting to set the frequency for wazuh-monitoring indices cron task. +# Default: 900 (s) +#wazuh.monitoring.frequency: 900 +# +# Configure wazuh-monitoring-* indices shards and replicas. +#wazuh.monitoring.shards: 2 +#wazuh.monitoring.replicas: 0 +# +# Configure wazuh-monitoring-* indices custom creation interval. +# Values: h (hourly), d (daily), w (weekly), m (monthly) +# Default: d +#wazuh.monitoring.creation: d +# +# Default index pattern to use for Wazuh monitoring +#wazuh.monitoring.pattern: wazuh-monitoring-* +# +# --------------------------------- wazuh-cron ---------------------------------- +# +# Customize the index prefix of predefined jobs +# This change is not retroactive, if you change it new indexes will be created +# cron.prefix: test +# +# ------------------------------ wazuh-statistics ------------------------------- +# +# Custom setting to enable/disable statistics tasks. +#cron.statistics.status: true +# +# Enter the ID of the APIs you want to save data from, leave this empty to run +# the task on all configured APIs +#cron.statistics.apis: [] +# +# Define the frequency of task execution using cron schedule expressions +#cron.statistics.interval: 0 0 * * * * +# +# Define the name of the index in which the documents are to be saved. +#cron.statistics.index.name: statistics +# +# Define the interval in which the index will be created +#cron.statistics.index.creation: w +# +# ------------------------------- App privileges -------------------------------- +#admin: true +# +# ---------------------------- Hide manager alerts ------------------------------ +# Hide the alerts of the manager in all dashboards and discover +#hideManagerAlerts: false +# +# ------------------------------- App logging level ----------------------------- +# Set the logging level for the Wazuh App log files. +# Default value: info +# Allowed values: info, debug +#logs.level: info +# +# -------------------------------- Enrollment DNS ------------------------------- +# Set the variable WAZUH_REGISTRATION_SERVER in agents deployment. +# Default value: '' +#enrollment.dns: '' +# +#-------------------------------- API entries ----------------------------------- +#The following configuration is the default structure to define an API entry. +# +#hosts: +# - : +# url: http(s):// +# port: +# username: +# password: \ No newline at end of file diff --git a/wazuh-dashboard/config/wazuh_app_config.sh b/wazuh-dashboard/config/wazuh_app_config.sh index e00fd4c7..784f10eb 100644 --- a/wazuh-dashboard/config/wazuh_app_config.sh +++ b/wazuh-dashboard/config/wazuh_app_config.sh @@ -51,7 +51,7 @@ grep -q 1513629884013 $dashboard_config_file _config_exists=$? if [[ $_config_exists -ne 0 ]]; then -cat << EOF > $dashboard_config_file +cat << EOF >> $dashboard_config_file hosts: - 1513629884013: url: $wazuh_url From 3df1d95ec789387f550fde09d516893ff6bca99a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Fri, 18 Mar 2022 10:52:01 -0300 Subject: [PATCH 077/163] wazuh.yml update --- wazuh-dashboard/config/wazuh.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wazuh-dashboard/config/wazuh.yml b/wazuh-dashboard/config/wazuh.yml index e2f3f755..aeb519f7 100644 --- a/wazuh-dashboard/config/wazuh.yml +++ b/wazuh-dashboard/config/wazuh.yml @@ -158,4 +158,4 @@ # url: http(s):// # port: # username: -# password: \ No newline at end of file +# password: From 0b24a51147767f621534ad375d19b6dc2abb92f9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Tue, 22 Mar 2022 11:02:27 -0300 Subject: [PATCH 078/163] Manager wazuh-init updated (rids owner) --- wazuh-manager/config/etc/cont-init.d/0-wazuh-init | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/wazuh-manager/config/etc/cont-init.d/0-wazuh-init b/wazuh-manager/config/etc/cont-init.d/0-wazuh-init index e3c9ebfa..21e9d208 100644 --- a/wazuh-manager/config/etc/cont-init.d/0-wazuh-init +++ b/wazuh-manager/config/etc/cont-init.d/0-wazuh-init @@ -164,6 +164,15 @@ set_custom_cluster_key() { sed -i 's/to_be_replaced_by_cluster_key<\/key>/'"${WAZUH_CLUSTER_KEY}"'<\/key>/g' ${WAZUH_INSTALL_PATH}/etc/ossec.conf } +############################################################################## +# Modify /var/ossec/queue/rids directory owner on +# container start. +############################################################################## + +set_rids_owner() { + chown -R wazuh:wazuh /var/ossec/queue/rids +} + ############################################################################## # Main function ############################################################################## From d46c763939790cb8fff92adcd53c0aaea2b81082 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Tue, 22 Mar 2022 11:57:37 -0300 Subject: [PATCH 079/163] set_rids_owner call added --- wazuh-manager/config/etc/cont-init.d/0-wazuh-init | 2 ++ 1 file changed, 2 insertions(+) diff --git a/wazuh-manager/config/etc/cont-init.d/0-wazuh-init b/wazuh-manager/config/etc/cont-init.d/0-wazuh-init index 21e9d208..06408a2e 100644 --- a/wazuh-manager/config/etc/cont-init.d/0-wazuh-init +++ b/wazuh-manager/config/etc/cont-init.d/0-wazuh-init @@ -211,6 +211,8 @@ main() { # Delete temporary data folder rm -rf ${WAZUH_INSTALL_PATH}/data_tmp + # Set rids directory owner + set_rids_owner } main From 1c76d93b17b02f0f5b3f10f81879cd3200faf62a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Tue, 22 Mar 2022 12:47:15 -0300 Subject: [PATCH 080/163] Migration document added --- Migration-to-indexer-dashboard.md | 68 +++++++++++++++++++++++++++++++ 1 file changed, 68 insertions(+) create mode 100644 Migration-to-indexer-dashboard.md diff --git a/Migration-to-indexer-dashboard.md b/Migration-to-indexer-dashboard.md new file mode 100644 index 00000000..ae318b67 --- /dev/null +++ b/Migration-to-indexer-dashboard.md @@ -0,0 +1,68 @@ +# Opendistro data migration to Wazuh indexer on docker. +This procedure explains how to migrate Opendistro data from Opendistro to Wazuh indexer in docker production deployments. +The example is migrating from v4.2.5 to v4.3.0. + +## Procedure +Assuming that you have a v4.2.5 production deployment, perform the following steps. + +**1. Stop 4.2.5 environment** +`docker-compose -f production-cluster.yml stop` + +**2. List Elastic volumesStop 4.2.5 environment** +`docker volume ls --filter name='wazuh-docker_elastic-data'` + +**3. Inspect Elastic volume** +`docker volume inspect wazuh-docker_elastic-data-1` + +**4. Run the volume create command:** create 3 new Indexer volumes using the `com.docker.compose.version` label value from the previous command. +``` +docker volume create \ + --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=wazuh-indexer-data-1 \ + wazuh-docker_wazuh-indexer-data-1 +``` +``` +docker volume create \ + --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=wazuh-indexer-data-2 \ + wazuh-docker_wazuh-indexer-data-2 +``` +``` +docker volume create \ + --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=wazuh-indexer-data-3 \ + wazuh-docker_wazuh-indexer-data-3 +``` + +**5. Copy the volume content from Elastic to Wazuh indexer volumes.** +``` +docker container run --rm -it \ + -v wazuh-docker_elastic-data-1:/from \ + -v wazuh-docker_wazuh-indexer-data-1:/to \ + alpine ash -c "cd /from ; cp -av . /to" +``` +``` +docker container run --rm -it \ + -v wazuh-docker_elastic-data-2:/from \ + -v wazuh-docker_wazuh-indexer-data-2:/to \ + alpine ash -c "cd /from ; cp -av . /to" +``` +``` +docker container run --rm -it \ + -v wazuh-docker_elastic-data-3:/from \ + -v wazuh-docker_wazuh-indexer-data-3:/to \ + alpine ash -c "cd /from ; cp -av . /to" +``` + +**6. Delete the 4.2.5 environment.** +`docker-compose -f production-cluster.yml down` + +**7. Start the 4.3 environment.** +```` +git checkout 4.3 +docker-compose -f production-cluster.yml up -d +``` +**8. Check the access to Wazuh dashboard**: go to the Wazuh Dashboard WebUI and check if everything is working. \ No newline at end of file From 610c62b866ee004b58a19917c06b1b91ca31580f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Tue, 22 Mar 2022 12:47:57 -0300 Subject: [PATCH 081/163] Migration document added --- Migration-to-indexer-dashboard.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Migration-to-indexer-dashboard.md b/Migration-to-indexer-dashboard.md index ae318b67..cc38fb9c 100644 --- a/Migration-to-indexer-dashboard.md +++ b/Migration-to-indexer-dashboard.md @@ -61,8 +61,9 @@ docker container run --rm -it \ `docker-compose -f production-cluster.yml down` **7. Start the 4.3 environment.** -```` +``` git checkout 4.3 docker-compose -f production-cluster.yml up -d ``` + **8. Check the access to Wazuh dashboard**: go to the Wazuh Dashboard WebUI and check if everything is working. \ No newline at end of file From a5e74bf9163ab402d14480f09f7406cf09171a0d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Wed, 23 Mar 2022 09:28:52 -0300 Subject: [PATCH 082/163] Cert tool command update --- indexer_certs_creator/config/entrypoint.sh | 2 +- wazuh-indexer/config/config.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/indexer_certs_creator/config/entrypoint.sh b/indexer_certs_creator/config/entrypoint.sh index 567bf267..517ca553 100644 --- a/indexer_certs_creator/config/entrypoint.sh +++ b/indexer_certs_creator/config/entrypoint.sh @@ -34,7 +34,7 @@ chmod 700 /$CERT_TOOL # Creating Cluster certificates ############################################################################## -/$CERT_TOOL +/$CERT_TOOL -A echo "Moving created certificates to destination directory" cp /certs/* /certificates/ echo "changing certificate permissions" diff --git a/wazuh-indexer/config/config.sh b/wazuh-indexer/config/config.sh index 721c7209..5da2e07c 100644 --- a/wazuh-indexer/config/config.sh +++ b/wazuh-indexer/config/config.sh @@ -66,7 +66,7 @@ else exit 1 fi -chmod 755 $CERT_TOOL && bash /$CERT_TOOL +chmod 755 $CERT_TOOL && bash /$CERT_TOOL -A # copy to target mkdir -p ${TARGET_DIR}${INSTALLATION_DIR} From 0c1409e5c928c01d422d15b649851b6e6f2913b0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Wed, 23 Mar 2022 10:15:19 -0300 Subject: [PATCH 083/163] Certs directory name updated --- indexer_certs_creator/config/entrypoint.sh | 2 +- wazuh-indexer/config/config.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/indexer_certs_creator/config/entrypoint.sh b/indexer_certs_creator/config/entrypoint.sh index 517ca553..6ab0ba05 100644 --- a/indexer_certs_creator/config/entrypoint.sh +++ b/indexer_certs_creator/config/entrypoint.sh @@ -36,6 +36,6 @@ chmod 700 /$CERT_TOOL /$CERT_TOOL -A echo "Moving created certificates to destination directory" -cp /certs/* /certificates/ +cp /wazuh-certificates/* /certificates/ echo "changing certificate permissions" chmod -R 666 /certificates/* diff --git a/wazuh-indexer/config/config.sh b/wazuh-indexer/config/config.sh index 5da2e07c..ab62b030 100644 --- a/wazuh-indexer/config/config.sh +++ b/wazuh-indexer/config/config.sh @@ -98,6 +98,6 @@ cp -pr /roles.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/s cp -pr /internal_users.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ cp -pr /opensearch.yml ${TARGET_DIR}${CONFIG_DIR} # Copy Wazuh indexer's demo certificates -cp -pr /certs/* ${TARGET_DIR}${CONFIG_DIR} +cp -pr /wazuh-certificates/* ${TARGET_DIR}${CONFIG_DIR} From 2a9a9dce5241009e4841fa5d0d7e3fb8770a4679 Mon Sep 17 00:00:00 2001 From: Raul Del Pozo Moreno Date: Thu, 24 Mar 2022 18:59:53 +0100 Subject: [PATCH 084/163] Remove download of demo certificates --- wazuh-dashboard/Dockerfile | 23 ++++------- wazuh-dashboard/config/config.sh | 41 +++++++++++++++++++ wazuh-dashboard/config/config.yml | 5 +++ .../config/opensearch_dashboards.yml | 4 +- wazuh-indexer/config/config.sh | 4 +- 5 files changed, 56 insertions(+), 21 deletions(-) create mode 100644 wazuh-dashboard/config/config.sh create mode 100644 wazuh-dashboard/config/config.yml diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index a81579ed..e6fc39e0 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -11,30 +11,21 @@ RUN apt-get update && apt install curl libcap2-bin xz-utils -y RUN mkdir -p $INSTALL_DIR # Download and extract Wazuh dashboard base -RUN curl -o wazuh-dashboard-base.tar.xz https://packages-dev.wazuh.com/stack/dashboard/base/wazuh-dashboard-base-$WAZUH_VERSION-linux-x64.tar.xz && \ +RUN curl -o wazuh-dashboard-base.tar.xz https://packages.wazuh.com/stack/dashboard/base/wazuh-dashboard-base-${WAZUH_VERSION}-linux-x64.tar.xz && \ tar -xf wazuh-dashboard-base.tar.xz --directory $INSTALL_DIR --strip-components=1 -# Download and extract demo certificates -RUN curl -O https://packages-dev.wazuh.com/stack/demo-certs.tar.gz && \ - tar -xf demo-certs.tar.gz && rm -f demo-certs.tar.gz - -# Create certs dir -RUN mkdir -p $INSTALL_DIR/config/certs - -# Copy Wazuh dashboard demo certs to install config dir -RUN cp certs/demo-dashboard.pem $INSTALL_DIR/config/certs/demo-dashboard.pem && \ - cp certs/demo-dashboard-key.pem $INSTALL_DIR/config/certs/demo-dashboard-key.pem && \ - cp certs/root-ca.pem $INSTALL_DIR/config/certs/root-ca.pem - -RUN chmod 640 $INSTALL_DIR/config/certs/* +# Generate certificates +COPY config/config.sh . +COPY config/config.yml / +RUN bash config.sh # Create and configure Wazuh dashboard keystore RUN $INSTALL_DIR/bin/opensearch-dashboards-keystore create --allow-root && \ echo kibanaserver | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.username --stdin --allow-root && \ echo kibanaserver | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.password --stdin --allow-root -# Install Wazuh App -RUN $INSTALL_DIR/bin/opensearch-dashboards-plugin install https://packages.wazuh.com/4.x/ui/dashboard/wazuh-$WAZUH_VERSION.zip --allow-root +# Install Wazuh App +RUN $INSTALL_DIR/bin/opensearch-dashboards-plugin install https://packages.wazuh.com/4.x/ui/dashboard/wazuh-${WAZUH_VERSION}.zip --allow-root # Copy and set permissions to config files COPY config/opensearch_dashboards.yml $INSTALL_DIR/config/ diff --git a/wazuh-dashboard/config/config.sh b/wazuh-dashboard/config/config.sh new file mode 100644 index 00000000..1d2a575a --- /dev/null +++ b/wazuh-dashboard/config/config.sh @@ -0,0 +1,41 @@ +# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) +# This has to be exported to make some magic below work. +export DH_OPTIONS + +export NAME=wazuh-dashboard +export TARGET_DIR=${CURDIR}/debian/${NAME} +export INSTALLATION_DIR=/usr/share/${NAME} +export CONFIG_DIR=${INSTALLATION_DIR}/config + +## Variables +CERT_TOOL=wazuh-certs-tool.sh +PACKAGES_URL=https://packages.wazuh.com/4.3/ +PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.3/ + +## Check if the cert tool exists in S3 buckets +CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') +CERT_TOOL_PACKAGES_DEV=$(curl --silent -I $PACKAGES_DEV_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') + +## If cert tool exists in some bucket, download it, if not exit 1 +if [ "$CERT_TOOL_PACKAGES" = "200" ]; then + curl -o $CERT_TOOL $PACKAGES_URL$CERT_TOOL + echo "Cert tool exists in Packages bucket" +elif [ "$CERT_TOOL_PACKAGES_DEV" = "200" ]; then + curl -o $CERT_TOOL $PACKAGES_DEV_URL$CERT_TOOL + echo "Cert tool exists in Packages-dev bucket" +else + echo "Cert tool does not exist in any bucket" + exit 1 +fi + +chmod 755 $CERT_TOOL && bash /$CERT_TOOL -A + +# Copy Wazuh dashboard's certificates +mkdir -p ${CONFIG_DIR}/certs + +# Copy Wazuh dashboard certs to install config dir +cp /wazuh-certificates/demo.dashboard.pem ${CONFIG_DIR}/certs/dashboard.pem +cp /wazuh-certificates/demo.dashboard-key.pem ${CONFIG_DIR}/certs/dashboard-key.pem +cp /wazuh-certificates/root-ca.pem ${CONFIG_DIR}/certs/root-ca.pem + +chmod 640 ${CONFIG_DIR}/certs/* diff --git a/wazuh-dashboard/config/config.yml b/wazuh-dashboard/config/config.yml new file mode 100644 index 00000000..d736a41f --- /dev/null +++ b/wazuh-dashboard/config/config.yml @@ -0,0 +1,5 @@ +nodes: + # Wazuh dashboard server nodes + dashboard: + name: demo.dashboard + ip: demo.dashboard \ No newline at end of file diff --git a/wazuh-dashboard/config/opensearch_dashboards.yml b/wazuh-dashboard/config/opensearch_dashboards.yml index 4b713d5a..f7d70cce 100644 --- a/wazuh-dashboard/config/opensearch_dashboards.yml +++ b/wazuh-dashboard/config/opensearch_dashboards.yml @@ -7,8 +7,8 @@ opensearch_security.multitenancy.enabled: true opensearch_security.multitenancy.tenants.preferred: ["Private", "Global"] opensearch_security.readonly_mode.roles: ["kibana_read_only"] server.ssl.enabled: true -server.ssl.key: "/usr/share/wazuh-dashboard/config/certs/demo-dashboard-key.pem" -server.ssl.certificate: "/usr/share/wazuh-dashboard/config/certs/demo-dashboard.pem" +server.ssl.key: "/usr/share/wazuh-dashboard/config/certs/dashboard-key.pem" +server.ssl.certificate: "/usr/share/wazuh-dashboard/config/certs/dashboard.pem" opensearch.ssl.certificateAuthorities: ["/usr/share/wazuh-dashboard/config/certs/root-ca.pem"] uiSettings.overrides.defaultRoute: /app/wazuh?security_tenant=global diff --git a/wazuh-indexer/config/config.sh b/wazuh-indexer/config/config.sh index ab62b030..a7871579 100644 --- a/wazuh-indexer/config/config.sh +++ b/wazuh-indexer/config/config.sh @@ -97,7 +97,5 @@ cp -pr /roles_mapping.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-se cp -pr /roles.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ cp -pr /internal_users.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ cp -pr /opensearch.yml ${TARGET_DIR}${CONFIG_DIR} -# Copy Wazuh indexer's demo certificates +# Copy Wazuh indexer's certificates cp -pr /wazuh-certificates/* ${TARGET_DIR}${CONFIG_DIR} - - From b91c1602a68956f45b696fb830b18895a90f6e74 Mon Sep 17 00:00:00 2001 From: Raul Del Pozo Moreno Date: Thu, 24 Mar 2022 19:26:29 +0100 Subject: [PATCH 085/163] Added custom images --- docker-compose.yml | 6 +++--- wazuh-dashboard/Dockerfile | 4 ++-- wazuh-indexer/config/config.sh | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 49515e47..2138bc75 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.manager: - image: wazuh/wazuh-manager:4.3.0 + image: wazuh/wazuh-manager:4.3.0-dev hostname: wazuh.manager restart: always ports: @@ -30,7 +30,7 @@ services: - filebeat_var:/var/lib/filebeat wazuh1.indexer: - image: wazuh/wazuh-indexer:4.3.0 + image: wazuh/wazuh-indexer:4.3.0-dev-testing hostname: wazuh1.indexer restart: always ports: @@ -46,7 +46,7 @@ services: hard: 65536 wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.3.0 + image: wazuh/wazuh-dashboard:4.3.0-dev-testing hostname: wazuh.dashboard restart: always ports: diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index e6fc39e0..5ccf47cb 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -11,7 +11,7 @@ RUN apt-get update && apt install curl libcap2-bin xz-utils -y RUN mkdir -p $INSTALL_DIR # Download and extract Wazuh dashboard base -RUN curl -o wazuh-dashboard-base.tar.xz https://packages.wazuh.com/stack/dashboard/base/wazuh-dashboard-base-${WAZUH_VERSION}-linux-x64.tar.xz && \ +RUN curl -o wazuh-dashboard-base.tar.xz https://packages-dev.wazuh.com/stack/dashboard/base/wazuh-dashboard-base-${WAZUH_VERSION}-testing-linux-x64.tar.xz && \ tar -xf wazuh-dashboard-base.tar.xz --directory $INSTALL_DIR --strip-components=1 # Generate certificates @@ -25,7 +25,7 @@ RUN $INSTALL_DIR/bin/opensearch-dashboards-keystore create --allow-root && \ echo kibanaserver | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.password --stdin --allow-root # Install Wazuh App -RUN $INSTALL_DIR/bin/opensearch-dashboards-plugin install https://packages.wazuh.com/4.x/ui/dashboard/wazuh-${WAZUH_VERSION}.zip --allow-root +RUN $INSTALL_DIR/bin/opensearch-dashboards-plugin install https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}.zip --allow-root # Copy and set permissions to config files COPY config/opensearch_dashboards.yml $INSTALL_DIR/config/ diff --git a/wazuh-indexer/config/config.sh b/wazuh-indexer/config/config.sh index a7871579..f15c2b40 100644 --- a/wazuh-indexer/config/config.sh +++ b/wazuh-indexer/config/config.sh @@ -16,7 +16,7 @@ export INSTALLATION_DIR=/usr/share/${NAME} export CONFIG_DIR=${INSTALLATION_DIR}/config export BASE_DIR=${NAME}-* export INDEXER_FILE=wazuh-indexer-base.tar.xz -export BASE_FILE=wazuh-indexer-base-${VERSION}-linux-x64.tar.xz +export BASE_FILE=wazuh-indexer-base-${VERSION}-testing-linux-x64.tar.xz export REPO_DIR=/unattended_installer From 8765678aaa354864be3958e9d0b4c1495d86b961 Mon Sep 17 00:00:00 2001 From: Raul Del Pozo Moreno Date: Thu, 24 Mar 2022 19:28:06 +0100 Subject: [PATCH 086/163] Added custom images --- wazuh-manager/Dockerfile | 4 ++-- wazuh-manager/config/wazuh.repo | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/wazuh-manager/Dockerfile b/wazuh-manager/Dockerfile index 1da3d314..4c02a10d 100644 --- a/wazuh-manager/Dockerfile +++ b/wazuh-manager/Dockerfile @@ -8,7 +8,7 @@ ARG TEMPLATE_VERSION="master" ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" # Set repositories. -RUN rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH +RUN rpm --import https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH COPY config/wazuh.repo /etc/yum.repos.d/wazuh.repo @@ -18,7 +18,7 @@ RUN yum --enablerepo=updates clean metadata && \ sed -i "s/^enabled=1/enabled=0/" /etc/yum.repos.d/wazuh.repo && \ yum clean all && rm -rf /var/cache/yum -RUN curl -L -O https://packages.wazuh.com/4.x/yum/${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm &&\ +RUN curl -L -O https://packages-dev.wazuh.com/pre-release/yum/${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm &&\ rpm -i ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm && rm -f ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm RUN curl -s https://packages.wazuh.com/4.x/filebeat/${WAZUH_FILEBEAT_MODULE} | tar -xvz -C /usr/share/filebeat/module diff --git a/wazuh-manager/config/wazuh.repo b/wazuh-manager/config/wazuh.repo index e230d6a9..4b673ff0 100644 --- a/wazuh-manager/config/wazuh.repo +++ b/wazuh-manager/config/wazuh.repo @@ -1,7 +1,7 @@ [wazuh_repo] gpgcheck=1 -gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH +gpgkey=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH enabled=1 name=Wazuh repository -baseurl=https://packages.wazuh.com/4.x/yum/ +baseurl=https://packages-dev.wazuh.com/pre-release/yum/ protect=1 From d5191b8f4bd20172acde654deb34c2608d013a39 Mon Sep 17 00:00:00 2001 From: Raul Del Pozo Moreno Date: Thu, 24 Mar 2022 20:00:39 +0100 Subject: [PATCH 087/163] Change certs copy --- docker-compose.yml | 4 ++-- wazuh-dashboard/config/config.sh | 2 +- wazuh-indexer/config/config.sh | 7 ++++++- wazuh-indexer/config/opensearch.yml | 10 +++++----- 4 files changed, 14 insertions(+), 9 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 2138bc75..f3e28d73 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -30,7 +30,7 @@ services: - filebeat_var:/var/lib/filebeat wazuh1.indexer: - image: wazuh/wazuh-indexer:4.3.0-dev-testing + image: wazuh/wazuh-indexer:4.3.0-dev-test hostname: wazuh1.indexer restart: always ports: @@ -46,7 +46,7 @@ services: hard: 65536 wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.3.0-dev-testing + image: wazuh/wazuh-dashboard:4.3.0-dev-test hostname: wazuh.dashboard restart: always ports: diff --git a/wazuh-dashboard/config/config.sh b/wazuh-dashboard/config/config.sh index 1d2a575a..629a5988 100644 --- a/wazuh-dashboard/config/config.sh +++ b/wazuh-dashboard/config/config.sh @@ -30,7 +30,7 @@ fi chmod 755 $CERT_TOOL && bash /$CERT_TOOL -A -# Copy Wazuh dashboard's certificates +# Create certs directory mkdir -p ${CONFIG_DIR}/certs # Copy Wazuh dashboard certs to install config dir diff --git a/wazuh-indexer/config/config.sh b/wazuh-indexer/config/config.sh index f15c2b40..513bc3b4 100644 --- a/wazuh-indexer/config/config.sh +++ b/wazuh-indexer/config/config.sh @@ -98,4 +98,9 @@ cp -pr /roles.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/s cp -pr /internal_users.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ cp -pr /opensearch.yml ${TARGET_DIR}${CONFIG_DIR} # Copy Wazuh indexer's certificates -cp -pr /wazuh-certificates/* ${TARGET_DIR}${CONFIG_DIR} +cp -pr /wazuh-certificates/demo.indexer.pem ${TARGET_DIR}${CONFIG_DIR}/indexer.pem +cp -pr /wazuh-certificates/demo.indexer-key.pem ${TARGET_DIR}${CONFIG_DIR}/indexer-key.pem +cp -pr /wazuh-certificates/root-ca.key ${TARGET_DIR}${CONFIG_DIR}/root-ca.key +cp -pr /wazuh-certificates/root-ca.pem ${TARGET_DIR}${CONFIG_DIR}/root-ca.pem +cp -pr /wazuh-certificates/admin.pem ${TARGET_DIR}${CONFIG_DIR}/admin.pem +cp -pr /wazuh-certificates/admin-key.pem ${TARGET_DIR}${CONFIG_DIR}/admin-key.pem \ No newline at end of file diff --git a/wazuh-indexer/config/opensearch.yml b/wazuh-indexer/config/opensearch.yml index 765efb62..4cc0d33c 100644 --- a/wazuh-indexer/config/opensearch.yml +++ b/wazuh-indexer/config/opensearch.yml @@ -4,11 +4,11 @@ path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer discovery.type: single-node compatibility.override_main_response_version: true -plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/demo.indexer.pem -plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/demo.indexer-key.pem +plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/indexer.pem +plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/indexer-key.pem plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/root-ca.pem -plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/demo.indexer.pem -plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/demo.indexer-key.pem +plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/indexer.pem +plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/indexer-key.pem plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/root-ca.pem plugins.security.ssl.http.enabled: true plugins.security.ssl.transport.enforce_hostname_verification: false @@ -19,7 +19,7 @@ plugins.security.authcz.admin_dn: plugins.security.check_snapshot_restore_write_privileges: true plugins.security.enable_snapshot_restore_privilege: true plugins.security.nodes_dn: -- "CN=demo.indexer,OU=Wazuh,O=Wazuh,L=California,C=US" +- "CN=indexer,OU=Wazuh,O=Wazuh,L=California,C=US" plugins.security.restapi.roles_enabled: - "all_access" - "security_rest_api_access" From 95d92d968d9a9bb7c9918e679370145aafec6f7a Mon Sep 17 00:00:00 2001 From: Raul Del Pozo Moreno Date: Thu, 24 Mar 2022 20:14:13 +0100 Subject: [PATCH 088/163] Restore certificate node name --- wazuh-indexer/config/opensearch.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wazuh-indexer/config/opensearch.yml b/wazuh-indexer/config/opensearch.yml index 4cc0d33c..915fe5a2 100644 --- a/wazuh-indexer/config/opensearch.yml +++ b/wazuh-indexer/config/opensearch.yml @@ -19,7 +19,7 @@ plugins.security.authcz.admin_dn: plugins.security.check_snapshot_restore_write_privileges: true plugins.security.enable_snapshot_restore_privilege: true plugins.security.nodes_dn: -- "CN=indexer,OU=Wazuh,O=Wazuh,L=California,C=US" +- "CN=demo.indexer,OU=Wazuh,O=Wazuh,L=California,C=US" plugins.security.restapi.roles_enabled: - "all_access" - "security_rest_api_access" From a01d921cae75e63a22078a50550aaebe89daa9c9 Mon Sep 17 00:00:00 2001 From: Raul Del Pozo Moreno Date: Thu, 24 Mar 2022 20:50:16 +0100 Subject: [PATCH 089/163] Set urls to production --- docker-compose.yml | 6 +++--- wazuh-dashboard/Dockerfile | 4 ++-- wazuh-indexer/config/config.sh | 4 ++-- wazuh-manager/Dockerfile | 4 ++-- wazuh-manager/config/wazuh.repo | 4 ++-- 5 files changed, 11 insertions(+), 11 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index f3e28d73..49515e47 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.manager: - image: wazuh/wazuh-manager:4.3.0-dev + image: wazuh/wazuh-manager:4.3.0 hostname: wazuh.manager restart: always ports: @@ -30,7 +30,7 @@ services: - filebeat_var:/var/lib/filebeat wazuh1.indexer: - image: wazuh/wazuh-indexer:4.3.0-dev-test + image: wazuh/wazuh-indexer:4.3.0 hostname: wazuh1.indexer restart: always ports: @@ -46,7 +46,7 @@ services: hard: 65536 wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.3.0-dev-test + image: wazuh/wazuh-dashboard:4.3.0 hostname: wazuh.dashboard restart: always ports: diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index 5ccf47cb..e6fc39e0 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -11,7 +11,7 @@ RUN apt-get update && apt install curl libcap2-bin xz-utils -y RUN mkdir -p $INSTALL_DIR # Download and extract Wazuh dashboard base -RUN curl -o wazuh-dashboard-base.tar.xz https://packages-dev.wazuh.com/stack/dashboard/base/wazuh-dashboard-base-${WAZUH_VERSION}-testing-linux-x64.tar.xz && \ +RUN curl -o wazuh-dashboard-base.tar.xz https://packages.wazuh.com/stack/dashboard/base/wazuh-dashboard-base-${WAZUH_VERSION}-linux-x64.tar.xz && \ tar -xf wazuh-dashboard-base.tar.xz --directory $INSTALL_DIR --strip-components=1 # Generate certificates @@ -25,7 +25,7 @@ RUN $INSTALL_DIR/bin/opensearch-dashboards-keystore create --allow-root && \ echo kibanaserver | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.password --stdin --allow-root # Install Wazuh App -RUN $INSTALL_DIR/bin/opensearch-dashboards-plugin install https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}.zip --allow-root +RUN $INSTALL_DIR/bin/opensearch-dashboards-plugin install https://packages.wazuh.com/4.x/ui/dashboard/wazuh-${WAZUH_VERSION}.zip --allow-root # Copy and set permissions to config files COPY config/opensearch_dashboards.yml $INSTALL_DIR/config/ diff --git a/wazuh-indexer/config/config.sh b/wazuh-indexer/config/config.sh index 513bc3b4..701f0266 100644 --- a/wazuh-indexer/config/config.sh +++ b/wazuh-indexer/config/config.sh @@ -16,13 +16,13 @@ export INSTALLATION_DIR=/usr/share/${NAME} export CONFIG_DIR=${INSTALLATION_DIR}/config export BASE_DIR=${NAME}-* export INDEXER_FILE=wazuh-indexer-base.tar.xz -export BASE_FILE=wazuh-indexer-base-${VERSION}-testing-linux-x64.tar.xz +export BASE_FILE=wazuh-indexer-base-${VERSION}-linux-x64.tar.xz export REPO_DIR=/unattended_installer rm -rf ${INSTALLATION_DIR}/ -curl -o ${INDEXER_FILE} https://packages-dev.wazuh.com/stack/indexer/base/${BASE_FILE} +curl -o ${INDEXER_FILE} https://packages.wazuh.com/stack/indexer/base/${BASE_FILE} tar -xf ${INDEXER_FILE} ## TOOLS diff --git a/wazuh-manager/Dockerfile b/wazuh-manager/Dockerfile index 4c02a10d..1da3d314 100644 --- a/wazuh-manager/Dockerfile +++ b/wazuh-manager/Dockerfile @@ -8,7 +8,7 @@ ARG TEMPLATE_VERSION="master" ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" # Set repositories. -RUN rpm --import https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH +RUN rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH COPY config/wazuh.repo /etc/yum.repos.d/wazuh.repo @@ -18,7 +18,7 @@ RUN yum --enablerepo=updates clean metadata && \ sed -i "s/^enabled=1/enabled=0/" /etc/yum.repos.d/wazuh.repo && \ yum clean all && rm -rf /var/cache/yum -RUN curl -L -O https://packages-dev.wazuh.com/pre-release/yum/${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm &&\ +RUN curl -L -O https://packages.wazuh.com/4.x/yum/${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm &&\ rpm -i ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm && rm -f ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm RUN curl -s https://packages.wazuh.com/4.x/filebeat/${WAZUH_FILEBEAT_MODULE} | tar -xvz -C /usr/share/filebeat/module diff --git a/wazuh-manager/config/wazuh.repo b/wazuh-manager/config/wazuh.repo index 4b673ff0..e230d6a9 100644 --- a/wazuh-manager/config/wazuh.repo +++ b/wazuh-manager/config/wazuh.repo @@ -1,7 +1,7 @@ [wazuh_repo] gpgcheck=1 -gpgkey=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH +gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH enabled=1 name=Wazuh repository -baseurl=https://packages-dev.wazuh.com/pre-release/yum/ +baseurl=https://packages.wazuh.com/4.x/yum/ protect=1 From 066231198c25bcd6fbb51f2115cfdbcb767fb07c Mon Sep 17 00:00:00 2001 From: Raul Del Pozo Moreno Date: Fri, 25 Mar 2022 15:09:59 +0100 Subject: [PATCH 090/163] Change packages bucket for base tar file --- wazuh-dashboard/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index e6fc39e0..8f38685f 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -11,7 +11,7 @@ RUN apt-get update && apt install curl libcap2-bin xz-utils -y RUN mkdir -p $INSTALL_DIR # Download and extract Wazuh dashboard base -RUN curl -o wazuh-dashboard-base.tar.xz https://packages.wazuh.com/stack/dashboard/base/wazuh-dashboard-base-${WAZUH_VERSION}-linux-x64.tar.xz && \ +RUN curl -o wazuh-dashboard-base.tar.xz https://packages-dev.wazuh.com/stack/dashboard/base/wazuh-dashboard-base-${WAZUH_VERSION}-linux-x64.tar.xz && \ tar -xf wazuh-dashboard-base.tar.xz --directory $INSTALL_DIR --strip-components=1 # Generate certificates From 862b35881cd7ba88ee8d01054d63467599bfb8ba Mon Sep 17 00:00:00 2001 From: Raul Del Pozo Moreno Date: Fri, 25 Mar 2022 19:41:31 +0100 Subject: [PATCH 091/163] Change base file to packages-dev --- wazuh-indexer/config/config.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/wazuh-indexer/config/config.sh b/wazuh-indexer/config/config.sh index 701f0266..a56a52d7 100644 --- a/wazuh-indexer/config/config.sh +++ b/wazuh-indexer/config/config.sh @@ -22,7 +22,7 @@ export REPO_DIR=/unattended_installer rm -rf ${INSTALLATION_DIR}/ -curl -o ${INDEXER_FILE} https://packages.wazuh.com/stack/indexer/base/${BASE_FILE} +curl -o ${INDEXER_FILE} https://packages-dev.wazuh.com/stack/indexer/base/${BASE_FILE} tar -xf ${INDEXER_FILE} ## TOOLS @@ -103,4 +103,4 @@ cp -pr /wazuh-certificates/demo.indexer-key.pem ${TARGET_DIR}${CONFIG_DIR}/index cp -pr /wazuh-certificates/root-ca.key ${TARGET_DIR}${CONFIG_DIR}/root-ca.key cp -pr /wazuh-certificates/root-ca.pem ${TARGET_DIR}${CONFIG_DIR}/root-ca.pem cp -pr /wazuh-certificates/admin.pem ${TARGET_DIR}${CONFIG_DIR}/admin.pem -cp -pr /wazuh-certificates/admin-key.pem ${TARGET_DIR}${CONFIG_DIR}/admin-key.pem \ No newline at end of file +cp -pr /wazuh-certificates/admin-key.pem ${TARGET_DIR}${CONFIG_DIR}/admin-key.pem From ce083743d0567b52b6c2806e32311e527fe4acb3 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Mon, 28 Mar 2022 13:02:54 -0300 Subject: [PATCH 092/163] Change Indexer service name and volumes --- README.md | 2 +- build-wazuh-images.yml | 46 +++++------ docker-compose.yml | 46 +++++------ production-cluster.yml | 82 +++++++++---------- production_cluster/nginx/ssl/cert.pem | 21 +++++ production_cluster/nginx/ssl/key.pem | 28 +++++++ .../wazuh_indexer_ssl_certs/admin-key.pem | 28 +++++++ .../wazuh_indexer_ssl_certs/admin.pem | 19 +++++ .../wazuh_indexer_ssl_certs/root-ca.key | 28 +++++++ .../wazuh_indexer_ssl_certs/root-ca.pem | 20 +++++ .../wazuh.dashboard-key.pem | 28 +++++++ .../wazuh.dashboard.pem | 21 +++++ .../wazuh.master-key.pem | 28 +++++++ .../wazuh_indexer_ssl_certs/wazuh.master.pem | 21 +++++ .../wazuh.worker-key.pem | 28 +++++++ .../wazuh_indexer_ssl_certs/wazuh.worker.pem | 21 +++++ .../wazuh1.indexer-key.pem | 28 +++++++ .../wazuh1.indexer.pem | 21 +++++ .../wazuh2.indexer-key.pem | 28 +++++++ .../wazuh2.indexer.pem | 21 +++++ .../wazuh3.indexer-key.pem | 28 +++++++ .../wazuh3.indexer.pem | 21 +++++ wazuh-dashboard/Dockerfile | 2 +- .../config/opensearch_dashboards.yml | 2 +- wazuh-indexer/config/opensearch.yml | 2 +- wazuh-manager/Dockerfile | 2 +- wazuh-manager/config/filebeat.yml | 2 +- wazuh-manager/config/wazuh.repo | 4 +- 28 files changed, 533 insertions(+), 95 deletions(-) create mode 100644 production_cluster/nginx/ssl/cert.pem create mode 100644 production_cluster/nginx/ssl/key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/admin-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/admin.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/root-ca.key create mode 100644 production_cluster/wazuh_indexer_ssl_certs/root-ca.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem create mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem diff --git a/README.md b/README.md index 3fa14934..2ad15dc0 100644 --- a/README.md +++ b/README.md @@ -39,7 +39,7 @@ API_USERNAME="wazuh" # Wazuh API username API_PASSWORD="wazuh" # Wazuh API password - Must comply with requirements # (8+ length, uppercase, lowercase, specials chars) -INDEXER_URL=https://wazuh1.indexer:9200 # Wazuh indexer URL +INDEXER_URL=https://wazuh.indexer:9200 # Wazuh indexer URL INDEXER_USERNAME=admin # Wazuh indexer Username INDEXER_PASSWORD=admin # Wazuh indexer Password FILEBEAT_SSL_VERIFICATION_MODE=full # Filebeat SSL Verification mode (full or none) diff --git a/build-wazuh-images.yml b/build-wazuh-images.yml index e6ec7ed7..0d9b9524 100644 --- a/build-wazuh-images.yml +++ b/build-wazuh-images.yml @@ -13,27 +13,27 @@ services: - "514:514/udp" - "55000:55000" environment: - - INDEXER_URL=https://wazuh1.indexer:9200 + - INDEXER_URL=https://wazuh.indexer:9200 - INDEXER_USERNAME=admin - INDEXER_PASSWORD=admin - FILEBEAT_SSL_VERIFICATION_MODE=none volumes: - - ossec_api_configuration:/var/ossec/api/configuration - - ossec_etc:/var/ossec/etc - - ossec_logs:/var/ossec/logs - - ossec_queue:/var/ossec/queue - - ossec_var_multigroups:/var/ossec/var/multigroups - - ossec_integrations:/var/ossec/integrations - - ossec_active_response:/var/ossec/active-response/bin - - ossec_agentless:/var/ossec/agentless - - ossec_wodles:/var/ossec/wodles + - wazuh_api_configuration:/var/ossec/api/configuration + - wazuh_etc:/var/ossec/etc + - wazuh_logs:/var/ossec/logs + - wazuh_queue:/var/ossec/queue + - wazuh_var_multigroups:/var/ossec/var/multigroups + - wazuh_integrations:/var/ossec/integrations + - wazuh_active_response:/var/ossec/active-response/bin + - wazuh_agentless:/var/ossec/agentless + - wazuh_wodles:/var/ossec/wodles - filebeat_etc:/etc/filebeat - filebeat_var:/var/lib/filebeat - wazuh1.indexer: + wazuh.indexer: build: wazuh-indexer/ image: wazuh/wazuh-indexer:4.3.0 - hostname: wazuh1.indexer + hostname: wazuh.indexer restart: always ports: - "9200:9200" @@ -60,20 +60,20 @@ services: - SERVER_SSL_ENABLED=false - WAZUH_API_URL=https://wazuh.manager depends_on: - - wazuh1.indexer + - wazuh.indexer links: - - wazuh1.indexer:wazuh1.indexer + - wazuh.indexer:wazuh.indexer - wazuh.manager:wazuh.manager volumes: - ossec_api_configuration: - ossec_etc: - ossec_logs: - ossec_queue: - ossec_var_multigroups: - ossec_integrations: - ossec_active_response: - ossec_agentless: - ossec_wodles: + wazuh_api_configuration: + wazuh_etc: + wazuh_logs: + wazuh_queue: + wazuh_var_multigroups: + wazuh_integrations: + wazuh_active_response: + wazuh_agentless: + wazuh_wodles: filebeat_etc: filebeat_var: diff --git a/docker-compose.yml b/docker-compose.yml index 49515e47..41adabb5 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -12,26 +12,26 @@ services: - "514:514/udp" - "55000:55000" environment: - - INDEXER_URL=https://wazuh1.indexer:9200 + - INDEXER_URL=https://wazuh.indexer:9200 - INDEXER_USERNAME=admin - INDEXER_PASSWORD=admin - FILEBEAT_SSL_VERIFICATION_MODE=none volumes: - - ossec_api_configuration:/var/ossec/api/configuration - - ossec_etc:/var/ossec/etc - - ossec_logs:/var/ossec/logs - - ossec_queue:/var/ossec/queue - - ossec_var_multigroups:/var/ossec/var/multigroups - - ossec_integrations:/var/ossec/integrations - - ossec_active_response:/var/ossec/active-response/bin - - ossec_agentless:/var/ossec/agentless - - ossec_wodles:/var/ossec/wodles + - wazuh_api_configuration:/var/ossec/api/configuration + - wazuh_etc:/var/ossec/etc + - wazuh_logs:/var/ossec/logs + - wazuh_queue:/var/ossec/queue + - wazuh_var_multigroups:/var/ossec/var/multigroups + - wazuh_integrations:/var/ossec/integrations + - wazuh_active_response:/var/ossec/active-response/bin + - wazuh_agentless:/var/ossec/agentless + - wazuh_wodles:/var/ossec/wodles - filebeat_etc:/etc/filebeat - filebeat_var:/var/lib/filebeat - wazuh1.indexer: + wazuh.indexer: image: wazuh/wazuh-indexer:4.3.0 - hostname: wazuh1.indexer + hostname: wazuh.indexer restart: always ports: - "9200:9200" @@ -56,20 +56,20 @@ services: - INDEXER_PASSWORD=admin - WAZUH_API_URL=https://wazuh.manager depends_on: - - wazuh1.indexer + - wazuh.indexer links: - - wazuh1.indexer:wazuh1.indexer + - wazuh.indexer:wazuh.indexer - wazuh.manager:wazuh.manager volumes: - ossec_api_configuration: - ossec_etc: - ossec_logs: - ossec_queue: - ossec_var_multigroups: - ossec_integrations: - ossec_active_response: - ossec_agentless: - ossec_wodles: + wazuh_api_configuration: + wazuh_etc: + wazuh_logs: + wazuh_queue: + wazuh_var_multigroups: + wazuh_integrations: + wazuh_active_response: + wazuh_agentless: + wazuh_wodles: filebeat_etc: filebeat_var: diff --git a/production-cluster.yml b/production-cluster.yml index 18c59a9a..da20c52e 100644 --- a/production-cluster.yml +++ b/production-cluster.yml @@ -21,17 +21,17 @@ services: - API_USERNAME=acme-user - API_PASSWORD=MyS3cr37P450r.*- volumes: - - ossec-api-configuration:/var/ossec/api/configuration - - ossec-etc:/var/ossec/etc - - ossec-logs:/var/ossec/logs - - ossec-queue:/var/ossec/queue - - ossec-var-multigroups:/var/ossec/var/multigroups - - ossec-integrations:/var/ossec/integrations - - ossec-active-response:/var/ossec/active-response/bin - - ossec-agentless:/var/ossec/agentless - - ossec-wodles:/var/ossec/wodles - - filebeat-etc:/etc/filebeat - - filebeat-var:/var/lib/filebeat + - master-wazuh-api-configuration:/var/ossec/api/configuration + - master-wazuh-etc:/var/ossec/etc + - master-wazuh-logs:/var/ossec/logs + - master-wazuh-queue:/var/ossec/queue + - master-wazuh-var-multigroups:/var/ossec/var/multigroups + - master-wazuh-integrations:/var/ossec/integrations + - master-wazuh-active-response:/var/ossec/active-response/bin + - master-wazuh-agentless:/var/ossec/agentless + - master-wazuh-wodles:/var/ossec/wodles + - master-filebeat-etc:/etc/filebeat + - master-filebeat-var:/var/lib/filebeat - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem:/etc/ssl/filebeat.pem - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem:/etc/ssl/filebeat.key @@ -50,15 +50,15 @@ services: - SSL_CERTIFICATE=/etc/ssl/filebeat.pem - SSL_KEY=/etc/ssl/filebeat.key volumes: - - worker-ossec-api-configuration:/var/ossec/api/configuration - - worker-ossec-etc:/var/ossec/etc - - worker-ossec-logs:/var/ossec/logs - - worker-ossec-queue:/var/ossec/queue - - worker-ossec-var-multigroups:/var/ossec/var/multigroups - - worker-ossec-integrations:/var/ossec/integrations - - worker-ossec-active-response:/var/ossec/active-response/bin - - worker-ossec-agentless:/var/ossec/agentless - - worker-ossec-wodles:/var/ossec/wodles + - worker-wazuh-api-configuration:/var/ossec/api/configuration + - worker-wazuh-etc:/var/ossec/etc + - worker-wazuh-logs:/var/ossec/logs + - worker-wazuh-queue:/var/ossec/queue + - worker-wazuh-var-multigroups:/var/ossec/var/multigroups + - worker-wazuh-integrations:/var/ossec/integrations + - worker-wazuh-active-response:/var/ossec/active-response/bin + - worker-wazuh-agentless:/var/ossec/agentless + - worker-wazuh-wodles:/var/ossec/wodles - worker-filebeat-etc:/etc/filebeat - worker-filebeat-var:/var/lib/filebeat - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem @@ -149,7 +149,7 @@ services: - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem - - ./production_cluster/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/opensearch_dashboards.yml + - ./production_cluster/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml - ./production_cluster/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml depends_on: - wazuh1.indexer @@ -178,26 +178,26 @@ services: - ./production_cluster/nginx/ssl:/etc/nginx/ssl:ro volumes: - ossec-api-configuration: - ossec-etc: - ossec-logs: - ossec-queue: - ossec-var-multigroups: - ossec-integrations: - ossec-active-response: - ossec-agentless: - ossec-wodles: - filebeat-etc: - filebeat-var: - worker-ossec-api-configuration: - worker-ossec-etc: - worker-ossec-logs: - worker-ossec-queue: - worker-ossec-var-multigroups: - worker-ossec-integrations: - worker-ossec-active-response: - worker-ossec-agentless: - worker-ossec-wodles: + master-wazuh-api-configuration: + master-wazuh-etc: + master-wazuh-logs: + master-wazuh-queue: + master-wazuh-var-multigroups: + master-wazuh-integrations: + master-wazuh-active-response: + master-wazuh-agentless: + master-wazuh-wodles: + master-filebeat-etc: + master-filebeat-var: + worker-wazuh-api-configuration: + worker-wazuh-etc: + worker-wazuh-logs: + worker-wazuh-queue: + worker-wazuh-var-multigroups: + worker-wazuh-integrations: + worker-wazuh-active-response: + worker-wazuh-agentless: + worker-wazuh-wodles: worker-filebeat-etc: worker-filebeat-var: wazuh-indexer-data-1: diff --git a/production_cluster/nginx/ssl/cert.pem b/production_cluster/nginx/ssl/cert.pem new file mode 100644 index 00000000..c8223280 --- /dev/null +++ b/production_cluster/nginx/ssl/cert.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDazCCAlOgAwIBAgIUUVVsPuW1DFOSTqrGr8jq3wj0MnswDQYJKoZIhvcNAQEL +BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM +GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMjAzMjgxNTA5MDZaFw0yMzAz +MjgxNTA5MDZaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw +HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB +AQUAA4IBDwAwggEKAoIBAQDjHxJgZ6/eXExbdIL4wDCGRf4WCV+JSxpRn+zU79Nl +9ZG9vD3QI6f1wpKsLU6FQHlOFAF4PoRibvGgo9O8uIpIWwoa6SIlOCRJbWW49Fq9 +7kB/yBexsXtqRNUQegUUzWTyhqAN1SL4izvTIO3be6rUHeTKZQKoUv5KRWY48HaY +6oF4+fNuYRgPkCo/x3Jtky7fXbID5j1vF+R8RfjpSX0Q0/VmxC4yBbm6Z1eGH/2y +FFrLeCGMc5A6zSCcJF9/gOR1k9iYhFLlmof2MY1YHWmL2lpAoFAh+MPdvh22T9Tr +pM51Nk1jCYnkMXsbYYl+KVBRa1YiwY/FsP2ljVw67jRvAgMBAAGjUzBRMB0GA1Ud +DgQWBBQLqc6OQKJbSBDGdWV2ihaGZaSQUTAfBgNVHSMEGDAWgBQLqc6OQKJbSBDG +dWV2ihaGZaSQUTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAa +9X78ifetUgbo7qFv39hillPET7keqfRlKHhAFbu/rlxloaJulkm+EOlFgYB8YegX +8lm5Nhcw1pNGts70PQTR+3MztXh9MogaG+tcCUdcfOoDXNOlaXTxctzEfmrQJ9bF +4sNLVRVVGipvB671xCApF6mkL1LoqPYLq70v7cYZ1ywpqv10AExks5KUQgYPsDrK +owy9fMJqMzJGHmgp4Q50rqvtD8ZjvdHKi8OLY7NOdbbPfQ8Rs3SPrUgmXPdufWmN +HUe2O7Y+Z510YGezT+/LXkmfFBgLO2Ip7P0yRdxqPEoxbbwcFn/wb2fmDQvvcHW3 +KuaGsN8US0SfaoOoxMY6 +-----END CERTIFICATE----- diff --git a/production_cluster/nginx/ssl/key.pem b/production_cluster/nginx/ssl/key.pem new file mode 100644 index 00000000..d9bffa62 --- /dev/null +++ b/production_cluster/nginx/ssl/key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDjHxJgZ6/eXExb +dIL4wDCGRf4WCV+JSxpRn+zU79Nl9ZG9vD3QI6f1wpKsLU6FQHlOFAF4PoRibvGg +o9O8uIpIWwoa6SIlOCRJbWW49Fq97kB/yBexsXtqRNUQegUUzWTyhqAN1SL4izvT +IO3be6rUHeTKZQKoUv5KRWY48HaY6oF4+fNuYRgPkCo/x3Jtky7fXbID5j1vF+R8 +RfjpSX0Q0/VmxC4yBbm6Z1eGH/2yFFrLeCGMc5A6zSCcJF9/gOR1k9iYhFLlmof2 +MY1YHWmL2lpAoFAh+MPdvh22T9TrpM51Nk1jCYnkMXsbYYl+KVBRa1YiwY/FsP2l +jVw67jRvAgMBAAECggEBAL/gdT76+ipqYZv2D9wlShl2MlXdr1enGmIRMR0oS7lc +wLbBvJsGNJS8v/sz/501vgXHgwJaFq+uOPZU0cIjSbgdKalYgh9dkdJy2Lhrv+mr +ydPqcJIPdktuQW69F2PerkTylW96PCQsROt2a1y82rJ/WtXehmM8Ulbe0KCUDi3a +gPurnEAYMLBPTK31KWQwuVE8HHjfxze3WwDeGHIhXDZeqK+XYnu2aEqis94wAD8i +/QXw8e2Fyv2JSIdYXMbo6wWDgAeBn2LIcGT4QNsvnCcyFO5rqCru5PK+ZE7Cy11a +d/V62gnWi3MZuQfKPsXtYIblkLhlub1ZDmMCnQ2Y5SECgYEA810Z0ejfOcuG6aPs +4j2iBM3sFZGYCfeJvfZMmWmiDqj4eKCenUZz1TRshfCD0OBWpqiQ6LJKSWOxzuF8 +phNNiL5aMtPvBeH5vjfJgMsI3WwxRM3J6lSFbohrcnYIhLQB56FVxvRok7L7gFSG +PYneJLXLb3axRydYJqIxtPotZ38CgYEA7uoSKz3r1vLiwWx3XWrhNdJeuYU16ZBy +U46cV8fZaWwvjO2Tx9zzRbHXE0FW2G1RZcUK2lUe0fc1LxOF5sQVpZA3oQwNoNle +Sz4FoUGbBqEas4HX4RAWPr0twf1dL/1QWBzsS24+BvbI+uUGYwx/ew9n9MZJgX+2 +HWiVo4Z4KxECgYEA0CktYbAX6D6fmo89mtLvF77vlg9gBf53EkZvhLWnCXUce0mg +ApT1lUNvJC3zAiIx3AHJWVDPW/DrcTLMRN2z7ygqzNkc1WJSFZNwRzrjzUmy5tBD +Sq2bKE2F4nT1mlTCYFdOoIwEO3nXyBAEdvTLT4k0hpX20w7jRsBrVgq79Y8CgYBZ +940F+Zhg5i/blKPSatgJ84E2LWKi5IEY1AAt0hUd7N5vHFvlDGATo6eRGa7Ba1EW +mL/AfgNQH95ILvribn6UTR2VqLtNEe2/OcjW86SUN4Cdjkyj9PHbiFO91FIOKz7h +H2sf8JCtAKuoRyxDikZLKf8EntK5UEVdB7Ap1w5TcQKBgQDZlSgYcAlxNf2R45gB +keSpFzjMGnjbB7pCy1T+hoyzef6E8ygVuArh9rzT1RG12NJxU3n/GlEhgqPpWaIt +IEcsve2O1haVZcB1KqhpWBcaSvtlj2OzVaRWYY9q9lFDttQKUeMZlEzJVWEWsGJz +uJoCtm1SCqKsLvqXucUXJQJUVA== +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem b/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem new file mode 100644 index 00000000..3a568481 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDAZt6eLF/B5TmH +iYW1E2MIaovFmYyg/thrs7FdZhtKD1qYcTL1G/ms1lXjlczffs+klX9CGsXTzMNl +yfMh0gj3uZR66QhELBJdZSOeUCFkpW+1gW1HCyyarXJjXLjSKl21We9FSQskvSRS +3LFmHtN0AY5HNeXDSBbBkdW9Hcih9Gl15VKOfZP5JyHmd44nID/dMeJL9cD84JCA +g2sacSURSvPF+7336YQ5F9/Gfzw+vfs/kmpdYeAH/mp25bLW1PuTJz5cI2pugIIJ +YOd0oYCQUQ5ewrYMcaM+oIefBTQZsQjMTe1ZN2npe6fGvOnmrn+kQGp1UR78e/J/ +JIrogtWxAgMBAAECggEAQF0pc/icQB0S1cinth+6LYKXJ49qgCFA/Sar2vbhgjEI +uZ6E0YJ+T9eT/AKM+udNR13LqK2UKHqDk3WvpEzDOzwV89gpL8Uej6fZ9ogP47+E +U0/s4qtWTJhhf+Pw4D3UA2sGpEL/O1ca4614mxUM3+31TtU0+9MN6cuDmTRxfdvV +M6JwHI2tLOd7W1h4x0svW76DLIoDPyGuh6Gj7gz8RfHl3PV+jhliviwVnfS1m+sk +xjZdPetFjlsOHXSJnaynMSusPrDKMhQ+U+OdGKmlaNIJdGNqUE0o2CwToghcQ6nw +7GBNeAbqPAJY0qobOt4zZyqBJp+4en8LpoXO+50wUQKBgQDjWRsQ8d1plWdNrDyc +QEOxsBBUhHM8ERqIE7hpq04Gwd37z4M4RoNamgXmA+pVqwgqFoltQDVyQENqOBP9 +yZQbz8vOcXegwcs4cwN9+eIKBbS/PPo8dfrvW84lrfwIbfJ7FkQeZOB37FdEeX+y +u4t9KUqzlm1pv2FD41BUP5n2ywKBgQDYpkySPVKop5tNHk00sf1n75irNzf6SCYW +44ULPwS7WdzVacAtGEt7sL00ikXUxjz6euAga8ZtYzXVmJr6SslXW6J2McseIj2e +r4RmlJdpP3c+edyq3eJxIF7hAZHysDPT1nBC+GYNRzZcPLeom6MBq5slaZk4mVsQ +0JcyZJNZ8wKBgGdZOlSZnm1A3ZURlvvwutUrlEDXdQr5O3ZggJSIqw+nUaIG0z/h +zhSBr+zAGuaWuT9ov1BKwAEP9ZVzqKLV395EuAFA04Dgl+ExZ4T88yRbM687qQWT +HF9y/GNklA3A7VnG5XBrqx7Y8VLPaJ13ZBGhk7PPzi0kMrMJwpqJzxPBAoGBALsf +X9GLr8JGCcghHPQfq8zC0C1J40qEWIm6d+ZPxul+41NdJISOkFvEOpePumLd2jtK +OB0omVlPsGbNiUYXpDGUzwyhU1uynWBbHtNvEhvwmjDXFnZqcTPejrRvI7zm3czh +UVM2swZS9KvUMZkq3C8MJlO5EoMlSdeLIpx+7BprAoGBAKuWCmiKEPcNk0dX0nZZ +i1Oo4mUnpzAn+xaY5jD5MXhVVPWoEEyoaDXvw5KzET1l/s/mGurEhgs2rXBhUsYG +AGAWe6vRyByRvD3txG6mSvVwOFTaAfHBfrpl5TqECOU7G1+fpJ8U0yNh4VW8Fm9U +NlTPwPI7X1kQgauoStCM6uko +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/admin.pem b/production_cluster/wazuh_indexer_ssl_certs/admin.pem new file mode 100644 index 00000000..37d73d9b --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/admin.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDDjCCAfYCFGcf95R8Y94YseD6kNwKVho/cnO8MA0GCSqGSIb3DQEBCwUAMDUx +DjAMBgNVBAsMBVdhenVoMQ4wDAYDVQQKDAVXYXp1aDETMBEGA1UEBwwKQ2FsaWZv +cm5pYTAeFw0yMjAzMjgxNTMwMDdaFw0zMjAzMjUxNTMwMDdaMFIxCzAJBgNVBAYT +AlVTMRMwEQYDVQQHDApDYWxpZm9ybmlhMQ4wDAYDVQQKDAVXYXp1aDEOMAwGA1UE +CwwFV2F6dWgxDjAMBgNVBAMMBWFkbWluMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEAwGbenixfweU5h4mFtRNjCGqLxZmMoP7Ya7OxXWYbSg9amHEy9Rv5 +rNZV45XM337PpJV/QhrF08zDZcnzIdII97mUeukIRCwSXWUjnlAhZKVvtYFtRwss +mq1yY1y40ipdtVnvRUkLJL0kUtyxZh7TdAGORzXlw0gWwZHVvR3IofRpdeVSjn2T ++Sch5neOJyA/3THiS/XA/OCQgINrGnElEUrzxfu99+mEORffxn88Pr37P5JqXWHg +B/5qduWy1tT7kyc+XCNqboCCCWDndKGAkFEOXsK2DHGjPqCHnwU0GbEIzE3tWTdp +6Xunxrzp5q5/pEBqdVEe/HvyfySK6ILVsQIDAQABMA0GCSqGSIb3DQEBCwUAA4IB +AQBmD5zWoJt4+ZM9O5DPJ3Aet64u99F4qcKxBlqCTVXT3yUBPefn6BsfOp+sUBg5 +zRdkvwCNsft9q30lQyH+YowirxRYKcysotxMZ8y4N6qc+IKIMkqw21g1ZVs7zvWe +pCrhJHMzyk8q9F+4nw9WYHEKXxylqrEbx/LBaCoUa92uC5CC3UNNurq4j5c8jAJy +s4c+FoUo0y0jygFT4mduPGDD16tdLbqj0hOuMmOjaMd4YI3EJjA0iB3E/jF3uC7c +x4xRKkd5EqphsZFSt38++mlhSqx4RufbHkybiBL6o2yabOAHaWRu751F2Lll4G2X +bCufDoXEyJmllyGKwdszjVbN +-----END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/root-ca.key b/production_cluster/wazuh_indexer_ssl_certs/root-ca.key new file mode 100644 index 00000000..dceedfe7 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/root-ca.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCgQW3FAnMEe+io +J2f7Q8dU3E0xxLQ1w8RFm3yxCEEcUX2pl/nvzV2HjtZq+DBiLf4mvqJ5ExPVC+a2 +S5eBnzK8k5XNVY7/AZPao/tjIq03u8RERr9Yre66D8dPUsYb/MVr+6rqqMlJMZy/ +kqffRf1n1pdqc0veGPcAhKhcZNgotvhfRvKP424n7GhAkZ4pOb66hiCYof63Z5ue +4bTXSowLnqcjDp4fUgjGsveWeHt7RQMnc6VDuzEQAMWNlOOJDcZ25S0yt3bHPqnl +4NNASGALbyPAsWR+EyxsdiAS+VQz1XMoyw1EbLgY6zrFGvvH6/ZNkLVWY/oe7s0U +7gvVykcnAgMBAAECggEAcrFhFnbCSptDz9UkHjhMGPfyZ4QYVcJeXlMB0tHNh67q ++M3EG1QndDVOUBCA0EOKecBGF9EHiJqT7DP9os+FSGF3/RUW2nsOjpR9/l17C0Bf +H15i49zX1mIkiyj6kF1ADiB4GqniJXhUbudPLgSxb/etNop96d6EKOLIfBfQfJIU +1o68y1z9t41TJ1eWubuQRVo9dXA1bgdp21u81VNRZm89SPQZdBN0LlEUB9s3hL8t +xw2uUekYcsfGWd95t9mOHRh/zTdYQh7gmbEMbsBdpFpTwN1iX1WPR9fU7/vQT7+j +Odzq2Z9/QT+A1Haa5E4NJ4LX880/hlYELqVQaENEwQKBgQDS6tWliMMl1B88vdYV +3dK0ZXhePY845wRhDG9k8+WQZpgY6EG/tt1unaiYodEF2IMTzl2EVRXqbNfrqM8k +R4MBMw9LJ00SBhskPCz6ltHDkYXjDkDWiYkB70/bISdaSkErrQjSLkSNfar4BwN+ +yHgIf9rFpfTdtlBwGOnZWzwepQKBgQDCgnBoyVUQ5LRar4Q4meWym2HXDdhVyF7o +HrUSn1Ju0d1cRwS+wDx+NLay1BXNDPRld8NbUA/6HhJQhM/FJ4Ar4cZEsXkfO+HL +IPBf2IGtheAKA0E/xYOq6vfqhKgwQRTaOpFuytMEe+hEYU9AEjkbI8WSIBjmmHGY +H4zpyr7Q2wKBgAetyQ13xzMPX/vEJZEyPEOZFiLINvipYH1wCHYycv8o3Qy7F/m0 +3Kb0UnkMGyINWehUsQ7qUhvwzoOj57a4a8qVY08nJSUs17wf/Ls61nQ6TheQI0gs +RbKuVcfykw40ed7vM80DJjfIhXr2NmhdQBF/JiXf/uQ7iP4rygfBzJSJAoGAD8G7 +U3HD11t/lL0VK/Sjm+VkdqRjeweBULJ0Hq8TYXDUys3h/4XZIKwqhLATmAnNno6m +H7aLpMpc13L61dDOXD+s7RGnazVRpD/l2Q3T63el34nF9mGMugLQ1ImsikQraUZH +U79QetOCzE9JuToAsEckkSLSgZOl2BnuM14+OPMCgYEAv6ByRnhWIh2MeSxW9Yq5 +ZhlHXPJUWGVmyXGo0SQfH7+IdP9/UzBnq5zEhR5941JJelYuiT9c1dHoCLM5/+5b +ctt3QtzWO8UL3FvfCrCQh9EPc06x/KGl3Er7sadA2gswynufEJIP1AcUKftgdSUz +P9VcuRj5NBKBpOTSydF6mcg= +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem b/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem new file mode 100644 index 00000000..f2ba9b02 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDSzCCAjOgAwIBAgIUAeSkk9K3Kdq8XIJkKYiSTquz9+QwDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDMyODE1MzAwN1oXDTMyMDMyNTE1MzAwN1owNTEOMAwG +A1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApDYWxpZm9ybmlh +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEFtxQJzBHvoqCdn+0PH +VNxNMcS0NcPERZt8sQhBHFF9qZf5781dh47WavgwYi3+Jr6ieRMT1QvmtkuXgZ8y +vJOVzVWO/wGT2qP7YyKtN7vEREa/WK3uug/HT1LGG/zFa/uq6qjJSTGcv5Kn30X9 +Z9aXanNL3hj3AISoXGTYKLb4X0byj+NuJ+xoQJGeKTm+uoYgmKH+t2ebnuG010qM +C56nIw6eH1IIxrL3lnh7e0UDJ3OlQ7sxEADFjZTjiQ3GduUtMrd2xz6p5eDTQEhg +C28jwLFkfhMsbHYgEvlUM9VzKMsNRGy4GOs6xRr7x+v2TZC1VmP6Hu7NFO4L1cpH +JwIDAQABo1MwUTAdBgNVHQ4EFgQUXoqat1QPsvYURGUeL1bgCWSla/kwHwYDVR0j +BBgwFoAUXoqat1QPsvYURGUeL1bgCWSla/kwDwYDVR0TAQH/BAUwAwEB/zANBgkq +hkiG9w0BAQsFAAOCAQEALs+xWZTeKZwbPIHTUX34WWW6CaCe5QuHLszp8n8l0cze +vQ1MnZUt/0zhxlGGjRgBc4trZgtZ6gKwqk/546SGyHGwADhLEZgUWTC67yCHtE4y +8AwN/EcaWAtQ2ImRmWnYVnjQR1yLGR0R6LSl4lPO3rVBZzYv+E8xXt1+VDibJzeH +Vx57ClRLPdUGzu8ZClSu9YXaRPAiQssWrZYDO+EmmckG/F00g8gIe2fQjz3DR3Iu +IUUik9QcVJ3eos1zX8joOKnA59Mbm66hFPmPmr59+QiYm3KcphMzWpV4+zzGvB4c +Knn5NOurxDeImkKBGWSwxt5TjKQW2yEUYgFWV6Wk+g== +-----END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem new file mode 100644 index 00000000..9d0c5ba3 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQD3HBk7EMhe9LbE +RWAkxAP0YFyrrrwzrfQAGrBGMCmPAF7jmPCVy9kMId5WTWZ/+QScyC0G6i0t2Ya9 +VnlBls2oj1y8ywewWDIIbqH5G/H2h90y9vmqLQCoY4D9Lco2Z472yqplYtdab5Ef +Z27uRLLUIY5anl7w8R3cbsH0IYXMDzD3THOtE5NrwnOGXbg9DrqpOvi+kOHnKhVF +Vf2eGHsb8vtJz+iqnUIrprnfzc0ZzavLnuvi7qoTW8OZJf3uzA7kShOArc41/KdA +oDDKdOQoo745EPTNbY2n8qwirZeoOt7SWC1X3CtmaHhTGYkcl+Bq01zRcSSDhUCV +fuov8BxvAgMBAAECggEBAJCzso6k+ECqmm/6lB9TbWFoIDwkuW6l2bFJ75laUKu9 +stMiVxfQ5Au3tYPiFTixMKNCkSNwc/5aWA19msnurgWb1dl0Js98BehsKItAcwND +ciOK/o5Jhg4VHo6jhrsvD0ezS+7M34DEvj2eixYZwoJ4F+02ui/rceoILalxC/F+ +eUKLU9jPmjgYJBQWcaNnwFkT3EyD3eeVPmsvnF6T9ZRckOXlVehNGPQY/GrvAfyb +2D8wmMQIXI3UoxD0k2B5mjUKfwCmErc9uJPppQabphDME3jry4/uYJUP5czap7oc +wGf05ZHMXeiYKtMnPrv2JeEPe0KjDhPFXHVhr34V1zECgYEA/NAM9r6V0Dvb4b0K +TC54whGemcsMGfr157/k8UOyzkegSEgRycz0xKP0hEBoShIEV41tVwWmoiSZTGNH +iGnZvCosfGNOQ9bJpM8URWycxY4bd1SGVjWkX2wCIJScLPrGtK3IpcaRduIN9tmH +eKVHtbPYm+DiZ5zEmHDTmM1cIwkCgYEA+jmkSt4Lil5RxA/Kj9wDT8CS76Kpl/G7 +mVKtexJOHQBIH+AngUfSXEMdjpb9GLPe4gjIYPgXBIk3sJ07uCitmPHdQhU1MwtM +pxx8ym6Mutqwl7U0ZeF6ITycM8OXI7ySre/hY29CLpcjOtgBtIy07aMEuxhrWhjA +v6i2yR5JybcCgYEAhHviz0uA5ub3i4ytYM7ZqZniK2YkqVjClPgS2fxIL6GJdVeP +OtmVS5dABC5ceLSIYflTW08yy7WyQD2mtu4BlIHlXioMUbC1axC55sfMQBsAecBp +xbPGt9q6Iqi+TzP7/aM0iutMP6im+L12KNs0gRwGX2myO+oDfH9j46d6qUECgYAc ++LeRA4yKhMkqzjlB1tN7VGyu2kKQmSiDZBM6ALCSowm2xxlL2qj8jbjKXakIRysz +OJkawR7JI6oTBOF5PRx8bOSVVidGtbQ2VRINzib1K4Tuy8g5U5X0azQaujaxqI/D +G9cY0DT1eAJYOdJYuUHpkcpmbzlewSbwCfS/7IXWmQKBgQDv28cShUg1W7vIJJW2 +Y0spJ5yMnN3LUYkJff9pMlMdIeCrxYaQDGB6/Yr/B3SceSp6abPdw1FLolcaHGZ2 +Dn3X+Yj05zmmkBZv111sIvE8axYs6PH+kuTdiyuZ1Xndeas/FYNQO8dSdurxW8EZ +RDC7Gc+a8yKjZBCO2UEXJqbr2w== +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem new file mode 100644 index 00000000..1eece989 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDdjCCAl6gAwIBAgIUZx/3lHxj3hix4PqQ3ApWGj9yc8IwDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDMyODE1MzAwOFoXDTMyMDMyNTE1MzAwOFowXDELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEYMBYGA1UEAwwPd2F6dWguZGFzaGJvYXJkMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9xwZOxDIXvS2xEVgJMQD9GBcq668M630 +ABqwRjApjwBe45jwlcvZDCHeVk1mf/kEnMgtBuotLdmGvVZ5QZbNqI9cvMsHsFgy +CG6h+Rvx9ofdMvb5qi0AqGOA/S3KNmeO9sqqZWLXWm+RH2du7kSy1CGOWp5e8PEd +3G7B9CGFzA8w90xzrROTa8Jzhl24PQ66qTr4vpDh5yoVRVX9nhh7G/L7Sc/oqp1C +K6a5383NGc2ry57r4u6qE1vDmSX97swO5EoTgK3ONfynQKAwynTkKKO+ORD0zW2N +p/KsIq2XqDre0lgtV9wrZmh4UxmJHJfgatNc0XEkg4VAlX7qL/AcbwIDAQABo1cw +VTAfBgNVHSMEGDAWgBReipq3VA+y9hREZR4vVuAJZKVr+TAJBgNVHRMEAjAAMAsG +A1UdDwQEAwIE8DAaBgNVHREEEzARgg93YXp1aC5kYXNoYm9hcmQwDQYJKoZIhvcN +AQELBQADggEBAJCW2Dgi7T/b+A91qDiYkShuif2KQpjEw2pMbMnrJYfuKiLSkoP5 +abBsG4DK1uHARZM1jrwSfggApyM3iy5aSMqg0yheEMMErdLM6mZtAoVihGn88rnV +fqRdUR78+K7LpgvPMzBTo3gNXBj6K0HvDDbyxbBVj9kaXueFq4DaCRYhlLGGPJAN +YS9F2tt3Ghbm2/U2mA5qKbjtwjwbB/R9CnjcKN5kBqOrCSRSxcF3eJp53//U5wGq +wbK+RF/rb6Zv8ZNu7qKamZcxaBYp+yLyL+y+UgYkkG7ngURmirImydstzOIwAybg +ZXFiJMTkZC/S8GkxIucglQW4zt1uZcFB9as= +-----END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem new file mode 100644 index 00000000..704b96fd --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDz0H54jhhiHn9W +/JDqg/ATVxOanceRJ/YwGnIL/B3FGHBXuorApDhVFXuXAw1FbrcMjBfW/IYmB6g7 +R6DQvDbzIay/6p7puqgM85axkhtORna9UF9GBWvIXoRsJi47937YSgLM1PKbAmTw +7gSjb35vuEfaC/ke5rpenm+UgpDC8lkRV/AmmVV5GTAMTw8ZR7B/7dosEIh6BDlX +xI+SJ1GQDUvsAY8w/XwMXW6h4Mw0APvU4ugXu2H5VlEMQBS0q9H++j3c7bs8AbyE +oZX4f2OPc/r0b/NdRoeby7MN7xG5KCMdQ2NFNtqGvRFj1vIZbpdVD72QYiT/LPMg +xKSvdJL/AgMBAAECggEBAI5tITQzbbMDtceOyuj0Ie5qU51ixg3ZlksLZ8vwf0N/ +v0DATAW06ONrJUNWGQ6SWoQN4m9IHOViW7glY6AMEt18snl6CVLoIvtN4J3ih+j1 +6K82oDE7QXdPH3Q96YxGS+b1dSVK0F4Uy/qiUDtZCjchI3gQvnp6tixHyU6r5vy5 +ibeuGEP9UmkpRNKD68NRjY+AKSmWDHrwA0d5X7qXsGhjT5hxa7nurECI0+C0iub/ +QkvOEYfxi+rmyz4AXn1KDqw92iZo61pChLAPpKKQIs7efzyaD7FRSdd3RKygzkI6 ++d/18Lhv8JtD5Kh8RyvRSdnOswAQbZWgH0nFOpXmzUECgYEA/i4EPKsM2F/0+/rm +MykASG1bJqhSNiXgA2MaqIYKjBtRYwWEuS+DXUFC7nUgOOtFUo+iUuxeh5Ez6b5U +n0PMEq6SHkJ0jWAo86vJDGWhI1ljiYp7RGMfUdJWu6C4AY4QjsRvdzUykgqx4SKa +HuRym3cs9r4FXAcPqe64rdYWzqcCgYEA9Y95k2zak0FYUikMpTfmXGB6FtD3+a5U +orbfZx1JxGmOMs4kAal2OjAl8iKxQGxtLO2EpWRCv6ErKZDfC237TCafqXVGGz9+ +0CiaxdkFiJ+MKagOAuo0glwh8QIHMVCcTLlw3yeF+YEtBkkYWAHrmm6IT7JgVNg/ +KznF9rieO+kCgYEA8GZVW4vr+jnHWwtR7dE5k0bajxVjrBLmbE2vSPR9xUWRFDaD +8SIe/HRc+WuNrkfWqN9whz1HqrCKiOia4Ice3Ax/5l60HYJ1OQGghTkZznUcz1lK +fMPDO3/UyGCZp97VijH/up911OqIkoZHfjBStPdib3wJVaDYD8DYqpFxwMECgYAj +Sc0E3J3Ej51roS6KB7B5Efw5jyoznVPYVkNghBr3uNuQfYM7Iek1j3nEhCvIwEwo +KrHnOrNE6ppTTNhgwhtc5CgJqCq8+7DzpQIo8HkVGyh/TAFHdfS5zxeplMsH0TfE +5tlLmFhudJvNzW9MJmp/NOct3MpvJuxc/95tCDblEQKBgCQo8mHC6b03AEwckFr7 +OXvq7FcvXk4j5c/Pab44qsLBvqBmp6mdb5VfRRznIzsOqQgj3TuBkZifp9nYNf6I +Brc1WfSohpLLObE7SmR8i3D40JcTnU9weJoYxdO6UZJf6H73Bsz5yf69JkmYtGVt +pnpD4Gpxy8kh993/U3ne1Ddh +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem new file mode 100644 index 00000000..65727cb4 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDcDCCAligAwIBAgIUZx/3lHxj3hix4PqQ3ApWGj9yc8AwDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDMyODE1MzAwOFoXDTMyMDMyNTE1MzAwOFowWTELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEVMBMGA1UEAwwMd2F6dWgubWFzdGVyMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEA89B+eI4YYh5/VvyQ6oPwE1cTmp3HkSf2MBpy +C/wdxRhwV7qKwKQ4VRV7lwMNRW63DIwX1vyGJgeoO0eg0Lw28yGsv+qe6bqoDPOW +sZIbTkZ2vVBfRgVryF6EbCYuO/d+2EoCzNTymwJk8O4Eo29+b7hH2gv5Hua6Xp5v +lIKQwvJZEVfwJplVeRkwDE8PGUewf+3aLBCIegQ5V8SPkidRkA1L7AGPMP18DF1u +oeDMNAD71OLoF7th+VZRDEAUtKvR/vo93O27PAG8hKGV+H9jj3P69G/zXUaHm8uz +De8RuSgjHUNjRTbahr0RY9byGW6XVQ+9kGIk/yzzIMSkr3SS/wIDAQABo1QwUjAf +BgNVHSMEGDAWgBReipq3VA+y9hREZR4vVuAJZKVr+TAJBgNVHRMEAjAAMAsGA1Ud +DwQEAwIE8DAXBgNVHREEEDAOggx3YXp1aC5tYXN0ZXIwDQYJKoZIhvcNAQELBQAD +ggEBAD+AxLv+eGj/zEhRWy2FR435ILfn5C2MnFXYSoSe8TAcEYXTKWbEnGvkIzCZ +UUQdO1TnnQ+1AedMwBEgrU0CuLdxX8exVJXuIlxlhY8rvGW4bdz/gLh9QjL7xOCX +XOv5efyxexF70nZ47/MacvaWDBoqa17su0XT7TO7SW6a4N+NCcfqOvq2nuiEFMu+ +MtP3zXz2BX35GTDaxy+ihFJeTDbQ1NiZFXIcZHDw7cEMBSMmGdFFTdTeMwNDMOdH +/yxba3T1x5PEOfW1e3M/JX5Fm7YMGfFQ2PGdKMN2a0bvWNiBWMxsCAgIODGHRYgY +4IIIiamySY4Z7ITEzEgR2KxwIx4= +-----END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem new file mode 100644 index 00000000..b28809ea --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCp5d5+OjTMcSA2 +JAgOM1KNWKWMFk0BraU46Zd7MEi4cGXmmZmROm1gxHv0KM1d8T6eeM82wffcoDHp +2xGZUDKDuqKwpkM1JVk4ysJADfaERETGWVs9ovmNDqzHu2gg4uYXsfWZXwmEsnTI +9kDI0nXgUz2V21gmyBftecZWbiRunWZ7HeIFb43HsmN6kGpg/IDg70SK2gi+yvvM +wYwPIoVHXuspvy/HlXNvpj2wGQ7yCie01UXrkvBjGSSfYdkYwZVSgafhe57WxnR+ +kRZld2Xg9X4FXii373OKQlyrrfG///nMVXLIugIGK4FUQGXXbMW7X7P8f22hFn5f +RP0zgEOvAgMBAAECggEAVR8RSUbaWy+2hsmoq4y1KJIoZzZpIJUieZA3UAYR+S5/ +L3j3gta2JExtGhgzRITw7a7ziqjGCWjNeTBD8f9HP86LYlv6wi7TM+wKRNN6Fiyq +FIKCfzAfPbgDgxJ3CjsEMwz7UvtVpoFOl70hGjyvyFOMQH+j+9I2gsmHQJhwcmZi +n+ZLnkqq853hIA3KYARAohHHirvQ+qUYigPmU0ypds5v4dQqWseI8Rbqj3qfASU+ +syCW7z/6bLW4h0AYJsfYbIg606qHe+fXewcQEZVF8KsCkYLzyXgvQuY0++9JhsVQ +9pC8JuAs9kIhOsYGVznUsZwemPPdXhj4gm85c+6yeQKBgQDeZ28c4pdV4R1dWwiZ +MRhBPKVStVr30/WTN2VY12D8pvObdbZpZ2GDbEZDlROr61KHt0JbpMyJegdPhetH +MOIoZiQiVuL0CjWPrzrwdG0WjpF3sFRFn/iPzt8pQEW1ZgrCYtp8wEco1f/n1/Ps +N5w63OX1sVzywtGKyygV3h5FEwKBgQDDj/neyj4GIBFFmm+m+l8CFd2rSWWux0fe +TYTtN/9usw3BTAscyRVCoOHQ19QxzvJRk9+p+sBet/s8c2w8gtJTXvw3wYU0r4Vy +B62R/TFD4n6x5jDeF70QicQ83C6pkKzjzXs4dnSclwWUaSX9ikN63fhhl4OTZ4Bx +OYjZDorGdQKBgQCD9k+BjhlJhacMy4UQkIbZvohByQXO4t9lmIrz6efMQatt5Kx1 +YjgD6OzQENZ5PcncaSpggioysEtCLi3qMeEfI2vxTCihsKUTOl/4aLyJk9JQeDmo +jkDH43GaYl56Qa/Eoy8MsnIGkuOixwoecOisLIHuBG0oRdxbRCvmvcKsLQKBgGuO +J9LMUEh2IomxYm7njJFNDVlDSNVTbMdqwwzkm2t6trn05Le0MCkw6oE98spiEwui +1IRcEKkHbvnUUVcGbD7GItlXabeMQUxxxJhiNFIto5icDYxYafdKjc8bGd7QXwX6 +4SYwn/nvZXY2TlqfTHWq1wx1lDvh1NZw2j7mrJRxAoGATOoLXO2+uq9WiNZJw3m3 +zK+v5zNEYa08je+lJcTfz/W0NRF1RwH9RnKW1Gmad3cWcRbt0Ds7Ieds6e3K7DBp +WZO5zuHStmjsY1sYyp3aQCnl8arK+1BQlBVqbdyrEpfW4SGxhlTS/fQjrr0qE7bZ +1emcPEJYbm54EBUbYgmx6Bk= +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem new file mode 100644 index 00000000..c1c4286d --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDcDCCAligAwIBAgIUZx/3lHxj3hix4PqQ3ApWGj9yc8EwDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDMyODE1MzAwOFoXDTMyMDMyNTE1MzAwOFowWTELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEVMBMGA1UEAwwMd2F6dWgud29ya2VyMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeXefjo0zHEgNiQIDjNSjViljBZNAa2lOOmX +ezBIuHBl5pmZkTptYMR79CjNXfE+nnjPNsH33KAx6dsRmVAyg7qisKZDNSVZOMrC +QA32hERExllbPaL5jQ6sx7toIOLmF7H1mV8JhLJ0yPZAyNJ14FM9ldtYJsgX7XnG +Vm4kbp1mex3iBW+Nx7JjepBqYPyA4O9EitoIvsr7zMGMDyKFR17rKb8vx5Vzb6Y9 +sBkO8gontNVF65LwYxkkn2HZGMGVUoGn4Xue1sZ0fpEWZXdl4PV+BV4ot+9zikJc +q63xv//5zFVyyLoCBiuBVEBl12zFu1+z/H9toRZ+X0T9M4BDrwIDAQABo1QwUjAf +BgNVHSMEGDAWgBReipq3VA+y9hREZR4vVuAJZKVr+TAJBgNVHRMEAjAAMAsGA1Ud +DwQEAwIE8DAXBgNVHREEEDAOggx3YXp1aC53b3JrZXIwDQYJKoZIhvcNAQELBQAD +ggEBAF/f0DqnLPns2Ooe1JDNd2oCqjx9MOqGnfifq4g6jUIILBGuTl/4BV+8V+wp +mOrnLWIZM2kJoitUOHJW+ExN/JXXzHKryLX1L+sYfPbaoogX5bTK7vT3eekRjISB ++XEVHoh6BeCW9Ds2m/c/r2h8pZcj8FmIkoGYAvqSAqaKY5BubeCOkZCAC1qhI6jI +KPE6oWZltFcmq21ALl7vBlH4Sqgm3lJjq+qIxHCj5D9+fBuPzxLiMXDt+3+uCWr3 +xHcsR3e2apBEay7mzvOGWa+uoI8SJnzahKoRj9irgtrg2bOyPKjlz3fBqTn9TbP8 +f4FTeZjK+qsRKjQPKV3WgLOdj/A= +-----END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem new file mode 100644 index 00000000..d40b1c9b --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQClqTdxIM8gJHw4 +hHCywCEe7xBz2DJLNMFIFbmMXdJG81YD2NhOgfIxtMSJntRc0a3bNFg9VSAdpL2K +mJvSPhf/KBoqt0JrA26o9XzY0s/WHyYogEOUMEArcVz1ShSwlPebJt806ts74KE0 +serY/I6VgHg6UAgGVDY859wHwlrIOAhdm3dWuCFBkD0OPi+HSRkDPRYZ9t+iwJM4 +AOTMt+cO5VYp7RxFr77dbyxS4lhaRGZRA3q2y9D8EorpAcubXF1vxxYJROVRD7WR +ZcoZg6t9z5ogJLAwZuzHr0w5bOhtTRicaZ0rRrjsuVph0IrpZ7tBueFd1Ivhw96y +f/hEBizVAgMBAAECggEAFMU/r052ycfpT0jDvJW8UV2WCYBM5gMKTNh0eDX3PHAc +E8VncYh3bmYE0mB4rd6YVsicW6xFp5HVNgBmYRjp91L23O43RKWchVCqQ6FC78ze +Auv6DSVzlj7TcenE6FL1LJ3WFJNxw3Mpoyq/kE8yLWp7KIyKRQjf+Aj2HH7w1POF +zq6JI4CHFfgCnJLDr5i5insSDJqfQUMkRG1RG83YGGcQjIOSJpAF31mmZlwcRUU9 +bM0GvV2Di/M0nbjsC2fmUcbpzyrLkjtruJBcgylJhjOCP4EQ2WBvXM8SGe/U6TFe +s+SY+ZpxqWE4VOdZu+ELXjcYBB2GA8Vl2D3U8qiLIQKBgQDcWJ5uI9aYt75Z0Sln +yyluzU8ElYT8dMo73tntEmV8/gUZdbsH7Tb4j1+zsYGdu9dEhhXziJEDOt8fUV8H +I33TwJhz00vQzajh9PwkPTVFZPrnKNBA7G742vaKqeP4B4Aa3U1kX5mqnsuLsyCi +eh2Jg9lWoIxGVYPnBzhoNOhjeQKBgQDAd2DsmOx7SDRhpagSlsGSnrdQDjDnE9eT +JeJZDVHzO714QQsVfoGr37l9zUJdTEk4SQdmpIRc/ZY53w6qCeTm6O+muc1A2Ixe +p+gCh7oUfK5tRay3eAUDzl0B9SoTugD1+xL5E9lRmsK6pVm+phkmFOjaZWChehLd ++jx3NpsBPQKBgC7eWrSqwtaxHrgUGW6OdD2xRgF/nE3mua2KdWhL5XJ0xbjopePF +vU+Zj421UBCxB9T3gGvQvKenOhZ7RG9MSVNlQAhDBXlghW+qoIdEzbP5CrVopQNq +RyB/0rkj8e2sCr+sGu4it5jnNfx9GY/10ZqShQQ8GhpLzkax7nmb52JhAoGAO6hF +ONEl7Aizg9jvQePM2H+t3ninm9jAp3HEuUmxry1DS3UN1HnEA9xzCJWJDpZI09N/ +Ice454ILAKEtUHOEqjZlok5RWtpEmEp/VdlwSk1jW6ePI8dl9ooOtj6h7j9ncNeE +SARpBixsU6JRMREXFoDAtIFb9HF8S6X2/BTG8xkCgYEAq0p/qqxaPbfYdvwDhRxO +kRqFPYmblIBWY8EayzbACCOWcrDxMsXix9ZtEzNFg18M8XRAqJubewTQUQQJ0u4w +kMEmn1iBqMGH7c9DIARFfAD5oVQhFcUOosbVEL4ikTlWy8/tJuYit04Nks54NHes +YJarxN3BozGkHQoQ4d1CnrQ= +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem new file mode 100644 index 00000000..21373b42 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDdDCCAlygAwIBAgIUZx/3lHxj3hix4PqQ3ApWGj9yc70wDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDMyODE1MzAwN1oXDTMyMDMyNTE1MzAwN1owWzELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEXMBUGA1UEAwwOd2F6dWgxLmluZGV4ZXIwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQClqTdxIM8gJHw4hHCywCEe7xBz2DJLNMFI +FbmMXdJG81YD2NhOgfIxtMSJntRc0a3bNFg9VSAdpL2KmJvSPhf/KBoqt0JrA26o +9XzY0s/WHyYogEOUMEArcVz1ShSwlPebJt806ts74KE0serY/I6VgHg6UAgGVDY8 +59wHwlrIOAhdm3dWuCFBkD0OPi+HSRkDPRYZ9t+iwJM4AOTMt+cO5VYp7RxFr77d +byxS4lhaRGZRA3q2y9D8EorpAcubXF1vxxYJROVRD7WRZcoZg6t9z5ogJLAwZuzH +r0w5bOhtTRicaZ0rRrjsuVph0IrpZ7tBueFd1Ivhw96yf/hEBizVAgMBAAGjVjBU +MB8GA1UdIwQYMBaAFF6KmrdUD7L2FERlHi9W4AlkpWv5MAkGA1UdEwQCMAAwCwYD +VR0PBAQDAgTwMBkGA1UdEQQSMBCCDndhenVoMS5pbmRleGVyMA0GCSqGSIb3DQEB +CwUAA4IBAQAOCTZt/CT64XIJt0+cd/cIKiRU/AGa6KQI3jeYYDIGRaHvuSIgn8cK +kdUB8i6Tiri7Pwfj2oU4x06sxzKpGsED99m/Rb+MmmG9uUHKh/dwhPgXoXS/yzH5 +NPqTr06aufeJhU+/TaC/7QvI505EB3TTNh3j/lWSrGwm1lLC809kB5YiaHd1ke1D +2zo081ePh7TIHtbOlVVdRKHAe65rXl2YqrBisUjXcJIL7gmtq7mvPs9eh8on6r1f +zQ6ayiCXqMJzvPgGkg5Ph6IyiKCXIF5SZNxkEa+8vkOuUrJGJE9ZqvKDpve+BsRR +J0GBkJORTvgu+GtlMpSm3F7uzT3TzaUy +-----END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem new file mode 100644 index 00000000..c83353c1 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDcb6KPDkzPq30B +3bfJBFz4nGpwTJe6ywA6p5bkrWBg0x3BKxl3h1UmC+1HGf9JejtiN1Fi5oXHOG+E +cLwWIxekgeeYbaaPMCZdtvW69BLZlEQ57dwEqMBAkazgO4Mkz0OWY9NI3UsAhVC8 +Wo5BIhNBom0uVfVtIlCfQOIgZyJ5OWC3HGKG3w3/quJnCa13GqueXvIkACf8LXWb +FUc6XmGYDplc1YobEEhK2NubcrI6dhO3y67nQ+XM47EuqM9xZQGpicoNvxG5gHNj +cpONRqfOvfgqLs5Qb6MNsQo3PXWVSOULWqchwXG+iye9+x9rAfTZ4GCSQiwG6Ng2 +t8HT0dL3AgMBAAECggEAErHNAYDe9sW+ZkgdbAjYsaTiSf/U5lyM+mx4GZCymcON +xHIZSM/LYtykFOGZiuu42Y2Dc3XFZq3cl0jQSrhTKvpxX7X86CvXNR9tG5vTdWxj +lN4dSK/fDhrMpH+nkZmaS8jPhGBwGe00eaTcZ52yMGDMDZ/wnn7Ig5kHFGRqwgj5 +Tmny60vqhMh1MkFX/fdNzVkG4wKpWpfGfFWCLUa8GpOcjs7fi/YDh36ZTMlJg55G +7BR2aygFLoaBc2qNroX5Aisy+t6YAc4/amlN+N3pGU+gG94EvxP5nSvot/6bw5Se +BwIlhlylvVWM+iPuF8jkyET+gPkGnm8gP5vwhXOMUQKBgQD+F/3CPtdmSaRa91+K +GR9v1v94ChM2hbuo9HZhKNeYsiC0Eo0GspifkPVkE3Bjpa5EgzSUyOK1WiWomYZS +6An2CyNhOsMib7OcruwZ7NxL7Nlro+jH4dwXbAWF+frsKMFedjSLSLPhPJZtRPBY +39VNIRJJBh5VAw14q76hHtedgwKBgQDeFwBZeeuRM6GowCby2hlGb0TAYv9CGf8n +MwLTJdfJTGEVucYl3k73PAwlqlewGA90FTSyCo3CbrQV8YfEbqgrww3UaqHkxK0A +UBT3XJ718Sa3qOeTDEBr+1L+q6ZnyqhuMC2Lv+V84xUj3ykqC7pPDKThA6P/NDs8 +9tYdyYROfQKBgQC+CEdanREPiQgImHW1nLBsPol1x2MzJbWB2MMoSxljM+VNh4o9 +dhi7TfiYzgkCHYlF6DLNC6iyJSeA/sD9BFle0Fm3f/EssgnMpu4hPYpMpmi9Hisc +QokOY1WGK71EHf7wnMsTWF5fl6aRNjvi3BR0yMUaJB9PSScsFpZNffmX7QKBgQCb +zHkDTANUdmsG7d2k6hlnDvGlIQ2+umwDfMaTh22smndU/WEi+aRdznMbDTe8ofRd +U+8Go161MmIFLs42oAY7xPbzt+ZgjRRsLsG2kfQ1xnmJx+TEhIjA96tOWu4+y62C +tyuMaQ89oDQZWRkQlO+bOtyDucEXa/XOm76zYMX/JQKBgD6etOw9ggxRr3t7GQIT +hQK93mgdwVngu1Wp+HmTKkcBSe2fbOmxd/OZaYVDP2VgnDgAru3dv4bT8jwi1CoB +aEQrMmQ1qKPhjbIeaFFwv5oXpkeN/EM0FFf+dEEPhhVigqYW8z1OUnkJsfsCg71q +pUFpUqsZTRhSm/MTfx8CVjMj +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem new file mode 100644 index 00000000..317c047f --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDdDCCAlygAwIBAgIUZx/3lHxj3hix4PqQ3ApWGj9yc74wDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDMyODE1MzAwOFoXDTMyMDMyNTE1MzAwOFowWzELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEXMBUGA1UEAwwOd2F6dWgyLmluZGV4ZXIwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcb6KPDkzPq30B3bfJBFz4nGpwTJe6ywA6 +p5bkrWBg0x3BKxl3h1UmC+1HGf9JejtiN1Fi5oXHOG+EcLwWIxekgeeYbaaPMCZd +tvW69BLZlEQ57dwEqMBAkazgO4Mkz0OWY9NI3UsAhVC8Wo5BIhNBom0uVfVtIlCf +QOIgZyJ5OWC3HGKG3w3/quJnCa13GqueXvIkACf8LXWbFUc6XmGYDplc1YobEEhK +2NubcrI6dhO3y67nQ+XM47EuqM9xZQGpicoNvxG5gHNjcpONRqfOvfgqLs5Qb6MN +sQo3PXWVSOULWqchwXG+iye9+x9rAfTZ4GCSQiwG6Ng2t8HT0dL3AgMBAAGjVjBU +MB8GA1UdIwQYMBaAFF6KmrdUD7L2FERlHi9W4AlkpWv5MAkGA1UdEwQCMAAwCwYD +VR0PBAQDAgTwMBkGA1UdEQQSMBCCDndhenVoMi5pbmRleGVyMA0GCSqGSIb3DQEB +CwUAA4IBAQCK6zKAcD2FD19X/P/NSNsZgrbqcBWuE+oh4L/xG5F1Qb55tgq/rHM2 +dp5RjAl+KKetFJBjifdCTqE3Vmc572jl6iTZUrUdc8R0g+46nsUS1IWz8PcEy26j +jWPMOzvRFJRlTk1ZztyF7gr0U1CTnbJ+T4Rgg3Yhs6/NqxtqjI+n9LKVdkEI4aJa +IwG+4LarEpaQ+f+bv9ghZzBkTxH6SnO5F+NX3beo/bhAkEfXkCVNcTtQfhSPabSO +1G3G/NDjaU0A/NKZIL0I3vEvsn+9ivX8hp3UYNWKIV6EUdD7X7zPB3EvQ9obaOmu +9i9NbBwUi3V8FkNP5R4alt1RwMbvIJXw +-----END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem new file mode 100644 index 00000000..d13e74ed --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC9DCg9WXz2kPz/ +ZGWOduqHq/KNlwjy8x+me2xm7I2N182Ar16ESqNlen0mbSIF65A0QbaePp/yNJAW +S+weO2SKYxluNLUV4Y5fOBPLNhqb1w8lkcnPgXewtGV4NltHkm8phjQ28gXu1QSH +ugC+cmTDTx8BXH1GVkUAGlzFrEcjKid4YKV/zwz9TtMAsLCrhmaQpwEOFFsB+nQ3 +PQLV27pMrYoRWPXXfQyzFBA9uxfJ4FVBZyQMGK7tsRMuka8DuABJ+IdgNg23MtN4 +4u7O+Ct7GjYm5FeHHx1I86rhNQGL7twZQeSfApbNqMP1fVU019zVBF9hBJ+KQwIV +huKZpcppAgMBAAECggEBAKfIQ2p3ot3evnwYab3wMqSo6gPaOVoOh1elkQckCVoL +XttISdWVvMES3kIdd6XTdM+8RszZffFjz0HKrkwCoG/mFirmYpWB8271ATRI14La +cxn/8yHUoRrWcHwpmgfCoiAzeOIPGU7oBjZD0ec09dMVxMnbgV/Mrz6xJwdVqGk+ +uOoja+npJozfgax9wf7RPQqTz0yWaSk8GmZQWHltlAsw6rmlkqlcm1BfnHPuCJox +dCh1EP8xWf/pp60GLQiPmLX2CuInvK7PIe/aNVmnlJ4dTWlOJYPyBzaeNOsu22rQ +Kfu5tAN/b6CoYHEI6zUjgB/bKmZ1jYzAsVALcnIhtJECgYEA4DJ4QTGQKtJL1osS +zSuCWgH19kjbOdqcytbwwRqW35YURttvr8X+WJ12lhOXKSqnabjWFom1SSh6EAV7 +kanE8A+HRTvfec+Z3s+uNqLg2Cx0xojPB7kCabL/FD62DJsUASBTzcE8dE8Z101C +0h2UiR0fja1aQR9hLHhVTEkDxcUCgYEA191B2zM9ON97LrjToWYzihY+G5g/cknT +oEpEJ6sN8AZ23xIDXPNqW5jRQSlObs/6uWCAN0WYq3D8IAjEvCDgGfzkRwopPa+N +cE5T7G3cEMQGLHSw9GhsN/XBjaVIbUKG2WNu829n2sMTyQOKSLiP5jIMw5NMexhI +TNdcqidCoFUCgYEAh0KLwLFZTCxx6q8fGb89NnZmYT8VXDMjU1EYETise5o9A37S +RBbM28OsTuDk2sZMGIGWUCSmxctw0QetxHTLRxXnQ4La0c/JAl8DuRzNUD6J+VmC +piMdbI28TQeEp9hL2l4ZkVIa2gT7DyUiwkdsXMjAR6alhBKdesnilFKcvw0CgYEA +0zJu1H/1TkeYxcWfiTHtCxVn/qeeq7r/irweopEBOe2ZL/b3w2GElcmWMiKv0ks6 +C1UXHPzCujn4836gvU+M8uAymC6g2vF/eHmqMo/p151yTNx+pSHlf3q6vFMR4ZRN +SzO1wgclnStvmCQWj7/DSn19b3wWP/kqA8RRrUhsL2ECgYBaBIK/b1GgY1L066Mk +qHG4wpySFkCDZc2/6HMeLigdlzJrjvj4NwBQi39/gDu9JfujFb9vaN3rH8SsnIwe +57QuMtToVarXZ9vcuMOw6K3c0ySTCx1cIerUFbEW5ND9h8NmQaT6NfAutlDjXOnl +I5x3gxXNPSUgmcscq5cEgUgoKg== +-----END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem new file mode 100644 index 00000000..63506822 --- /dev/null +++ b/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDdDCCAlygAwIBAgIUZx/3lHxj3hix4PqQ3ApWGj9yc78wDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDMyODE1MzAwOFoXDTMyMDMyNTE1MzAwOFowWzELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEXMBUGA1UEAwwOd2F6dWgzLmluZGV4ZXIwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9DCg9WXz2kPz/ZGWOduqHq/KNlwjy8x+m +e2xm7I2N182Ar16ESqNlen0mbSIF65A0QbaePp/yNJAWS+weO2SKYxluNLUV4Y5f +OBPLNhqb1w8lkcnPgXewtGV4NltHkm8phjQ28gXu1QSHugC+cmTDTx8BXH1GVkUA +GlzFrEcjKid4YKV/zwz9TtMAsLCrhmaQpwEOFFsB+nQ3PQLV27pMrYoRWPXXfQyz +FBA9uxfJ4FVBZyQMGK7tsRMuka8DuABJ+IdgNg23MtN44u7O+Ct7GjYm5FeHHx1I +86rhNQGL7twZQeSfApbNqMP1fVU019zVBF9hBJ+KQwIVhuKZpcppAgMBAAGjVjBU +MB8GA1UdIwQYMBaAFF6KmrdUD7L2FERlHi9W4AlkpWv5MAkGA1UdEwQCMAAwCwYD +VR0PBAQDAgTwMBkGA1UdEQQSMBCCDndhenVoMy5pbmRleGVyMA0GCSqGSIb3DQEB +CwUAA4IBAQCQY6njvKzfcfntjLm5EzvQhxFAl9KZKzZZUoDcsnCSPFG0Ke0FWc4V +5i/oMpWQDQM23Ds6po4Epd819LHexfeEPtSnqZ5lVyd913QT6V2SkRjgXm1Q+tIY +VYZk9h8CUQXwpNaBz1Muu+MafiSgQwPwToGgLv0drw+nLAY4FjlX5KiO31VjXlbr +819U0rCbGQHEShbOolBtThwwJVnGjb4pu0eUVbu1eSgyx1Q85ONTrlCOkpjfgDdx +3BIT7WH5LxZ3n21MBXGxT8YDX5aWGapp7mBHtXni3IzKwHrjZkBNO7POeKeABRyP +Q4jiYaEv1S0j681hR2w2zpqw82Wgx8A3 +-----END CERTIFICATE----- diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index 8f38685f..5e641260 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -25,7 +25,7 @@ RUN $INSTALL_DIR/bin/opensearch-dashboards-keystore create --allow-root && \ echo kibanaserver | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.password --stdin --allow-root # Install Wazuh App -RUN $INSTALL_DIR/bin/opensearch-dashboards-plugin install https://packages.wazuh.com/4.x/ui/dashboard/wazuh-${WAZUH_VERSION}.zip --allow-root +RUN $INSTALL_DIR/bin/opensearch-dashboards-plugin install https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}.zip --allow-root # Copy and set permissions to config files COPY config/opensearch_dashboards.yml $INSTALL_DIR/config/ diff --git a/wazuh-dashboard/config/opensearch_dashboards.yml b/wazuh-dashboard/config/opensearch_dashboards.yml index f7d70cce..bf8dc374 100644 --- a/wazuh-dashboard/config/opensearch_dashboards.yml +++ b/wazuh-dashboard/config/opensearch_dashboards.yml @@ -1,6 +1,6 @@ server.host: 0.0.0.0 server.port: 443 -opensearch.hosts: https://wazuh1.indexer:9200 +opensearch.hosts: https://wazuh.indexer:9200 opensearch.ssl.verificationMode: none opensearch.requestHeadersWhitelist: [ authorization,securitytenant ] opensearch_security.multitenancy.enabled: true diff --git a/wazuh-indexer/config/opensearch.yml b/wazuh-indexer/config/opensearch.yml index 915fe5a2..922e86e5 100644 --- a/wazuh-indexer/config/opensearch.yml +++ b/wazuh-indexer/config/opensearch.yml @@ -1,5 +1,5 @@ network.host: "0.0.0.0" -node.name: "wazuh1.indexer" +node.name: "wazuh.indexer" path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer discovery.type: single-node diff --git a/wazuh-manager/Dockerfile b/wazuh-manager/Dockerfile index 1da3d314..c0f3757d 100644 --- a/wazuh-manager/Dockerfile +++ b/wazuh-manager/Dockerfile @@ -8,7 +8,7 @@ ARG TEMPLATE_VERSION="master" ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" # Set repositories. -RUN rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH +RUN rpm --import https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH COPY config/wazuh.repo /etc/yum.repos.d/wazuh.repo diff --git a/wazuh-manager/config/filebeat.yml b/wazuh-manager/config/filebeat.yml index 37003366..e9874fb4 100644 --- a/wazuh-manager/config/filebeat.yml +++ b/wazuh-manager/config/filebeat.yml @@ -13,7 +13,7 @@ setup.template.json.name: 'wazuh' setup.template.overwrite: true setup.ilm.enabled: false output.elasticsearch: - hosts: ['https://wazuh1.indexer:9200'] + hosts: ['https://wazuh.indexer:9200'] #username: #password: #ssl.verification_mode: diff --git a/wazuh-manager/config/wazuh.repo b/wazuh-manager/config/wazuh.repo index e230d6a9..4b673ff0 100644 --- a/wazuh-manager/config/wazuh.repo +++ b/wazuh-manager/config/wazuh.repo @@ -1,7 +1,7 @@ [wazuh_repo] gpgcheck=1 -gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH +gpgkey=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH enabled=1 name=Wazuh repository -baseurl=https://packages.wazuh.com/4.x/yum/ +baseurl=https://packages-dev.wazuh.com/pre-release/yum/ protect=1 From ff34f68b93769e270b1cb9fa2a0519b552abb2a0 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Mon, 28 Mar 2022 13:06:30 -0300 Subject: [PATCH 093/163] Change Indexer service name and volumes --- production_cluster/nginx/ssl/cert.pem | 21 -------------- production_cluster/nginx/ssl/key.pem | 28 ------------------- .../wazuh_indexer_ssl_certs/admin-key.pem | 28 ------------------- .../wazuh_indexer_ssl_certs/admin.pem | 19 ------------- .../wazuh_indexer_ssl_certs/root-ca.key | 28 ------------------- .../wazuh_indexer_ssl_certs/root-ca.pem | 20 ------------- .../wazuh.dashboard-key.pem | 28 ------------------- .../wazuh.dashboard.pem | 21 -------------- .../wazuh.master-key.pem | 28 ------------------- .../wazuh_indexer_ssl_certs/wazuh.master.pem | 21 -------------- .../wazuh.worker-key.pem | 28 ------------------- .../wazuh_indexer_ssl_certs/wazuh.worker.pem | 21 -------------- .../wazuh1.indexer-key.pem | 28 ------------------- .../wazuh1.indexer.pem | 21 -------------- .../wazuh2.indexer-key.pem | 28 ------------------- .../wazuh2.indexer.pem | 21 -------------- .../wazuh3.indexer-key.pem | 28 ------------------- .../wazuh3.indexer.pem | 21 -------------- 18 files changed, 438 deletions(-) delete mode 100644 production_cluster/nginx/ssl/cert.pem delete mode 100644 production_cluster/nginx/ssl/key.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/admin-key.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/admin.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/root-ca.key delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/root-ca.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem delete mode 100644 production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem diff --git a/production_cluster/nginx/ssl/cert.pem b/production_cluster/nginx/ssl/cert.pem deleted file mode 100644 index c8223280..00000000 --- a/production_cluster/nginx/ssl/cert.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDazCCAlOgAwIBAgIUUVVsPuW1DFOSTqrGr8jq3wj0MnswDQYJKoZIhvcNAQEL -BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM -GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMjAzMjgxNTA5MDZaFw0yMzAz -MjgxNTA5MDZaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw -HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB -AQUAA4IBDwAwggEKAoIBAQDjHxJgZ6/eXExbdIL4wDCGRf4WCV+JSxpRn+zU79Nl -9ZG9vD3QI6f1wpKsLU6FQHlOFAF4PoRibvGgo9O8uIpIWwoa6SIlOCRJbWW49Fq9 -7kB/yBexsXtqRNUQegUUzWTyhqAN1SL4izvTIO3be6rUHeTKZQKoUv5KRWY48HaY -6oF4+fNuYRgPkCo/x3Jtky7fXbID5j1vF+R8RfjpSX0Q0/VmxC4yBbm6Z1eGH/2y -FFrLeCGMc5A6zSCcJF9/gOR1k9iYhFLlmof2MY1YHWmL2lpAoFAh+MPdvh22T9Tr -pM51Nk1jCYnkMXsbYYl+KVBRa1YiwY/FsP2ljVw67jRvAgMBAAGjUzBRMB0GA1Ud -DgQWBBQLqc6OQKJbSBDGdWV2ihaGZaSQUTAfBgNVHSMEGDAWgBQLqc6OQKJbSBDG -dWV2ihaGZaSQUTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAa -9X78ifetUgbo7qFv39hillPET7keqfRlKHhAFbu/rlxloaJulkm+EOlFgYB8YegX -8lm5Nhcw1pNGts70PQTR+3MztXh9MogaG+tcCUdcfOoDXNOlaXTxctzEfmrQJ9bF -4sNLVRVVGipvB671xCApF6mkL1LoqPYLq70v7cYZ1ywpqv10AExks5KUQgYPsDrK -owy9fMJqMzJGHmgp4Q50rqvtD8ZjvdHKi8OLY7NOdbbPfQ8Rs3SPrUgmXPdufWmN -HUe2O7Y+Z510YGezT+/LXkmfFBgLO2Ip7P0yRdxqPEoxbbwcFn/wb2fmDQvvcHW3 -KuaGsN8US0SfaoOoxMY6 ------END CERTIFICATE----- diff --git a/production_cluster/nginx/ssl/key.pem b/production_cluster/nginx/ssl/key.pem deleted file mode 100644 index d9bffa62..00000000 --- a/production_cluster/nginx/ssl/key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDjHxJgZ6/eXExb -dIL4wDCGRf4WCV+JSxpRn+zU79Nl9ZG9vD3QI6f1wpKsLU6FQHlOFAF4PoRibvGg -o9O8uIpIWwoa6SIlOCRJbWW49Fq97kB/yBexsXtqRNUQegUUzWTyhqAN1SL4izvT -IO3be6rUHeTKZQKoUv5KRWY48HaY6oF4+fNuYRgPkCo/x3Jtky7fXbID5j1vF+R8 -RfjpSX0Q0/VmxC4yBbm6Z1eGH/2yFFrLeCGMc5A6zSCcJF9/gOR1k9iYhFLlmof2 -MY1YHWmL2lpAoFAh+MPdvh22T9TrpM51Nk1jCYnkMXsbYYl+KVBRa1YiwY/FsP2l -jVw67jRvAgMBAAECggEBAL/gdT76+ipqYZv2D9wlShl2MlXdr1enGmIRMR0oS7lc -wLbBvJsGNJS8v/sz/501vgXHgwJaFq+uOPZU0cIjSbgdKalYgh9dkdJy2Lhrv+mr -ydPqcJIPdktuQW69F2PerkTylW96PCQsROt2a1y82rJ/WtXehmM8Ulbe0KCUDi3a -gPurnEAYMLBPTK31KWQwuVE8HHjfxze3WwDeGHIhXDZeqK+XYnu2aEqis94wAD8i -/QXw8e2Fyv2JSIdYXMbo6wWDgAeBn2LIcGT4QNsvnCcyFO5rqCru5PK+ZE7Cy11a -d/V62gnWi3MZuQfKPsXtYIblkLhlub1ZDmMCnQ2Y5SECgYEA810Z0ejfOcuG6aPs -4j2iBM3sFZGYCfeJvfZMmWmiDqj4eKCenUZz1TRshfCD0OBWpqiQ6LJKSWOxzuF8 -phNNiL5aMtPvBeH5vjfJgMsI3WwxRM3J6lSFbohrcnYIhLQB56FVxvRok7L7gFSG -PYneJLXLb3axRydYJqIxtPotZ38CgYEA7uoSKz3r1vLiwWx3XWrhNdJeuYU16ZBy -U46cV8fZaWwvjO2Tx9zzRbHXE0FW2G1RZcUK2lUe0fc1LxOF5sQVpZA3oQwNoNle -Sz4FoUGbBqEas4HX4RAWPr0twf1dL/1QWBzsS24+BvbI+uUGYwx/ew9n9MZJgX+2 -HWiVo4Z4KxECgYEA0CktYbAX6D6fmo89mtLvF77vlg9gBf53EkZvhLWnCXUce0mg -ApT1lUNvJC3zAiIx3AHJWVDPW/DrcTLMRN2z7ygqzNkc1WJSFZNwRzrjzUmy5tBD -Sq2bKE2F4nT1mlTCYFdOoIwEO3nXyBAEdvTLT4k0hpX20w7jRsBrVgq79Y8CgYBZ -940F+Zhg5i/blKPSatgJ84E2LWKi5IEY1AAt0hUd7N5vHFvlDGATo6eRGa7Ba1EW -mL/AfgNQH95ILvribn6UTR2VqLtNEe2/OcjW86SUN4Cdjkyj9PHbiFO91FIOKz7h -H2sf8JCtAKuoRyxDikZLKf8EntK5UEVdB7Ap1w5TcQKBgQDZlSgYcAlxNf2R45gB -keSpFzjMGnjbB7pCy1T+hoyzef6E8ygVuArh9rzT1RG12NJxU3n/GlEhgqPpWaIt -IEcsve2O1haVZcB1KqhpWBcaSvtlj2OzVaRWYY9q9lFDttQKUeMZlEzJVWEWsGJz -uJoCtm1SCqKsLvqXucUXJQJUVA== ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem b/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem deleted file mode 100644 index 3a568481..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDAZt6eLF/B5TmH -iYW1E2MIaovFmYyg/thrs7FdZhtKD1qYcTL1G/ms1lXjlczffs+klX9CGsXTzMNl -yfMh0gj3uZR66QhELBJdZSOeUCFkpW+1gW1HCyyarXJjXLjSKl21We9FSQskvSRS -3LFmHtN0AY5HNeXDSBbBkdW9Hcih9Gl15VKOfZP5JyHmd44nID/dMeJL9cD84JCA -g2sacSURSvPF+7336YQ5F9/Gfzw+vfs/kmpdYeAH/mp25bLW1PuTJz5cI2pugIIJ -YOd0oYCQUQ5ewrYMcaM+oIefBTQZsQjMTe1ZN2npe6fGvOnmrn+kQGp1UR78e/J/ -JIrogtWxAgMBAAECggEAQF0pc/icQB0S1cinth+6LYKXJ49qgCFA/Sar2vbhgjEI -uZ6E0YJ+T9eT/AKM+udNR13LqK2UKHqDk3WvpEzDOzwV89gpL8Uej6fZ9ogP47+E -U0/s4qtWTJhhf+Pw4D3UA2sGpEL/O1ca4614mxUM3+31TtU0+9MN6cuDmTRxfdvV -M6JwHI2tLOd7W1h4x0svW76DLIoDPyGuh6Gj7gz8RfHl3PV+jhliviwVnfS1m+sk -xjZdPetFjlsOHXSJnaynMSusPrDKMhQ+U+OdGKmlaNIJdGNqUE0o2CwToghcQ6nw -7GBNeAbqPAJY0qobOt4zZyqBJp+4en8LpoXO+50wUQKBgQDjWRsQ8d1plWdNrDyc -QEOxsBBUhHM8ERqIE7hpq04Gwd37z4M4RoNamgXmA+pVqwgqFoltQDVyQENqOBP9 -yZQbz8vOcXegwcs4cwN9+eIKBbS/PPo8dfrvW84lrfwIbfJ7FkQeZOB37FdEeX+y -u4t9KUqzlm1pv2FD41BUP5n2ywKBgQDYpkySPVKop5tNHk00sf1n75irNzf6SCYW -44ULPwS7WdzVacAtGEt7sL00ikXUxjz6euAga8ZtYzXVmJr6SslXW6J2McseIj2e -r4RmlJdpP3c+edyq3eJxIF7hAZHysDPT1nBC+GYNRzZcPLeom6MBq5slaZk4mVsQ -0JcyZJNZ8wKBgGdZOlSZnm1A3ZURlvvwutUrlEDXdQr5O3ZggJSIqw+nUaIG0z/h -zhSBr+zAGuaWuT9ov1BKwAEP9ZVzqKLV395EuAFA04Dgl+ExZ4T88yRbM687qQWT -HF9y/GNklA3A7VnG5XBrqx7Y8VLPaJ13ZBGhk7PPzi0kMrMJwpqJzxPBAoGBALsf -X9GLr8JGCcghHPQfq8zC0C1J40qEWIm6d+ZPxul+41NdJISOkFvEOpePumLd2jtK -OB0omVlPsGbNiUYXpDGUzwyhU1uynWBbHtNvEhvwmjDXFnZqcTPejrRvI7zm3czh -UVM2swZS9KvUMZkq3C8MJlO5EoMlSdeLIpx+7BprAoGBAKuWCmiKEPcNk0dX0nZZ -i1Oo4mUnpzAn+xaY5jD5MXhVVPWoEEyoaDXvw5KzET1l/s/mGurEhgs2rXBhUsYG -AGAWe6vRyByRvD3txG6mSvVwOFTaAfHBfrpl5TqECOU7G1+fpJ8U0yNh4VW8Fm9U -NlTPwPI7X1kQgauoStCM6uko ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/admin.pem b/production_cluster/wazuh_indexer_ssl_certs/admin.pem deleted file mode 100644 index 37d73d9b..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/admin.pem +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDDjCCAfYCFGcf95R8Y94YseD6kNwKVho/cnO8MA0GCSqGSIb3DQEBCwUAMDUx -DjAMBgNVBAsMBVdhenVoMQ4wDAYDVQQKDAVXYXp1aDETMBEGA1UEBwwKQ2FsaWZv -cm5pYTAeFw0yMjAzMjgxNTMwMDdaFw0zMjAzMjUxNTMwMDdaMFIxCzAJBgNVBAYT -AlVTMRMwEQYDVQQHDApDYWxpZm9ybmlhMQ4wDAYDVQQKDAVXYXp1aDEOMAwGA1UE -CwwFV2F6dWgxDjAMBgNVBAMMBWFkbWluMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A -MIIBCgKCAQEAwGbenixfweU5h4mFtRNjCGqLxZmMoP7Ya7OxXWYbSg9amHEy9Rv5 -rNZV45XM337PpJV/QhrF08zDZcnzIdII97mUeukIRCwSXWUjnlAhZKVvtYFtRwss -mq1yY1y40ipdtVnvRUkLJL0kUtyxZh7TdAGORzXlw0gWwZHVvR3IofRpdeVSjn2T -+Sch5neOJyA/3THiS/XA/OCQgINrGnElEUrzxfu99+mEORffxn88Pr37P5JqXWHg -B/5qduWy1tT7kyc+XCNqboCCCWDndKGAkFEOXsK2DHGjPqCHnwU0GbEIzE3tWTdp -6Xunxrzp5q5/pEBqdVEe/HvyfySK6ILVsQIDAQABMA0GCSqGSIb3DQEBCwUAA4IB -AQBmD5zWoJt4+ZM9O5DPJ3Aet64u99F4qcKxBlqCTVXT3yUBPefn6BsfOp+sUBg5 -zRdkvwCNsft9q30lQyH+YowirxRYKcysotxMZ8y4N6qc+IKIMkqw21g1ZVs7zvWe -pCrhJHMzyk8q9F+4nw9WYHEKXxylqrEbx/LBaCoUa92uC5CC3UNNurq4j5c8jAJy -s4c+FoUo0y0jygFT4mduPGDD16tdLbqj0hOuMmOjaMd4YI3EJjA0iB3E/jF3uC7c -x4xRKkd5EqphsZFSt38++mlhSqx4RufbHkybiBL6o2yabOAHaWRu751F2Lll4G2X -bCufDoXEyJmllyGKwdszjVbN ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/root-ca.key b/production_cluster/wazuh_indexer_ssl_certs/root-ca.key deleted file mode 100644 index dceedfe7..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/root-ca.key +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCgQW3FAnMEe+io -J2f7Q8dU3E0xxLQ1w8RFm3yxCEEcUX2pl/nvzV2HjtZq+DBiLf4mvqJ5ExPVC+a2 -S5eBnzK8k5XNVY7/AZPao/tjIq03u8RERr9Yre66D8dPUsYb/MVr+6rqqMlJMZy/ -kqffRf1n1pdqc0veGPcAhKhcZNgotvhfRvKP424n7GhAkZ4pOb66hiCYof63Z5ue -4bTXSowLnqcjDp4fUgjGsveWeHt7RQMnc6VDuzEQAMWNlOOJDcZ25S0yt3bHPqnl -4NNASGALbyPAsWR+EyxsdiAS+VQz1XMoyw1EbLgY6zrFGvvH6/ZNkLVWY/oe7s0U -7gvVykcnAgMBAAECggEAcrFhFnbCSptDz9UkHjhMGPfyZ4QYVcJeXlMB0tHNh67q -+M3EG1QndDVOUBCA0EOKecBGF9EHiJqT7DP9os+FSGF3/RUW2nsOjpR9/l17C0Bf -H15i49zX1mIkiyj6kF1ADiB4GqniJXhUbudPLgSxb/etNop96d6EKOLIfBfQfJIU -1o68y1z9t41TJ1eWubuQRVo9dXA1bgdp21u81VNRZm89SPQZdBN0LlEUB9s3hL8t -xw2uUekYcsfGWd95t9mOHRh/zTdYQh7gmbEMbsBdpFpTwN1iX1WPR9fU7/vQT7+j -Odzq2Z9/QT+A1Haa5E4NJ4LX880/hlYELqVQaENEwQKBgQDS6tWliMMl1B88vdYV -3dK0ZXhePY845wRhDG9k8+WQZpgY6EG/tt1unaiYodEF2IMTzl2EVRXqbNfrqM8k -R4MBMw9LJ00SBhskPCz6ltHDkYXjDkDWiYkB70/bISdaSkErrQjSLkSNfar4BwN+ -yHgIf9rFpfTdtlBwGOnZWzwepQKBgQDCgnBoyVUQ5LRar4Q4meWym2HXDdhVyF7o -HrUSn1Ju0d1cRwS+wDx+NLay1BXNDPRld8NbUA/6HhJQhM/FJ4Ar4cZEsXkfO+HL -IPBf2IGtheAKA0E/xYOq6vfqhKgwQRTaOpFuytMEe+hEYU9AEjkbI8WSIBjmmHGY -H4zpyr7Q2wKBgAetyQ13xzMPX/vEJZEyPEOZFiLINvipYH1wCHYycv8o3Qy7F/m0 -3Kb0UnkMGyINWehUsQ7qUhvwzoOj57a4a8qVY08nJSUs17wf/Ls61nQ6TheQI0gs -RbKuVcfykw40ed7vM80DJjfIhXr2NmhdQBF/JiXf/uQ7iP4rygfBzJSJAoGAD8G7 -U3HD11t/lL0VK/Sjm+VkdqRjeweBULJ0Hq8TYXDUys3h/4XZIKwqhLATmAnNno6m -H7aLpMpc13L61dDOXD+s7RGnazVRpD/l2Q3T63el34nF9mGMugLQ1ImsikQraUZH -U79QetOCzE9JuToAsEckkSLSgZOl2BnuM14+OPMCgYEAv6ByRnhWIh2MeSxW9Yq5 -ZhlHXPJUWGVmyXGo0SQfH7+IdP9/UzBnq5zEhR5941JJelYuiT9c1dHoCLM5/+5b -ctt3QtzWO8UL3FvfCrCQh9EPc06x/KGl3Er7sadA2gswynufEJIP1AcUKftgdSUz -P9VcuRj5NBKBpOTSydF6mcg= ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem b/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem deleted file mode 100644 index f2ba9b02..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDSzCCAjOgAwIBAgIUAeSkk9K3Kdq8XIJkKYiSTquz9+QwDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDMyODE1MzAwN1oXDTMyMDMyNTE1MzAwN1owNTEOMAwG -A1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApDYWxpZm9ybmlh -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEFtxQJzBHvoqCdn+0PH -VNxNMcS0NcPERZt8sQhBHFF9qZf5781dh47WavgwYi3+Jr6ieRMT1QvmtkuXgZ8y -vJOVzVWO/wGT2qP7YyKtN7vEREa/WK3uug/HT1LGG/zFa/uq6qjJSTGcv5Kn30X9 -Z9aXanNL3hj3AISoXGTYKLb4X0byj+NuJ+xoQJGeKTm+uoYgmKH+t2ebnuG010qM -C56nIw6eH1IIxrL3lnh7e0UDJ3OlQ7sxEADFjZTjiQ3GduUtMrd2xz6p5eDTQEhg -C28jwLFkfhMsbHYgEvlUM9VzKMsNRGy4GOs6xRr7x+v2TZC1VmP6Hu7NFO4L1cpH -JwIDAQABo1MwUTAdBgNVHQ4EFgQUXoqat1QPsvYURGUeL1bgCWSla/kwHwYDVR0j -BBgwFoAUXoqat1QPsvYURGUeL1bgCWSla/kwDwYDVR0TAQH/BAUwAwEB/zANBgkq -hkiG9w0BAQsFAAOCAQEALs+xWZTeKZwbPIHTUX34WWW6CaCe5QuHLszp8n8l0cze -vQ1MnZUt/0zhxlGGjRgBc4trZgtZ6gKwqk/546SGyHGwADhLEZgUWTC67yCHtE4y -8AwN/EcaWAtQ2ImRmWnYVnjQR1yLGR0R6LSl4lPO3rVBZzYv+E8xXt1+VDibJzeH -Vx57ClRLPdUGzu8ZClSu9YXaRPAiQssWrZYDO+EmmckG/F00g8gIe2fQjz3DR3Iu -IUUik9QcVJ3eos1zX8joOKnA59Mbm66hFPmPmr59+QiYm3KcphMzWpV4+zzGvB4c -Knn5NOurxDeImkKBGWSwxt5TjKQW2yEUYgFWV6Wk+g== ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem deleted file mode 100644 index 9d0c5ba3..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQD3HBk7EMhe9LbE -RWAkxAP0YFyrrrwzrfQAGrBGMCmPAF7jmPCVy9kMId5WTWZ/+QScyC0G6i0t2Ya9 -VnlBls2oj1y8ywewWDIIbqH5G/H2h90y9vmqLQCoY4D9Lco2Z472yqplYtdab5Ef -Z27uRLLUIY5anl7w8R3cbsH0IYXMDzD3THOtE5NrwnOGXbg9DrqpOvi+kOHnKhVF -Vf2eGHsb8vtJz+iqnUIrprnfzc0ZzavLnuvi7qoTW8OZJf3uzA7kShOArc41/KdA -oDDKdOQoo745EPTNbY2n8qwirZeoOt7SWC1X3CtmaHhTGYkcl+Bq01zRcSSDhUCV -fuov8BxvAgMBAAECggEBAJCzso6k+ECqmm/6lB9TbWFoIDwkuW6l2bFJ75laUKu9 -stMiVxfQ5Au3tYPiFTixMKNCkSNwc/5aWA19msnurgWb1dl0Js98BehsKItAcwND -ciOK/o5Jhg4VHo6jhrsvD0ezS+7M34DEvj2eixYZwoJ4F+02ui/rceoILalxC/F+ -eUKLU9jPmjgYJBQWcaNnwFkT3EyD3eeVPmsvnF6T9ZRckOXlVehNGPQY/GrvAfyb -2D8wmMQIXI3UoxD0k2B5mjUKfwCmErc9uJPppQabphDME3jry4/uYJUP5czap7oc -wGf05ZHMXeiYKtMnPrv2JeEPe0KjDhPFXHVhr34V1zECgYEA/NAM9r6V0Dvb4b0K -TC54whGemcsMGfr157/k8UOyzkegSEgRycz0xKP0hEBoShIEV41tVwWmoiSZTGNH -iGnZvCosfGNOQ9bJpM8URWycxY4bd1SGVjWkX2wCIJScLPrGtK3IpcaRduIN9tmH -eKVHtbPYm+DiZ5zEmHDTmM1cIwkCgYEA+jmkSt4Lil5RxA/Kj9wDT8CS76Kpl/G7 -mVKtexJOHQBIH+AngUfSXEMdjpb9GLPe4gjIYPgXBIk3sJ07uCitmPHdQhU1MwtM -pxx8ym6Mutqwl7U0ZeF6ITycM8OXI7ySre/hY29CLpcjOtgBtIy07aMEuxhrWhjA -v6i2yR5JybcCgYEAhHviz0uA5ub3i4ytYM7ZqZniK2YkqVjClPgS2fxIL6GJdVeP -OtmVS5dABC5ceLSIYflTW08yy7WyQD2mtu4BlIHlXioMUbC1axC55sfMQBsAecBp -xbPGt9q6Iqi+TzP7/aM0iutMP6im+L12KNs0gRwGX2myO+oDfH9j46d6qUECgYAc -+LeRA4yKhMkqzjlB1tN7VGyu2kKQmSiDZBM6ALCSowm2xxlL2qj8jbjKXakIRysz -OJkawR7JI6oTBOF5PRx8bOSVVidGtbQ2VRINzib1K4Tuy8g5U5X0azQaujaxqI/D -G9cY0DT1eAJYOdJYuUHpkcpmbzlewSbwCfS/7IXWmQKBgQDv28cShUg1W7vIJJW2 -Y0spJ5yMnN3LUYkJff9pMlMdIeCrxYaQDGB6/Yr/B3SceSp6abPdw1FLolcaHGZ2 -Dn3X+Yj05zmmkBZv111sIvE8axYs6PH+kuTdiyuZ1Xndeas/FYNQO8dSdurxW8EZ -RDC7Gc+a8yKjZBCO2UEXJqbr2w== ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem deleted file mode 100644 index 1eece989..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDdjCCAl6gAwIBAgIUZx/3lHxj3hix4PqQ3ApWGj9yc8IwDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDMyODE1MzAwOFoXDTMyMDMyNTE1MzAwOFowXDELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEYMBYGA1UEAwwPd2F6dWguZGFzaGJvYXJkMIIBIjANBgkq -hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9xwZOxDIXvS2xEVgJMQD9GBcq668M630 -ABqwRjApjwBe45jwlcvZDCHeVk1mf/kEnMgtBuotLdmGvVZ5QZbNqI9cvMsHsFgy -CG6h+Rvx9ofdMvb5qi0AqGOA/S3KNmeO9sqqZWLXWm+RH2du7kSy1CGOWp5e8PEd -3G7B9CGFzA8w90xzrROTa8Jzhl24PQ66qTr4vpDh5yoVRVX9nhh7G/L7Sc/oqp1C -K6a5383NGc2ry57r4u6qE1vDmSX97swO5EoTgK3ONfynQKAwynTkKKO+ORD0zW2N -p/KsIq2XqDre0lgtV9wrZmh4UxmJHJfgatNc0XEkg4VAlX7qL/AcbwIDAQABo1cw -VTAfBgNVHSMEGDAWgBReipq3VA+y9hREZR4vVuAJZKVr+TAJBgNVHRMEAjAAMAsG -A1UdDwQEAwIE8DAaBgNVHREEEzARgg93YXp1aC5kYXNoYm9hcmQwDQYJKoZIhvcN -AQELBQADggEBAJCW2Dgi7T/b+A91qDiYkShuif2KQpjEw2pMbMnrJYfuKiLSkoP5 -abBsG4DK1uHARZM1jrwSfggApyM3iy5aSMqg0yheEMMErdLM6mZtAoVihGn88rnV -fqRdUR78+K7LpgvPMzBTo3gNXBj6K0HvDDbyxbBVj9kaXueFq4DaCRYhlLGGPJAN -YS9F2tt3Ghbm2/U2mA5qKbjtwjwbB/R9CnjcKN5kBqOrCSRSxcF3eJp53//U5wGq -wbK+RF/rb6Zv8ZNu7qKamZcxaBYp+yLyL+y+UgYkkG7ngURmirImydstzOIwAybg -ZXFiJMTkZC/S8GkxIucglQW4zt1uZcFB9as= ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem deleted file mode 100644 index 704b96fd..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDz0H54jhhiHn9W -/JDqg/ATVxOanceRJ/YwGnIL/B3FGHBXuorApDhVFXuXAw1FbrcMjBfW/IYmB6g7 -R6DQvDbzIay/6p7puqgM85axkhtORna9UF9GBWvIXoRsJi47937YSgLM1PKbAmTw -7gSjb35vuEfaC/ke5rpenm+UgpDC8lkRV/AmmVV5GTAMTw8ZR7B/7dosEIh6BDlX -xI+SJ1GQDUvsAY8w/XwMXW6h4Mw0APvU4ugXu2H5VlEMQBS0q9H++j3c7bs8AbyE -oZX4f2OPc/r0b/NdRoeby7MN7xG5KCMdQ2NFNtqGvRFj1vIZbpdVD72QYiT/LPMg -xKSvdJL/AgMBAAECggEBAI5tITQzbbMDtceOyuj0Ie5qU51ixg3ZlksLZ8vwf0N/ -v0DATAW06ONrJUNWGQ6SWoQN4m9IHOViW7glY6AMEt18snl6CVLoIvtN4J3ih+j1 -6K82oDE7QXdPH3Q96YxGS+b1dSVK0F4Uy/qiUDtZCjchI3gQvnp6tixHyU6r5vy5 -ibeuGEP9UmkpRNKD68NRjY+AKSmWDHrwA0d5X7qXsGhjT5hxa7nurECI0+C0iub/ -QkvOEYfxi+rmyz4AXn1KDqw92iZo61pChLAPpKKQIs7efzyaD7FRSdd3RKygzkI6 -+d/18Lhv8JtD5Kh8RyvRSdnOswAQbZWgH0nFOpXmzUECgYEA/i4EPKsM2F/0+/rm -MykASG1bJqhSNiXgA2MaqIYKjBtRYwWEuS+DXUFC7nUgOOtFUo+iUuxeh5Ez6b5U -n0PMEq6SHkJ0jWAo86vJDGWhI1ljiYp7RGMfUdJWu6C4AY4QjsRvdzUykgqx4SKa -HuRym3cs9r4FXAcPqe64rdYWzqcCgYEA9Y95k2zak0FYUikMpTfmXGB6FtD3+a5U -orbfZx1JxGmOMs4kAal2OjAl8iKxQGxtLO2EpWRCv6ErKZDfC237TCafqXVGGz9+ -0CiaxdkFiJ+MKagOAuo0glwh8QIHMVCcTLlw3yeF+YEtBkkYWAHrmm6IT7JgVNg/ -KznF9rieO+kCgYEA8GZVW4vr+jnHWwtR7dE5k0bajxVjrBLmbE2vSPR9xUWRFDaD -8SIe/HRc+WuNrkfWqN9whz1HqrCKiOia4Ice3Ax/5l60HYJ1OQGghTkZznUcz1lK -fMPDO3/UyGCZp97VijH/up911OqIkoZHfjBStPdib3wJVaDYD8DYqpFxwMECgYAj -Sc0E3J3Ej51roS6KB7B5Efw5jyoznVPYVkNghBr3uNuQfYM7Iek1j3nEhCvIwEwo -KrHnOrNE6ppTTNhgwhtc5CgJqCq8+7DzpQIo8HkVGyh/TAFHdfS5zxeplMsH0TfE -5tlLmFhudJvNzW9MJmp/NOct3MpvJuxc/95tCDblEQKBgCQo8mHC6b03AEwckFr7 -OXvq7FcvXk4j5c/Pab44qsLBvqBmp6mdb5VfRRznIzsOqQgj3TuBkZifp9nYNf6I -Brc1WfSohpLLObE7SmR8i3D40JcTnU9weJoYxdO6UZJf6H73Bsz5yf69JkmYtGVt -pnpD4Gpxy8kh993/U3ne1Ddh ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem deleted file mode 100644 index 65727cb4..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDcDCCAligAwIBAgIUZx/3lHxj3hix4PqQ3ApWGj9yc8AwDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDMyODE1MzAwOFoXDTMyMDMyNTE1MzAwOFowWTELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEVMBMGA1UEAwwMd2F6dWgubWFzdGVyMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEA89B+eI4YYh5/VvyQ6oPwE1cTmp3HkSf2MBpy -C/wdxRhwV7qKwKQ4VRV7lwMNRW63DIwX1vyGJgeoO0eg0Lw28yGsv+qe6bqoDPOW -sZIbTkZ2vVBfRgVryF6EbCYuO/d+2EoCzNTymwJk8O4Eo29+b7hH2gv5Hua6Xp5v -lIKQwvJZEVfwJplVeRkwDE8PGUewf+3aLBCIegQ5V8SPkidRkA1L7AGPMP18DF1u -oeDMNAD71OLoF7th+VZRDEAUtKvR/vo93O27PAG8hKGV+H9jj3P69G/zXUaHm8uz -De8RuSgjHUNjRTbahr0RY9byGW6XVQ+9kGIk/yzzIMSkr3SS/wIDAQABo1QwUjAf -BgNVHSMEGDAWgBReipq3VA+y9hREZR4vVuAJZKVr+TAJBgNVHRMEAjAAMAsGA1Ud -DwQEAwIE8DAXBgNVHREEEDAOggx3YXp1aC5tYXN0ZXIwDQYJKoZIhvcNAQELBQAD -ggEBAD+AxLv+eGj/zEhRWy2FR435ILfn5C2MnFXYSoSe8TAcEYXTKWbEnGvkIzCZ -UUQdO1TnnQ+1AedMwBEgrU0CuLdxX8exVJXuIlxlhY8rvGW4bdz/gLh9QjL7xOCX -XOv5efyxexF70nZ47/MacvaWDBoqa17su0XT7TO7SW6a4N+NCcfqOvq2nuiEFMu+ -MtP3zXz2BX35GTDaxy+ihFJeTDbQ1NiZFXIcZHDw7cEMBSMmGdFFTdTeMwNDMOdH -/yxba3T1x5PEOfW1e3M/JX5Fm7YMGfFQ2PGdKMN2a0bvWNiBWMxsCAgIODGHRYgY -4IIIiamySY4Z7ITEzEgR2KxwIx4= ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem deleted file mode 100644 index b28809ea..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCp5d5+OjTMcSA2 -JAgOM1KNWKWMFk0BraU46Zd7MEi4cGXmmZmROm1gxHv0KM1d8T6eeM82wffcoDHp -2xGZUDKDuqKwpkM1JVk4ysJADfaERETGWVs9ovmNDqzHu2gg4uYXsfWZXwmEsnTI -9kDI0nXgUz2V21gmyBftecZWbiRunWZ7HeIFb43HsmN6kGpg/IDg70SK2gi+yvvM -wYwPIoVHXuspvy/HlXNvpj2wGQ7yCie01UXrkvBjGSSfYdkYwZVSgafhe57WxnR+ -kRZld2Xg9X4FXii373OKQlyrrfG///nMVXLIugIGK4FUQGXXbMW7X7P8f22hFn5f -RP0zgEOvAgMBAAECggEAVR8RSUbaWy+2hsmoq4y1KJIoZzZpIJUieZA3UAYR+S5/ -L3j3gta2JExtGhgzRITw7a7ziqjGCWjNeTBD8f9HP86LYlv6wi7TM+wKRNN6Fiyq -FIKCfzAfPbgDgxJ3CjsEMwz7UvtVpoFOl70hGjyvyFOMQH+j+9I2gsmHQJhwcmZi -n+ZLnkqq853hIA3KYARAohHHirvQ+qUYigPmU0ypds5v4dQqWseI8Rbqj3qfASU+ -syCW7z/6bLW4h0AYJsfYbIg606qHe+fXewcQEZVF8KsCkYLzyXgvQuY0++9JhsVQ -9pC8JuAs9kIhOsYGVznUsZwemPPdXhj4gm85c+6yeQKBgQDeZ28c4pdV4R1dWwiZ -MRhBPKVStVr30/WTN2VY12D8pvObdbZpZ2GDbEZDlROr61KHt0JbpMyJegdPhetH -MOIoZiQiVuL0CjWPrzrwdG0WjpF3sFRFn/iPzt8pQEW1ZgrCYtp8wEco1f/n1/Ps -N5w63OX1sVzywtGKyygV3h5FEwKBgQDDj/neyj4GIBFFmm+m+l8CFd2rSWWux0fe -TYTtN/9usw3BTAscyRVCoOHQ19QxzvJRk9+p+sBet/s8c2w8gtJTXvw3wYU0r4Vy -B62R/TFD4n6x5jDeF70QicQ83C6pkKzjzXs4dnSclwWUaSX9ikN63fhhl4OTZ4Bx -OYjZDorGdQKBgQCD9k+BjhlJhacMy4UQkIbZvohByQXO4t9lmIrz6efMQatt5Kx1 -YjgD6OzQENZ5PcncaSpggioysEtCLi3qMeEfI2vxTCihsKUTOl/4aLyJk9JQeDmo -jkDH43GaYl56Qa/Eoy8MsnIGkuOixwoecOisLIHuBG0oRdxbRCvmvcKsLQKBgGuO -J9LMUEh2IomxYm7njJFNDVlDSNVTbMdqwwzkm2t6trn05Le0MCkw6oE98spiEwui -1IRcEKkHbvnUUVcGbD7GItlXabeMQUxxxJhiNFIto5icDYxYafdKjc8bGd7QXwX6 -4SYwn/nvZXY2TlqfTHWq1wx1lDvh1NZw2j7mrJRxAoGATOoLXO2+uq9WiNZJw3m3 -zK+v5zNEYa08je+lJcTfz/W0NRF1RwH9RnKW1Gmad3cWcRbt0Ds7Ieds6e3K7DBp -WZO5zuHStmjsY1sYyp3aQCnl8arK+1BQlBVqbdyrEpfW4SGxhlTS/fQjrr0qE7bZ -1emcPEJYbm54EBUbYgmx6Bk= ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem deleted file mode 100644 index c1c4286d..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDcDCCAligAwIBAgIUZx/3lHxj3hix4PqQ3ApWGj9yc8EwDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDMyODE1MzAwOFoXDTMyMDMyNTE1MzAwOFowWTELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEVMBMGA1UEAwwMd2F6dWgud29ya2VyMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeXefjo0zHEgNiQIDjNSjViljBZNAa2lOOmX -ezBIuHBl5pmZkTptYMR79CjNXfE+nnjPNsH33KAx6dsRmVAyg7qisKZDNSVZOMrC -QA32hERExllbPaL5jQ6sx7toIOLmF7H1mV8JhLJ0yPZAyNJ14FM9ldtYJsgX7XnG -Vm4kbp1mex3iBW+Nx7JjepBqYPyA4O9EitoIvsr7zMGMDyKFR17rKb8vx5Vzb6Y9 -sBkO8gontNVF65LwYxkkn2HZGMGVUoGn4Xue1sZ0fpEWZXdl4PV+BV4ot+9zikJc -q63xv//5zFVyyLoCBiuBVEBl12zFu1+z/H9toRZ+X0T9M4BDrwIDAQABo1QwUjAf -BgNVHSMEGDAWgBReipq3VA+y9hREZR4vVuAJZKVr+TAJBgNVHRMEAjAAMAsGA1Ud -DwQEAwIE8DAXBgNVHREEEDAOggx3YXp1aC53b3JrZXIwDQYJKoZIhvcNAQELBQAD -ggEBAF/f0DqnLPns2Ooe1JDNd2oCqjx9MOqGnfifq4g6jUIILBGuTl/4BV+8V+wp -mOrnLWIZM2kJoitUOHJW+ExN/JXXzHKryLX1L+sYfPbaoogX5bTK7vT3eekRjISB -+XEVHoh6BeCW9Ds2m/c/r2h8pZcj8FmIkoGYAvqSAqaKY5BubeCOkZCAC1qhI6jI -KPE6oWZltFcmq21ALl7vBlH4Sqgm3lJjq+qIxHCj5D9+fBuPzxLiMXDt+3+uCWr3 -xHcsR3e2apBEay7mzvOGWa+uoI8SJnzahKoRj9irgtrg2bOyPKjlz3fBqTn9TbP8 -f4FTeZjK+qsRKjQPKV3WgLOdj/A= ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem deleted file mode 100644 index d40b1c9b..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQClqTdxIM8gJHw4 -hHCywCEe7xBz2DJLNMFIFbmMXdJG81YD2NhOgfIxtMSJntRc0a3bNFg9VSAdpL2K -mJvSPhf/KBoqt0JrA26o9XzY0s/WHyYogEOUMEArcVz1ShSwlPebJt806ts74KE0 -serY/I6VgHg6UAgGVDY859wHwlrIOAhdm3dWuCFBkD0OPi+HSRkDPRYZ9t+iwJM4 -AOTMt+cO5VYp7RxFr77dbyxS4lhaRGZRA3q2y9D8EorpAcubXF1vxxYJROVRD7WR -ZcoZg6t9z5ogJLAwZuzHr0w5bOhtTRicaZ0rRrjsuVph0IrpZ7tBueFd1Ivhw96y -f/hEBizVAgMBAAECggEAFMU/r052ycfpT0jDvJW8UV2WCYBM5gMKTNh0eDX3PHAc -E8VncYh3bmYE0mB4rd6YVsicW6xFp5HVNgBmYRjp91L23O43RKWchVCqQ6FC78ze -Auv6DSVzlj7TcenE6FL1LJ3WFJNxw3Mpoyq/kE8yLWp7KIyKRQjf+Aj2HH7w1POF -zq6JI4CHFfgCnJLDr5i5insSDJqfQUMkRG1RG83YGGcQjIOSJpAF31mmZlwcRUU9 -bM0GvV2Di/M0nbjsC2fmUcbpzyrLkjtruJBcgylJhjOCP4EQ2WBvXM8SGe/U6TFe -s+SY+ZpxqWE4VOdZu+ELXjcYBB2GA8Vl2D3U8qiLIQKBgQDcWJ5uI9aYt75Z0Sln -yyluzU8ElYT8dMo73tntEmV8/gUZdbsH7Tb4j1+zsYGdu9dEhhXziJEDOt8fUV8H -I33TwJhz00vQzajh9PwkPTVFZPrnKNBA7G742vaKqeP4B4Aa3U1kX5mqnsuLsyCi -eh2Jg9lWoIxGVYPnBzhoNOhjeQKBgQDAd2DsmOx7SDRhpagSlsGSnrdQDjDnE9eT -JeJZDVHzO714QQsVfoGr37l9zUJdTEk4SQdmpIRc/ZY53w6qCeTm6O+muc1A2Ixe -p+gCh7oUfK5tRay3eAUDzl0B9SoTugD1+xL5E9lRmsK6pVm+phkmFOjaZWChehLd -+jx3NpsBPQKBgC7eWrSqwtaxHrgUGW6OdD2xRgF/nE3mua2KdWhL5XJ0xbjopePF -vU+Zj421UBCxB9T3gGvQvKenOhZ7RG9MSVNlQAhDBXlghW+qoIdEzbP5CrVopQNq -RyB/0rkj8e2sCr+sGu4it5jnNfx9GY/10ZqShQQ8GhpLzkax7nmb52JhAoGAO6hF -ONEl7Aizg9jvQePM2H+t3ninm9jAp3HEuUmxry1DS3UN1HnEA9xzCJWJDpZI09N/ -Ice454ILAKEtUHOEqjZlok5RWtpEmEp/VdlwSk1jW6ePI8dl9ooOtj6h7j9ncNeE -SARpBixsU6JRMREXFoDAtIFb9HF8S6X2/BTG8xkCgYEAq0p/qqxaPbfYdvwDhRxO -kRqFPYmblIBWY8EayzbACCOWcrDxMsXix9ZtEzNFg18M8XRAqJubewTQUQQJ0u4w -kMEmn1iBqMGH7c9DIARFfAD5oVQhFcUOosbVEL4ikTlWy8/tJuYit04Nks54NHes -YJarxN3BozGkHQoQ4d1CnrQ= ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem deleted file mode 100644 index 21373b42..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDdDCCAlygAwIBAgIUZx/3lHxj3hix4PqQ3ApWGj9yc70wDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDMyODE1MzAwN1oXDTMyMDMyNTE1MzAwN1owWzELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEXMBUGA1UEAwwOd2F6dWgxLmluZGV4ZXIwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQClqTdxIM8gJHw4hHCywCEe7xBz2DJLNMFI -FbmMXdJG81YD2NhOgfIxtMSJntRc0a3bNFg9VSAdpL2KmJvSPhf/KBoqt0JrA26o -9XzY0s/WHyYogEOUMEArcVz1ShSwlPebJt806ts74KE0serY/I6VgHg6UAgGVDY8 -59wHwlrIOAhdm3dWuCFBkD0OPi+HSRkDPRYZ9t+iwJM4AOTMt+cO5VYp7RxFr77d -byxS4lhaRGZRA3q2y9D8EorpAcubXF1vxxYJROVRD7WRZcoZg6t9z5ogJLAwZuzH -r0w5bOhtTRicaZ0rRrjsuVph0IrpZ7tBueFd1Ivhw96yf/hEBizVAgMBAAGjVjBU -MB8GA1UdIwQYMBaAFF6KmrdUD7L2FERlHi9W4AlkpWv5MAkGA1UdEwQCMAAwCwYD -VR0PBAQDAgTwMBkGA1UdEQQSMBCCDndhenVoMS5pbmRleGVyMA0GCSqGSIb3DQEB -CwUAA4IBAQAOCTZt/CT64XIJt0+cd/cIKiRU/AGa6KQI3jeYYDIGRaHvuSIgn8cK -kdUB8i6Tiri7Pwfj2oU4x06sxzKpGsED99m/Rb+MmmG9uUHKh/dwhPgXoXS/yzH5 -NPqTr06aufeJhU+/TaC/7QvI505EB3TTNh3j/lWSrGwm1lLC809kB5YiaHd1ke1D -2zo081ePh7TIHtbOlVVdRKHAe65rXl2YqrBisUjXcJIL7gmtq7mvPs9eh8on6r1f -zQ6ayiCXqMJzvPgGkg5Ph6IyiKCXIF5SZNxkEa+8vkOuUrJGJE9ZqvKDpve+BsRR -J0GBkJORTvgu+GtlMpSm3F7uzT3TzaUy ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem deleted file mode 100644 index c83353c1..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDcb6KPDkzPq30B -3bfJBFz4nGpwTJe6ywA6p5bkrWBg0x3BKxl3h1UmC+1HGf9JejtiN1Fi5oXHOG+E -cLwWIxekgeeYbaaPMCZdtvW69BLZlEQ57dwEqMBAkazgO4Mkz0OWY9NI3UsAhVC8 -Wo5BIhNBom0uVfVtIlCfQOIgZyJ5OWC3HGKG3w3/quJnCa13GqueXvIkACf8LXWb -FUc6XmGYDplc1YobEEhK2NubcrI6dhO3y67nQ+XM47EuqM9xZQGpicoNvxG5gHNj -cpONRqfOvfgqLs5Qb6MNsQo3PXWVSOULWqchwXG+iye9+x9rAfTZ4GCSQiwG6Ng2 -t8HT0dL3AgMBAAECggEAErHNAYDe9sW+ZkgdbAjYsaTiSf/U5lyM+mx4GZCymcON -xHIZSM/LYtykFOGZiuu42Y2Dc3XFZq3cl0jQSrhTKvpxX7X86CvXNR9tG5vTdWxj -lN4dSK/fDhrMpH+nkZmaS8jPhGBwGe00eaTcZ52yMGDMDZ/wnn7Ig5kHFGRqwgj5 -Tmny60vqhMh1MkFX/fdNzVkG4wKpWpfGfFWCLUa8GpOcjs7fi/YDh36ZTMlJg55G -7BR2aygFLoaBc2qNroX5Aisy+t6YAc4/amlN+N3pGU+gG94EvxP5nSvot/6bw5Se -BwIlhlylvVWM+iPuF8jkyET+gPkGnm8gP5vwhXOMUQKBgQD+F/3CPtdmSaRa91+K -GR9v1v94ChM2hbuo9HZhKNeYsiC0Eo0GspifkPVkE3Bjpa5EgzSUyOK1WiWomYZS -6An2CyNhOsMib7OcruwZ7NxL7Nlro+jH4dwXbAWF+frsKMFedjSLSLPhPJZtRPBY -39VNIRJJBh5VAw14q76hHtedgwKBgQDeFwBZeeuRM6GowCby2hlGb0TAYv9CGf8n -MwLTJdfJTGEVucYl3k73PAwlqlewGA90FTSyCo3CbrQV8YfEbqgrww3UaqHkxK0A -UBT3XJ718Sa3qOeTDEBr+1L+q6ZnyqhuMC2Lv+V84xUj3ykqC7pPDKThA6P/NDs8 -9tYdyYROfQKBgQC+CEdanREPiQgImHW1nLBsPol1x2MzJbWB2MMoSxljM+VNh4o9 -dhi7TfiYzgkCHYlF6DLNC6iyJSeA/sD9BFle0Fm3f/EssgnMpu4hPYpMpmi9Hisc -QokOY1WGK71EHf7wnMsTWF5fl6aRNjvi3BR0yMUaJB9PSScsFpZNffmX7QKBgQCb -zHkDTANUdmsG7d2k6hlnDvGlIQ2+umwDfMaTh22smndU/WEi+aRdznMbDTe8ofRd -U+8Go161MmIFLs42oAY7xPbzt+ZgjRRsLsG2kfQ1xnmJx+TEhIjA96tOWu4+y62C -tyuMaQ89oDQZWRkQlO+bOtyDucEXa/XOm76zYMX/JQKBgD6etOw9ggxRr3t7GQIT -hQK93mgdwVngu1Wp+HmTKkcBSe2fbOmxd/OZaYVDP2VgnDgAru3dv4bT8jwi1CoB -aEQrMmQ1qKPhjbIeaFFwv5oXpkeN/EM0FFf+dEEPhhVigqYW8z1OUnkJsfsCg71q -pUFpUqsZTRhSm/MTfx8CVjMj ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem deleted file mode 100644 index 317c047f..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDdDCCAlygAwIBAgIUZx/3lHxj3hix4PqQ3ApWGj9yc74wDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDMyODE1MzAwOFoXDTMyMDMyNTE1MzAwOFowWzELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEXMBUGA1UEAwwOd2F6dWgyLmluZGV4ZXIwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcb6KPDkzPq30B3bfJBFz4nGpwTJe6ywA6 -p5bkrWBg0x3BKxl3h1UmC+1HGf9JejtiN1Fi5oXHOG+EcLwWIxekgeeYbaaPMCZd -tvW69BLZlEQ57dwEqMBAkazgO4Mkz0OWY9NI3UsAhVC8Wo5BIhNBom0uVfVtIlCf -QOIgZyJ5OWC3HGKG3w3/quJnCa13GqueXvIkACf8LXWbFUc6XmGYDplc1YobEEhK -2NubcrI6dhO3y67nQ+XM47EuqM9xZQGpicoNvxG5gHNjcpONRqfOvfgqLs5Qb6MN -sQo3PXWVSOULWqchwXG+iye9+x9rAfTZ4GCSQiwG6Ng2t8HT0dL3AgMBAAGjVjBU -MB8GA1UdIwQYMBaAFF6KmrdUD7L2FERlHi9W4AlkpWv5MAkGA1UdEwQCMAAwCwYD -VR0PBAQDAgTwMBkGA1UdEQQSMBCCDndhenVoMi5pbmRleGVyMA0GCSqGSIb3DQEB -CwUAA4IBAQCK6zKAcD2FD19X/P/NSNsZgrbqcBWuE+oh4L/xG5F1Qb55tgq/rHM2 -dp5RjAl+KKetFJBjifdCTqE3Vmc572jl6iTZUrUdc8R0g+46nsUS1IWz8PcEy26j -jWPMOzvRFJRlTk1ZztyF7gr0U1CTnbJ+T4Rgg3Yhs6/NqxtqjI+n9LKVdkEI4aJa -IwG+4LarEpaQ+f+bv9ghZzBkTxH6SnO5F+NX3beo/bhAkEfXkCVNcTtQfhSPabSO -1G3G/NDjaU0A/NKZIL0I3vEvsn+9ivX8hp3UYNWKIV6EUdD7X7zPB3EvQ9obaOmu -9i9NbBwUi3V8FkNP5R4alt1RwMbvIJXw ------END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem deleted file mode 100644 index d13e74ed..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC9DCg9WXz2kPz/ -ZGWOduqHq/KNlwjy8x+me2xm7I2N182Ar16ESqNlen0mbSIF65A0QbaePp/yNJAW -S+weO2SKYxluNLUV4Y5fOBPLNhqb1w8lkcnPgXewtGV4NltHkm8phjQ28gXu1QSH -ugC+cmTDTx8BXH1GVkUAGlzFrEcjKid4YKV/zwz9TtMAsLCrhmaQpwEOFFsB+nQ3 -PQLV27pMrYoRWPXXfQyzFBA9uxfJ4FVBZyQMGK7tsRMuka8DuABJ+IdgNg23MtN4 -4u7O+Ct7GjYm5FeHHx1I86rhNQGL7twZQeSfApbNqMP1fVU019zVBF9hBJ+KQwIV -huKZpcppAgMBAAECggEBAKfIQ2p3ot3evnwYab3wMqSo6gPaOVoOh1elkQckCVoL -XttISdWVvMES3kIdd6XTdM+8RszZffFjz0HKrkwCoG/mFirmYpWB8271ATRI14La -cxn/8yHUoRrWcHwpmgfCoiAzeOIPGU7oBjZD0ec09dMVxMnbgV/Mrz6xJwdVqGk+ -uOoja+npJozfgax9wf7RPQqTz0yWaSk8GmZQWHltlAsw6rmlkqlcm1BfnHPuCJox -dCh1EP8xWf/pp60GLQiPmLX2CuInvK7PIe/aNVmnlJ4dTWlOJYPyBzaeNOsu22rQ -Kfu5tAN/b6CoYHEI6zUjgB/bKmZ1jYzAsVALcnIhtJECgYEA4DJ4QTGQKtJL1osS -zSuCWgH19kjbOdqcytbwwRqW35YURttvr8X+WJ12lhOXKSqnabjWFom1SSh6EAV7 -kanE8A+HRTvfec+Z3s+uNqLg2Cx0xojPB7kCabL/FD62DJsUASBTzcE8dE8Z101C -0h2UiR0fja1aQR9hLHhVTEkDxcUCgYEA191B2zM9ON97LrjToWYzihY+G5g/cknT -oEpEJ6sN8AZ23xIDXPNqW5jRQSlObs/6uWCAN0WYq3D8IAjEvCDgGfzkRwopPa+N -cE5T7G3cEMQGLHSw9GhsN/XBjaVIbUKG2WNu829n2sMTyQOKSLiP5jIMw5NMexhI -TNdcqidCoFUCgYEAh0KLwLFZTCxx6q8fGb89NnZmYT8VXDMjU1EYETise5o9A37S -RBbM28OsTuDk2sZMGIGWUCSmxctw0QetxHTLRxXnQ4La0c/JAl8DuRzNUD6J+VmC -piMdbI28TQeEp9hL2l4ZkVIa2gT7DyUiwkdsXMjAR6alhBKdesnilFKcvw0CgYEA -0zJu1H/1TkeYxcWfiTHtCxVn/qeeq7r/irweopEBOe2ZL/b3w2GElcmWMiKv0ks6 -C1UXHPzCujn4836gvU+M8uAymC6g2vF/eHmqMo/p151yTNx+pSHlf3q6vFMR4ZRN -SzO1wgclnStvmCQWj7/DSn19b3wWP/kqA8RRrUhsL2ECgYBaBIK/b1GgY1L066Mk -qHG4wpySFkCDZc2/6HMeLigdlzJrjvj4NwBQi39/gDu9JfujFb9vaN3rH8SsnIwe -57QuMtToVarXZ9vcuMOw6K3c0ySTCx1cIerUFbEW5ND9h8NmQaT6NfAutlDjXOnl -I5x3gxXNPSUgmcscq5cEgUgoKg== ------END PRIVATE KEY----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem b/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem deleted file mode 100644 index 63506822..00000000 --- a/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDdDCCAlygAwIBAgIUZx/3lHxj3hix4PqQ3ApWGj9yc78wDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDMyODE1MzAwOFoXDTMyMDMyNTE1MzAwOFowWzELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEXMBUGA1UEAwwOd2F6dWgzLmluZGV4ZXIwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9DCg9WXz2kPz/ZGWOduqHq/KNlwjy8x+m -e2xm7I2N182Ar16ESqNlen0mbSIF65A0QbaePp/yNJAWS+weO2SKYxluNLUV4Y5f -OBPLNhqb1w8lkcnPgXewtGV4NltHkm8phjQ28gXu1QSHugC+cmTDTx8BXH1GVkUA -GlzFrEcjKid4YKV/zwz9TtMAsLCrhmaQpwEOFFsB+nQ3PQLV27pMrYoRWPXXfQyz -FBA9uxfJ4FVBZyQMGK7tsRMuka8DuABJ+IdgNg23MtN44u7O+Ct7GjYm5FeHHx1I -86rhNQGL7twZQeSfApbNqMP1fVU019zVBF9hBJ+KQwIVhuKZpcppAgMBAAGjVjBU -MB8GA1UdIwQYMBaAFF6KmrdUD7L2FERlHi9W4AlkpWv5MAkGA1UdEwQCMAAwCwYD -VR0PBAQDAgTwMBkGA1UdEQQSMBCCDndhenVoMy5pbmRleGVyMA0GCSqGSIb3DQEB -CwUAA4IBAQCQY6njvKzfcfntjLm5EzvQhxFAl9KZKzZZUoDcsnCSPFG0Ke0FWc4V -5i/oMpWQDQM23Ds6po4Epd819LHexfeEPtSnqZ5lVyd913QT6V2SkRjgXm1Q+tIY -VYZk9h8CUQXwpNaBz1Muu+MafiSgQwPwToGgLv0drw+nLAY4FjlX5KiO31VjXlbr -819U0rCbGQHEShbOolBtThwwJVnGjb4pu0eUVbu1eSgyx1Q85ONTrlCOkpjfgDdx -3BIT7WH5LxZ3n21MBXGxT8YDX5aWGapp7mBHtXni3IzKwHrjZkBNO7POeKeABRyP -Q4jiYaEv1S0j681hR2w2zpqw82Wgx8A3 ------END CERTIFICATE----- From 2d6449641a34fac6dc3e3e3b770bf8934ca25631 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 29 Mar 2022 09:08:02 -0300 Subject: [PATCH 094/163] Repository Correction --- wazuh-dashboard/Dockerfile | 2 +- wazuh-manager/Dockerfile | 2 +- wazuh-manager/config/wazuh.repo | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/wazuh-dashboard/Dockerfile b/wazuh-dashboard/Dockerfile index 5e641260..8f38685f 100644 --- a/wazuh-dashboard/Dockerfile +++ b/wazuh-dashboard/Dockerfile @@ -25,7 +25,7 @@ RUN $INSTALL_DIR/bin/opensearch-dashboards-keystore create --allow-root && \ echo kibanaserver | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.password --stdin --allow-root # Install Wazuh App -RUN $INSTALL_DIR/bin/opensearch-dashboards-plugin install https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}.zip --allow-root +RUN $INSTALL_DIR/bin/opensearch-dashboards-plugin install https://packages.wazuh.com/4.x/ui/dashboard/wazuh-${WAZUH_VERSION}.zip --allow-root # Copy and set permissions to config files COPY config/opensearch_dashboards.yml $INSTALL_DIR/config/ diff --git a/wazuh-manager/Dockerfile b/wazuh-manager/Dockerfile index c0f3757d..1da3d314 100644 --- a/wazuh-manager/Dockerfile +++ b/wazuh-manager/Dockerfile @@ -8,7 +8,7 @@ ARG TEMPLATE_VERSION="master" ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" # Set repositories. -RUN rpm --import https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH +RUN rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH COPY config/wazuh.repo /etc/yum.repos.d/wazuh.repo diff --git a/wazuh-manager/config/wazuh.repo b/wazuh-manager/config/wazuh.repo index 4b673ff0..e230d6a9 100644 --- a/wazuh-manager/config/wazuh.repo +++ b/wazuh-manager/config/wazuh.repo @@ -1,7 +1,7 @@ [wazuh_repo] gpgcheck=1 -gpgkey=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH +gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH enabled=1 name=Wazuh repository -baseurl=https://packages-dev.wazuh.com/pre-release/yum/ +baseurl=https://packages.wazuh.com/4.x/yum/ protect=1 From 3e923d7630e66b3d1df2bd4089bfc50d29c2c4b7 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 29 Mar 2022 12:50:52 -0300 Subject: [PATCH 095/163] Change Indexer service name and volumes --- Migration-to-indexer-dashboard.md | 272 +++++++++++++++++++++++++++++- 1 file changed, 265 insertions(+), 7 deletions(-) diff --git a/Migration-to-indexer-dashboard.md b/Migration-to-indexer-dashboard.md index cc38fb9c..d4e59344 100644 --- a/Migration-to-indexer-dashboard.md +++ b/Migration-to-indexer-dashboard.md @@ -14,7 +14,7 @@ Assuming that you have a v4.2.5 production deployment, perform the following ste **3. Inspect Elastic volume** `docker volume inspect wazuh-docker_elastic-data-1` -**4. Run the volume create command:** create 3 new Indexer volumes using the `com.docker.compose.version` label value from the previous command. +**4. Run the volume create command:** create new Indexer and Wazuh Manager volumes using the `com.docker.compose.version` label value from the previous command. ``` docker volume create \ --label com.docker.compose.project=wazuh-docker \ @@ -36,27 +36,285 @@ docker volume create \ --label com.docker.compose.volume=wazuh-indexer-data-3 \ wazuh-docker_wazuh-indexer-data-3 ``` - -**5. Copy the volume content from Elastic to Wazuh indexer volumes.** +``` +docker volume create \ + --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=master_wazuh_api_configuration \ + wazuh-docker_master_wazuh_api_configuration +``` +``` +docker volume create \ + --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=master_wazuh_etc \ + wazuh-master_docker_wazuh_etc +``` +``` +docker volume create \ + --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=master-wazuh-logs \ + wazuh-docker_master-wazuh-logs +``` +``` +docker volume create \ + --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=master-wazuh-queue \ + wazuh-docker_master-wazuh-queue +``` +``` +docker volume create \ + --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=master-wazuh-var-multigroups \ + wazuh-docker_master-wazuh-var-multigroups +``` +``` +docker volume create \ + --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=master-wazuh-integrations \ + wazuh-docker_master-wazuh-integrations +``` +``` +docker volume create \ + --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=master-wazuh-active-response \ + wazuh-docker_master-wazuh-active-response +``` +``` +docker volume create \ + --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=master-wazuh-agentless \ + wazuh-docker_master-wazuh-agentless +``` +``` +docker volume create \ + --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=master-wazuh-wodles \ + wazuh-docker_master-wazuh-wodles +``` +``` +docker volume create \ + --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=master-filebeat-etc \ + wazuh-docker_master-filebeat-etc +``` +``` +docker volume create \ + --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=master-filebeat-var \ + wazuh-docker_master-filebeat-var +``` +``` +docker volume create \ + --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=worker_wazuh_api_configuration \ + wazuh-docker_worker_wazuh_api_configuration +``` +``` +docker volume create \ + --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=worker_wazuh_etc \ + wazuh-worker_docker_wazuh_etc +``` +``` +docker volume create \ + --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=worker-wazuh-logs \ + wazuh-docker_worker-wazuh-logs +``` +``` +docker volume create \ + --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=worker-wazuh-queue \ + wazuh-docker_worker-wazuh-queue +``` +``` +docker volume create \ + --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=worker-wazuh-var-multigroups \ + wazuh-docker_worker-wazuh-var-multigroups +``` +``` +docker volume create \ + --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=worker-wazuh-integrations \ + wazuh-docker_worker-wazuh-integrations +``` +``` +docker volume create \ + --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=worker-wazuh-active-response \ + wazuh-docker_worker-wazuh-active-response +``` +``` +docker volume create \ + --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=worker-wazuh-agentless \ + wazuh-docker_worker-wazuh-agentless +``` +``` +docker volume create \ + --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=worker-wazuh-wodles \ + wazuh-docker_worker-wazuh-wodles +``` +**5. Copy the volume content from Elastic to Wazuh indexer volumes and old Wazuh Manager content to new volumes.** ``` docker container run --rm -it \ -v wazuh-docker_elastic-data-1:/from \ -v wazuh-docker_wazuh-indexer-data-1:/to \ - alpine ash -c "cd /from ; cp -av . /to" + alpine ash -c "cd /from ; cp -avp . /to" ``` ``` docker container run --rm -it \ -v wazuh-docker_elastic-data-2:/from \ -v wazuh-docker_wazuh-indexer-data-2:/to \ - alpine ash -c "cd /from ; cp -av . /to" + alpine ash -c "cd /from ; cp -avp . /to" ``` ``` docker container run --rm -it \ -v wazuh-docker_elastic-data-3:/from \ -v wazuh-docker_wazuh-indexer-data-3:/to \ - alpine ash -c "cd /from ; cp -av . /to" + alpine ash -c "cd /from ; cp -avp . /to" +``` +``` +docker container run --rm -it \ + -v wazuh-docker_ossec-api-configuration:/from \ + -v wazuh-docker_master-wazuh-api-configuration:/to \ + alpine ash -c "cd /from ; cp -avp . /to" +``` +``` +docker container run --rm -it \ + -v wazuh-docker_ossec-etc:/from \ + -v wazuh-docker_master-wazuh-etc:/to \ + alpine ash -c "cd /from ; cp -avp . /to" +``` +``` +docker container run --rm -it \ + -v wazuh-docker_ossec-logs:/from \ + -v wazuh-docker_master-wazuh-logs:/to \ + alpine ash -c "cd /from ; cp -avp . /to" +``` +``` +docker container run --rm -it \ + -v wazuh-docker_ossec-queue:/from \ + -v wazuh-docker_master-wazuh-queue:/to \ + alpine ash -c "cd /from ; cp -avp . /to" +``` +``` +docker container run --rm -it \ + -v wazuh-docker_ossec-var-multigroups:/from \ + -v wazuh-docker_master-wazuh-var-multigroups:/to \ + alpine ash -c "cd /from ; cp -avp . /to" +``` +``` +docker container run --rm -it \ + -v wazuh-docker_ossec-integrations:/from \ + -v wazuh-docker_master-wazuh-integrations:/to \ + alpine ash -c "cd /from ; cp -avp . /to" +``` +``` +docker container run --rm -it \ + -v wazuh-docker_ossec-active-response:/from \ + -v wazuh-docker_master-wazuh-active-response:/to \ + alpine ash -c "cd /from ; cp -avp . /to" +``` +``` +docker container run --rm -it \ + -v wazuh-docker_ossec-agentless:/from \ + -v wazuh-docker_master-wazuh-agentless:/to \ + alpine ash -c "cd /from ; cp -avp . /to" +``` +``` +docker container run --rm -it \ + -v wazuh-docker_ossec-wodles:/from \ + -v wazuh-docker_master-wazuh-wodles:/to \ + alpine ash -c "cd /from ; cp -avp . /to" +``` +``` +docker container run --rm -it \ + -v wazuh-docker_filebeat-etc:/from \ + -v wazuh-docker_master-filebeat-etc:/to \ + alpine ash -c "cd /from ; cp -avp . /to" +``` +``` +docker container run --rm -it \ + -v wazuh-docker_filebeat-var:/from \ + -v wazuh-docker_master-filebeat-var:/to \ + alpine ash -c "cd /from ; cp -avp . /to" +``` +``` +docker container run --rm -it \ + -v wazuh-docker_worker-ossec-api-configuration:/from \ + -v wazuh-docker_worker-wazuh-api-configuration:/to \ + alpine ash -c "cd /from ; cp -avp . /to" +``` +``` +docker container run --rm -it \ + -v wazuh-docker_worker-ossec-etc:/from \ + -v wazuh-docker_worker-wazuh-etc:/to \ + alpine ash -c "cd /from ; cp -avp . /to" +``` +``` +docker container run --rm -it \ + -v wazuh-docker_worker-ossec-logs:/from \ + -v wazuh-docker_worker-wazuh-logs:/to \ + alpine ash -c "cd /from ; cp -avp . /to" +``` +``` +docker container run --rm -it \ + -v wazuh-docker_worker-ossec-queue:/from \ + -v wazuh-docker_worker-wazuh-queue:/to \ + alpine ash -c "cd /from ; cp -avp . /to" +``` +``` +docker container run --rm -it \ + -v wazuh-docker_worker-ossec-var-multigroups:/from \ + -v wazuh-docker_worker-wazuh-var-multigroups:/to \ + alpine ash -c "cd /from ; cp -avp . /to" +``` +``` +docker container run --rm -it \ + -v wazuh-docker_worker-ossec-integrations:/from \ + -v wazuh-docker_worker-wazuh-integrations:/to \ + alpine ash -c "cd /from ; cp -avp . /to" +``` +``` +docker container run --rm -it \ + -v wazuh-docker_worker-ossec-active-response:/from \ + -v wazuh-docker_worker-wazuh-active-response:/to \ + alpine ash -c "cd /from ; cp -avp . /to" +``` +``` +docker container run --rm -it \ + -v wazuh-docker_worker-ossec-agentless:/from \ + -v wazuh-docker_worker-wazuh-agentless:/to \ + alpine ash -c "cd /from ; cp -avp . /to" +``` +``` +docker container run --rm -it \ + -v wazuh-docker_worker-ossec-wodles:/from \ + -v wazuh-docker_worker-wazuh-wodles:/to \ + alpine ash -c "cd /from ; cp -avp . /to" ``` - **6. Delete the 4.2.5 environment.** `docker-compose -f production-cluster.yml down` From 48c42bf88f910d7eeb7695590a058f8b18ea2ef2 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 29 Mar 2022 12:55:25 -0300 Subject: [PATCH 096/163] Change Indexer service name and volumes --- Migration-to-indexer-dashboard.md => Migration-to-Wazuh-4.3.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename Migration-to-indexer-dashboard.md => Migration-to-Wazuh-4.3.md (100%) diff --git a/Migration-to-indexer-dashboard.md b/Migration-to-Wazuh-4.3.md similarity index 100% rename from Migration-to-indexer-dashboard.md rename to Migration-to-Wazuh-4.3.md From 8b7747302e556675a773fb27501a9d76dda1f4f5 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 29 Mar 2022 12:59:01 -0300 Subject: [PATCH 097/163] Change Indexer service name and volumes --- Migration-to-Wazuh-4.3.md | 1 + 1 file changed, 1 insertion(+) diff --git a/Migration-to-Wazuh-4.3.md b/Migration-to-Wazuh-4.3.md index d4e59344..a4caa7a1 100644 --- a/Migration-to-Wazuh-4.3.md +++ b/Migration-to-Wazuh-4.3.md @@ -321,6 +321,7 @@ docker container run --rm -it \ **7. Start the 4.3 environment.** ``` git checkout 4.3 +docker-compose -f generate-indexer-certs.yml run --rm generator docker-compose -f production-cluster.yml up -d ``` From 3d0c356be92848e0ee4de30d9400099013cea70d Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 29 Mar 2022 14:25:15 -0300 Subject: [PATCH 098/163] Remove https nginx configuration --- production-cluster.yml | 4 ++-- production_cluster/nginx/nginx.conf | 21 --------------------- 2 files changed, 2 insertions(+), 23 deletions(-) diff --git a/production-cluster.yml b/production-cluster.yml index 18c59a9a..be77f19e 100644 --- a/production-cluster.yml +++ b/production-cluster.yml @@ -140,6 +140,8 @@ services: image: wazuh/wazuh-dashboard:4.3.0 hostname: wazuh.dashboard restart: always + ports: + - 443:443 environment: - OPENSEARCH_HOSTS="https://wazuh1.indexer:9200" - WAZUH_API_URL="https://wazuh.master" @@ -162,8 +164,6 @@ services: hostname: nginx restart: always ports: - - "80:80" - - "443:443" - "1514:1514" depends_on: - wazuh.master diff --git a/production_cluster/nginx/nginx.conf b/production_cluster/nginx/nginx.conf index b2103bb0..92deb263 100644 --- a/production_cluster/nginx/nginx.conf +++ b/production_cluster/nginx/nginx.conf @@ -28,27 +28,6 @@ http { server_tokens off; gzip on; - # Dashboard UI - server { - listen 80; - listen [::]:80; - return 301 https://$host:443$request_uri; - } - - server { - listen 443 default_server ssl http2; - listen [::]:443 ssl http2; - ssl_certificate /etc/nginx/ssl/cert.pem; - ssl_certificate_key /etc/nginx/ssl/key.pem; - location / { - proxy_pass https://wazuh.dashboard:443/; - proxy_ssl_verify off; - proxy_buffer_size 128k; - proxy_buffers 4 256k; - proxy_busy_buffers_size 256k; - } - } - } From dbb46a913e8833f0ac19ab773009ba46c9f90d91 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Wed, 30 Mar 2022 14:07:52 -0300 Subject: [PATCH 099/163] Change directories structure --- .goss.yaml => .github/.goss.yaml | 0 .github/workflows/push.yml | 2 +- README.md | 158 +++++----- .../docker-compose.yml | 0 .../wazuh-dashboard}/Dockerfile | 2 +- .../wazuh-dashboard}/config/config.sh | 0 .../wazuh-dashboard}/config/config.yml | 0 .../wazuh-dashboard}/config/entrypoint.sh | 0 .../config/opensearch_dashboards.yml | 0 .../wazuh-dashboard}/config/wazuh.yml | 0 .../config/wazuh_app_config.sh | 0 .../wazuh-indexer}/Dockerfile | 0 .../wazuh-indexer}/config/config.sh | 0 .../wazuh-indexer}/config/config.yml | 0 .../wazuh-indexer}/config/entrypoint.sh | 0 .../wazuh-indexer}/config/internal_users.yml | 0 .../wazuh-indexer}/config/opensearch.yml | 0 .../wazuh-indexer}/config/roles.yml | 0 .../wazuh-indexer}/config/roles_mapping.yml | 0 .../wazuh-indexer}/config/securityadmin.sh | 0 .../wazuh-manager}/Dockerfile | 2 +- .../wazuh-manager}/config/create_user.py | 0 .../config/etc/cont-init.d/0-wazuh-init | 0 .../config/etc/cont-init.d/1-config-filebeat | 0 .../config/etc/cont-init.d/2-manager | 0 .../config/etc/services.d/filebeat/finish | 0 .../config/etc/services.d/filebeat/run | 0 .../config/etc/services.d/ossec-logs/run | 0 .../wazuh-manager}/config/filebeat.yml | 0 .../wazuh-manager}/config/permanent_data.env | 0 .../wazuh-manager}/config/permanent_data.sh | 0 .../wazuh-manager/config/wazuh.repo | 7 + .../Migration-to-Wazuh-4.3.md | 186 +++++++----- .../docker-compose.yml | 1 - .../generate-indexer-certs.yml | 0 .../production_cluster}/nginx/nginx.conf | 0 .../wazuh-indexer/internal_users.yml | 0 .../wazuh-indexer/wazuh1.indexer.yml | 0 .../wazuh-indexer/wazuh2.indexer.yml | 0 .../wazuh-indexer/wazuh3.indexer.yml | 0 .../wazuh_cluster/wazuh_manager.conf | 0 .../wazuh_cluster/wazuh_worker.conf | 0 .../wazuh_dashboard/opensearch_dashboards.yml | 0 .../wazuh_dashboard/wazuh.yml | 0 .../wazuh_indexer_ssl_certs/admin-key.pem | 28 ++ .../wazuh_indexer_ssl_certs/admin.pem | 19 ++ .../wazuh_indexer_ssl_certs/certs.yml | 0 .../wazuh_indexer_ssl_certs/root-ca.key | 28 ++ .../wazuh_indexer_ssl_certs/root-ca.pem | 20 ++ .../wazuh.dashboard-key.pem | 28 ++ .../wazuh.dashboard.pem | 21 ++ .../wazuh.master-key.pem | 28 ++ .../wazuh_indexer_ssl_certs/wazuh.master.pem | 21 ++ .../wazuh.worker-key.pem | 28 ++ .../wazuh_indexer_ssl_certs/wazuh.worker.pem | 21 ++ .../wazuh1.indexer-key.pem | 28 ++ .../wazuh1.indexer.pem | 21 ++ .../wazuh2.indexer-key.pem | 28 ++ .../wazuh2.indexer.pem | 21 ++ .../wazuh3.indexer-key.pem | 28 ++ .../wazuh3.indexer.pem | 21 ++ multi-node/volume-migrator.sh | 279 ++++++++++++++++++ .../nginx/ssl/generate-self-signed-cert.sh | 12 - .../docker-compose.yml | 3 + wazuh-manager/config/wazuh.repo | 7 - 65 files changed, 880 insertions(+), 168 deletions(-) rename .goss.yaml => .github/.goss.yaml (100%) rename build-wazuh-images.yml => build-docker-images/docker-compose.yml (100%) rename {wazuh-dashboard => build-docker-images/wazuh-dashboard}/Dockerfile (97%) rename {wazuh-dashboard => build-docker-images/wazuh-dashboard}/config/config.sh (100%) rename {wazuh-dashboard => build-docker-images/wazuh-dashboard}/config/config.yml (100%) rename {wazuh-dashboard => build-docker-images/wazuh-dashboard}/config/entrypoint.sh (100%) rename {wazuh-dashboard => build-docker-images/wazuh-dashboard}/config/opensearch_dashboards.yml (100%) rename {wazuh-dashboard => build-docker-images/wazuh-dashboard}/config/wazuh.yml (100%) rename {wazuh-dashboard => build-docker-images/wazuh-dashboard}/config/wazuh_app_config.sh (100%) rename {wazuh-indexer => build-docker-images/wazuh-indexer}/Dockerfile (100%) rename {wazuh-indexer => build-docker-images/wazuh-indexer}/config/config.sh (100%) rename {wazuh-indexer => build-docker-images/wazuh-indexer}/config/config.yml (100%) rename {wazuh-indexer => build-docker-images/wazuh-indexer}/config/entrypoint.sh (100%) rename {wazuh-indexer => build-docker-images/wazuh-indexer}/config/internal_users.yml (100%) rename {wazuh-indexer => build-docker-images/wazuh-indexer}/config/opensearch.yml (100%) rename {wazuh-indexer => build-docker-images/wazuh-indexer}/config/roles.yml (100%) rename {wazuh-indexer => build-docker-images/wazuh-indexer}/config/roles_mapping.yml (100%) rename {wazuh-indexer => build-docker-images/wazuh-indexer}/config/securityadmin.sh (100%) rename {wazuh-manager => build-docker-images/wazuh-manager}/Dockerfile (97%) rename {wazuh-manager => build-docker-images/wazuh-manager}/config/create_user.py (100%) rename {wazuh-manager => build-docker-images/wazuh-manager}/config/etc/cont-init.d/0-wazuh-init (100%) rename {wazuh-manager => build-docker-images/wazuh-manager}/config/etc/cont-init.d/1-config-filebeat (100%) rename {wazuh-manager => build-docker-images/wazuh-manager}/config/etc/cont-init.d/2-manager (100%) rename {wazuh-manager => build-docker-images/wazuh-manager}/config/etc/services.d/filebeat/finish (100%) rename {wazuh-manager => build-docker-images/wazuh-manager}/config/etc/services.d/filebeat/run (100%) rename {wazuh-manager => build-docker-images/wazuh-manager}/config/etc/services.d/ossec-logs/run (100%) rename {wazuh-manager => build-docker-images/wazuh-manager}/config/filebeat.yml (100%) rename {wazuh-manager => build-docker-images/wazuh-manager}/config/permanent_data.env (100%) rename {wazuh-manager => build-docker-images/wazuh-manager}/config/permanent_data.sh (100%) create mode 100644 build-docker-images/wazuh-manager/config/wazuh.repo rename Migration-to-Wazuh-4.3.md => multi-node/Migration-to-Wazuh-4.3.md (60%) rename production-cluster.yml => multi-node/docker-compose.yml (99%) rename generate-indexer-certs.yml => multi-node/generate-indexer-certs.yml (100%) rename {production_cluster => multi-node/production_cluster}/nginx/nginx.conf (100%) rename {production_cluster => multi-node/production_cluster}/wazuh-indexer/internal_users.yml (100%) rename {production_cluster => multi-node/production_cluster}/wazuh-indexer/wazuh1.indexer.yml (100%) rename {production_cluster => multi-node/production_cluster}/wazuh-indexer/wazuh2.indexer.yml (100%) rename {production_cluster => multi-node/production_cluster}/wazuh-indexer/wazuh3.indexer.yml (100%) rename {production_cluster => multi-node/production_cluster}/wazuh_cluster/wazuh_manager.conf (100%) rename {production_cluster => multi-node/production_cluster}/wazuh_cluster/wazuh_worker.conf (100%) rename {production_cluster => multi-node/production_cluster}/wazuh_dashboard/opensearch_dashboards.yml (100%) rename {production_cluster => multi-node/production_cluster}/wazuh_dashboard/wazuh.yml (100%) create mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem create mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/admin.pem rename {production_cluster => multi-node/production_cluster}/wazuh_indexer_ssl_certs/certs.yml (100%) create mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/root-ca.key create mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem create mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem create mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem create mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem create mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem create mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem create mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem create mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem create mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem create mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem create mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem create mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem create mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem create mode 100755 multi-node/volume-migrator.sh delete mode 100644 production_cluster/nginx/ssl/generate-self-signed-cert.sh rename docker-compose.yml => single-node/docker-compose.yml (95%) delete mode 100644 wazuh-manager/config/wazuh.repo diff --git a/.goss.yaml b/.github/.goss.yaml similarity index 100% rename from .goss.yaml rename to .github/.goss.yaml diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 3d74554e..4baac58a 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -28,4 +28,4 @@ jobs: run: dgoss run wazuh/wazuh-manager:4.3.0 env: GOSS_SLEEP: 30 - GOSS_FILE: .goss.yaml \ No newline at end of file + GOSS_FILE: .github/.goss.yaml \ No newline at end of file diff --git a/README.md b/README.md index 2ad15dc0..3fe3d627 100644 --- a/README.md +++ b/README.md @@ -39,7 +39,7 @@ API_USERNAME="wazuh" # Wazuh API username API_PASSWORD="wazuh" # Wazuh API password - Must comply with requirements # (8+ length, uppercase, lowercase, specials chars) -INDEXER_URL=https://wazuh.indexer:9200 # Wazuh indexer URL +INDEXER_URL=https://wazuh.indexer:9200 # Wazuh indexer URL INDEXER_USERNAME=admin # Wazuh indexer Username INDEXER_PASSWORD=admin # Wazuh indexer Password FILEBEAT_SSL_VERIFICATION_MODE=full # Filebeat SSL Verification mode (full or none) @@ -87,73 +87,95 @@ ADMIN_PRIVILEGES=true # App privileges ## Directory structure - ├── build-wazuh-images.yml - ├── CHANGELOG.md - ├── docker-compose.yml - ├── generate-indexer-certs.yml - ├── indexer_certs_creator - │ ├── config - │ │ └── entrypoint.sh - │ └── Dockerfile - ├── LICENSE - ├── production_cluster - │ ├── nginx - │ │ ├── nginx.conf - │ │ └── ssl - │ │ └── generate-self-signed-cert.sh - │ ├── wazuh_cluster - │ │ ├── wazuh_manager.conf - │ │ └── wazuh_worker.conf - │ ├── wazuh_dashboard - │ │ ├── opensearch_dashboards.yml - │ │ └── wazuh.yml - │ ├── wazuh-indexer - │ │ ├── internal_users.yml - │ │ ├── wazuh1.indexer.yml - │ │ ├── wazuh2.indexer.yml - │ │ └── wazuh3.indexer.yml - │ └── wazuh_indexer_ssl_certs - │ └── certs.yml - ├── production-cluster.yml - ├── README.md - ├── VERSION - ├── wazuh-dashboard - │ ├── config - │ │ ├── entrypoint.sh - │ │ ├── opensearch_dashboards.yml - │ │ ├── wazuh_app_config.sh - │ │ └── wazuh.yml - │ └── Dockerfile - ├── wazuh-indexer - │ ├── config - │ │ ├── config.sh - │ │ ├── config.yml - │ │ ├── entrypoint.sh - │ │ ├── internal_users.yml - │ │ ├── opensearch.yml - │ │ ├── roles_mapping.yml - │ │ ├── roles.yml - │ │ └── securityadmin.sh - │ └── Dockerfile - └── wazuh-manager - ├── config - │ ├── create_user.py - │ ├── etc - │ │ ├── cont-init.d - │ │ │ ├── 0-wazuh-init - │ │ │ ├── 1-config-filebeat - │ │ │ └── 2-manager - │ │ └── services.d - │ │ ├── filebeat - │ │ │ ├── finish - │ │ │ └── run - │ │ └── ossec-logs - │ │ └── run - │ ├── filebeat.yml - │ ├── permanent_data.env - │ ├── permanent_data.sh - │ └── wazuh.repo - └── Dockerfile +├── build-docker-images +│   ├── docker-compose.yml +│   ├── wazuh-dashboard +│   │   ├── config +│   │   │   ├── config.sh +│   │   │   ├── config.yml +│   │   │   ├── entrypoint.sh +│   │   │   ├── opensearch_dashboards.yml +│   │   │   ├── wazuh_app_config.sh +│   │   │   └── wazuh.yml +│   │   └── Dockerfile +│   ├── wazuh-indexer +│   │   ├── config +│   │   │   ├── config.sh +│   │   │   ├── config.yml +│   │   │   ├── entrypoint.sh +│   │   │   ├── internal_users.yml +│   │   │   ├── opensearch.yml +│   │   │   ├── roles_mapping.yml +│   │   │   ├── roles.yml +│   │   │   └── securityadmin.sh +│   │   └── Dockerfile +│   └── wazuh-manager +│   ├── config +│   │   ├── create_user.py +│   │   ├── etc +│   │   │   ├── cont-init.d +│   │   │   │   ├── 0-wazuh-init +│   │   │   │   ├── 1-config-filebeat +│   │   │   │   └── 2-manager +│   │   │   └── services.d +│   │   │   ├── filebeat +│   │   │   │   ├── finish +│   │   │   │   └── run +│   │   │   └── ossec-logs +│   │   │   └── run +│   │   ├── filebeat.yml +│   │   ├── permanent_data.env +│   │   ├── permanent_data.sh +│   │   └── wazuh.repo +│   └── Dockerfile +├── CHANGELOG.md +├── indexer_certs_creator +│   ├── config +│   │   └── entrypoint.sh +│   └── Dockerfile +├── LICENSE +├── multi-node +│   ├── docker-compose.yml +│   ├── generate-indexer-certs.yml +│   ├── Migration-to-Wazuh-4.3.md +│   ├── production_cluster +│   │   ├── nginx +│   │   │   └── nginx.conf +│   │   ├── wazuh_cluster +│   │   │   ├── wazuh_manager.conf +│   │   │   └── wazuh_worker.conf +│   │   ├── wazuh_dashboard +│   │   │   ├── opensearch_dashboards.yml +│   │   │   └── wazuh.yml +│   │   ├── wazuh-indexer +│   │   │   ├── internal_users.yml +│   │   │   ├── wazuh1.indexer.yml +│   │   │   ├── wazuh2.indexer.yml +│   │   │   └── wazuh3.indexer.yml +│   │   └── wazuh_indexer_ssl_certs +│   │   ├── admin-key.pem +│   │   ├── admin.pem +│   │   ├── certs.yml +│   │   ├── root-ca.key +│   │   ├── root-ca.pem +│   │   ├── wazuh1.indexer-key.pem +│   │   ├── wazuh1.indexer.pem +│   │   ├── wazuh2.indexer-key.pem +│   │   ├── wazuh2.indexer.pem +│   │   ├── wazuh3.indexer-key.pem +│   │   ├── wazuh3.indexer.pem +│   │   ├── wazuh.dashboard-key.pem +│   │   ├── wazuh.dashboard.pem +│   │   ├── wazuh.master-key.pem +│   │   ├── wazuh.master.pem +│   │   ├── wazuh.worker-key.pem +│   │   └── wazuh.worker.pem +│   └── volume-migrator.sh +├── README.md +├── single-node +│   └── docker-compose.yml +└── VERSION + ## Branches diff --git a/build-wazuh-images.yml b/build-docker-images/docker-compose.yml similarity index 100% rename from build-wazuh-images.yml rename to build-docker-images/docker-compose.yml diff --git a/wazuh-dashboard/Dockerfile b/build-docker-images/wazuh-dashboard/Dockerfile similarity index 97% rename from wazuh-dashboard/Dockerfile rename to build-docker-images/wazuh-dashboard/Dockerfile index 8f38685f..5e641260 100644 --- a/wazuh-dashboard/Dockerfile +++ b/build-docker-images/wazuh-dashboard/Dockerfile @@ -25,7 +25,7 @@ RUN $INSTALL_DIR/bin/opensearch-dashboards-keystore create --allow-root && \ echo kibanaserver | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.password --stdin --allow-root # Install Wazuh App -RUN $INSTALL_DIR/bin/opensearch-dashboards-plugin install https://packages.wazuh.com/4.x/ui/dashboard/wazuh-${WAZUH_VERSION}.zip --allow-root +RUN $INSTALL_DIR/bin/opensearch-dashboards-plugin install https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}.zip --allow-root # Copy and set permissions to config files COPY config/opensearch_dashboards.yml $INSTALL_DIR/config/ diff --git a/wazuh-dashboard/config/config.sh b/build-docker-images/wazuh-dashboard/config/config.sh similarity index 100% rename from wazuh-dashboard/config/config.sh rename to build-docker-images/wazuh-dashboard/config/config.sh diff --git a/wazuh-dashboard/config/config.yml b/build-docker-images/wazuh-dashboard/config/config.yml similarity index 100% rename from wazuh-dashboard/config/config.yml rename to build-docker-images/wazuh-dashboard/config/config.yml diff --git a/wazuh-dashboard/config/entrypoint.sh b/build-docker-images/wazuh-dashboard/config/entrypoint.sh similarity index 100% rename from wazuh-dashboard/config/entrypoint.sh rename to build-docker-images/wazuh-dashboard/config/entrypoint.sh diff --git a/wazuh-dashboard/config/opensearch_dashboards.yml b/build-docker-images/wazuh-dashboard/config/opensearch_dashboards.yml similarity index 100% rename from wazuh-dashboard/config/opensearch_dashboards.yml rename to build-docker-images/wazuh-dashboard/config/opensearch_dashboards.yml diff --git a/wazuh-dashboard/config/wazuh.yml b/build-docker-images/wazuh-dashboard/config/wazuh.yml similarity index 100% rename from wazuh-dashboard/config/wazuh.yml rename to build-docker-images/wazuh-dashboard/config/wazuh.yml diff --git a/wazuh-dashboard/config/wazuh_app_config.sh b/build-docker-images/wazuh-dashboard/config/wazuh_app_config.sh similarity index 100% rename from wazuh-dashboard/config/wazuh_app_config.sh rename to build-docker-images/wazuh-dashboard/config/wazuh_app_config.sh diff --git a/wazuh-indexer/Dockerfile b/build-docker-images/wazuh-indexer/Dockerfile similarity index 100% rename from wazuh-indexer/Dockerfile rename to build-docker-images/wazuh-indexer/Dockerfile diff --git a/wazuh-indexer/config/config.sh b/build-docker-images/wazuh-indexer/config/config.sh similarity index 100% rename from wazuh-indexer/config/config.sh rename to build-docker-images/wazuh-indexer/config/config.sh diff --git a/wazuh-indexer/config/config.yml b/build-docker-images/wazuh-indexer/config/config.yml similarity index 100% rename from wazuh-indexer/config/config.yml rename to build-docker-images/wazuh-indexer/config/config.yml diff --git a/wazuh-indexer/config/entrypoint.sh b/build-docker-images/wazuh-indexer/config/entrypoint.sh similarity index 100% rename from wazuh-indexer/config/entrypoint.sh rename to build-docker-images/wazuh-indexer/config/entrypoint.sh diff --git a/wazuh-indexer/config/internal_users.yml b/build-docker-images/wazuh-indexer/config/internal_users.yml similarity index 100% rename from wazuh-indexer/config/internal_users.yml rename to build-docker-images/wazuh-indexer/config/internal_users.yml diff --git a/wazuh-indexer/config/opensearch.yml b/build-docker-images/wazuh-indexer/config/opensearch.yml similarity index 100% rename from wazuh-indexer/config/opensearch.yml rename to build-docker-images/wazuh-indexer/config/opensearch.yml diff --git a/wazuh-indexer/config/roles.yml b/build-docker-images/wazuh-indexer/config/roles.yml similarity index 100% rename from wazuh-indexer/config/roles.yml rename to build-docker-images/wazuh-indexer/config/roles.yml diff --git a/wazuh-indexer/config/roles_mapping.yml b/build-docker-images/wazuh-indexer/config/roles_mapping.yml similarity index 100% rename from wazuh-indexer/config/roles_mapping.yml rename to build-docker-images/wazuh-indexer/config/roles_mapping.yml diff --git a/wazuh-indexer/config/securityadmin.sh b/build-docker-images/wazuh-indexer/config/securityadmin.sh similarity index 100% rename from wazuh-indexer/config/securityadmin.sh rename to build-docker-images/wazuh-indexer/config/securityadmin.sh diff --git a/wazuh-manager/Dockerfile b/build-docker-images/wazuh-manager/Dockerfile similarity index 97% rename from wazuh-manager/Dockerfile rename to build-docker-images/wazuh-manager/Dockerfile index 1da3d314..c0f3757d 100644 --- a/wazuh-manager/Dockerfile +++ b/build-docker-images/wazuh-manager/Dockerfile @@ -8,7 +8,7 @@ ARG TEMPLATE_VERSION="master" ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" # Set repositories. -RUN rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH +RUN rpm --import https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH COPY config/wazuh.repo /etc/yum.repos.d/wazuh.repo diff --git a/wazuh-manager/config/create_user.py b/build-docker-images/wazuh-manager/config/create_user.py similarity index 100% rename from wazuh-manager/config/create_user.py rename to build-docker-images/wazuh-manager/config/create_user.py diff --git a/wazuh-manager/config/etc/cont-init.d/0-wazuh-init b/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init similarity index 100% rename from wazuh-manager/config/etc/cont-init.d/0-wazuh-init rename to build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init diff --git a/wazuh-manager/config/etc/cont-init.d/1-config-filebeat b/build-docker-images/wazuh-manager/config/etc/cont-init.d/1-config-filebeat similarity index 100% rename from wazuh-manager/config/etc/cont-init.d/1-config-filebeat rename to build-docker-images/wazuh-manager/config/etc/cont-init.d/1-config-filebeat diff --git a/wazuh-manager/config/etc/cont-init.d/2-manager b/build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager similarity index 100% rename from wazuh-manager/config/etc/cont-init.d/2-manager rename to build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager diff --git a/wazuh-manager/config/etc/services.d/filebeat/finish b/build-docker-images/wazuh-manager/config/etc/services.d/filebeat/finish similarity index 100% rename from wazuh-manager/config/etc/services.d/filebeat/finish rename to build-docker-images/wazuh-manager/config/etc/services.d/filebeat/finish diff --git a/wazuh-manager/config/etc/services.d/filebeat/run b/build-docker-images/wazuh-manager/config/etc/services.d/filebeat/run similarity index 100% rename from wazuh-manager/config/etc/services.d/filebeat/run rename to build-docker-images/wazuh-manager/config/etc/services.d/filebeat/run diff --git a/wazuh-manager/config/etc/services.d/ossec-logs/run b/build-docker-images/wazuh-manager/config/etc/services.d/ossec-logs/run similarity index 100% rename from wazuh-manager/config/etc/services.d/ossec-logs/run rename to build-docker-images/wazuh-manager/config/etc/services.d/ossec-logs/run diff --git a/wazuh-manager/config/filebeat.yml b/build-docker-images/wazuh-manager/config/filebeat.yml similarity index 100% rename from wazuh-manager/config/filebeat.yml rename to build-docker-images/wazuh-manager/config/filebeat.yml diff --git a/wazuh-manager/config/permanent_data.env b/build-docker-images/wazuh-manager/config/permanent_data.env similarity index 100% rename from wazuh-manager/config/permanent_data.env rename to build-docker-images/wazuh-manager/config/permanent_data.env diff --git a/wazuh-manager/config/permanent_data.sh b/build-docker-images/wazuh-manager/config/permanent_data.sh similarity index 100% rename from wazuh-manager/config/permanent_data.sh rename to build-docker-images/wazuh-manager/config/permanent_data.sh diff --git a/build-docker-images/wazuh-manager/config/wazuh.repo b/build-docker-images/wazuh-manager/config/wazuh.repo new file mode 100644 index 00000000..4b673ff0 --- /dev/null +++ b/build-docker-images/wazuh-manager/config/wazuh.repo @@ -0,0 +1,7 @@ +[wazuh_repo] +gpgcheck=1 +gpgkey=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH +enabled=1 +name=Wazuh repository +baseurl=https://packages-dev.wazuh.com/pre-release/yum/ +protect=1 diff --git a/Migration-to-Wazuh-4.3.md b/multi-node/Migration-to-Wazuh-4.3.md similarity index 60% rename from Migration-to-Wazuh-4.3.md rename to multi-node/Migration-to-Wazuh-4.3.md index a4caa7a1..528d8fa6 100644 --- a/Migration-to-Wazuh-4.3.md +++ b/multi-node/Migration-to-Wazuh-4.3.md @@ -1,328 +1,360 @@ # Opendistro data migration to Wazuh indexer on docker. This procedure explains how to migrate Opendistro data from Opendistro to Wazuh indexer in docker production deployments. -The example is migrating from v4.2.5 to v4.3.0. +The example is migrating from v4.2 to v4.3. ## Procedure -Assuming that you have a v4.2.5 production deployment, perform the following steps. +Assuming that you have a v4.2 production deployment, perform the following steps. -**1. Stop 4.2.5 environment** +**1. Stop 4.2 environment** `docker-compose -f production-cluster.yml stop` -**2. List Elastic volumesStop 4.2.5 environment** +**2. List Elastic volumesStop 4.2 environment** `docker volume ls --filter name='wazuh-docker_elastic-data'` **3. Inspect Elastic volume** `docker volume inspect wazuh-docker_elastic-data-1` -**4. Run the volume create command:** create new Indexer and Wazuh Manager volumes using the `com.docker.compose.version` label value from the previous command. +**4. down the 4.2 environment.** +`docker-compose -f production-cluster.yml down` + +**5. Run the volume create command:** create new Indexer and Wazuh Manager volumes using the `com.docker.compose.version` label value from the previous command. ``` docker volume create \ - --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ --label com.docker.compose.volume=wazuh-indexer-data-1 \ - wazuh-docker_wazuh-indexer-data-1 + multi-node_wazuh-indexer-data-1 ``` ``` docker volume create \ - --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ --label com.docker.compose.volume=wazuh-indexer-data-2 \ - wazuh-docker_wazuh-indexer-data-2 + multi-node_wazuh-indexer-data-2 ``` ``` docker volume create \ - --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ --label com.docker.compose.volume=wazuh-indexer-data-3 \ - wazuh-docker_wazuh-indexer-data-3 + multi-node_wazuh-indexer-data-3 ``` ``` docker volume create \ - --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ --label com.docker.compose.volume=master_wazuh_api_configuration \ - wazuh-docker_master_wazuh_api_configuration + multi-node_master_wazuh_api_configuration ``` ``` docker volume create \ - --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ --label com.docker.compose.volume=master_wazuh_etc \ wazuh-master_docker_wazuh_etc ``` ``` docker volume create \ - --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ --label com.docker.compose.volume=master-wazuh-logs \ - wazuh-docker_master-wazuh-logs + multi-node_master-wazuh-logs ``` ``` docker volume create \ - --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ --label com.docker.compose.volume=master-wazuh-queue \ - wazuh-docker_master-wazuh-queue + multi-node_master-wazuh-queue ``` ``` docker volume create \ - --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ --label com.docker.compose.volume=master-wazuh-var-multigroups \ - wazuh-docker_master-wazuh-var-multigroups + multi-node_master-wazuh-var-multigroups ``` ``` docker volume create \ - --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ --label com.docker.compose.volume=master-wazuh-integrations \ - wazuh-docker_master-wazuh-integrations + multi-node_master-wazuh-integrations ``` ``` docker volume create \ - --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ --label com.docker.compose.volume=master-wazuh-active-response \ - wazuh-docker_master-wazuh-active-response + multi-node_master-wazuh-active-response ``` ``` docker volume create \ - --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ --label com.docker.compose.volume=master-wazuh-agentless \ - wazuh-docker_master-wazuh-agentless + multi-node_master-wazuh-agentless ``` ``` docker volume create \ - --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ --label com.docker.compose.volume=master-wazuh-wodles \ - wazuh-docker_master-wazuh-wodles + multi-node_master-wazuh-wodles ``` ``` docker volume create \ - --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ --label com.docker.compose.volume=master-filebeat-etc \ - wazuh-docker_master-filebeat-etc + multi-node_master-filebeat-etc ``` ``` docker volume create \ - --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ --label com.docker.compose.volume=master-filebeat-var \ - wazuh-docker_master-filebeat-var + multi-node_master-filebeat-var ``` ``` docker volume create \ - --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ --label com.docker.compose.volume=worker_wazuh_api_configuration \ - wazuh-docker_worker_wazuh_api_configuration + multi-node_worker_wazuh_api_configuration ``` ``` docker volume create \ - --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ --label com.docker.compose.volume=worker_wazuh_etc \ - wazuh-worker_docker_wazuh_etc + multi-node_worker-wazuh-etc ``` ``` docker volume create \ - --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ --label com.docker.compose.volume=worker-wazuh-logs \ - wazuh-docker_worker-wazuh-logs + multi-node_worker-wazuh-logs ``` ``` docker volume create \ - --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ --label com.docker.compose.volume=worker-wazuh-queue \ - wazuh-docker_worker-wazuh-queue + multi-node_worker-wazuh-queue ``` ``` docker volume create \ - --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ --label com.docker.compose.volume=worker-wazuh-var-multigroups \ - wazuh-docker_worker-wazuh-var-multigroups + multi-node_worker-wazuh-var-multigroups ``` ``` docker volume create \ - --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ --label com.docker.compose.volume=worker-wazuh-integrations \ - wazuh-docker_worker-wazuh-integrations + multi-node_worker-wazuh-integrations ``` ``` docker volume create \ - --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ --label com.docker.compose.volume=worker-wazuh-active-response \ - wazuh-docker_worker-wazuh-active-response + multi-node_worker-wazuh-active-response ``` ``` docker volume create \ - --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ --label com.docker.compose.volume=worker-wazuh-agentless \ - wazuh-docker_worker-wazuh-agentless + multi-node_worker-wazuh-agentless ``` ``` docker volume create \ - --label com.docker.compose.project=wazuh-docker \ + --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ --label com.docker.compose.volume=worker-wazuh-wodles \ - wazuh-docker_worker-wazuh-wodles + multi-node_worker-wazuh-wodles ``` -**5. Copy the volume content from Elastic to Wazuh indexer volumes and old Wazuh Manager content to new volumes.** +``` +docker volume create \ + --label com.docker.compose.project=multi-node \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=worker-filebeat-etc \ + multi-node_worker-filebeat-etc +``` +``` +docker volume create \ + --label com.docker.compose.project=multi-node \ + --label com.docker.compose.version=1.25.0 \ + --label com.docker.compose.volume=worker-filebeat-var \ + multi-node_worker-filebeat-var +``` +**6. Copy the volume content from Elastic to Wazuh indexer volumes and old Wazuh Manager content to new volumes.** ``` docker container run --rm -it \ -v wazuh-docker_elastic-data-1:/from \ - -v wazuh-docker_wazuh-indexer-data-1:/to \ + -v multi-node_wazuh-indexer-data-1:/to \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` docker container run --rm -it \ -v wazuh-docker_elastic-data-2:/from \ - -v wazuh-docker_wazuh-indexer-data-2:/to \ + -v multi-node_wazuh-indexer-data-2:/to \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` docker container run --rm -it \ -v wazuh-docker_elastic-data-3:/from \ - -v wazuh-docker_wazuh-indexer-data-3:/to \ + -v multi-node_wazuh-indexer-data-3:/to \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` docker container run --rm -it \ -v wazuh-docker_ossec-api-configuration:/from \ - -v wazuh-docker_master-wazuh-api-configuration:/to \ + -v multi-node_master-wazuh-api-configuration:/to \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` docker container run --rm -it \ -v wazuh-docker_ossec-etc:/from \ - -v wazuh-docker_master-wazuh-etc:/to \ + -v multi-node_master-wazuh-etc:/to \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` docker container run --rm -it \ -v wazuh-docker_ossec-logs:/from \ - -v wazuh-docker_master-wazuh-logs:/to \ + -v multi-node_master-wazuh-logs:/to \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` docker container run --rm -it \ -v wazuh-docker_ossec-queue:/from \ - -v wazuh-docker_master-wazuh-queue:/to \ + -v multi-node_master-wazuh-queue:/to \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` docker container run --rm -it \ -v wazuh-docker_ossec-var-multigroups:/from \ - -v wazuh-docker_master-wazuh-var-multigroups:/to \ + -v multi-node_master-wazuh-var-multigroups:/to \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` docker container run --rm -it \ -v wazuh-docker_ossec-integrations:/from \ - -v wazuh-docker_master-wazuh-integrations:/to \ + -v multi-node_master-wazuh-integrations:/to \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` docker container run --rm -it \ -v wazuh-docker_ossec-active-response:/from \ - -v wazuh-docker_master-wazuh-active-response:/to \ + -v multi-node_master-wazuh-active-response:/to \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` docker container run --rm -it \ -v wazuh-docker_ossec-agentless:/from \ - -v wazuh-docker_master-wazuh-agentless:/to \ + -v multi-node_master-wazuh-agentless:/to \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` docker container run --rm -it \ -v wazuh-docker_ossec-wodles:/from \ - -v wazuh-docker_master-wazuh-wodles:/to \ + -v multi-node_master-wazuh-wodles:/to \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` docker container run --rm -it \ -v wazuh-docker_filebeat-etc:/from \ - -v wazuh-docker_master-filebeat-etc:/to \ + -v multi-node_master-filebeat-etc:/to \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` docker container run --rm -it \ -v wazuh-docker_filebeat-var:/from \ - -v wazuh-docker_master-filebeat-var:/to \ + -v multi-node_master-filebeat-var:/to \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` docker container run --rm -it \ -v wazuh-docker_worker-ossec-api-configuration:/from \ - -v wazuh-docker_worker-wazuh-api-configuration:/to \ + -v multi-node_worker-wazuh-api-configuration:/to \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` docker container run --rm -it \ -v wazuh-docker_worker-ossec-etc:/from \ - -v wazuh-docker_worker-wazuh-etc:/to \ + -v multi-node_worker-wazuh-etc:/to \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` docker container run --rm -it \ -v wazuh-docker_worker-ossec-logs:/from \ - -v wazuh-docker_worker-wazuh-logs:/to \ + -v multi-node_worker-wazuh-logs:/to \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` docker container run --rm -it \ -v wazuh-docker_worker-ossec-queue:/from \ - -v wazuh-docker_worker-wazuh-queue:/to \ + -v multi-node_worker-wazuh-queue:/to \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` docker container run --rm -it \ -v wazuh-docker_worker-ossec-var-multigroups:/from \ - -v wazuh-docker_worker-wazuh-var-multigroups:/to \ + -v multi-node_worker-wazuh-var-multigroups:/to \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` docker container run --rm -it \ -v wazuh-docker_worker-ossec-integrations:/from \ - -v wazuh-docker_worker-wazuh-integrations:/to \ + -v multi-node_worker-wazuh-integrations:/to \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` docker container run --rm -it \ -v wazuh-docker_worker-ossec-active-response:/from \ - -v wazuh-docker_worker-wazuh-active-response:/to \ + -v multi-node_worker-wazuh-active-response:/to \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` docker container run --rm -it \ -v wazuh-docker_worker-ossec-agentless:/from \ - -v wazuh-docker_worker-wazuh-agentless:/to \ + -v multi-node_worker-wazuh-agentless:/to \ alpine ash -c "cd /from ; cp -avp . /to" ``` ``` docker container run --rm -it \ -v wazuh-docker_worker-ossec-wodles:/from \ - -v wazuh-docker_worker-wazuh-wodles:/to \ + -v multi-node_worker-wazuh-wodles:/to \ alpine ash -c "cd /from ; cp -avp . /to" ``` -**6. Delete the 4.2.5 environment.** -`docker-compose -f production-cluster.yml down` +``` +docker container run --rm -it \ + -v wazuh-docker_worker-filebeat-etc:/from \ + -v multi-node_worker-filebeat-etc:/to \ + alpine ash -c "cd /from ; cp -avp . /to" +``` +``` +docker container run --rm -it \ + -v wazuh-docker_worker-filebeat-var:/from \ + -v multi-node_worker-filebeat-var:/to \ + alpine ash -c "cd /from ; cp -avp . /to" +``` + +**Steps 5 and 6 can be done with the volume-migrator.sh script, specifying Docker Version and project name as parameters.** + +Ex: $ multi-node/volume-migrator.sh 1.25.0 multi-node **7. Start the 4.3 environment.** ``` git checkout 4.3 +cd multi-node docker-compose -f generate-indexer-certs.yml run --rm generator -docker-compose -f production-cluster.yml up -d +docker-compose up -d ``` **8. Check the access to Wazuh dashboard**: go to the Wazuh Dashboard WebUI and check if everything is working. \ No newline at end of file diff --git a/production-cluster.yml b/multi-node/docker-compose.yml similarity index 99% rename from production-cluster.yml rename to multi-node/docker-compose.yml index 3a066717..7d9d1a2f 100644 --- a/production-cluster.yml +++ b/multi-node/docker-compose.yml @@ -175,7 +175,6 @@ services: - wazuh.dashboard:wazuh.dashboard volumes: - ./production_cluster/nginx/nginx.conf:/etc/nginx/nginx.conf:ro - - ./production_cluster/nginx/ssl:/etc/nginx/ssl:ro volumes: master-wazuh-api-configuration: diff --git a/generate-indexer-certs.yml b/multi-node/generate-indexer-certs.yml similarity index 100% rename from generate-indexer-certs.yml rename to multi-node/generate-indexer-certs.yml diff --git a/production_cluster/nginx/nginx.conf b/multi-node/production_cluster/nginx/nginx.conf similarity index 100% rename from production_cluster/nginx/nginx.conf rename to multi-node/production_cluster/nginx/nginx.conf diff --git a/production_cluster/wazuh-indexer/internal_users.yml b/multi-node/production_cluster/wazuh-indexer/internal_users.yml similarity index 100% rename from production_cluster/wazuh-indexer/internal_users.yml rename to multi-node/production_cluster/wazuh-indexer/internal_users.yml diff --git a/production_cluster/wazuh-indexer/wazuh1.indexer.yml b/multi-node/production_cluster/wazuh-indexer/wazuh1.indexer.yml similarity index 100% rename from production_cluster/wazuh-indexer/wazuh1.indexer.yml rename to multi-node/production_cluster/wazuh-indexer/wazuh1.indexer.yml diff --git a/production_cluster/wazuh-indexer/wazuh2.indexer.yml b/multi-node/production_cluster/wazuh-indexer/wazuh2.indexer.yml similarity index 100% rename from production_cluster/wazuh-indexer/wazuh2.indexer.yml rename to multi-node/production_cluster/wazuh-indexer/wazuh2.indexer.yml diff --git a/production_cluster/wazuh-indexer/wazuh3.indexer.yml b/multi-node/production_cluster/wazuh-indexer/wazuh3.indexer.yml similarity index 100% rename from production_cluster/wazuh-indexer/wazuh3.indexer.yml rename to multi-node/production_cluster/wazuh-indexer/wazuh3.indexer.yml diff --git a/production_cluster/wazuh_cluster/wazuh_manager.conf b/multi-node/production_cluster/wazuh_cluster/wazuh_manager.conf similarity index 100% rename from production_cluster/wazuh_cluster/wazuh_manager.conf rename to multi-node/production_cluster/wazuh_cluster/wazuh_manager.conf diff --git a/production_cluster/wazuh_cluster/wazuh_worker.conf b/multi-node/production_cluster/wazuh_cluster/wazuh_worker.conf similarity index 100% rename from production_cluster/wazuh_cluster/wazuh_worker.conf rename to multi-node/production_cluster/wazuh_cluster/wazuh_worker.conf diff --git a/production_cluster/wazuh_dashboard/opensearch_dashboards.yml b/multi-node/production_cluster/wazuh_dashboard/opensearch_dashboards.yml similarity index 100% rename from production_cluster/wazuh_dashboard/opensearch_dashboards.yml rename to multi-node/production_cluster/wazuh_dashboard/opensearch_dashboards.yml diff --git a/production_cluster/wazuh_dashboard/wazuh.yml b/multi-node/production_cluster/wazuh_dashboard/wazuh.yml similarity index 100% rename from production_cluster/wazuh_dashboard/wazuh.yml rename to multi-node/production_cluster/wazuh_dashboard/wazuh.yml diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem new file mode 100644 index 00000000..4e72b441 --- /dev/null +++ b/multi-node/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDyvkI1DXFa1lj7 +s5um16SpsjSUv3Y9qhQGKZVECKYUGLU3ZTQ/iPYa+HsfnWTRQRMsSEYfpEauAHKF +Yxh5BeJOYsz4ei200b13YMg+F8KWHVhE4oa26LeyaF5gXlXTm2AyYTgjobBykD0q +E5oQvMkCq4Bk5NXOzNiT9aS/sXduX8FPQYYsjB92yP6M2aQEdHo8S3Srf5bUpOvy +sP2qxkOTEZlhqJqeX+vbgVJ3SIn4du/U2njFVumChjICOSL6Vl8IJuejJmVqkNww +o3vY1BM/dyFhjv0WMiBrZuFml0Wbh+rCnfcoDebVKUK9Dp3m1DpScMBHI7l1Jajv +aOO7UNzJAgMBAAECggEBAInzwHKgEiS6nlVlTHc0JFtgcGt8p/kBeGHMLg09EQ1o +wUwbEudssdjAEFD2RP57CidnZ5rB5H0suei+WYEl6+f6VFx+Kw2RCSkX8pT/MdHY +GXsEdeTrOsKEd+Yylnos2i2nfJ0bXcit2mTYQP10HJSM3On59tyRJCBqQNfERoiN +fVVzdOSF//9ZfkazyuhYxjZpdb74MtWWWppncGNFUvCLfc6JT7RrdWdMGX20yFhV +p/NVBnHRkMcsuyIl9583SYGoTgTktJPeXFntrkCzBEXCBZIvLHHTtEG4KzROR3Sc +WOjpsp4BRIYYGMUbfWHTM2xPiFMPa4GQddTbQv44x8UCgYEA/CIpyXHG68XwX3Q8 +IEMUBxVHy4MAHw3CZW4bARa3cvjntDzDO+5tMWXczdFvBN0dvt1wUrveGNzM3w6v +v+UIVSJvMv8uTku6lkQdo/UVf73XH/NAqCEarMkcyLiAGaEASl44TtcybIe9GvCX +VqzKDrH+CSC3H0YvfBDOZ5FM828CgYEA9nc7EG1bG3kwV6qXmzFXAH0suK6pCiJA +cwGHxhvNgJb8NISdPRsOKU1ARV9jdkQu7Lv3eyiIZJejBksFS6aInaC5QR4o1xO1 +mjJewogGG6D6vvv3+FaXADvBg/a5sDB5QCtpklm5jck6l57oPwSIezXczVVYBrp2 +6VRL0CPbt0cCgYA6z+E9avvCjWZXba6EvADU8iLQFtuVYslAjaFg7KKX//VUNoQ3 +25K+3grWO48Q7F7+4XpM4iOZWw+yzCM0uMDr0t9rXti3TLTWTkc3snh0Vpzyh/RC +A47MVREQxPCkiciekEHEKjBJ3pO+z/YNMrrjGKOwD2CHvABhiS4MPHldowKBgAay +pMtEfYZYm8S2IRqZk6iyviVisbtRxPibIQp0NPh6oe33cKJ5esAKlmWMOxK6tZ+/ +V/Fj35kEOezw2vr8UpgeBwrK/AckRPokxkh5E9lqXYYVKN75026xMQgaC1/LYXAp +/dt5Tr6Yqlv2eI9F20Ol6hM2b4b3SEX9AXZtkwn/AoGAKDi9EBEx2yDK2241o3lf +AJk+Piefcn6MQXvlHsCOoeYqmK9nGbMGmwSUaOeNPbkimOgwrJKTdcoOh70QgnMm +qKUjxKysxWGjCUwLFFQCGz2rrjYjxvNfaJRkFN33F1R5oiaG6oFf1qQEeSfESwoD +VSPt/ewol6k8wm5ucnsA69U= +-----END PRIVATE KEY----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/admin.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/admin.pem new file mode 100644 index 00000000..1f1a17b2 --- /dev/null +++ b/multi-node/production_cluster/wazuh_indexer_ssl_certs/admin.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDDjCCAfYCFDT7tebzvQn0hJ1oEJxkW0TlDqdJMA0GCSqGSIb3DQEBCwUAMDUx +DjAMBgNVBAsMBVdhenVoMQ4wDAYDVQQKDAVXYXp1aDETMBEGA1UEBwwKQ2FsaWZv +cm5pYTAeFw0yMjAzMzAxNjIxMDlaFw0zMjAzMjcxNjIxMDlaMFIxCzAJBgNVBAYT +AlVTMRMwEQYDVQQHDApDYWxpZm9ybmlhMQ4wDAYDVQQKDAVXYXp1aDEOMAwGA1UE +CwwFV2F6dWgxDjAMBgNVBAMMBWFkbWluMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEA8r5CNQ1xWtZY+7ObptekqbI0lL92PaoUBimVRAimFBi1N2U0P4j2 +Gvh7H51k0UETLEhGH6RGrgByhWMYeQXiTmLM+HottNG9d2DIPhfClh1YROKGtui3 +smheYF5V05tgMmE4I6GwcpA9KhOaELzJAquAZOTVzszYk/Wkv7F3bl/BT0GGLIwf +dsj+jNmkBHR6PEt0q3+W1KTr8rD9qsZDkxGZYaianl/r24FSd0iJ+Hbv1Np4xVbp +goYyAjki+lZfCCbnoyZlapDcMKN72NQTP3chYY79FjIga2bhZpdFm4fqwp33KA3m +1SlCvQ6d5tQ6UnDARyO5dSWo72jju1DcyQIDAQABMA0GCSqGSIb3DQEBCwUAA4IB +AQC0jnfi85nCjAYAb5xsSUKMFruZ22N+sqy/2oa/auWr4ZtB22hxrBAFCi3bvBRu +vUsLIx6KJAl7/Y6jHBNnLIbFNN8LnH9OD1g7ke6FJZbw0k8JDSQtfRA7p4yOGE/b +Bdhu1IA3KiHD8wRgKAqMDIsFcmOgR8iIiKebw7IqxUQs2RSNgDYyHcjmgys/acr1 +0bH6Jivzlz6MxyLRgLD66WakSSOLkg2r66cXy/rc9xvuc3CRRTy9jze8bdIQY2S3 +xf2iSmASrkG7KdCNWlDmddykyXFdF/gUm/IpW6lFLoXtV8/WtGeQ2umZgslnjE0b +a/wqN6wb68VUfRecZLojre2Q +-----END CERTIFICATE----- diff --git a/production_cluster/wazuh_indexer_ssl_certs/certs.yml b/multi-node/production_cluster/wazuh_indexer_ssl_certs/certs.yml similarity index 100% rename from production_cluster/wazuh_indexer_ssl_certs/certs.yml rename to multi-node/production_cluster/wazuh_indexer_ssl_certs/certs.yml diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/root-ca.key b/multi-node/production_cluster/wazuh_indexer_ssl_certs/root-ca.key new file mode 100644 index 00000000..5ce40aa5 --- /dev/null +++ b/multi-node/production_cluster/wazuh_indexer_ssl_certs/root-ca.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDoEXkZ83C5Ec87 +kubEylLb466yc2pEErHBlT5ehQDxqjW5/G/Jb3X7vkziJJlcaABzzYhso8WfN4LH +iSlU2MFXaPQojUUcHB3kQ0Y8ndZgqPIOIsMWxTaJ2Zxls5F+nyVhs+VmPm0OMmpU +klSt74wlOg0gEF0bOhF5RVSImXlF34lPOjJsnBC07RT5qeNdwSJL646ij7zYdo4v +hSrSmeNdMgu+SIudfPP+1pB0FGIMxgXRLVlo30W2Vp2l0kIBs2Y3Xf5Wb4c+Jk/8 +BdwPspAL/ar10yFIE4PhNhnTF4DoTfAy0FkVWyqThZFRr16TZWEZfj6xYkgQX+A7 +NAeexGFTAgMBAAECggEALwn7pgr2Ok0l2El6hUENcozACGPkkk/HwBlkPvxuqI17 +vmswrX/uRkzYgK4yd8yM6uwqTvsTP6ac150xx4T4C6O2edHIxF3eoToRro+/uHAG +QF9DdAYde+ukC+lOAIB5r0gro4Hb0Rje/K18hJUdrx4JMwqeFLq8d/xZmiahskuu +UUo3Grq5hP6kuyKvG1GXkWG0Y6AkLip3OnaUypVPR3T4J+ydHmo1XjEwNXKdByll +u2thgzLsTmnD8CJYwdmqKhM8O8voTkyFpc6tj4x2K8/NLP1Y0slYdSHC4TSdDfCJ +6d3vShCmH8xM2PuALL4ofXvQ76D4gvLe3SrJ7d9IAQKBgQD4VH70aRSh5M+I6dT2 +yqhKwOwpElEupUoft2LytZfYiylryRYJVy8pB+0cN3Dy7/G6MGQ4LSbG2UbQkuT7 +iaeKSU3aKhqK9UyBuDUJg+vOK81IaEra1dvnFFzdf58Azk/WwMSzo2iY9MPaWP6k +1DrhXetJHxiqtYk03jLSV6IpAQKBgQDvPGXTAFVSmuxpG6MVd99bnBYGkZ8loLzc +wqPkEWeazQSzcXGfH4sAr2eYpbpvT0X6mIQe3vqRLx4X9tLlG0QhivtIpzP9tOiH +r+IGTepCrgusYp/UDJO+cE22EEMdJumFPcjeQcU9NAYnaf+3Mr+2UOHZD4OoObQt +Z8PJ4qsWUwKBgQCqDbrOhnMBll3kRTR4ODlcz5YpXgjH55rF82BIEsDEIjAgRpjX +lqON9oaR7wli45tmRCMtMQY/36SVyjISaqaXlTFB99krVWWp40o2lOdSzT4LmpfA +Gfk32gLqD64D8EROLL3Gwl0reVnxWUYv+8HCeP1Zmnja1ev6jzrAPhCnAQKBgCKb +Ef+bpLv2PQxXOxf35w9RXL5GgkbnIWqtnRd4jQwPbAao+k6SOYE33jxufLFtPiop +tbLhfk1SC4Bb69XIQ+q2N/MifJrOeHRoNMHEs4ZBtt6QxZ3e0+BQTm1vnMWyw0TK +0yuTR/y6cclxw9O0O5cbzA+h9uF2t2F6CRBDAYyRAoGAI3TGkMD5KHHpdxyY9rca +FDOQGDpr/fBh4MYgTkLWwpW10pmgxSO5+txFhPjhNAcVPJBwP4Nr4pAMjbOnFxef +JdnvWwhari+r5REkeGxNTTZjxirltiVv4BCFfjiVQC4jJrx4pwLB62vu3Gg9sw07 +9Ar3f3mX2kvl6uOG3UcDSzM= +-----END PRIVATE KEY----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem new file mode 100644 index 00000000..ac59cb89 --- /dev/null +++ b/multi-node/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDSzCCAjOgAwIBAgIUMsRC29ASzFg/NKEsaNmiG1985WQwDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDMzMDE2MjEwOVoXDTMyMDMyNzE2MjEwOVowNTEOMAwG +A1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApDYWxpZm9ybmlh +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6BF5GfNwuRHPO5LmxMpS +2+OusnNqRBKxwZU+XoUA8ao1ufxvyW91+75M4iSZXGgAc82IbKPFnzeCx4kpVNjB +V2j0KI1FHBwd5ENGPJ3WYKjyDiLDFsU2idmcZbORfp8lYbPlZj5tDjJqVJJUre+M +JToNIBBdGzoReUVUiJl5Rd+JTzoybJwQtO0U+anjXcEiS+uOoo+82HaOL4Uq0pnj +XTILvkiLnXzz/taQdBRiDMYF0S1ZaN9FtladpdJCAbNmN13+Vm+HPiZP/AXcD7KQ +C/2q9dMhSBOD4TYZ0xeA6E3wMtBZFVsqk4WRUa9ek2VhGX4+sWJIEF/gOzQHnsRh +UwIDAQABo1MwUTAdBgNVHQ4EFgQUYl00l8o0bCIkSPZI4vogjUUEGCswHwYDVR0j +BBgwFoAUYl00l8o0bCIkSPZI4vogjUUEGCswDwYDVR0TAQH/BAUwAwEB/zANBgkq +hkiG9w0BAQsFAAOCAQEAtUtlmOYc+frtnXIu3HMPNP7QPr+vhMRaIlt1j2MRMTE8 +PtD8xGI50Mub3yc52PD2BPx9WwOFqFJY6fuREfkjkQ6RhAc3NdQ/8ioZ+Tt45Qu3 +N8IJKDbjaC6D18DAIq0G2lnxC6ShxcgCjv+8BraWmm9iCnMj78pw0JTVJDtkr87w +qZdSCW3XfzirW4FiHEWynBOvbRCfjxYAYK+AT9g++TDTjbT1MxPtIb1JUDJaFFV0 +Oi1lgANY5gWJes5Duw1bcAeQZ9iEX06qOJWWI5DidoM3ARiwHRBv2J/6MUxTMtH8 +A0/pV5kqLN586tURZavGdOmlmx+C6QD0GoYi9137Fg== +-----END CERTIFICATE----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem new file mode 100644 index 00000000..e23ccf8c --- /dev/null +++ b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCdwWuVtuvoVyr9 +Zc4t9NUeV7K9XqlcmEJF9FW7/2kb5vAljcoqyum+xZZzQGIY/Jbje+r2jRqw2VyV +tjlShimsAcIb0UHmfKs8btAIfXCa4aLzp3eiSNzRTdQkg94ebkhDKMeW3GKqpqkX +OWrIYb77K/ltRqVUe9WcQZvxzrQqUKKdk/0TfkVU0uY4AxZxfWudL/wWdbMCCgmh +UjvhhjBJRSTIMjGXKxRusXcHz9PsnFGrxr9+DpYhL0qRj8AyF6xg2dfj6vz9Bfgf +dNnOZOIhWkymyXg4vsFwr/d4kXfcRuTl4IGoCtYewGTBKKimpgOxnNcKJsajCHJV +eBPDMdwPAgMBAAECggEAPrXY0pb4iE++YyTJJTOiVIGAKA8tPAW6spxCSI1rdxAC +fqsypngrGw7ok8AQPuaKBLwJ1yCYb5y4VTsu5kM25Y19YBl7HOiKGWfjgrx6utbf +NARqZjSYswtBPZK+BVLJnwji7nGFN1kw9m54qFdS1/3PFUV0C3V+oLLkDuegbwEn +AUqFy6sP/4EEHsDBvvVWSbg6jV28YSUFD8pbDLVwBU3zXMlj/nmxPVRxAyap9xN+ +zw66s/E4DvESE7owGdttRGAGVkAsDGDP37a4+CfxRKzpcSBuaMuE+B51dfWebSJM +kYbXC7CAjid/C012pwQG+9E4sZCxqsa5iJWPZfNuAQKBgQDQlQiBcCkd04px40XQ +6mo0zPe/ySMCNd/crQFqqdNucSBiC8cHyroTx3zexoL1Nm9sDwF3bK07Bt0iyuQA +mm+IwCPTlLe8n82+D69ZYZP203YcnJBfRIsmeyDNYWDJm9b6j/eWA8yS+HIMQqvu +UMRdXSHg+pd5ylyIYpTlqN6AQQKBgQDBnmdUleu9KDSl291hM609+fAbOuK63vBz +5Muo8CgUFbd7wwO904oLFC854qeTxvvnMueJ/0LQql3HqkADKLNZmMw8xQ3jXFiw +6vSfctIpt1Pz/+gNlRn14KdwpAhZUt1TmUlA/UaXv9W0KuDcQHj/XBB557CZk6+G +54lx1PZITwKBgCGhlhCAzDBh9nWshopL8bn3vo6u2LU3iJPlVVAkd9Hb7bPBYGMS +PfSIesrUyTLOhyKuPLdLz5av4aIFgsPSIt+y01P/K6z/O0ZE8yn/QMNQjz/HwsOJ +osIeokhbRibbuMsHwYzvqeGcq47shRpU7YR8SsUiwp/BkC/xbT6mftHBAoGAAJQ8 +suAP6GzqW2Sg8N16syjAMxSmAPERvwb8JPEy7XxzJAedR0AOtaHF0mJ/Jc3+it54 +Gs2MoZsg1KwJrPi+MJJoafYc6IUqLr1FJgTt4/oMYjptszyy6y1U0t1quPmqd8mJ +kowvXdzRAszuBzqaIglgczziJlNuvvSKULDWW7kCgYAdMARsl0vFEAR1Y5QQzeZO +nMkniSS2CQBOvPpltE2qHf/Fuast/weR6/FxeP9R2EiSPNrhAmEiahH2JcHWBZ3Q +BLo57I+S8vxJ6kRXf6XD55loguChF15jXGKsxXw5MP+MANmoZL+fSFO3yMLtyz/Z +HNYj0xkTwFmC1p8FlujnNA== +-----END PRIVATE KEY----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem new file mode 100644 index 00000000..fc6d43f2 --- /dev/null +++ b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDdjCCAl6gAwIBAgIUNPu15vO9CfSEnWgQnGRbROUOp08wDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDMzMDE2MjEwOVoXDTMyMDMyNzE2MjEwOVowXDELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEYMBYGA1UEAwwPd2F6dWguZGFzaGJvYXJkMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncFrlbbr6Fcq/WXOLfTVHleyvV6pXJhC +RfRVu/9pG+bwJY3KKsrpvsWWc0BiGPyW43vq9o0asNlclbY5UoYprAHCG9FB5nyr +PG7QCH1wmuGi86d3okjc0U3UJIPeHm5IQyjHltxiqqapFzlqyGG++yv5bUalVHvV +nEGb8c60KlCinZP9E35FVNLmOAMWcX1rnS/8FnWzAgoJoVI74YYwSUUkyDIxlysU +brF3B8/T7JxRq8a/fg6WIS9KkY/AMhesYNnX4+r8/QX4H3TZzmTiIVpMpsl4OL7B +cK/3eJF33Ebk5eCBqArWHsBkwSiopqYDsZzXCibGowhyVXgTwzHcDwIDAQABo1cw +VTAfBgNVHSMEGDAWgBRiXTSXyjRsIiRI9kji+iCNRQQYKzAJBgNVHRMEAjAAMAsG +A1UdDwQEAwIE8DAaBgNVHREEEzARgg93YXp1aC5kYXNoYm9hcmQwDQYJKoZIhvcN +AQELBQADggEBAG7U+AvLKrMs3WZ8fgnfYpYmScmZX4TCLy9g98lshe6U3UsYAh0B +nTBfUzoJ43jRma8FICIwZVS4DxB4hnUamPWkffVGnpOtnAhvWoZgksuhLG7uoatx +LShb3X48BKtziltIcnI1EEhynFNzcmWEoSXrVqFyaPbu5TNhp5II07gFnL9HnuES +8VKdudnk0fXoA4YmkYCxZhatT62mp7AsrJ2aUzCpTNu5vrY5zQMNOr+YUKTCCLAz +q4c4P61GejSvgI4A5XI6gSrJMXRYQ+3cm8oWNQHjnk051O/BULqo1vvQQHs2q3/J +9a1sB3ecZnt4Y1+YIXVzEjkaSnlZQzYsd3s= +-----END CERTIFICATE----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem new file mode 100644 index 00000000..0eeed05d --- /dev/null +++ b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDHhRNdvthNFHRL +IvaVOR+2jocRqyTi5sGISWVblt1flqtxqJ4TwDiYORfka1LXN2dHytAOSnjXB2ZJ +XcShq35A48A4p+2/4/S7WpeLcjNuoziwkE3BttPDPu989IGHscinRg8PFUVf5u2Q ++8IqFad9Fyl2JbnfMUjRRA0ATH2W3YFDPkK8R7qAmViPJDh8r5KW/QzQlKn0sAsl +xgqTMCsRKsCk2Din4F6YGklSoG78iPLMUxyXx/K+M+vYFljwPRert9tOML/1Cx3x +fqYMlm2NgRkZ5QafnpDHNULifSl/sWoI/8Tcl/AvDE0sPd2SYvhj9Hd8pJfNrBvF +Q6lSIMdvAgMBAAECggEBAIKxP/NLXMJ44IiLOXyb85MQn5dKRRpAT4tnkHZDR3Ui +6+DCs/F6G1hTJbxhNN13FDcpuclyrN8loLH0MyY3gLceuL4j+g+VUa0b9WLJhrk1 +P6Agll6K1QHzCssOGn75TNeNg7W8mDnuubUbxJ7umkzNTEJxCeUSkoFJkz6b3DRi +camqozyHurPZPNbszm0txfQ+GiUn2ZpRp0OMmuxQ52n18oiDN5OMIWNwvhrJUuzc +TLjUHN9rHGUxfUeVZeap6TKhjnlGOJg8EQq078TxuWEp5WFxxj3/kCLj7QQkUkDg +TfU0/HOIYNsa156/4HGb3LWGJd5heXZ30IST8geGiWECgYEA7SVv4YsHztCSQ4jk +kyMX4pH9+boztjTaxefAlYikmyeB7rNa4u2WI1qTGEH7L5A1vkV5wOGxrOxZnWNp +v4j/zd9tOED1sgMAdrcQiorJGnakh4UVUaZfsH7GgSVtObhI76Ge80USzKp6zExl +SpqAzis8HOFmdXzUvfXrcU0pOlECgYEA12HXDpA74EnJYaDhR62RKCy2PG+GTtOL +3UOs4w2inK/fYbRkCCuC94qJrluEwVhgVsR4HCagjTkPlgb7CDauXCHNIEC+aN2g +C4hrMcrwfQk71e5WhZuzLya7xJIZsj360DsmAqYt0LhTcdNL0gKAmM8ukBIN3J3e +NmJNYTwztb8CgYEAhL65Aup9Q2JzDUS6ljZFr3kDTt/RBIRPlgplPg8P/R2/WKuj +C3Xs3ftcbW65uWUjAFAJmFN9zos6mqREVIfOkSIpFB0gqzWM8+cDZlnLunmBHa78 +QQk9dSFx4mbd3jpu8VxqCki2/kPLm0KETJ9xzHZdHtl5LfjjaTYYRgLoOhECgYA2 +dmsnJ5m8cWwW39OXiHA4NHYwehMAQ8YOQVqqX3xLGr3luvPAjSAk8Ec4a7P6IBrc +Vfn5RFs82rzyNvmrbghRC8sO6NA9PC2IPQq+II8HTxpuUkJWrrR0q9q3LiqJQ9r0 +ZMCL0vGq4bFYCxIVHMTf3yPrEmWm79SM8/aVK9/3iQKBgHsFhhLqP5rvvVaeSFls +h82wLCjswFClmN1dx65/McHtI96q/7jgLXPvs3KsE0OFFAVVttl6/sEKnAUbYC4q +9Xbo6yv3acRT9CTPiRf//vAjgCeFp/aNhP5JwMd+dXR7OWykXBGs47bg097eB6xK +G/fr+3hYOhhNYngT4aMAkyPd +-----END PRIVATE KEY----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem new file mode 100644 index 00000000..07e694b7 --- /dev/null +++ b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDcDCCAligAwIBAgIUNPu15vO9CfSEnWgQnGRbROUOp00wDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDMzMDE2MjEwOVoXDTMyMDMyNzE2MjEwOVowWTELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEVMBMGA1UEAwwMd2F6dWgubWFzdGVyMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4UTXb7YTRR0SyL2lTkfto6HEask4ubBiEll +W5bdX5arcaieE8A4mDkX5GtS1zdnR8rQDkp41wdmSV3Eoat+QOPAOKftv+P0u1qX +i3IzbqM4sJBNwbbTwz7vfPSBh7HIp0YPDxVFX+btkPvCKhWnfRcpdiW53zFI0UQN +AEx9lt2BQz5CvEe6gJlYjyQ4fK+Slv0M0JSp9LALJcYKkzArESrApNg4p+BemBpJ +UqBu/IjyzFMcl8fyvjPr2BZY8D0Xq7fbTjC/9Qsd8X6mDJZtjYEZGeUGn56QxzVC +4n0pf7FqCP/E3JfwLwxNLD3dkmL4Y/R3fKSXzawbxUOpUiDHbwIDAQABo1QwUjAf +BgNVHSMEGDAWgBRiXTSXyjRsIiRI9kji+iCNRQQYKzAJBgNVHRMEAjAAMAsGA1Ud +DwQEAwIE8DAXBgNVHREEEDAOggx3YXp1aC5tYXN0ZXIwDQYJKoZIhvcNAQELBQAD +ggEBAHbAaj75GUytJ0Oy+7YMfvV5tBbPwD9ldtpY0yDeBlgOlnygt2gvoW6kaVF8 +P4XgcaPbFwTVVBjOQqngpp2wFDJP9VrHYkr8t9Zi/iBVnr9xa6lzkROuuhjI5CW+ +12+7ZcXPnLK+s8LIi8f0s7Y8yeMz/cR61NjfkKfYo1uaG508LENEyKjmPe1NyaMP +9rzDJSCm3aiEa62oj/Fsq53vGoLm4wTPJiSx4V+iFqSnKHaVlPXd3KlFN+plfS6E +zZsxogOJORqoSuDpo+WXsr6Ka2baw5FgXZoP5L/oTYC5zpKBi3QUYMjKFkaLpzTd +evbceYlSHXczXvjoen+dW1TKoAY= +-----END CERTIFICATE----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem new file mode 100644 index 00000000..dc3a9fb4 --- /dev/null +++ b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC0lr7A3B25t7VK +90I3k3Rl6yOfP1sspjjVM18TYlo0iuF17nYIo8pV4vABE5EWI43X2TcGFasJNtcN +RPpU8kNCfYzOYg42eW/Aq6xzdJqvfrAGCfFfdxn60G+WklMyhK8UjzGtJN/5FGDw +Z1zZjL/BgJ388lxafzuGtTod8f36fFMDiybPo976GlqrWdPQdiNHUC7Y2LxGD/JG +gQgeL3mmA10d4cKDpFeQ/jGYwcxBGpgNZQMRCh1CVmWm5/i+3F5j+tx25LhKowOM +SNm0OMiHHcLhAljEbUIPtVfEQ9HCKCEZO2vnqoI2IE/20jZ/I+rwulcQNsq0DROo +S/G/1zu5AgMBAAECggEBAIAXMIQxXPA/Ctt6mEA9WeF0sJai5LO9zzACORzRtTPx +kkwI8TXdn4Xd6uiIjW+Llm+Uxb+OHPvzJwRleb5I/EYsMXSt/nDLH+YknrRh79os +3QPbh5Z0LzxFHfFKJrL9hAXsL4slTawptTyvxB8XA2hoJyekbLdP6dP5tZhJ7iD9 +Xes3hHIRFXgzT3Dp8n387+AItHvH+E1rDL/uobcy45zNvUEl0pOGW6D7U5Ox5VVp +QzVdnKNu1L36CYx3kNNUFwZXTy7FxbtPi0qQwcDezQp8X3OIyTGuHkEFdvU5/7d/ +AvxEaSknJcl3QKP0vfyiSXhKznCA7jb49JQrwnrcurUCgYEA6ktP4Rb46YgsLG12 +HpWqJsg34alIZ4ftXkPAoJ96zCNR5tXwwPye56qOuAxlIBESNtU6dReTy6LEYVdM +KnX8dJi8KGSfacqoKWPwgqi4zpQV16nQFrS7OrvcQYEE78wmlXhw0kHcIGTOOqh6 +lMmKE+B7Ps0D6xwxmtjRxUoa0NsCgYEAxVG4D4+QpIQPp7NmIxkE4xCJH6qfxzOE +odE5QVNnu520MBDA+sd9A1jGc6IsWOEVnCuF1etu0S/ChsXMB8NuahYQMrgKsl29 +ixGbFFa9t7DyxY19+jZhpu9ghkTTkKlhibcv0yZ31P8S55LPhdBGrQ6l2q4HqnSI +k0FO5+iw7/sCgYBuH8AH+Jg+jDbXGwwuDALR/8HkW4EgyI8Vg5sC5HL/iIpyiZSD +4Tl/gndaotjVXbDF/Stg5hgd2v+bEUFHo/VpiHDIO6OCQjMQYV0mzM8wqgIqQDMC +uShXzv0T/OSpIbfxAY9mBHbG8xrMD2yuipxQA29qcUqqM7JNKiRPKym3iQKBgQCj +FuAjPG45DE5ENit9Zvh7FPfBjK1zYEmH1f6U1/MtRzPfZnmazbeuRHoCqVAuRhwu +cGq2XVnC3M7TxjjVUdq5JHNO+H8e3gwEHhEnxmoYodCHKGOvo7Mi30fQsqKLNvS/ +dwG4bFsvWYSuktGjsHo6H5lGHgGICbm4vIoTdGiKcQKBgQDNW9ou58BQrJ2ibgu/ +HUqtLWPOu87q/9PJmdEG7ux44o3X6wSPSP4cajRFUBoPRIcx3ME9h0pK64T5mL74 +NgNyZ9FC4la++HZCqBWf56fTXghPd9uUGD1FOaC02ZzN28RBXcbltTwT90F1uSFv +2CVFmMa5LRZS4j8gp0XqFDbGEw== +-----END PRIVATE KEY----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem new file mode 100644 index 00000000..21883256 --- /dev/null +++ b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDcDCCAligAwIBAgIUNPu15vO9CfSEnWgQnGRbROUOp04wDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDMzMDE2MjEwOVoXDTMyMDMyNzE2MjEwOVowWTELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEVMBMGA1UEAwwMd2F6dWgud29ya2VyMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJa+wNwdube1SvdCN5N0Zesjnz9bLKY41TNf +E2JaNIrhde52CKPKVeLwARORFiON19k3BhWrCTbXDUT6VPJDQn2MzmIONnlvwKus +c3Sar36wBgnxX3cZ+tBvlpJTMoSvFI8xrSTf+RRg8Gdc2Yy/wYCd/PJcWn87hrU6 +HfH9+nxTA4smz6Pe+hpaq1nT0HYjR1Au2Ni8Rg/yRoEIHi95pgNdHeHCg6RXkP4x +mMHMQRqYDWUDEQodQlZlpuf4vtxeY/rcduS4SqMDjEjZtDjIhx3C4QJYxG1CD7VX +xEPRwighGTtr56qCNiBP9tI2fyPq8LpXEDbKtA0TqEvxv9c7uQIDAQABo1QwUjAf +BgNVHSMEGDAWgBRiXTSXyjRsIiRI9kji+iCNRQQYKzAJBgNVHRMEAjAAMAsGA1Ud +DwQEAwIE8DAXBgNVHREEEDAOggx3YXp1aC53b3JrZXIwDQYJKoZIhvcNAQELBQAD +ggEBADzeaY32rrY1o/6QioSwEL69drJzJstTLQC2bIvTtLqlBcHPJRIxB5jZMM2a +vJuB1qepM9IqW3lGzwvx/eLFcemBVk11twjpTO/ClUSvpitIU0iqSRLRGN89wrHM +bxxId9rbGgQzAOOr2802TvmUkUHorklf6FpfBrRGoCSalutYNkzvzRc5DepUZXJm +nzlqRrD28cp1fHNQ6gLyHEDO5t149JED3UEL0vfM4QnOlYPLJ5LHnjfSKhsslReo +9EU314h+1zGg2Rl7LZD30Li7pIIXTHsa3HKtL3BVECJK/xpxGWa4aJ19WfEhdPfh +2/PFRABIeqGR4noZedtnM7p+59Q= +-----END CERTIFICATE----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem new file mode 100644 index 00000000..e414551a --- /dev/null +++ b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDq3/cxyHhK20rb +dGRpwG+lHw8vdPUGB1jaey1fCetXATDBMeNpltxooJzb9tTIVIGt4ghrK6hqpUm0 +kvK2hZX3VnVD94pzUnpVmiwkBtWyIletCFsiWPplU30ukR/sE63+R164b3kmQohy +ppNKEIZrgRkQbsb5Rj4K7koUVT+IKGoPNl2npSO5Y16+y4lqmQIDSshbEnqoV/cm +nhD43Zsx0TPMs76Yutcsp+n4yrYY/l+Wf/BWD3yE6VwlxoqRBBTfMzZQwaK6OsWA ++NMdS/MrfMs0ccuzGLi4LsbINabIIXk2rPERV9syI0TEWNtSp39LzIPvRT96Pdbb +P2uOpHNRAgMBAAECggEBAOZQCA2BDrQYpSbc0zn/wXqhIjre7QWkXrSe5La0+1it +iilnyh/YFvlhxW7Mc4qdkyv24Vp1zQgGXGf9UJM6GvwWg5bKPbEnx135eB87tICg +vGioMPVVWvPREod/N1Y/VfZp9a/VX27s/u+t9/BAlA8G4JUEi4gUIPKHB404qrvP +REa5nJ0Oyu+WMtZ47Wvb0SBVPtPHDHPJV6WIgPWYmKORjoSV39HSj52o6Mnx1VfB +tDVd3mP6Tfujci5lc+zq+DtxsJo8mLgNle/eZ0ysEnccKPBE+3dNtRzIjmVNAHx8 +AquYgBAgXoI2ixhToAOP3MIEToPfNyA2u04KcdxyOgECgYEA/Xa5skp2rclu160F +LDa+O/2l4oVGYB8QYSf6L/efGo6wFUb204Ne2/tAB6KzFFwnS98m/1GxxmxTRKRU +baCkmz6eiGA/yQlKsUlIuPcT/vCy68t7clsogn9+qnUbKfYemmQ5g2U7BGKmZbB1 +gSN53xXa7aPs7y5TICN/Vpr+oZkCgYEA7TmfbLc6eaP53zL/rhkELsoOcyLdJwR1 +2GnIFmySOmoLR+1TOYNcKq0eDQdd101mT3EJgpXPsoDKbbwNr57TZHDl1R9FAGSW +aK3nJHZi6o+Qei2JJwmyRgzYmldkZkiLVbmlAFQvhP5gzlHAAjr4VyDwJqBQx96d +xOFZBPVJ4nkCgYB5khqbY4/s5zLdC8XxYQh5qb2JGreYnw2yLASaQUD08f+PFQyK +gvZauPYLM4SFfXXztEL2L27/ZzHBOLiuJGEPfUd4zgGKIYTL6ASTgx76JuUKp/y7 +6vFRNmnAxI6U39Hp56yWU1WtUsvQ9oRFvohT8h2h4gBg8G06eww2s/zx8QKBgBT4 +/TE9WbwbVSH4fkZEC+yfDHv9XxPt/wUtBPWGj77+VRT81FjHVkSnnXqFZjR8sUjg +s3iKChy76imdcJBQOFwu5wLait0oB2wlw8Oje8dE/f7vO6rp3or248dxZnzsePUR +Ppcy2iil3KUg8RrBX+dEEDc6ASpKciRPz/DyRp/xAoGASbmawase+/UEV8PLzdVW +OVbUARBJHbDvfNMIqZ7u3k/xX/q7SvPSV4ElEQh3cstQYLAJQx1ZSq+0TH8F48+6 +IURddW2JwfxQiuq+m8G50Md8kG6kPW+6BrEFXH2KRvPF6m9Fur50IhWSwjYfmv82 +YGyyn3CsDx5lr6eYGRM0Zkk= +-----END PRIVATE KEY----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem new file mode 100644 index 00000000..176c7fa3 --- /dev/null +++ b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDdDCCAlygAwIBAgIUNPu15vO9CfSEnWgQnGRbROUOp0owDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDMzMDE2MjEwOVoXDTMyMDMyNzE2MjEwOVowWzELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEXMBUGA1UEAwwOd2F6dWgxLmluZGV4ZXIwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDq3/cxyHhK20rbdGRpwG+lHw8vdPUGB1ja +ey1fCetXATDBMeNpltxooJzb9tTIVIGt4ghrK6hqpUm0kvK2hZX3VnVD94pzUnpV +miwkBtWyIletCFsiWPplU30ukR/sE63+R164b3kmQohyppNKEIZrgRkQbsb5Rj4K +7koUVT+IKGoPNl2npSO5Y16+y4lqmQIDSshbEnqoV/cmnhD43Zsx0TPMs76Yutcs +p+n4yrYY/l+Wf/BWD3yE6VwlxoqRBBTfMzZQwaK6OsWA+NMdS/MrfMs0ccuzGLi4 +LsbINabIIXk2rPERV9syI0TEWNtSp39LzIPvRT96PdbbP2uOpHNRAgMBAAGjVjBU +MB8GA1UdIwQYMBaAFGJdNJfKNGwiJEj2SOL6II1FBBgrMAkGA1UdEwQCMAAwCwYD +VR0PBAQDAgTwMBkGA1UdEQQSMBCCDndhenVoMS5pbmRleGVyMA0GCSqGSIb3DQEB +CwUAA4IBAQAeLF5so3GKD/NG7eQQEz5z4ebwLuv126JyHHndvGeEzlMmBbEFNv+B +j/NZOplVp8cdchIPsMR/1hw5qdsrA2i75p/lOMkVtxVgiHrIExhvB9wYTo3i8hHq +cKVUdnFR/gB4IawcrXy7Le6NJeVPo6F1HNsjzUzddWP8qAUhViv3HAeA+86ti9Lm +vIH6ww6NR8q4YgWoHmVV7mo3HD7z76BjYMWnJUeK0ziHtyNw2y7/TO0/rQNdvDRx +0MZwVih3XAo81kb2b4VmpCaiZt2/0v/glx0KmY2PYBiipDclEQpNgOIcaEvM7jtl +U7JIE70mSwOchd6nJ7WTGTijrS+hJY8c +-----END CERTIFICATE----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem new file mode 100644 index 00000000..df1d3144 --- /dev/null +++ b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDBJ2ch4zx2FMlZ +dlPGAlh4zd+mafJf3MsI1E5bZPv0hXQuH4iwBzctj6YhNPnSr2KYurWfoh/U0/cH +JTw1GQgtFnjEwoyYLpz018yH9foU9pQuIaIrtzZ6UpjyXjCh4155pCldzHilz7KR +PloFCFsedDdKRu43j14fSagnFHeDQbkWemmue38dSJciwC+HQUuQE3ENNx0B6Qnc +3dLLkA4RoJpRJPZ3GDObk3bdClac0kMFWUwS+tGBH4tnOnTkPLOEzStM/qIl3xDf +C4r3e1dIK/kLK2xCpOtmfWjDDQyN/4CDugNVvBaYLORHz0otkp91wCfMPqLZ/5q9 +sy3SwkK1AgMBAAECggEAdlaFwSVPbajek4kDWlUljx3S4EoYzNKhMg+g0i3Uj8MT +ow5+2BoTnD5eMgoa5RG+/oOlst/JUMNsnVwavw1PDRCvfR0UtkgYsYllLgdt6FoJ +/xlsGgxtvBPO0O8ULJr4zt3c2jLj1/KgHIxu6pZr/QSGu2Mpn7CeodymwQqxDiCt +Sm0bk8J/m9W7ytWFaiVMRBbxRo8NMv2/RMYIBAI3/v1hLPucO+1vyxSja2FE12jg +0LvHp7N7zgGmjZ8CDRMwOiQkdgx1lfEelXteRKyCdWnPzdrtTguWiXyWOXddPKbJ +1peQDSXP8hqua62KK90CEslcVPiSWl8uTYMcNKBsIQKBgQDp376bfxSZxQPm+k9Y +Ph4maT1WeInV4XY/RtavKBPm9y6JHOCF910Mlc1077RMjgmOHwvdwVtg+2oA/Q+P +CGNx+JX7gl1PA0nrj/xHrTcMf61WIGobb08FCvfU7o5CuQj6osHgx4Xx9YLfeTtk +oWdP05n/a0ybMrAU4bpCVXAwwwKBgQDTbXKs32KxIAaDkzA27KVSsP3avKnjMVAK +r0sMhRIv+H4AaHeXRD9JJHNwJr05LuGlsIM9bsdAxWGOMZ4FWsUGF29AWsSL/d3M ++ZygyL6POKFJjmqi1lbW+OgsmyDx/8hSLNuHd3ny56ijZUaVw9J4sdZJpTYgoLiX +YB7Od/yHJwKBgE5ytb3055UYx9FPfxPrajOaM2/w6NMsWHyrJ1IDkIF1wk9Nt2ZY +bgbNrOgfi4vuTPg2I8XTmPI0Av+n4vMobisJpk2CEghx4va4CniEeqWfoiX0o4Lm +WEwpvK3ZAzEQXhmsRHpAkwZxQt/xC2Ia3cuh/9L0S/L3Eqc+fDrJ6+L/AoGBAKlu +MRK2JVm6R14TivTI6ad9rMEopaAqeXFGjobm8O8+XIMpNIUlLO4JZvT+Jm930V49 +OL73UnfmdUpFGtRBrFg4WXAiDRX+iEtl0Q3MMWGGyUGv/mamC4tUhoKQgnNMPhUU +W4yQw0pUOQFP/KOx/K26HfaAjgLRqXutjKJ65wTLAoGBAKtOsSbCc1a62CQYvA1N +pvE9QYSM85AfZzeq5s+4a6a/crzEPzwRP1tCMHwu2w/FOQoaI62x8q58Q7N6tgS3 +mlhJIXpBL0RXoIlN3jeKbo1cvnGidgC5fGs1NdaF8PE1PciNXITltrxAKDiZ3syy +3s0LfRzI6Gv3NZGgXzN4Es0I +-----END PRIVATE KEY----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem new file mode 100644 index 00000000..03f6fa42 --- /dev/null +++ b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDdDCCAlygAwIBAgIUNPu15vO9CfSEnWgQnGRbROUOp0swDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDMzMDE2MjEwOVoXDTMyMDMyNzE2MjEwOVowWzELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEXMBUGA1UEAwwOd2F6dWgyLmluZGV4ZXIwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBJ2ch4zx2FMlZdlPGAlh4zd+mafJf3MsI +1E5bZPv0hXQuH4iwBzctj6YhNPnSr2KYurWfoh/U0/cHJTw1GQgtFnjEwoyYLpz0 +18yH9foU9pQuIaIrtzZ6UpjyXjCh4155pCldzHilz7KRPloFCFsedDdKRu43j14f +SagnFHeDQbkWemmue38dSJciwC+HQUuQE3ENNx0B6Qnc3dLLkA4RoJpRJPZ3GDOb +k3bdClac0kMFWUwS+tGBH4tnOnTkPLOEzStM/qIl3xDfC4r3e1dIK/kLK2xCpOtm +fWjDDQyN/4CDugNVvBaYLORHz0otkp91wCfMPqLZ/5q9sy3SwkK1AgMBAAGjVjBU +MB8GA1UdIwQYMBaAFGJdNJfKNGwiJEj2SOL6II1FBBgrMAkGA1UdEwQCMAAwCwYD +VR0PBAQDAgTwMBkGA1UdEQQSMBCCDndhenVoMi5pbmRleGVyMA0GCSqGSIb3DQEB +CwUAA4IBAQBQotSlK29h04ju7QxobUl00cGht3PQZPfLmwvtY4S6V2YZt9p2zejb +j7oT4l0OWsHBBugT4RVapaPq6+Ghbpc666srmoVv9Ny+3uVtD1Wks0r0WtWUdLhQ +On5LU30gTu+dGf4PUr+g9bp1XsFnG/pRR5iG96vQR+EDi+z9TcMi2L2JQIoKiiOz +UbOs/djzf1WKhYpzo/kC6+HlIojVqUVdb5Z3kIf9UXuY+0O2LWGe9hgY2r9RWZSQ +k2rlb5sqvVh8PY5RP6D+p6W3x3b4TrH5AjMFTfkbLWxod4xTYwLfMSTuFEiF8HTM +8tBrbJ8NXDy5udiwjCFloZBivGsn8IPy +-----END CERTIFICATE----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem new file mode 100644 index 00000000..7b82d0f5 --- /dev/null +++ b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDFzTLJn+H65C5M +uSFgWmF1sGqCelxGIRL2qdp8EeC02fRKY3PSMzMwBqYNweQVRT7Anzk3rjiDDGDc +GEJqp1HKUesoGbXU6gW5yVqvJrydSRcSmKh6mtyL4hIEgVCN7DeBY5Xg3+TS6TGL +OHhQf8Fu8JWGGWy2m56tEZcI2Mt/k/ihkjypYv5w+X76ibyRGKOmWJ682LHDsN5q +/o4G55kvy/QVH9zo+2/7k8GZC4Kigtp0bdypvncl85PA2a8z42JYVCySJfy7/AlZ +5PJPCZIHhITUoXBMNJHGn3pgMadXjiNMFlUKIEtIj8tFgbvyqA+jPOizLVlLRQNL +K1u3kQbTAgMBAAECggEACw791+foam53aDKxewGSkVHboo/UuNcAiGnWnTkipvnI +fqAwyX+zTOwSPJKqfcXxTDOar1I+NpVqlOOGUxAnsngB/avyToUG7Owk9cXkpaaA +c7m1MaWWzvtEppvUNRsPv1wh9QCPensvGel+UIHT/q/UrDqfqVXp+SMSnpwARJGY +C+0Q75Qeg7wJ5uX91HpiKGCgoKi6/4KZV30bDRQoqZrqeT/9ZZZ9kyZ6SHlZAPDh +dXl4g3plroBPOnJfUiR/oyV2jUDn3qU7j7Ti0WYbcr3TBRcPeU44Apyhv1CCS0d7 +9cBsWEkXSQmgxoiwkuVHG22VpYPukKVjn3dC5wKzAQKBgQDxP88023/y44gaDcBX +u9oNYL1RkofFAGWqnCIOYu1Tm9s2oh83VUcJymA88cGfw9SQRJp9JwVewQvF8M7J +hbhjhqqsSk3C8Bihu7Mgo5qdzwVx+61URLM2ercY0sbtpVCOw3s290OyAIyOX1cY +r1NdK9zfcHmz1x8mNgiN7AQbCwKBgQDR5VE5OfhrJL2Tq/SpaVoSKpUVLiJGvMEU +63nyErSPhAoqtnauIWgpJttiElqNMLcQuszOZXRDXuW6DoiJsl9pmodJUERN8zem +/k2XGXt4ogylFtoULazc6lNlMHklTy6KqmVPxVi3UORebMWHn7VBgjnzzcU/Z5Me +sx4qs67gWQKBgHnO4A4uLeIzZArTmqQxox1SFQTU2VxsoOiNwNxGstGeRgbFwMEt +e5rD5eefoUXLmM3m9aHvS9TV393ngmFZ9Qm7ev1W3wBoPeebYAxAztaTKoqsqo17 +yojdWQldkzd2WsBajyHnovSDNnTESrOaAptuhC0FG03kdkPS0GroGgKVAoGAS16J +zP/I+UhHHri3cQHYiv9payKWwknTF1z6+/bFiWdDc1TzxtFOIsDGNDAc/egJRGOf +WVnK5sozuZywYKmBY11OyP+el1MHn9pfKCvJT2b5HWrYQjiogudNrN88ES6eqsJH +AN7/XUwZxOJQB8RMhMprXuV7t6nMhVCSO4kr+XkCgYBcHc8iR0U5UNhUTY4676KO +BPXWikbAwOUvpVNN1qIcI99M/rXJ4n8Lhr3UI1fv/sJbwVQj3ngIqIIPT6flhP/V +ctYVXDjRZI6ziQCM4lj1HgOwVg/QfzHm+yLSBZ1NRnkeGBdkkiUYWXRJkB9Q/F6T +Ica8JPS4fqIRZ89L+hMlFA== +-----END PRIVATE KEY----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem new file mode 100644 index 00000000..d39396d9 --- /dev/null +++ b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDdDCCAlygAwIBAgIUNPu15vO9CfSEnWgQnGRbROUOp0wwDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDMzMDE2MjEwOVoXDTMyMDMyNzE2MjEwOVowWzELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEXMBUGA1UEAwwOd2F6dWgzLmluZGV4ZXIwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFzTLJn+H65C5MuSFgWmF1sGqCelxGIRL2 +qdp8EeC02fRKY3PSMzMwBqYNweQVRT7Anzk3rjiDDGDcGEJqp1HKUesoGbXU6gW5 +yVqvJrydSRcSmKh6mtyL4hIEgVCN7DeBY5Xg3+TS6TGLOHhQf8Fu8JWGGWy2m56t +EZcI2Mt/k/ihkjypYv5w+X76ibyRGKOmWJ682LHDsN5q/o4G55kvy/QVH9zo+2/7 +k8GZC4Kigtp0bdypvncl85PA2a8z42JYVCySJfy7/AlZ5PJPCZIHhITUoXBMNJHG +n3pgMadXjiNMFlUKIEtIj8tFgbvyqA+jPOizLVlLRQNLK1u3kQbTAgMBAAGjVjBU +MB8GA1UdIwQYMBaAFGJdNJfKNGwiJEj2SOL6II1FBBgrMAkGA1UdEwQCMAAwCwYD +VR0PBAQDAgTwMBkGA1UdEQQSMBCCDndhenVoMy5pbmRleGVyMA0GCSqGSIb3DQEB +CwUAA4IBAQClMNhIV5f+T4ETHEtC1qeQMIUOlycX5GoaxMOvf4CJtvQSNvDTlT+1 +OAWt3bcBzuGXzpdsn8FprqyoZsr+OElfQdn2G04yzhtVi1h/+BfroiMl4enldE0D +XwheVAXDi+MmXFkdH2ur9wBi/H40Yay9WO13OsmCjCwTOeQ784kh4L9sCz++SAk8 +wmUSJriaS93vbLP/IeREyk3inbF3Ioy3ICaTFxkREHvtArgatFf0VaMCT1vxO5ty +Iu30UPOHLnQOyOMR5bb4TP2c9g3eY7+4uhMEaS4az60akakuL0xMnGGg1zKHi/e8 +Vz/sEID7+dAyTWN0Bjl9u5zJLyXSl32E +-----END CERTIFICATE----- diff --git a/multi-node/volume-migrator.sh b/multi-node/volume-migrator.sh new file mode 100755 index 00000000..7a4a0738 --- /dev/null +++ b/multi-node/volume-migrator.sh @@ -0,0 +1,279 @@ +docker volume create \ + --label com.docker.compose.project=$2 \ + --label com.docker.compose.version=$1 \ + --label com.docker.compose.volume=wazuh-indexer-data-1 \ + $2_wazuh-indexer-data-1 + +docker volume create \ + --label com.docker.compose.project=$2 \ + --label com.docker.compose.version=$1 \ + --label com.docker.compose.volume=wazuh-indexer-data-2 \ + $2_wazuh-indexer-data-2 + +docker volume create \ + --label com.docker.compose.project=$2 \ + --label com.docker.compose.version=$1 \ + --label com.docker.compose.volume=wazuh-indexer-data-3 \ + $2_wazuh-indexer-data-3 + +docker volume create \ + --label com.docker.compose.project=$2 \ + --label com.docker.compose.version=$1 \ + --label com.docker.compose.volume=master_wazuh_api_configuration \ + $2_master_wazuh_api_configuration + +docker volume create \ + --label com.docker.compose.project=$2 \ + --label com.docker.compose.version=$1 \ + --label com.docker.compose.volume=master_wazuh_etc \ + wazuh-master_docker_wazuh_etc + +docker volume create \ + --label com.docker.compose.project=$2 \ + --label com.docker.compose.version=$1 \ + --label com.docker.compose.volume=master-wazuh-logs \ + $2_master-wazuh-logs + +docker volume create \ + --label com.docker.compose.project=$2 \ + --label com.docker.compose.version=$1 \ + --label com.docker.compose.volume=master-wazuh-queue \ + $2_master-wazuh-queue + +docker volume create \ + --label com.docker.compose.project=$2 \ + --label com.docker.compose.version=$1 \ + --label com.docker.compose.volume=master-wazuh-var-multigroups \ + $2_master-wazuh-var-multigroups + +docker volume create \ + --label com.docker.compose.project=$2 \ + --label com.docker.compose.version=$1 \ + --label com.docker.compose.volume=master-wazuh-integrations \ + $2_master-wazuh-integrations + +docker volume create \ + --label com.docker.compose.project=$2 \ + --label com.docker.compose.version=$1 \ + --label com.docker.compose.volume=master-wazuh-active-response \ + $2_master-wazuh-active-response + +docker volume create \ + --label com.docker.compose.project=$2 \ + --label com.docker.compose.version=$1 \ + --label com.docker.compose.volume=master-wazuh-agentless \ + $2_master-wazuh-agentless + +docker volume create \ + --label com.docker.compose.project=$2 \ + --label com.docker.compose.version=$1 \ + --label com.docker.compose.volume=master-wazuh-wodles \ + $2_master-wazuh-wodles + +docker volume create \ + --label com.docker.compose.project=$2 \ + --label com.docker.compose.version=$1 \ + --label com.docker.compose.volume=master-filebeat-etc \ + $2_master-filebeat-etc + +docker volume create \ + --label com.docker.compose.project=$2 \ + --label com.docker.compose.version=$1 \ + --label com.docker.compose.volume=master-filebeat-var \ + $2_master-filebeat-var + +docker volume create \ + --label com.docker.compose.project=$2 \ + --label com.docker.compose.version=$1 \ + --label com.docker.compose.volume=worker_wazuh_api_configuration \ + $2_worker_wazuh_api_configuration + +docker volume create \ + --label com.docker.compose.project=$2 \ + --label com.docker.compose.version=$1 \ + --label com.docker.compose.volume=worker_wazuh_etc \ + $2_worker-wazuh-etc + +docker volume create \ + --label com.docker.compose.project=$2 \ + --label com.docker.compose.version=$1 \ + --label com.docker.compose.volume=worker-wazuh-logs \ + $2_worker-wazuh-logs + +docker volume create \ + --label com.docker.compose.project=$2 \ + --label com.docker.compose.version=$1 \ + --label com.docker.compose.volume=worker-wazuh-queue \ + $2_worker-wazuh-queue + +docker volume create \ + --label com.docker.compose.project=$2 \ + --label com.docker.compose.version=$1 \ + --label com.docker.compose.volume=worker-wazuh-var-multigroups \ + $2_worker-wazuh-var-multigroups + +docker volume create \ + --label com.docker.compose.project=$2 \ + --label com.docker.compose.version=$1 \ + --label com.docker.compose.volume=worker-wazuh-integrations \ + $2_worker-wazuh-integrations + +docker volume create \ + --label com.docker.compose.project=$2 \ + --label com.docker.compose.version=$1 \ + --label com.docker.compose.volume=worker-wazuh-active-response \ + $2_worker-wazuh-active-response + +docker volume create \ + --label com.docker.compose.project=$2 \ + --label com.docker.compose.version=$1 \ + --label com.docker.compose.volume=worker-wazuh-agentless \ + $2_worker-wazuh-agentless + +docker volume create \ + --label com.docker.compose.project=$2 \ + --label com.docker.compose.version=$1 \ + --label com.docker.compose.volume=worker-wazuh-wodles \ + $2_worker-wazuh-wodles + +docker volume create \ + --label com.docker.compose.project=$2 \ + --label com.docker.compose.version=$1 \ + --label com.docker.compose.volume=worker-filebeat-etc \ + $2_worker-filebeat-etc + +docker volume create \ + --label com.docker.compose.project=$2 \ + --label com.docker.compose.version=$1 \ + --label com.docker.compose.volume=worker-filebeat-var \ + $2_worker-filebeat-var + +docker container run --rm -it \ + -v wazuh-docker_worker-filebeat-var:/from \ + -v $2_worker-filebeat-var:/to \ + alpine ash -c "cd /from ; cp -avp . /to" + +docker container run --rm -it \ + -v wazuh-docker_elastic-data-1:/from \ + -v $2_wazuh-indexer-data-1:/to \ + alpine ash -c "cd /from ; cp -avp . /to" + +docker container run --rm -it \ + -v wazuh-docker_elastic-data-2:/from \ + -v $2_wazuh-indexer-data-2:/to \ + alpine ash -c "cd /from ; cp -avp . /to" + +docker container run --rm -it \ + -v wazuh-docker_elastic-data-3:/from \ + -v $2_wazuh-indexer-data-3:/to \ + alpine ash -c "cd /from ; cp -avp . /to" + +docker container run --rm -it \ + -v wazuh-docker_ossec-api-configuration:/from \ + -v $2_master-wazuh-api-configuration:/to \ + alpine ash -c "cd /from ; cp -avp . /to" + +docker container run --rm -it \ + -v wazuh-docker_ossec-etc:/from \ + -v $2_master-wazuh-etc:/to \ + alpine ash -c "cd /from ; cp -avp . /to" + +docker container run --rm -it \ + -v wazuh-docker_ossec-logs:/from \ + -v $2_master-wazuh-logs:/to \ + alpine ash -c "cd /from ; cp -avp . /to" + +docker container run --rm -it \ + -v wazuh-docker_ossec-queue:/from \ + -v $2_master-wazuh-queue:/to \ + alpine ash -c "cd /from ; cp -avp . /to" + +docker container run --rm -it \ + -v wazuh-docker_ossec-var-multigroups:/from \ + -v $2_master-wazuh-var-multigroups:/to \ + alpine ash -c "cd /from ; cp -avp . /to" + +docker container run --rm -it \ + -v wazuh-docker_ossec-integrations:/from \ + -v $2_master-wazuh-integrations:/to \ + alpine ash -c "cd /from ; cp -avp . /to" + +docker container run --rm -it \ + -v wazuh-docker_ossec-active-response:/from \ + -v $2_master-wazuh-active-response:/to \ + alpine ash -c "cd /from ; cp -avp . /to" + +docker container run --rm -it \ + -v wazuh-docker_ossec-agentless:/from \ + -v $2_master-wazuh-agentless:/to \ + alpine ash -c "cd /from ; cp -avp . /to" + +docker container run --rm -it \ + -v wazuh-docker_ossec-wodles:/from \ + -v $2_master-wazuh-wodles:/to \ + alpine ash -c "cd /from ; cp -avp . /to" + +docker container run --rm -it \ + -v wazuh-docker_filebeat-etc:/from \ + -v $2_master-filebeat-etc:/to \ + alpine ash -c "cd /from ; cp -avp . /to" + +docker container run --rm -it \ + -v wazuh-docker_filebeat-var:/from \ + -v $2_master-filebeat-var:/to \ + alpine ash -c "cd /from ; cp -avp . /to" + +docker container run --rm -it \ + -v wazuh-docker_worker-ossec-api-configuration:/from \ + -v $2_worker-wazuh-api-configuration:/to \ + alpine ash -c "cd /from ; cp -avp . /to" + +docker container run --rm -it \ + -v wazuh-docker_worker-ossec-etc:/from \ + -v $2_worker-wazuh-etc:/to \ + alpine ash -c "cd /from ; cp -avp . /to" + +docker container run --rm -it \ + -v wazuh-docker_worker-ossec-logs:/from \ + -v $2_worker-wazuh-logs:/to \ + alpine ash -c "cd /from ; cp -avp . /to" + +docker container run --rm -it \ + -v wazuh-docker_worker-ossec-queue:/from \ + -v $2_worker-wazuh-queue:/to \ + alpine ash -c "cd /from ; cp -avp . /to" + +docker container run --rm -it \ + -v wazuh-docker_worker-ossec-var-multigroups:/from \ + -v $2_worker-wazuh-var-multigroups:/to \ + alpine ash -c "cd /from ; cp -avp . /to" + +docker container run --rm -it \ + -v wazuh-docker_worker-ossec-integrations:/from \ + -v $2_worker-wazuh-integrations:/to \ + alpine ash -c "cd /from ; cp -avp . /to" + +docker container run --rm -it \ + -v wazuh-docker_worker-ossec-active-response:/from \ + -v $2_worker-wazuh-active-response:/to \ + alpine ash -c "cd /from ; cp -avp . /to" + +docker container run --rm -it \ + -v wazuh-docker_worker-ossec-agentless:/from \ + -v $2_worker-wazuh-agentless:/to \ + alpine ash -c "cd /from ; cp -avp . /to" + +docker container run --rm -it \ + -v wazuh-docker_worker-ossec-wodles:/from \ + -v $2_worker-wazuh-wodles:/to \ + alpine ash -c "cd /from ; cp -avp . /to" + +docker container run --rm -it \ + -v wazuh-docker_worker-filebeat-etc:/from \ + -v $2_worker-filebeat-etc:/to \ + alpine ash -c "cd /from ; cp -avp . /to" + +docker container run --rm -it \ + -v wazuh-docker_worker-filebeat-var:/from \ + -v $2_worker-filebeat-var:/to \ + alpine ash -c "cd /from ; cp -avp . /to" diff --git a/production_cluster/nginx/ssl/generate-self-signed-cert.sh b/production_cluster/nginx/ssl/generate-self-signed-cert.sh deleted file mode 100644 index 6fc8d08d..00000000 --- a/production_cluster/nginx/ssl/generate-self-signed-cert.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash - -DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" -cd $DIR - -if [ -s key.pem ] -then - echo "Certificate already exists" - exit -else - openssl req -x509 -batch -nodes -days 365 -newkey rsa:2048 -keyout key.pem -out cert.pem -fi \ No newline at end of file diff --git a/docker-compose.yml b/single-node/docker-compose.yml similarity index 95% rename from docker-compose.yml rename to single-node/docker-compose.yml index 41adabb5..d5cc463c 100644 --- a/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -44,6 +44,8 @@ services: nofile: soft: 65536 hard: 65536 + volumes: + - wazuh-indexer-data:/var/lib/wazuh-indexer wazuh.dashboard: image: wazuh/wazuh-dashboard:4.3.0 @@ -73,3 +75,4 @@ volumes: wazuh_wodles: filebeat_etc: filebeat_var: + wazuh-indexer-data: diff --git a/wazuh-manager/config/wazuh.repo b/wazuh-manager/config/wazuh.repo deleted file mode 100644 index e230d6a9..00000000 --- a/wazuh-manager/config/wazuh.repo +++ /dev/null @@ -1,7 +0,0 @@ -[wazuh_repo] -gpgcheck=1 -gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH -enabled=1 -name=Wazuh repository -baseurl=https://packages.wazuh.com/4.x/yum/ -protect=1 From 77e20bfb5b27f74fdd0acb2953763c81e6d8f3da Mon Sep 17 00:00:00 2001 From: vcerenu Date: Wed, 30 Mar 2022 14:19:53 -0300 Subject: [PATCH 100/163] Change directories structure --- build-docker-images/wazuh-dashboard/Dockerfile | 2 +- build-docker-images/wazuh-manager/Dockerfile | 2 +- build-docker-images/wazuh-manager/config/wazuh.repo | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/build-docker-images/wazuh-dashboard/Dockerfile b/build-docker-images/wazuh-dashboard/Dockerfile index 5e641260..8f38685f 100644 --- a/build-docker-images/wazuh-dashboard/Dockerfile +++ b/build-docker-images/wazuh-dashboard/Dockerfile @@ -25,7 +25,7 @@ RUN $INSTALL_DIR/bin/opensearch-dashboards-keystore create --allow-root && \ echo kibanaserver | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.password --stdin --allow-root # Install Wazuh App -RUN $INSTALL_DIR/bin/opensearch-dashboards-plugin install https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}.zip --allow-root +RUN $INSTALL_DIR/bin/opensearch-dashboards-plugin install https://packages.wazuh.com/4.x/ui/dashboard/wazuh-${WAZUH_VERSION}.zip --allow-root # Copy and set permissions to config files COPY config/opensearch_dashboards.yml $INSTALL_DIR/config/ diff --git a/build-docker-images/wazuh-manager/Dockerfile b/build-docker-images/wazuh-manager/Dockerfile index c0f3757d..1da3d314 100644 --- a/build-docker-images/wazuh-manager/Dockerfile +++ b/build-docker-images/wazuh-manager/Dockerfile @@ -8,7 +8,7 @@ ARG TEMPLATE_VERSION="master" ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" # Set repositories. -RUN rpm --import https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH +RUN rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH COPY config/wazuh.repo /etc/yum.repos.d/wazuh.repo diff --git a/build-docker-images/wazuh-manager/config/wazuh.repo b/build-docker-images/wazuh-manager/config/wazuh.repo index 4b673ff0..e230d6a9 100644 --- a/build-docker-images/wazuh-manager/config/wazuh.repo +++ b/build-docker-images/wazuh-manager/config/wazuh.repo @@ -1,7 +1,7 @@ [wazuh_repo] gpgcheck=1 -gpgkey=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH +gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH enabled=1 name=Wazuh repository -baseurl=https://packages-dev.wazuh.com/pre-release/yum/ +baseurl=https://packages.wazuh.com/4.x/yum/ protect=1 From 2b4607fed88ddbe041ea7185404b626783e83bc5 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Wed, 30 Mar 2022 14:20:31 -0300 Subject: [PATCH 101/163] Change directories structure --- .../wazuh_indexer_ssl_certs/admin-key.pem | 28 ------------------- .../wazuh_indexer_ssl_certs/admin.pem | 19 ------------- .../wazuh_indexer_ssl_certs/root-ca.key | 28 ------------------- .../wazuh_indexer_ssl_certs/root-ca.pem | 20 ------------- .../wazuh.dashboard-key.pem | 28 ------------------- .../wazuh.dashboard.pem | 21 -------------- .../wazuh.master-key.pem | 28 ------------------- .../wazuh_indexer_ssl_certs/wazuh.master.pem | 21 -------------- .../wazuh.worker-key.pem | 28 ------------------- .../wazuh_indexer_ssl_certs/wazuh.worker.pem | 21 -------------- .../wazuh1.indexer-key.pem | 28 ------------------- .../wazuh1.indexer.pem | 21 -------------- .../wazuh2.indexer-key.pem | 28 ------------------- .../wazuh2.indexer.pem | 21 -------------- .../wazuh3.indexer-key.pem | 28 ------------------- .../wazuh3.indexer.pem | 21 -------------- 16 files changed, 389 deletions(-) delete mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem delete mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/admin.pem delete mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/root-ca.key delete mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem delete mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem delete mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem delete mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem delete mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem delete mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem delete mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem delete mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem delete mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem delete mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem delete mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem delete mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem delete mode 100644 multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem deleted file mode 100644 index 4e72b441..00000000 --- a/multi-node/production_cluster/wazuh_indexer_ssl_certs/admin-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDyvkI1DXFa1lj7 -s5um16SpsjSUv3Y9qhQGKZVECKYUGLU3ZTQ/iPYa+HsfnWTRQRMsSEYfpEauAHKF -Yxh5BeJOYsz4ei200b13YMg+F8KWHVhE4oa26LeyaF5gXlXTm2AyYTgjobBykD0q -E5oQvMkCq4Bk5NXOzNiT9aS/sXduX8FPQYYsjB92yP6M2aQEdHo8S3Srf5bUpOvy -sP2qxkOTEZlhqJqeX+vbgVJ3SIn4du/U2njFVumChjICOSL6Vl8IJuejJmVqkNww -o3vY1BM/dyFhjv0WMiBrZuFml0Wbh+rCnfcoDebVKUK9Dp3m1DpScMBHI7l1Jajv -aOO7UNzJAgMBAAECggEBAInzwHKgEiS6nlVlTHc0JFtgcGt8p/kBeGHMLg09EQ1o -wUwbEudssdjAEFD2RP57CidnZ5rB5H0suei+WYEl6+f6VFx+Kw2RCSkX8pT/MdHY -GXsEdeTrOsKEd+Yylnos2i2nfJ0bXcit2mTYQP10HJSM3On59tyRJCBqQNfERoiN -fVVzdOSF//9ZfkazyuhYxjZpdb74MtWWWppncGNFUvCLfc6JT7RrdWdMGX20yFhV -p/NVBnHRkMcsuyIl9583SYGoTgTktJPeXFntrkCzBEXCBZIvLHHTtEG4KzROR3Sc -WOjpsp4BRIYYGMUbfWHTM2xPiFMPa4GQddTbQv44x8UCgYEA/CIpyXHG68XwX3Q8 -IEMUBxVHy4MAHw3CZW4bARa3cvjntDzDO+5tMWXczdFvBN0dvt1wUrveGNzM3w6v -v+UIVSJvMv8uTku6lkQdo/UVf73XH/NAqCEarMkcyLiAGaEASl44TtcybIe9GvCX -VqzKDrH+CSC3H0YvfBDOZ5FM828CgYEA9nc7EG1bG3kwV6qXmzFXAH0suK6pCiJA -cwGHxhvNgJb8NISdPRsOKU1ARV9jdkQu7Lv3eyiIZJejBksFS6aInaC5QR4o1xO1 -mjJewogGG6D6vvv3+FaXADvBg/a5sDB5QCtpklm5jck6l57oPwSIezXczVVYBrp2 -6VRL0CPbt0cCgYA6z+E9avvCjWZXba6EvADU8iLQFtuVYslAjaFg7KKX//VUNoQ3 -25K+3grWO48Q7F7+4XpM4iOZWw+yzCM0uMDr0t9rXti3TLTWTkc3snh0Vpzyh/RC -A47MVREQxPCkiciekEHEKjBJ3pO+z/YNMrrjGKOwD2CHvABhiS4MPHldowKBgAay -pMtEfYZYm8S2IRqZk6iyviVisbtRxPibIQp0NPh6oe33cKJ5esAKlmWMOxK6tZ+/ -V/Fj35kEOezw2vr8UpgeBwrK/AckRPokxkh5E9lqXYYVKN75026xMQgaC1/LYXAp -/dt5Tr6Yqlv2eI9F20Ol6hM2b4b3SEX9AXZtkwn/AoGAKDi9EBEx2yDK2241o3lf -AJk+Piefcn6MQXvlHsCOoeYqmK9nGbMGmwSUaOeNPbkimOgwrJKTdcoOh70QgnMm -qKUjxKysxWGjCUwLFFQCGz2rrjYjxvNfaJRkFN33F1R5oiaG6oFf1qQEeSfESwoD -VSPt/ewol6k8wm5ucnsA69U= ------END PRIVATE KEY----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/admin.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/admin.pem deleted file mode 100644 index 1f1a17b2..00000000 --- a/multi-node/production_cluster/wazuh_indexer_ssl_certs/admin.pem +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDDjCCAfYCFDT7tebzvQn0hJ1oEJxkW0TlDqdJMA0GCSqGSIb3DQEBCwUAMDUx -DjAMBgNVBAsMBVdhenVoMQ4wDAYDVQQKDAVXYXp1aDETMBEGA1UEBwwKQ2FsaWZv -cm5pYTAeFw0yMjAzMzAxNjIxMDlaFw0zMjAzMjcxNjIxMDlaMFIxCzAJBgNVBAYT -AlVTMRMwEQYDVQQHDApDYWxpZm9ybmlhMQ4wDAYDVQQKDAVXYXp1aDEOMAwGA1UE -CwwFV2F6dWgxDjAMBgNVBAMMBWFkbWluMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A -MIIBCgKCAQEA8r5CNQ1xWtZY+7ObptekqbI0lL92PaoUBimVRAimFBi1N2U0P4j2 -Gvh7H51k0UETLEhGH6RGrgByhWMYeQXiTmLM+HottNG9d2DIPhfClh1YROKGtui3 -smheYF5V05tgMmE4I6GwcpA9KhOaELzJAquAZOTVzszYk/Wkv7F3bl/BT0GGLIwf -dsj+jNmkBHR6PEt0q3+W1KTr8rD9qsZDkxGZYaianl/r24FSd0iJ+Hbv1Np4xVbp -goYyAjki+lZfCCbnoyZlapDcMKN72NQTP3chYY79FjIga2bhZpdFm4fqwp33KA3m -1SlCvQ6d5tQ6UnDARyO5dSWo72jju1DcyQIDAQABMA0GCSqGSIb3DQEBCwUAA4IB -AQC0jnfi85nCjAYAb5xsSUKMFruZ22N+sqy/2oa/auWr4ZtB22hxrBAFCi3bvBRu -vUsLIx6KJAl7/Y6jHBNnLIbFNN8LnH9OD1g7ke6FJZbw0k8JDSQtfRA7p4yOGE/b -Bdhu1IA3KiHD8wRgKAqMDIsFcmOgR8iIiKebw7IqxUQs2RSNgDYyHcjmgys/acr1 -0bH6Jivzlz6MxyLRgLD66WakSSOLkg2r66cXy/rc9xvuc3CRRTy9jze8bdIQY2S3 -xf2iSmASrkG7KdCNWlDmddykyXFdF/gUm/IpW6lFLoXtV8/WtGeQ2umZgslnjE0b -a/wqN6wb68VUfRecZLojre2Q ------END CERTIFICATE----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/root-ca.key b/multi-node/production_cluster/wazuh_indexer_ssl_certs/root-ca.key deleted file mode 100644 index 5ce40aa5..00000000 --- a/multi-node/production_cluster/wazuh_indexer_ssl_certs/root-ca.key +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDoEXkZ83C5Ec87 -kubEylLb466yc2pEErHBlT5ehQDxqjW5/G/Jb3X7vkziJJlcaABzzYhso8WfN4LH -iSlU2MFXaPQojUUcHB3kQ0Y8ndZgqPIOIsMWxTaJ2Zxls5F+nyVhs+VmPm0OMmpU -klSt74wlOg0gEF0bOhF5RVSImXlF34lPOjJsnBC07RT5qeNdwSJL646ij7zYdo4v -hSrSmeNdMgu+SIudfPP+1pB0FGIMxgXRLVlo30W2Vp2l0kIBs2Y3Xf5Wb4c+Jk/8 -BdwPspAL/ar10yFIE4PhNhnTF4DoTfAy0FkVWyqThZFRr16TZWEZfj6xYkgQX+A7 -NAeexGFTAgMBAAECggEALwn7pgr2Ok0l2El6hUENcozACGPkkk/HwBlkPvxuqI17 -vmswrX/uRkzYgK4yd8yM6uwqTvsTP6ac150xx4T4C6O2edHIxF3eoToRro+/uHAG -QF9DdAYde+ukC+lOAIB5r0gro4Hb0Rje/K18hJUdrx4JMwqeFLq8d/xZmiahskuu -UUo3Grq5hP6kuyKvG1GXkWG0Y6AkLip3OnaUypVPR3T4J+ydHmo1XjEwNXKdByll -u2thgzLsTmnD8CJYwdmqKhM8O8voTkyFpc6tj4x2K8/NLP1Y0slYdSHC4TSdDfCJ -6d3vShCmH8xM2PuALL4ofXvQ76D4gvLe3SrJ7d9IAQKBgQD4VH70aRSh5M+I6dT2 -yqhKwOwpElEupUoft2LytZfYiylryRYJVy8pB+0cN3Dy7/G6MGQ4LSbG2UbQkuT7 -iaeKSU3aKhqK9UyBuDUJg+vOK81IaEra1dvnFFzdf58Azk/WwMSzo2iY9MPaWP6k -1DrhXetJHxiqtYk03jLSV6IpAQKBgQDvPGXTAFVSmuxpG6MVd99bnBYGkZ8loLzc -wqPkEWeazQSzcXGfH4sAr2eYpbpvT0X6mIQe3vqRLx4X9tLlG0QhivtIpzP9tOiH -r+IGTepCrgusYp/UDJO+cE22EEMdJumFPcjeQcU9NAYnaf+3Mr+2UOHZD4OoObQt -Z8PJ4qsWUwKBgQCqDbrOhnMBll3kRTR4ODlcz5YpXgjH55rF82BIEsDEIjAgRpjX -lqON9oaR7wli45tmRCMtMQY/36SVyjISaqaXlTFB99krVWWp40o2lOdSzT4LmpfA -Gfk32gLqD64D8EROLL3Gwl0reVnxWUYv+8HCeP1Zmnja1ev6jzrAPhCnAQKBgCKb -Ef+bpLv2PQxXOxf35w9RXL5GgkbnIWqtnRd4jQwPbAao+k6SOYE33jxufLFtPiop -tbLhfk1SC4Bb69XIQ+q2N/MifJrOeHRoNMHEs4ZBtt6QxZ3e0+BQTm1vnMWyw0TK -0yuTR/y6cclxw9O0O5cbzA+h9uF2t2F6CRBDAYyRAoGAI3TGkMD5KHHpdxyY9rca -FDOQGDpr/fBh4MYgTkLWwpW10pmgxSO5+txFhPjhNAcVPJBwP4Nr4pAMjbOnFxef -JdnvWwhari+r5REkeGxNTTZjxirltiVv4BCFfjiVQC4jJrx4pwLB62vu3Gg9sw07 -9Ar3f3mX2kvl6uOG3UcDSzM= ------END PRIVATE KEY----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem deleted file mode 100644 index ac59cb89..00000000 --- a/multi-node/production_cluster/wazuh_indexer_ssl_certs/root-ca.pem +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDSzCCAjOgAwIBAgIUMsRC29ASzFg/NKEsaNmiG1985WQwDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDMzMDE2MjEwOVoXDTMyMDMyNzE2MjEwOVowNTEOMAwG -A1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApDYWxpZm9ybmlh -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6BF5GfNwuRHPO5LmxMpS -2+OusnNqRBKxwZU+XoUA8ao1ufxvyW91+75M4iSZXGgAc82IbKPFnzeCx4kpVNjB -V2j0KI1FHBwd5ENGPJ3WYKjyDiLDFsU2idmcZbORfp8lYbPlZj5tDjJqVJJUre+M -JToNIBBdGzoReUVUiJl5Rd+JTzoybJwQtO0U+anjXcEiS+uOoo+82HaOL4Uq0pnj -XTILvkiLnXzz/taQdBRiDMYF0S1ZaN9FtladpdJCAbNmN13+Vm+HPiZP/AXcD7KQ -C/2q9dMhSBOD4TYZ0xeA6E3wMtBZFVsqk4WRUa9ek2VhGX4+sWJIEF/gOzQHnsRh -UwIDAQABo1MwUTAdBgNVHQ4EFgQUYl00l8o0bCIkSPZI4vogjUUEGCswHwYDVR0j -BBgwFoAUYl00l8o0bCIkSPZI4vogjUUEGCswDwYDVR0TAQH/BAUwAwEB/zANBgkq -hkiG9w0BAQsFAAOCAQEAtUtlmOYc+frtnXIu3HMPNP7QPr+vhMRaIlt1j2MRMTE8 -PtD8xGI50Mub3yc52PD2BPx9WwOFqFJY6fuREfkjkQ6RhAc3NdQ/8ioZ+Tt45Qu3 -N8IJKDbjaC6D18DAIq0G2lnxC6ShxcgCjv+8BraWmm9iCnMj78pw0JTVJDtkr87w -qZdSCW3XfzirW4FiHEWynBOvbRCfjxYAYK+AT9g++TDTjbT1MxPtIb1JUDJaFFV0 -Oi1lgANY5gWJes5Duw1bcAeQZ9iEX06qOJWWI5DidoM3ARiwHRBv2J/6MUxTMtH8 -A0/pV5kqLN586tURZavGdOmlmx+C6QD0GoYi9137Fg== ------END CERTIFICATE----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem deleted file mode 100644 index e23ccf8c..00000000 --- a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCdwWuVtuvoVyr9 -Zc4t9NUeV7K9XqlcmEJF9FW7/2kb5vAljcoqyum+xZZzQGIY/Jbje+r2jRqw2VyV -tjlShimsAcIb0UHmfKs8btAIfXCa4aLzp3eiSNzRTdQkg94ebkhDKMeW3GKqpqkX -OWrIYb77K/ltRqVUe9WcQZvxzrQqUKKdk/0TfkVU0uY4AxZxfWudL/wWdbMCCgmh -UjvhhjBJRSTIMjGXKxRusXcHz9PsnFGrxr9+DpYhL0qRj8AyF6xg2dfj6vz9Bfgf -dNnOZOIhWkymyXg4vsFwr/d4kXfcRuTl4IGoCtYewGTBKKimpgOxnNcKJsajCHJV -eBPDMdwPAgMBAAECggEAPrXY0pb4iE++YyTJJTOiVIGAKA8tPAW6spxCSI1rdxAC -fqsypngrGw7ok8AQPuaKBLwJ1yCYb5y4VTsu5kM25Y19YBl7HOiKGWfjgrx6utbf -NARqZjSYswtBPZK+BVLJnwji7nGFN1kw9m54qFdS1/3PFUV0C3V+oLLkDuegbwEn -AUqFy6sP/4EEHsDBvvVWSbg6jV28YSUFD8pbDLVwBU3zXMlj/nmxPVRxAyap9xN+ -zw66s/E4DvESE7owGdttRGAGVkAsDGDP37a4+CfxRKzpcSBuaMuE+B51dfWebSJM -kYbXC7CAjid/C012pwQG+9E4sZCxqsa5iJWPZfNuAQKBgQDQlQiBcCkd04px40XQ -6mo0zPe/ySMCNd/crQFqqdNucSBiC8cHyroTx3zexoL1Nm9sDwF3bK07Bt0iyuQA -mm+IwCPTlLe8n82+D69ZYZP203YcnJBfRIsmeyDNYWDJm9b6j/eWA8yS+HIMQqvu -UMRdXSHg+pd5ylyIYpTlqN6AQQKBgQDBnmdUleu9KDSl291hM609+fAbOuK63vBz -5Muo8CgUFbd7wwO904oLFC854qeTxvvnMueJ/0LQql3HqkADKLNZmMw8xQ3jXFiw -6vSfctIpt1Pz/+gNlRn14KdwpAhZUt1TmUlA/UaXv9W0KuDcQHj/XBB557CZk6+G -54lx1PZITwKBgCGhlhCAzDBh9nWshopL8bn3vo6u2LU3iJPlVVAkd9Hb7bPBYGMS -PfSIesrUyTLOhyKuPLdLz5av4aIFgsPSIt+y01P/K6z/O0ZE8yn/QMNQjz/HwsOJ -osIeokhbRibbuMsHwYzvqeGcq47shRpU7YR8SsUiwp/BkC/xbT6mftHBAoGAAJQ8 -suAP6GzqW2Sg8N16syjAMxSmAPERvwb8JPEy7XxzJAedR0AOtaHF0mJ/Jc3+it54 -Gs2MoZsg1KwJrPi+MJJoafYc6IUqLr1FJgTt4/oMYjptszyy6y1U0t1quPmqd8mJ -kowvXdzRAszuBzqaIglgczziJlNuvvSKULDWW7kCgYAdMARsl0vFEAR1Y5QQzeZO -nMkniSS2CQBOvPpltE2qHf/Fuast/weR6/FxeP9R2EiSPNrhAmEiahH2JcHWBZ3Q -BLo57I+S8vxJ6kRXf6XD55loguChF15jXGKsxXw5MP+MANmoZL+fSFO3yMLtyz/Z -HNYj0xkTwFmC1p8FlujnNA== ------END PRIVATE KEY----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem deleted file mode 100644 index fc6d43f2..00000000 --- a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDdjCCAl6gAwIBAgIUNPu15vO9CfSEnWgQnGRbROUOp08wDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDMzMDE2MjEwOVoXDTMyMDMyNzE2MjEwOVowXDELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEYMBYGA1UEAwwPd2F6dWguZGFzaGJvYXJkMIIBIjANBgkq -hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncFrlbbr6Fcq/WXOLfTVHleyvV6pXJhC -RfRVu/9pG+bwJY3KKsrpvsWWc0BiGPyW43vq9o0asNlclbY5UoYprAHCG9FB5nyr -PG7QCH1wmuGi86d3okjc0U3UJIPeHm5IQyjHltxiqqapFzlqyGG++yv5bUalVHvV -nEGb8c60KlCinZP9E35FVNLmOAMWcX1rnS/8FnWzAgoJoVI74YYwSUUkyDIxlysU -brF3B8/T7JxRq8a/fg6WIS9KkY/AMhesYNnX4+r8/QX4H3TZzmTiIVpMpsl4OL7B -cK/3eJF33Ebk5eCBqArWHsBkwSiopqYDsZzXCibGowhyVXgTwzHcDwIDAQABo1cw -VTAfBgNVHSMEGDAWgBRiXTSXyjRsIiRI9kji+iCNRQQYKzAJBgNVHRMEAjAAMAsG -A1UdDwQEAwIE8DAaBgNVHREEEzARgg93YXp1aC5kYXNoYm9hcmQwDQYJKoZIhvcN -AQELBQADggEBAG7U+AvLKrMs3WZ8fgnfYpYmScmZX4TCLy9g98lshe6U3UsYAh0B -nTBfUzoJ43jRma8FICIwZVS4DxB4hnUamPWkffVGnpOtnAhvWoZgksuhLG7uoatx -LShb3X48BKtziltIcnI1EEhynFNzcmWEoSXrVqFyaPbu5TNhp5II07gFnL9HnuES -8VKdudnk0fXoA4YmkYCxZhatT62mp7AsrJ2aUzCpTNu5vrY5zQMNOr+YUKTCCLAz -q4c4P61GejSvgI4A5XI6gSrJMXRYQ+3cm8oWNQHjnk051O/BULqo1vvQQHs2q3/J -9a1sB3ecZnt4Y1+YIXVzEjkaSnlZQzYsd3s= ------END CERTIFICATE----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem deleted file mode 100644 index 0eeed05d..00000000 --- a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDHhRNdvthNFHRL -IvaVOR+2jocRqyTi5sGISWVblt1flqtxqJ4TwDiYORfka1LXN2dHytAOSnjXB2ZJ -XcShq35A48A4p+2/4/S7WpeLcjNuoziwkE3BttPDPu989IGHscinRg8PFUVf5u2Q -+8IqFad9Fyl2JbnfMUjRRA0ATH2W3YFDPkK8R7qAmViPJDh8r5KW/QzQlKn0sAsl -xgqTMCsRKsCk2Din4F6YGklSoG78iPLMUxyXx/K+M+vYFljwPRert9tOML/1Cx3x -fqYMlm2NgRkZ5QafnpDHNULifSl/sWoI/8Tcl/AvDE0sPd2SYvhj9Hd8pJfNrBvF -Q6lSIMdvAgMBAAECggEBAIKxP/NLXMJ44IiLOXyb85MQn5dKRRpAT4tnkHZDR3Ui -6+DCs/F6G1hTJbxhNN13FDcpuclyrN8loLH0MyY3gLceuL4j+g+VUa0b9WLJhrk1 -P6Agll6K1QHzCssOGn75TNeNg7W8mDnuubUbxJ7umkzNTEJxCeUSkoFJkz6b3DRi -camqozyHurPZPNbszm0txfQ+GiUn2ZpRp0OMmuxQ52n18oiDN5OMIWNwvhrJUuzc -TLjUHN9rHGUxfUeVZeap6TKhjnlGOJg8EQq078TxuWEp5WFxxj3/kCLj7QQkUkDg -TfU0/HOIYNsa156/4HGb3LWGJd5heXZ30IST8geGiWECgYEA7SVv4YsHztCSQ4jk -kyMX4pH9+boztjTaxefAlYikmyeB7rNa4u2WI1qTGEH7L5A1vkV5wOGxrOxZnWNp -v4j/zd9tOED1sgMAdrcQiorJGnakh4UVUaZfsH7GgSVtObhI76Ge80USzKp6zExl -SpqAzis8HOFmdXzUvfXrcU0pOlECgYEA12HXDpA74EnJYaDhR62RKCy2PG+GTtOL -3UOs4w2inK/fYbRkCCuC94qJrluEwVhgVsR4HCagjTkPlgb7CDauXCHNIEC+aN2g -C4hrMcrwfQk71e5WhZuzLya7xJIZsj360DsmAqYt0LhTcdNL0gKAmM8ukBIN3J3e -NmJNYTwztb8CgYEAhL65Aup9Q2JzDUS6ljZFr3kDTt/RBIRPlgplPg8P/R2/WKuj -C3Xs3ftcbW65uWUjAFAJmFN9zos6mqREVIfOkSIpFB0gqzWM8+cDZlnLunmBHa78 -QQk9dSFx4mbd3jpu8VxqCki2/kPLm0KETJ9xzHZdHtl5LfjjaTYYRgLoOhECgYA2 -dmsnJ5m8cWwW39OXiHA4NHYwehMAQ8YOQVqqX3xLGr3luvPAjSAk8Ec4a7P6IBrc -Vfn5RFs82rzyNvmrbghRC8sO6NA9PC2IPQq+II8HTxpuUkJWrrR0q9q3LiqJQ9r0 -ZMCL0vGq4bFYCxIVHMTf3yPrEmWm79SM8/aVK9/3iQKBgHsFhhLqP5rvvVaeSFls -h82wLCjswFClmN1dx65/McHtI96q/7jgLXPvs3KsE0OFFAVVttl6/sEKnAUbYC4q -9Xbo6yv3acRT9CTPiRf//vAjgCeFp/aNhP5JwMd+dXR7OWykXBGs47bg097eB6xK -G/fr+3hYOhhNYngT4aMAkyPd ------END PRIVATE KEY----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem deleted file mode 100644 index 07e694b7..00000000 --- a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDcDCCAligAwIBAgIUNPu15vO9CfSEnWgQnGRbROUOp00wDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDMzMDE2MjEwOVoXDTMyMDMyNzE2MjEwOVowWTELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEVMBMGA1UEAwwMd2F6dWgubWFzdGVyMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4UTXb7YTRR0SyL2lTkfto6HEask4ubBiEll -W5bdX5arcaieE8A4mDkX5GtS1zdnR8rQDkp41wdmSV3Eoat+QOPAOKftv+P0u1qX -i3IzbqM4sJBNwbbTwz7vfPSBh7HIp0YPDxVFX+btkPvCKhWnfRcpdiW53zFI0UQN -AEx9lt2BQz5CvEe6gJlYjyQ4fK+Slv0M0JSp9LALJcYKkzArESrApNg4p+BemBpJ -UqBu/IjyzFMcl8fyvjPr2BZY8D0Xq7fbTjC/9Qsd8X6mDJZtjYEZGeUGn56QxzVC -4n0pf7FqCP/E3JfwLwxNLD3dkmL4Y/R3fKSXzawbxUOpUiDHbwIDAQABo1QwUjAf -BgNVHSMEGDAWgBRiXTSXyjRsIiRI9kji+iCNRQQYKzAJBgNVHRMEAjAAMAsGA1Ud -DwQEAwIE8DAXBgNVHREEEDAOggx3YXp1aC5tYXN0ZXIwDQYJKoZIhvcNAQELBQAD -ggEBAHbAaj75GUytJ0Oy+7YMfvV5tBbPwD9ldtpY0yDeBlgOlnygt2gvoW6kaVF8 -P4XgcaPbFwTVVBjOQqngpp2wFDJP9VrHYkr8t9Zi/iBVnr9xa6lzkROuuhjI5CW+ -12+7ZcXPnLK+s8LIi8f0s7Y8yeMz/cR61NjfkKfYo1uaG508LENEyKjmPe1NyaMP -9rzDJSCm3aiEa62oj/Fsq53vGoLm4wTPJiSx4V+iFqSnKHaVlPXd3KlFN+plfS6E -zZsxogOJORqoSuDpo+WXsr6Ka2baw5FgXZoP5L/oTYC5zpKBi3QUYMjKFkaLpzTd -evbceYlSHXczXvjoen+dW1TKoAY= ------END CERTIFICATE----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem deleted file mode 100644 index dc3a9fb4..00000000 --- a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC0lr7A3B25t7VK -90I3k3Rl6yOfP1sspjjVM18TYlo0iuF17nYIo8pV4vABE5EWI43X2TcGFasJNtcN -RPpU8kNCfYzOYg42eW/Aq6xzdJqvfrAGCfFfdxn60G+WklMyhK8UjzGtJN/5FGDw -Z1zZjL/BgJ388lxafzuGtTod8f36fFMDiybPo976GlqrWdPQdiNHUC7Y2LxGD/JG -gQgeL3mmA10d4cKDpFeQ/jGYwcxBGpgNZQMRCh1CVmWm5/i+3F5j+tx25LhKowOM -SNm0OMiHHcLhAljEbUIPtVfEQ9HCKCEZO2vnqoI2IE/20jZ/I+rwulcQNsq0DROo -S/G/1zu5AgMBAAECggEBAIAXMIQxXPA/Ctt6mEA9WeF0sJai5LO9zzACORzRtTPx -kkwI8TXdn4Xd6uiIjW+Llm+Uxb+OHPvzJwRleb5I/EYsMXSt/nDLH+YknrRh79os -3QPbh5Z0LzxFHfFKJrL9hAXsL4slTawptTyvxB8XA2hoJyekbLdP6dP5tZhJ7iD9 -Xes3hHIRFXgzT3Dp8n387+AItHvH+E1rDL/uobcy45zNvUEl0pOGW6D7U5Ox5VVp -QzVdnKNu1L36CYx3kNNUFwZXTy7FxbtPi0qQwcDezQp8X3OIyTGuHkEFdvU5/7d/ -AvxEaSknJcl3QKP0vfyiSXhKznCA7jb49JQrwnrcurUCgYEA6ktP4Rb46YgsLG12 -HpWqJsg34alIZ4ftXkPAoJ96zCNR5tXwwPye56qOuAxlIBESNtU6dReTy6LEYVdM -KnX8dJi8KGSfacqoKWPwgqi4zpQV16nQFrS7OrvcQYEE78wmlXhw0kHcIGTOOqh6 -lMmKE+B7Ps0D6xwxmtjRxUoa0NsCgYEAxVG4D4+QpIQPp7NmIxkE4xCJH6qfxzOE -odE5QVNnu520MBDA+sd9A1jGc6IsWOEVnCuF1etu0S/ChsXMB8NuahYQMrgKsl29 -ixGbFFa9t7DyxY19+jZhpu9ghkTTkKlhibcv0yZ31P8S55LPhdBGrQ6l2q4HqnSI -k0FO5+iw7/sCgYBuH8AH+Jg+jDbXGwwuDALR/8HkW4EgyI8Vg5sC5HL/iIpyiZSD -4Tl/gndaotjVXbDF/Stg5hgd2v+bEUFHo/VpiHDIO6OCQjMQYV0mzM8wqgIqQDMC -uShXzv0T/OSpIbfxAY9mBHbG8xrMD2yuipxQA29qcUqqM7JNKiRPKym3iQKBgQCj -FuAjPG45DE5ENit9Zvh7FPfBjK1zYEmH1f6U1/MtRzPfZnmazbeuRHoCqVAuRhwu -cGq2XVnC3M7TxjjVUdq5JHNO+H8e3gwEHhEnxmoYodCHKGOvo7Mi30fQsqKLNvS/ -dwG4bFsvWYSuktGjsHo6H5lGHgGICbm4vIoTdGiKcQKBgQDNW9ou58BQrJ2ibgu/ -HUqtLWPOu87q/9PJmdEG7ux44o3X6wSPSP4cajRFUBoPRIcx3ME9h0pK64T5mL74 -NgNyZ9FC4la++HZCqBWf56fTXghPd9uUGD1FOaC02ZzN28RBXcbltTwT90F1uSFv -2CVFmMa5LRZS4j8gp0XqFDbGEw== ------END PRIVATE KEY----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem deleted file mode 100644 index 21883256..00000000 --- a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDcDCCAligAwIBAgIUNPu15vO9CfSEnWgQnGRbROUOp04wDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDMzMDE2MjEwOVoXDTMyMDMyNzE2MjEwOVowWTELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEVMBMGA1UEAwwMd2F6dWgud29ya2VyMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJa+wNwdube1SvdCN5N0Zesjnz9bLKY41TNf -E2JaNIrhde52CKPKVeLwARORFiON19k3BhWrCTbXDUT6VPJDQn2MzmIONnlvwKus -c3Sar36wBgnxX3cZ+tBvlpJTMoSvFI8xrSTf+RRg8Gdc2Yy/wYCd/PJcWn87hrU6 -HfH9+nxTA4smz6Pe+hpaq1nT0HYjR1Au2Ni8Rg/yRoEIHi95pgNdHeHCg6RXkP4x -mMHMQRqYDWUDEQodQlZlpuf4vtxeY/rcduS4SqMDjEjZtDjIhx3C4QJYxG1CD7VX -xEPRwighGTtr56qCNiBP9tI2fyPq8LpXEDbKtA0TqEvxv9c7uQIDAQABo1QwUjAf -BgNVHSMEGDAWgBRiXTSXyjRsIiRI9kji+iCNRQQYKzAJBgNVHRMEAjAAMAsGA1Ud -DwQEAwIE8DAXBgNVHREEEDAOggx3YXp1aC53b3JrZXIwDQYJKoZIhvcNAQELBQAD -ggEBADzeaY32rrY1o/6QioSwEL69drJzJstTLQC2bIvTtLqlBcHPJRIxB5jZMM2a -vJuB1qepM9IqW3lGzwvx/eLFcemBVk11twjpTO/ClUSvpitIU0iqSRLRGN89wrHM -bxxId9rbGgQzAOOr2802TvmUkUHorklf6FpfBrRGoCSalutYNkzvzRc5DepUZXJm -nzlqRrD28cp1fHNQ6gLyHEDO5t149JED3UEL0vfM4QnOlYPLJ5LHnjfSKhsslReo -9EU314h+1zGg2Rl7LZD30Li7pIIXTHsa3HKtL3BVECJK/xpxGWa4aJ19WfEhdPfh -2/PFRABIeqGR4noZedtnM7p+59Q= ------END CERTIFICATE----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem deleted file mode 100644 index e414551a..00000000 --- a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDq3/cxyHhK20rb -dGRpwG+lHw8vdPUGB1jaey1fCetXATDBMeNpltxooJzb9tTIVIGt4ghrK6hqpUm0 -kvK2hZX3VnVD94pzUnpVmiwkBtWyIletCFsiWPplU30ukR/sE63+R164b3kmQohy -ppNKEIZrgRkQbsb5Rj4K7koUVT+IKGoPNl2npSO5Y16+y4lqmQIDSshbEnqoV/cm -nhD43Zsx0TPMs76Yutcsp+n4yrYY/l+Wf/BWD3yE6VwlxoqRBBTfMzZQwaK6OsWA -+NMdS/MrfMs0ccuzGLi4LsbINabIIXk2rPERV9syI0TEWNtSp39LzIPvRT96Pdbb -P2uOpHNRAgMBAAECggEBAOZQCA2BDrQYpSbc0zn/wXqhIjre7QWkXrSe5La0+1it -iilnyh/YFvlhxW7Mc4qdkyv24Vp1zQgGXGf9UJM6GvwWg5bKPbEnx135eB87tICg -vGioMPVVWvPREod/N1Y/VfZp9a/VX27s/u+t9/BAlA8G4JUEi4gUIPKHB404qrvP -REa5nJ0Oyu+WMtZ47Wvb0SBVPtPHDHPJV6WIgPWYmKORjoSV39HSj52o6Mnx1VfB -tDVd3mP6Tfujci5lc+zq+DtxsJo8mLgNle/eZ0ysEnccKPBE+3dNtRzIjmVNAHx8 -AquYgBAgXoI2ixhToAOP3MIEToPfNyA2u04KcdxyOgECgYEA/Xa5skp2rclu160F -LDa+O/2l4oVGYB8QYSf6L/efGo6wFUb204Ne2/tAB6KzFFwnS98m/1GxxmxTRKRU -baCkmz6eiGA/yQlKsUlIuPcT/vCy68t7clsogn9+qnUbKfYemmQ5g2U7BGKmZbB1 -gSN53xXa7aPs7y5TICN/Vpr+oZkCgYEA7TmfbLc6eaP53zL/rhkELsoOcyLdJwR1 -2GnIFmySOmoLR+1TOYNcKq0eDQdd101mT3EJgpXPsoDKbbwNr57TZHDl1R9FAGSW -aK3nJHZi6o+Qei2JJwmyRgzYmldkZkiLVbmlAFQvhP5gzlHAAjr4VyDwJqBQx96d -xOFZBPVJ4nkCgYB5khqbY4/s5zLdC8XxYQh5qb2JGreYnw2yLASaQUD08f+PFQyK -gvZauPYLM4SFfXXztEL2L27/ZzHBOLiuJGEPfUd4zgGKIYTL6ASTgx76JuUKp/y7 -6vFRNmnAxI6U39Hp56yWU1WtUsvQ9oRFvohT8h2h4gBg8G06eww2s/zx8QKBgBT4 -/TE9WbwbVSH4fkZEC+yfDHv9XxPt/wUtBPWGj77+VRT81FjHVkSnnXqFZjR8sUjg -s3iKChy76imdcJBQOFwu5wLait0oB2wlw8Oje8dE/f7vO6rp3or248dxZnzsePUR -Ppcy2iil3KUg8RrBX+dEEDc6ASpKciRPz/DyRp/xAoGASbmawase+/UEV8PLzdVW -OVbUARBJHbDvfNMIqZ7u3k/xX/q7SvPSV4ElEQh3cstQYLAJQx1ZSq+0TH8F48+6 -IURddW2JwfxQiuq+m8G50Md8kG6kPW+6BrEFXH2KRvPF6m9Fur50IhWSwjYfmv82 -YGyyn3CsDx5lr6eYGRM0Zkk= ------END PRIVATE KEY----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem deleted file mode 100644 index 176c7fa3..00000000 --- a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDdDCCAlygAwIBAgIUNPu15vO9CfSEnWgQnGRbROUOp0owDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDMzMDE2MjEwOVoXDTMyMDMyNzE2MjEwOVowWzELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEXMBUGA1UEAwwOd2F6dWgxLmluZGV4ZXIwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDq3/cxyHhK20rbdGRpwG+lHw8vdPUGB1ja -ey1fCetXATDBMeNpltxooJzb9tTIVIGt4ghrK6hqpUm0kvK2hZX3VnVD94pzUnpV -miwkBtWyIletCFsiWPplU30ukR/sE63+R164b3kmQohyppNKEIZrgRkQbsb5Rj4K -7koUVT+IKGoPNl2npSO5Y16+y4lqmQIDSshbEnqoV/cmnhD43Zsx0TPMs76Yutcs -p+n4yrYY/l+Wf/BWD3yE6VwlxoqRBBTfMzZQwaK6OsWA+NMdS/MrfMs0ccuzGLi4 -LsbINabIIXk2rPERV9syI0TEWNtSp39LzIPvRT96PdbbP2uOpHNRAgMBAAGjVjBU -MB8GA1UdIwQYMBaAFGJdNJfKNGwiJEj2SOL6II1FBBgrMAkGA1UdEwQCMAAwCwYD -VR0PBAQDAgTwMBkGA1UdEQQSMBCCDndhenVoMS5pbmRleGVyMA0GCSqGSIb3DQEB -CwUAA4IBAQAeLF5so3GKD/NG7eQQEz5z4ebwLuv126JyHHndvGeEzlMmBbEFNv+B -j/NZOplVp8cdchIPsMR/1hw5qdsrA2i75p/lOMkVtxVgiHrIExhvB9wYTo3i8hHq -cKVUdnFR/gB4IawcrXy7Le6NJeVPo6F1HNsjzUzddWP8qAUhViv3HAeA+86ti9Lm -vIH6ww6NR8q4YgWoHmVV7mo3HD7z76BjYMWnJUeK0ziHtyNw2y7/TO0/rQNdvDRx -0MZwVih3XAo81kb2b4VmpCaiZt2/0v/glx0KmY2PYBiipDclEQpNgOIcaEvM7jtl -U7JIE70mSwOchd6nJ7WTGTijrS+hJY8c ------END CERTIFICATE----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem deleted file mode 100644 index df1d3144..00000000 --- a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDBJ2ch4zx2FMlZ -dlPGAlh4zd+mafJf3MsI1E5bZPv0hXQuH4iwBzctj6YhNPnSr2KYurWfoh/U0/cH -JTw1GQgtFnjEwoyYLpz018yH9foU9pQuIaIrtzZ6UpjyXjCh4155pCldzHilz7KR -PloFCFsedDdKRu43j14fSagnFHeDQbkWemmue38dSJciwC+HQUuQE3ENNx0B6Qnc -3dLLkA4RoJpRJPZ3GDObk3bdClac0kMFWUwS+tGBH4tnOnTkPLOEzStM/qIl3xDf -C4r3e1dIK/kLK2xCpOtmfWjDDQyN/4CDugNVvBaYLORHz0otkp91wCfMPqLZ/5q9 -sy3SwkK1AgMBAAECggEAdlaFwSVPbajek4kDWlUljx3S4EoYzNKhMg+g0i3Uj8MT -ow5+2BoTnD5eMgoa5RG+/oOlst/JUMNsnVwavw1PDRCvfR0UtkgYsYllLgdt6FoJ -/xlsGgxtvBPO0O8ULJr4zt3c2jLj1/KgHIxu6pZr/QSGu2Mpn7CeodymwQqxDiCt -Sm0bk8J/m9W7ytWFaiVMRBbxRo8NMv2/RMYIBAI3/v1hLPucO+1vyxSja2FE12jg -0LvHp7N7zgGmjZ8CDRMwOiQkdgx1lfEelXteRKyCdWnPzdrtTguWiXyWOXddPKbJ -1peQDSXP8hqua62KK90CEslcVPiSWl8uTYMcNKBsIQKBgQDp376bfxSZxQPm+k9Y -Ph4maT1WeInV4XY/RtavKBPm9y6JHOCF910Mlc1077RMjgmOHwvdwVtg+2oA/Q+P -CGNx+JX7gl1PA0nrj/xHrTcMf61WIGobb08FCvfU7o5CuQj6osHgx4Xx9YLfeTtk -oWdP05n/a0ybMrAU4bpCVXAwwwKBgQDTbXKs32KxIAaDkzA27KVSsP3avKnjMVAK -r0sMhRIv+H4AaHeXRD9JJHNwJr05LuGlsIM9bsdAxWGOMZ4FWsUGF29AWsSL/d3M -+ZygyL6POKFJjmqi1lbW+OgsmyDx/8hSLNuHd3ny56ijZUaVw9J4sdZJpTYgoLiX -YB7Od/yHJwKBgE5ytb3055UYx9FPfxPrajOaM2/w6NMsWHyrJ1IDkIF1wk9Nt2ZY -bgbNrOgfi4vuTPg2I8XTmPI0Av+n4vMobisJpk2CEghx4va4CniEeqWfoiX0o4Lm -WEwpvK3ZAzEQXhmsRHpAkwZxQt/xC2Ia3cuh/9L0S/L3Eqc+fDrJ6+L/AoGBAKlu -MRK2JVm6R14TivTI6ad9rMEopaAqeXFGjobm8O8+XIMpNIUlLO4JZvT+Jm930V49 -OL73UnfmdUpFGtRBrFg4WXAiDRX+iEtl0Q3MMWGGyUGv/mamC4tUhoKQgnNMPhUU -W4yQw0pUOQFP/KOx/K26HfaAjgLRqXutjKJ65wTLAoGBAKtOsSbCc1a62CQYvA1N -pvE9QYSM85AfZzeq5s+4a6a/crzEPzwRP1tCMHwu2w/FOQoaI62x8q58Q7N6tgS3 -mlhJIXpBL0RXoIlN3jeKbo1cvnGidgC5fGs1NdaF8PE1PciNXITltrxAKDiZ3syy -3s0LfRzI6Gv3NZGgXzN4Es0I ------END PRIVATE KEY----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem deleted file mode 100644 index 03f6fa42..00000000 --- a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDdDCCAlygAwIBAgIUNPu15vO9CfSEnWgQnGRbROUOp0swDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDMzMDE2MjEwOVoXDTMyMDMyNzE2MjEwOVowWzELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEXMBUGA1UEAwwOd2F6dWgyLmluZGV4ZXIwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBJ2ch4zx2FMlZdlPGAlh4zd+mafJf3MsI -1E5bZPv0hXQuH4iwBzctj6YhNPnSr2KYurWfoh/U0/cHJTw1GQgtFnjEwoyYLpz0 -18yH9foU9pQuIaIrtzZ6UpjyXjCh4155pCldzHilz7KRPloFCFsedDdKRu43j14f -SagnFHeDQbkWemmue38dSJciwC+HQUuQE3ENNx0B6Qnc3dLLkA4RoJpRJPZ3GDOb -k3bdClac0kMFWUwS+tGBH4tnOnTkPLOEzStM/qIl3xDfC4r3e1dIK/kLK2xCpOtm -fWjDDQyN/4CDugNVvBaYLORHz0otkp91wCfMPqLZ/5q9sy3SwkK1AgMBAAGjVjBU -MB8GA1UdIwQYMBaAFGJdNJfKNGwiJEj2SOL6II1FBBgrMAkGA1UdEwQCMAAwCwYD -VR0PBAQDAgTwMBkGA1UdEQQSMBCCDndhenVoMi5pbmRleGVyMA0GCSqGSIb3DQEB -CwUAA4IBAQBQotSlK29h04ju7QxobUl00cGht3PQZPfLmwvtY4S6V2YZt9p2zejb -j7oT4l0OWsHBBugT4RVapaPq6+Ghbpc666srmoVv9Ny+3uVtD1Wks0r0WtWUdLhQ -On5LU30gTu+dGf4PUr+g9bp1XsFnG/pRR5iG96vQR+EDi+z9TcMi2L2JQIoKiiOz -UbOs/djzf1WKhYpzo/kC6+HlIojVqUVdb5Z3kIf9UXuY+0O2LWGe9hgY2r9RWZSQ -k2rlb5sqvVh8PY5RP6D+p6W3x3b4TrH5AjMFTfkbLWxod4xTYwLfMSTuFEiF8HTM -8tBrbJ8NXDy5udiwjCFloZBivGsn8IPy ------END CERTIFICATE----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem deleted file mode 100644 index 7b82d0f5..00000000 --- a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDFzTLJn+H65C5M -uSFgWmF1sGqCelxGIRL2qdp8EeC02fRKY3PSMzMwBqYNweQVRT7Anzk3rjiDDGDc -GEJqp1HKUesoGbXU6gW5yVqvJrydSRcSmKh6mtyL4hIEgVCN7DeBY5Xg3+TS6TGL -OHhQf8Fu8JWGGWy2m56tEZcI2Mt/k/ihkjypYv5w+X76ibyRGKOmWJ682LHDsN5q -/o4G55kvy/QVH9zo+2/7k8GZC4Kigtp0bdypvncl85PA2a8z42JYVCySJfy7/AlZ -5PJPCZIHhITUoXBMNJHGn3pgMadXjiNMFlUKIEtIj8tFgbvyqA+jPOizLVlLRQNL -K1u3kQbTAgMBAAECggEACw791+foam53aDKxewGSkVHboo/UuNcAiGnWnTkipvnI -fqAwyX+zTOwSPJKqfcXxTDOar1I+NpVqlOOGUxAnsngB/avyToUG7Owk9cXkpaaA -c7m1MaWWzvtEppvUNRsPv1wh9QCPensvGel+UIHT/q/UrDqfqVXp+SMSnpwARJGY -C+0Q75Qeg7wJ5uX91HpiKGCgoKi6/4KZV30bDRQoqZrqeT/9ZZZ9kyZ6SHlZAPDh -dXl4g3plroBPOnJfUiR/oyV2jUDn3qU7j7Ti0WYbcr3TBRcPeU44Apyhv1CCS0d7 -9cBsWEkXSQmgxoiwkuVHG22VpYPukKVjn3dC5wKzAQKBgQDxP88023/y44gaDcBX -u9oNYL1RkofFAGWqnCIOYu1Tm9s2oh83VUcJymA88cGfw9SQRJp9JwVewQvF8M7J -hbhjhqqsSk3C8Bihu7Mgo5qdzwVx+61URLM2ercY0sbtpVCOw3s290OyAIyOX1cY -r1NdK9zfcHmz1x8mNgiN7AQbCwKBgQDR5VE5OfhrJL2Tq/SpaVoSKpUVLiJGvMEU -63nyErSPhAoqtnauIWgpJttiElqNMLcQuszOZXRDXuW6DoiJsl9pmodJUERN8zem -/k2XGXt4ogylFtoULazc6lNlMHklTy6KqmVPxVi3UORebMWHn7VBgjnzzcU/Z5Me -sx4qs67gWQKBgHnO4A4uLeIzZArTmqQxox1SFQTU2VxsoOiNwNxGstGeRgbFwMEt -e5rD5eefoUXLmM3m9aHvS9TV393ngmFZ9Qm7ev1W3wBoPeebYAxAztaTKoqsqo17 -yojdWQldkzd2WsBajyHnovSDNnTESrOaAptuhC0FG03kdkPS0GroGgKVAoGAS16J -zP/I+UhHHri3cQHYiv9payKWwknTF1z6+/bFiWdDc1TzxtFOIsDGNDAc/egJRGOf -WVnK5sozuZywYKmBY11OyP+el1MHn9pfKCvJT2b5HWrYQjiogudNrN88ES6eqsJH -AN7/XUwZxOJQB8RMhMprXuV7t6nMhVCSO4kr+XkCgYBcHc8iR0U5UNhUTY4676KO -BPXWikbAwOUvpVNN1qIcI99M/rXJ4n8Lhr3UI1fv/sJbwVQj3ngIqIIPT6flhP/V -ctYVXDjRZI6ziQCM4lj1HgOwVg/QfzHm+yLSBZ1NRnkeGBdkkiUYWXRJkB9Q/F6T -Ica8JPS4fqIRZ89L+hMlFA== ------END PRIVATE KEY----- diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem b/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem deleted file mode 100644 index d39396d9..00000000 --- a/multi-node/production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDdDCCAlygAwIBAgIUNPu15vO9CfSEnWgQnGRbROUOp0wwDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDMzMDE2MjEwOVoXDTMyMDMyNzE2MjEwOVowWzELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEXMBUGA1UEAwwOd2F6dWgzLmluZGV4ZXIwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFzTLJn+H65C5MuSFgWmF1sGqCelxGIRL2 -qdp8EeC02fRKY3PSMzMwBqYNweQVRT7Anzk3rjiDDGDcGEJqp1HKUesoGbXU6gW5 -yVqvJrydSRcSmKh6mtyL4hIEgVCN7DeBY5Xg3+TS6TGLOHhQf8Fu8JWGGWy2m56t -EZcI2Mt/k/ihkjypYv5w+X76ibyRGKOmWJ682LHDsN5q/o4G55kvy/QVH9zo+2/7 -k8GZC4Kigtp0bdypvncl85PA2a8z42JYVCySJfy7/AlZ5PJPCZIHhITUoXBMNJHG -n3pgMadXjiNMFlUKIEtIj8tFgbvyqA+jPOizLVlLRQNLK1u3kQbTAgMBAAGjVjBU -MB8GA1UdIwQYMBaAFGJdNJfKNGwiJEj2SOL6II1FBBgrMAkGA1UdEwQCMAAwCwYD -VR0PBAQDAgTwMBkGA1UdEQQSMBCCDndhenVoMy5pbmRleGVyMA0GCSqGSIb3DQEB -CwUAA4IBAQClMNhIV5f+T4ETHEtC1qeQMIUOlycX5GoaxMOvf4CJtvQSNvDTlT+1 -OAWt3bcBzuGXzpdsn8FprqyoZsr+OElfQdn2G04yzhtVi1h/+BfroiMl4enldE0D -XwheVAXDi+MmXFkdH2ur9wBi/H40Yay9WO13OsmCjCwTOeQ784kh4L9sCz++SAk8 -wmUSJriaS93vbLP/IeREyk3inbF3Ioy3ICaTFxkREHvtArgatFf0VaMCT1vxO5ty -Iu30UPOHLnQOyOMR5bb4TP2c9g3eY7+4uhMEaS4az60akakuL0xMnGGg1zKHi/e8 -Vz/sEID7+dAyTWN0Bjl9u5zJLyXSl32E ------END CERTIFICATE----- From 2f03ec22e30074b15261511faa62e6321ed0e78c Mon Sep 17 00:00:00 2001 From: vcerenu Date: Wed, 30 Mar 2022 14:23:51 -0300 Subject: [PATCH 102/163] Change directories structure --- README.md | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/README.md b/README.md index 3fe3d627..12377d68 100644 --- a/README.md +++ b/README.md @@ -153,23 +153,7 @@ ADMIN_PRIVILEGES=true # App privileges │   │   │   ├── wazuh2.indexer.yml │   │   │   └── wazuh3.indexer.yml │   │   └── wazuh_indexer_ssl_certs -│   │   ├── admin-key.pem -│   │   ├── admin.pem │   │   ├── certs.yml -│   │   ├── root-ca.key -│   │   ├── root-ca.pem -│   │   ├── wazuh1.indexer-key.pem -│   │   ├── wazuh1.indexer.pem -│   │   ├── wazuh2.indexer-key.pem -│   │   ├── wazuh2.indexer.pem -│   │   ├── wazuh3.indexer-key.pem -│   │   ├── wazuh3.indexer.pem -│   │   ├── wazuh.dashboard-key.pem -│   │   ├── wazuh.dashboard.pem -│   │   ├── wazuh.master-key.pem -│   │   ├── wazuh.master.pem -│   │   ├── wazuh.worker-key.pem -│   │   └── wazuh.worker.pem │   └── volume-migrator.sh ├── README.md ├── single-node From 7b6a6afee25beef50525c50533c5946cf0e619f8 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 31 Mar 2022 09:08:39 -0300 Subject: [PATCH 103/163] Corrections in Readme --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 12377d68..31f98027 100644 --- a/README.md +++ b/README.md @@ -153,7 +153,7 @@ ADMIN_PRIVILEGES=true # App privileges │   │   │   ├── wazuh2.indexer.yml │   │   │   └── wazuh3.indexer.yml │   │   └── wazuh_indexer_ssl_certs -│   │   ├── certs.yml +│   │   └── certs.yml │   └── volume-migrator.sh ├── README.md ├── single-node From 06bfdde34e7a962a6c25c9258a2134c6b006f5d9 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 31 Mar 2022 09:12:20 -0300 Subject: [PATCH 104/163] Corrections in Readme --- README.md | 144 +++++++++++++++++++++++++++--------------------------- 1 file changed, 72 insertions(+), 72 deletions(-) diff --git a/README.md b/README.md index 31f98027..cf5f1ee3 100644 --- a/README.md +++ b/README.md @@ -87,78 +87,78 @@ ADMIN_PRIVILEGES=true # App privileges ## Directory structure -├── build-docker-images -│   ├── docker-compose.yml -│   ├── wazuh-dashboard -│   │   ├── config -│   │   │   ├── config.sh -│   │   │   ├── config.yml -│   │   │   ├── entrypoint.sh -│   │   │   ├── opensearch_dashboards.yml -│   │   │   ├── wazuh_app_config.sh -│   │   │   └── wazuh.yml -│   │   └── Dockerfile -│   ├── wazuh-indexer -│   │   ├── config -│   │   │   ├── config.sh -│   │   │   ├── config.yml -│   │   │   ├── entrypoint.sh -│   │   │   ├── internal_users.yml -│   │   │   ├── opensearch.yml -│   │   │   ├── roles_mapping.yml -│   │   │   ├── roles.yml -│   │   │   └── securityadmin.sh -│   │   └── Dockerfile -│   └── wazuh-manager -│   ├── config -│   │   ├── create_user.py -│   │   ├── etc -│   │   │   ├── cont-init.d -│   │   │   │   ├── 0-wazuh-init -│   │   │   │   ├── 1-config-filebeat -│   │   │   │   └── 2-manager -│   │   │   └── services.d -│   │   │   ├── filebeat -│   │   │   │   ├── finish -│   │   │   │   └── run -│   │   │   └── ossec-logs -│   │   │   └── run -│   │   ├── filebeat.yml -│   │   ├── permanent_data.env -│   │   ├── permanent_data.sh -│   │   └── wazuh.repo -│   └── Dockerfile -├── CHANGELOG.md -├── indexer_certs_creator -│   ├── config -│   │   └── entrypoint.sh -│   └── Dockerfile -├── LICENSE -├── multi-node -│   ├── docker-compose.yml -│   ├── generate-indexer-certs.yml -│   ├── Migration-to-Wazuh-4.3.md -│   ├── production_cluster -│   │   ├── nginx -│   │   │   └── nginx.conf -│   │   ├── wazuh_cluster -│   │   │   ├── wazuh_manager.conf -│   │   │   └── wazuh_worker.conf -│   │   ├── wazuh_dashboard -│   │   │   ├── opensearch_dashboards.yml -│   │   │   └── wazuh.yml -│   │   ├── wazuh-indexer -│   │   │   ├── internal_users.yml -│   │   │   ├── wazuh1.indexer.yml -│   │   │   ├── wazuh2.indexer.yml -│   │   │   └── wazuh3.indexer.yml -│   │   └── wazuh_indexer_ssl_certs -│   │   └── certs.yml -│   └── volume-migrator.sh -├── README.md -├── single-node -│   └── docker-compose.yml -└── VERSION + ├── build-docker-images + │   ├── docker-compose.yml + │   ├── wazuh-dashboard + │   │   ├── config + │   │   │   ├── config.sh + │   │   │   ├── config.yml + │   │   │   ├── entrypoint.sh + │   │   │   ├── opensearch_dashboards.yml + │   │   │   ├── wazuh_app_config.sh + │   │   │   └── wazuh.yml + │   │   └── Dockerfile + │   ├── wazuh-indexer + │   │   ├── config + │   │   │   ├── config.sh + │   │   │   ├── config.yml + │   │   │   ├── entrypoint.sh + │   │   │   ├── internal_users.yml + │   │   │   ├── opensearch.yml + │   │   │   ├── roles_mapping.yml + │   │   │   ├── roles.yml + │   │   │   └── securityadmin.sh + │   │   └── Dockerfile + │   └── wazuh-manager + │   ├── config + │   │   ├── create_user.py + │   │   ├── etc + │   │   │   ├── cont-init.d + │   │   │   │   ├── 0-wazuh-init + │   │   │   │   ├── 1-config-filebeat + │   │   │   │   └── 2-manager + │   │   │   └── services.d + │   │   │   ├── filebeat + │   │   │   │   ├── finish + │   │   │   │   └── run + │   │   │   └── ossec-logs + │   │   │   └── run + │   │   ├── filebeat.yml + │   │   ├── permanent_data.env + │   │   ├── permanent_data.sh + │   │   └── wazuh.repo + │   └── Dockerfile + ├── CHANGELOG.md + ├── indexer_certs_creator + │   ├── config + │   │   └── entrypoint.sh + │   └── Dockerfile + ├── LICENSE + ├── multi-node + │   ├── docker-compose.yml + │   ├── generate-indexer-certs.yml + │   ├── Migration-to-Wazuh-4.3.md + │   ├── production_cluster + │   │   ├── nginx + │   │   │   └── nginx.conf + │   │   ├── wazuh_cluster + │   │   │   ├── wazuh_manager.conf + │   │   │   └── wazuh_worker.conf + │   │   ├── wazuh_dashboard + │   │   │   ├── opensearch_dashboards.yml + │   │   │   └── wazuh.yml + │   │   ├── wazuh-indexer + │   │   │   ├── internal_users.yml + │   │   │   ├── wazuh1.indexer.yml + │   │   │   ├── wazuh2.indexer.yml + │   │   │   └── wazuh3.indexer.yml + │   │   └── wazuh_indexer_ssl_certs + │   │   └── certs.yml + │   └── volume-migrator.sh + ├── README.md + ├── single-node + │   └── docker-compose.yml + └── VERSION From 45e12a29febc2fd353f90b5403e643ef578983b9 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 31 Mar 2022 13:18:39 -0300 Subject: [PATCH 105/163] Add persistence in single node --- README.md | 35 +- .../nginx/nginx.conf | 0 .../wazuh_cluster/wazuh_manager.conf | 0 .../wazuh_cluster/wazuh_worker.conf | 0 .../wazuh_dashboard/opensearch_dashboards.yml | 0 .../wazuh_dashboard/wazuh.yml | 0 .../wazuh_indexer}/internal_users.yml | 0 .../wazuh_indexer}/wazuh1.indexer.yml | 0 .../wazuh_indexer}/wazuh2.indexer.yml | 0 .../wazuh_indexer}/wazuh3.indexer.yml | 0 .../wazuh_indexer_ssl_certs/certs.yml | 0 multi-node/docker-compose.yml | 62 +-- multi-node/generate-indexer-certs.yml | 4 +- single-node/README.md | 27 ++ .../config/wazuh_cluster/wazuh_manager.conf | 353 ++++++++++++++++++ .../wazuh_dashboard/opensearch_dashboards.yml | 12 + single-node/config/wazuh_dashboard/wazuh.yml | 7 + .../config/wazuh_indexer/internal_users.yml | 56 +++ .../config/wazuh_indexer/wazuh.indexer.yml | 27 ++ .../wazuh_indexer_ssl_certs/admin-key.pem | 28 ++ .../config/wazuh_indexer_ssl_certs/admin.pem | 19 + .../config/wazuh_indexer_ssl_certs/certs.yml | 16 + .../wazuh_indexer_ssl_certs/root-ca.key | 28 ++ .../wazuh_indexer_ssl_certs/root-ca.pem | 20 + .../wazuh.dashboard-key.pem | 28 ++ .../wazuh.dashboard.pem | 21 ++ .../wazuh.indexer-key.pem | 28 ++ .../wazuh_indexer_ssl_certs/wazuh.indexer.pem | 21 ++ .../wazuh.manager-key.pem | 28 ++ .../wazuh_indexer_ssl_certs/wazuh.manager.pem | 21 ++ single-node/docker-compose.yml | 28 +- single-node/generate-indexer-certs.yml | 10 + 32 files changed, 838 insertions(+), 41 deletions(-) rename multi-node/{production_cluster => config}/nginx/nginx.conf (100%) rename multi-node/{production_cluster => config}/wazuh_cluster/wazuh_manager.conf (100%) rename multi-node/{production_cluster => config}/wazuh_cluster/wazuh_worker.conf (100%) rename multi-node/{production_cluster => config}/wazuh_dashboard/opensearch_dashboards.yml (100%) rename multi-node/{production_cluster => config}/wazuh_dashboard/wazuh.yml (100%) rename multi-node/{production_cluster/wazuh-indexer => config/wazuh_indexer}/internal_users.yml (100%) rename multi-node/{production_cluster/wazuh-indexer => config/wazuh_indexer}/wazuh1.indexer.yml (100%) rename multi-node/{production_cluster/wazuh-indexer => config/wazuh_indexer}/wazuh2.indexer.yml (100%) rename multi-node/{production_cluster/wazuh-indexer => config/wazuh_indexer}/wazuh3.indexer.yml (100%) rename multi-node/{production_cluster => config}/wazuh_indexer_ssl_certs/certs.yml (100%) create mode 100644 single-node/README.md create mode 100644 single-node/config/wazuh_cluster/wazuh_manager.conf create mode 100644 single-node/config/wazuh_dashboard/opensearch_dashboards.yml create mode 100644 single-node/config/wazuh_dashboard/wazuh.yml create mode 100644 single-node/config/wazuh_indexer/internal_users.yml create mode 100644 single-node/config/wazuh_indexer/wazuh.indexer.yml create mode 100644 single-node/config/wazuh_indexer_ssl_certs/admin-key.pem create mode 100644 single-node/config/wazuh_indexer_ssl_certs/admin.pem create mode 100644 single-node/config/wazuh_indexer_ssl_certs/certs.yml create mode 100644 single-node/config/wazuh_indexer_ssl_certs/root-ca.key create mode 100644 single-node/config/wazuh_indexer_ssl_certs/root-ca.pem create mode 100644 single-node/config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem create mode 100644 single-node/config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem create mode 100644 single-node/config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem create mode 100644 single-node/config/wazuh_indexer_ssl_certs/wazuh.indexer.pem create mode 100644 single-node/config/wazuh_indexer_ssl_certs/wazuh.manager-key.pem create mode 100644 single-node/config/wazuh_indexer_ssl_certs/wazuh.manager.pem create mode 100644 single-node/generate-indexer-certs.yml diff --git a/README.md b/README.md index cf5f1ee3..682d7d21 100644 --- a/README.md +++ b/README.md @@ -135,10 +135,7 @@ ADMIN_PRIVILEGES=true # App privileges │   └── Dockerfile ├── LICENSE ├── multi-node - │   ├── docker-compose.yml - │   ├── generate-indexer-certs.yml - │   ├── Migration-to-Wazuh-4.3.md - │   ├── production_cluster + │   ├── config │   │   ├── nginx │   │   │   └── nginx.conf │   │   ├── wazuh_cluster @@ -147,17 +144,43 @@ ADMIN_PRIVILEGES=true # App privileges │   │   ├── wazuh_dashboard │   │   │   ├── opensearch_dashboards.yml │   │   │   └── wazuh.yml - │   │   ├── wazuh-indexer + │   │   ├── wazuh_indexer │   │   │   ├── internal_users.yml │   │   │   ├── wazuh1.indexer.yml │   │   │   ├── wazuh2.indexer.yml │   │   │   └── wazuh3.indexer.yml │   │   └── wazuh_indexer_ssl_certs │   │   └── certs.yml + │   ├── docker-compose.yml + │   ├── generate-indexer-certs.yml + │   ├── Migration-to-Wazuh-4.3.md │   └── volume-migrator.sh ├── README.md ├── single-node - │   └── docker-compose.yml + │   ├── config + │   │   ├── wazuh_cluster + │   │   │   └── wazuh_manager.conf + │   │   ├── wazuh_dashboard + │   │   │   ├── opensearch_dashboards.yml + │   │   │   └── wazuh.yml + │   │   ├── wazuh_indexer + │   │   │   ├── internal_users.yml + │   │   │   └── wazuh.indexer.yml + │   │   └── wazuh_indexer_ssl_certs + │   │   ├── admin-key.pem + │   │   ├── admin.pem + │   │   ├── certs.yml + │   │   ├── root-ca.key + │   │   ├── root-ca.pem + │   │   ├── wazuh.dashboard-key.pem + │   │   ├── wazuh.dashboard.pem + │   │   ├── wazuh.indexer-key.pem + │   │   ├── wazuh.indexer.pem + │   │   ├── wazuh.manager-key.pem + │   │   └── wazuh.manager.pem + │   ├── docker-compose.yml + │   ├── generate-indexer-certs.yml + │   └── README.md └── VERSION diff --git a/multi-node/production_cluster/nginx/nginx.conf b/multi-node/config/nginx/nginx.conf similarity index 100% rename from multi-node/production_cluster/nginx/nginx.conf rename to multi-node/config/nginx/nginx.conf diff --git a/multi-node/production_cluster/wazuh_cluster/wazuh_manager.conf b/multi-node/config/wazuh_cluster/wazuh_manager.conf similarity index 100% rename from multi-node/production_cluster/wazuh_cluster/wazuh_manager.conf rename to multi-node/config/wazuh_cluster/wazuh_manager.conf diff --git a/multi-node/production_cluster/wazuh_cluster/wazuh_worker.conf b/multi-node/config/wazuh_cluster/wazuh_worker.conf similarity index 100% rename from multi-node/production_cluster/wazuh_cluster/wazuh_worker.conf rename to multi-node/config/wazuh_cluster/wazuh_worker.conf diff --git a/multi-node/production_cluster/wazuh_dashboard/opensearch_dashboards.yml b/multi-node/config/wazuh_dashboard/opensearch_dashboards.yml similarity index 100% rename from multi-node/production_cluster/wazuh_dashboard/opensearch_dashboards.yml rename to multi-node/config/wazuh_dashboard/opensearch_dashboards.yml diff --git a/multi-node/production_cluster/wazuh_dashboard/wazuh.yml b/multi-node/config/wazuh_dashboard/wazuh.yml similarity index 100% rename from multi-node/production_cluster/wazuh_dashboard/wazuh.yml rename to multi-node/config/wazuh_dashboard/wazuh.yml diff --git a/multi-node/production_cluster/wazuh-indexer/internal_users.yml b/multi-node/config/wazuh_indexer/internal_users.yml similarity index 100% rename from multi-node/production_cluster/wazuh-indexer/internal_users.yml rename to multi-node/config/wazuh_indexer/internal_users.yml diff --git a/multi-node/production_cluster/wazuh-indexer/wazuh1.indexer.yml b/multi-node/config/wazuh_indexer/wazuh1.indexer.yml similarity index 100% rename from multi-node/production_cluster/wazuh-indexer/wazuh1.indexer.yml rename to multi-node/config/wazuh_indexer/wazuh1.indexer.yml diff --git a/multi-node/production_cluster/wazuh-indexer/wazuh2.indexer.yml b/multi-node/config/wazuh_indexer/wazuh2.indexer.yml similarity index 100% rename from multi-node/production_cluster/wazuh-indexer/wazuh2.indexer.yml rename to multi-node/config/wazuh_indexer/wazuh2.indexer.yml diff --git a/multi-node/production_cluster/wazuh-indexer/wazuh3.indexer.yml b/multi-node/config/wazuh_indexer/wazuh3.indexer.yml similarity index 100% rename from multi-node/production_cluster/wazuh-indexer/wazuh3.indexer.yml rename to multi-node/config/wazuh_indexer/wazuh3.indexer.yml diff --git a/multi-node/production_cluster/wazuh_indexer_ssl_certs/certs.yml b/multi-node/config/wazuh_indexer_ssl_certs/certs.yml similarity index 100% rename from multi-node/production_cluster/wazuh_indexer_ssl_certs/certs.yml rename to multi-node/config/wazuh_indexer_ssl_certs/certs.yml diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index 7d9d1a2f..7707f76b 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -32,10 +32,10 @@ services: - master-wazuh-wodles:/var/ossec/wodles - master-filebeat-etc:/etc/filebeat - master-filebeat-var:/var/lib/filebeat - - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.master.pem:/etc/ssl/filebeat.pem - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.master-key.pem:/etc/ssl/filebeat.key - - ./production_cluster/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf + - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem + - ./config/wazuh_indexer_ssl_certs/wazuh.master.pem:/etc/ssl/filebeat.pem + - ./config/wazuh_indexer_ssl_certs/wazuh.master-key.pem:/etc/ssl/filebeat.key + - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: image: wazuh/wazuh-manager:4.3.0 @@ -61,10 +61,10 @@ services: - worker-wazuh-wodles:/var/ossec/wodles - worker-filebeat-etc:/etc/filebeat - worker-filebeat-var:/var/lib/filebeat - - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.worker.pem:/etc/ssl/filebeat.pem - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.worker-key.pem:/etc/ssl/filebeat.key - - ./production_cluster/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf + - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem + - ./config/wazuh_indexer_ssl_certs/wazuh.worker.pem:/etc/ssl/filebeat.pem + - ./config/wazuh_indexer_ssl_certs/wazuh.worker-key.pem:/etc/ssl/filebeat.key + - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf wazuh1.indexer: image: wazuh/wazuh-indexer:4.3.0 @@ -84,13 +84,13 @@ services: hard: 65536 volumes: - wazuh-indexer-data-1:/var/lib/wazuh-indexer - - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/root-ca.pem - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem:/usr/share/wazuh-indexer/config/wazuh1.indexer.key - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh1.indexer.pem:/usr/share/wazuh-indexer/config/wazuh1.indexer.pem - - ./production_cluster/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/config/admin.pem - - ./production_cluster/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/config/admin-key.pem - - ./production_cluster/wazuh-indexer/wazuh1.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml - - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml + - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/root-ca.pem + - ./config/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem:/usr/share/wazuh-indexer/config/wazuh1.indexer.key + - ./config/wazuh_indexer_ssl_certs/wazuh1.indexer.pem:/usr/share/wazuh-indexer/config/wazuh1.indexer.pem + - ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/config/admin.pem + - ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/config/admin-key.pem + - ./config/wazuh_indexer/wazuh1.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml + - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml wazuh2.indexer: image: wazuh/wazuh-indexer:4.3.0 @@ -108,11 +108,11 @@ services: hard: 65536 volumes: - wazuh-indexer-data-2:/var/lib/wazuh-indexer - - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/root-ca.pem - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem:/usr/share/wazuh-indexer/config/wazuh2.indexer.key - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh2.indexer.pem:/usr/share/wazuh-indexer/config/wazuh2.indexer.pem - - ./production_cluster/wazuh-indexer/wazuh2.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml - - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml + - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/root-ca.pem + - ./config/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem:/usr/share/wazuh-indexer/config/wazuh2.indexer.key + - ./config/wazuh_indexer_ssl_certs/wazuh2.indexer.pem:/usr/share/wazuh-indexer/config/wazuh2.indexer.pem + - ./config/wazuh_indexer/wazuh2.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml + - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml wazuh3.indexer: image: wazuh/wazuh-indexer:4.3.0 @@ -130,11 +130,11 @@ services: hard: 65536 volumes: - wazuh-indexer-data-3:/var/lib/wazuh-indexer - - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/root-ca.pem - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem:/usr/share/wazuh-indexer/config/wazuh3.indexer.key - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh3.indexer.pem:/usr/share/wazuh-indexer/config/wazuh3.indexer.pem - - ./production_cluster/wazuh-indexer/wazuh3.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml - - ./production_cluster/wazuh-indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml + - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/root-ca.pem + - ./config/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem:/usr/share/wazuh-indexer/config/wazuh3.indexer.key + - ./config/wazuh_indexer_ssl_certs/wazuh3.indexer.pem:/usr/share/wazuh-indexer/config/wazuh3.indexer.pem + - ./config/wazuh_indexer/wazuh3.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml + - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml wazuh.dashboard: image: wazuh/wazuh-dashboard:4.3.0 @@ -148,11 +148,11 @@ services: - API_USERNAME=acme-user - API_PASSWORD=MyS3cr37P450r.*- volumes: - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem - - ./production_cluster/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem - - ./production_cluster/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem - - ./production_cluster/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml - - ./production_cluster/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml + - ./config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem + - ./config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem + - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem + - ./config/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml + - ./config/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml depends_on: - wazuh1.indexer links: @@ -174,7 +174,7 @@ services: - wazuh.worker:wazuh.worker - wazuh.dashboard:wazuh.dashboard volumes: - - ./production_cluster/nginx/nginx.conf:/etc/nginx/nginx.conf:ro + - ./config/nginx/nginx.conf:/etc/nginx/nginx.conf:ro volumes: master-wazuh-api-configuration: diff --git a/multi-node/generate-indexer-certs.yml b/multi-node/generate-indexer-certs.yml index ce8a0174..c29c50d6 100644 --- a/multi-node/generate-indexer-certs.yml +++ b/multi-node/generate-indexer-certs.yml @@ -6,5 +6,5 @@ services: image: wazuh/wazuh-certs-generator:0.0.1 hostname: wazuh-certs-generator volumes: - - ./production_cluster/wazuh_indexer_ssl_certs/certs.yml:/config.yml - - ./production_cluster/wazuh_indexer_ssl_certs/:/certificates/ \ No newline at end of file + - ./config/wazuh_indexer_ssl_certs/certs.yml:/config.yml + - ./config/wazuh_indexer_ssl_certs/:/certificates/ \ No newline at end of file diff --git a/single-node/README.md b/single-node/README.md new file mode 100644 index 00000000..9ae37099 --- /dev/null +++ b/single-node/README.md @@ -0,0 +1,27 @@ +# Deploy Wazuh Docker in single node configuration + +This deployment generates a Docker Compose stack with 1 Wazuh Manager container, 1 Wazuh Indexer container and 1 Wazuh Dashboard container. + +In case of upgrading from 4.2, the deployment hosted in the multi-node directory should be reviewed + +For the next deployment, the following steps must be performed: + +1) Increase max_map_count on your host (Linux) + +$ sysctl -w vm.max_map_count=262144 + +This command must be run with root permissions + +2) Run the certificate creation script: + +$ docker-compose -f generate-indexer-certs.yml run --rm generator + +3) Start the stack with docker-compose: + +In Foregroud: +$ docker-compose up + +Background +$ docker-compose up -d + +The stack takes about 1 minute to get up for the first time, since Wazuh Indexer must be started for the first time and the Indexes and Index Patterns must be generated. \ No newline at end of file diff --git a/single-node/config/wazuh_cluster/wazuh_manager.conf b/single-node/config/wazuh_cluster/wazuh_manager.conf new file mode 100644 index 00000000..aff1af9d --- /dev/null +++ b/single-node/config/wazuh_cluster/wazuh_manager.conf @@ -0,0 +1,353 @@ + + + yes + yes + no + no + no + smtp.example.wazuh.com + wazuh@example.wazuh.com + recipient@example.wazuh.com + 12 + alerts.log + 10m + 0 + + + + 3 + 12 + + + + + plain + + + + secure + 1514 + tcp + 131072 + + + + + no + yes + yes + yes + yes + yes + yes + yes + + + 43200 + + etc/rootcheck/rootkit_files.txt + etc/rootcheck/rootkit_trojans.txt + + yes + + + + yes + 1800 + 1d + yes + + wodles/java + wodles/ciscat + + + + + yes + yes + /var/log/osquery/osqueryd.results.log + /etc/osquery/osquery.conf + yes + + + + + no + 1h + yes + yes + yes + yes + yes + yes + yes + + + + 10 + + + + + yes + yes + 12h + yes + + + + no + 5m + 6h + yes + + + + no + trusty + xenial + bionic + focal + 1h + + + + + no + stretch + buster + bullseye + 1h + + + + + no + 5 + 6 + 7 + 8 + 1h + + + + + no + amazon-linux + amazon-linux-2 + 1h + + + + + no + 1h + + + + + yes + 1h + + + + + yes + 2010 + 1h + + + + + + + no + + + 43200 + + yes + + + yes + + + no + + + /etc,/usr/bin,/usr/sbin + /bin,/sbin,/boot + + + /etc/mtab + /etc/hosts.deny + /etc/mail/statistics + /etc/random-seed + /etc/random.seed + /etc/adjtime + /etc/httpd/logs + /etc/utmpx + /etc/wtmpx + /etc/cups/certs + /etc/dumpdates + /etc/svc/volatile + + + .log$|.swp$ + + + /etc/ssl/private.key + + yes + yes + yes + yes + + + 10 + + + 100 + + + + yes + 5m + 1h + 10 + + + + + + 127.0.0.1 + ^localhost.localdomain$ + 10.0.0.106 + + + + disable-account + disable-account + yes + + + + restart-wazuh + restart-wazuh + + + + firewall-drop + firewall-drop + yes + + + + host-deny + host-deny + yes + + + + route-null + route-null + yes + + + + win_route-null + route-null.exe + yes + + + + netsh + netsh.exe + yes + + + + + + + command + df -P + 360 + + + + full_command + netstat -tulpn | sed 's/\([[:alnum:]]\+\)\ \+[[:digit:]]\+\ \+[[:digit:]]\+\ \+\(.*\):\([[:digit:]]*\)\ \+\([0-9\.\:\*]\+\).\+\ \([[:digit:]]*\/[[:alnum:]\-]*\).*/\1 \2 == \3 == \4 \5/' | sort -k 4 -g | sed 's/ == \(.*\) ==/:\1/' | sed 1,2d + netstat listening ports + 360 + + + + full_command + last -n 20 + 360 + + + + + ruleset/decoders + ruleset/rules + 0215-policy_rules.xml + etc/lists/audit-keys + etc/lists/amazon/aws-eventnames + etc/lists/security-eventchannel + + + etc/decoders + etc/rules + + + + yes + 1 + 64 + 15m + + + + + no + 1515 + no + yes + no + HIGH:!ADH:!EXP:!MD5:!RC4:!3DES:!CAMELLIA:@STRENGTH + + no + etc/sslmanager.cert + etc/sslmanager.key + no + + + + wazuh + node01 + master + + 1516 + 0.0.0.0 + + NODE_IP + + no + yes + + + + + + + syslog + /var/ossec/logs/active-responses.log + + + diff --git a/single-node/config/wazuh_dashboard/opensearch_dashboards.yml b/single-node/config/wazuh_dashboard/opensearch_dashboards.yml new file mode 100644 index 00000000..d56fe86b --- /dev/null +++ b/single-node/config/wazuh_dashboard/opensearch_dashboards.yml @@ -0,0 +1,12 @@ +server.host: 0.0.0.0 +server.port: 443 +opensearch.hosts: https://wazuh.indexer:9200 +opensearch.ssl.verificationMode: certificate +opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"] +opensearch_security.multitenancy.enabled: false +opensearch_security.readonly_mode.roles: ["kibana_read_only"] +server.ssl.enabled: true +server.ssl.key: "/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem" +server.ssl.certificate: "/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem" +opensearch.ssl.certificateAuthorities: ["/usr/share/wazuh-dashboard/certs/root-ca.pem"] +uiSettings.overrides.defaultRoute: /app/wazuh?security_tenant=global diff --git a/single-node/config/wazuh_dashboard/wazuh.yml b/single-node/config/wazuh_dashboard/wazuh.yml new file mode 100644 index 00000000..75ba953c --- /dev/null +++ b/single-node/config/wazuh_dashboard/wazuh.yml @@ -0,0 +1,7 @@ +hosts: + - 1513629884013: + url: "https://wazuh.manager" + port: 55000 + username: acme-user + password: MyS3cr37P450r.*- + run_as: false diff --git a/single-node/config/wazuh_indexer/internal_users.yml b/single-node/config/wazuh_indexer/internal_users.yml new file mode 100644 index 00000000..d9f05b34 --- /dev/null +++ b/single-node/config/wazuh_indexer/internal_users.yml @@ -0,0 +1,56 @@ +--- +# This is the internal user database +# The hash value is a bcrypt hash and can be generated with plugin/tools/hash.sh + +_meta: + type: "internalusers" + config_version: 2 + +# Define your internal users here + +## Demo users + +admin: + hash: "$2y$12$K/SpwjtB.wOHJ/Nc6GVRDuc1h0rM1DfvziFRNPtk27P.c4yDr9njO" + reserved: true + backend_roles: + - "admin" + description: "Demo admin user" + +kibanaserver: + hash: "$2a$12$4AcgAt3xwOWadA5s5blL6ev39OXDNhmOesEoo33eZtrq2N0YrU3H." + reserved: true + description: "Demo kibanaserver user" + +kibanaro: + hash: "$2a$12$JJSXNfTowz7Uu5ttXfeYpeYE0arACvcwlPBStB1F.MI7f0U9Z4DGC" + reserved: false + backend_roles: + - "kibanauser" + - "readall" + attributes: + attribute1: "value1" + attribute2: "value2" + attribute3: "value3" + description: "Demo kibanaro user" + +logstash: + hash: "$2a$12$u1ShR4l4uBS3Uv59Pa2y5.1uQuZBrZtmNfqB3iM/.jL0XoV9sghS2" + reserved: false + backend_roles: + - "logstash" + description: "Demo logstash user" + +readall: + hash: "$2a$12$ae4ycwzwvLtZxwZ82RmiEunBbIPiAmGZduBAjKN0TXdwQFtCwARz2" + reserved: false + backend_roles: + - "readall" + description: "Demo readall user" + +snapshotrestore: + hash: "$2y$12$DpwmetHKwgYnorbgdvORCenv4NAK8cPUg8AI6pxLCuWf/ALc0.v7W" + reserved: false + backend_roles: + - "snapshotrestore" + description: "Demo snapshotrestore user" diff --git a/single-node/config/wazuh_indexer/wazuh.indexer.yml b/single-node/config/wazuh_indexer/wazuh.indexer.yml new file mode 100644 index 00000000..ec3220ef --- /dev/null +++ b/single-node/config/wazuh_indexer/wazuh.indexer.yml @@ -0,0 +1,27 @@ +network.host: "0.0.0.0" +node.name: "wazuh.indexer" +path.data: /var/lib/wazuh-indexer +path.logs: /var/log/wazuh-indexer +discovery.type: single-node +compatibility.override_main_response_version: true +plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/wazuh.indexer.pem +plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/wazuh.indexer.key +plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/root-ca.pem +plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/wazuh.indexer.pem +plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/wazuh.indexer.key +plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/root-ca.pem +plugins.security.ssl.http.enabled: true +plugins.security.ssl.transport.enforce_hostname_verification: false +plugins.security.ssl.transport.resolve_hostname: false +plugins.security.audit.type: internal_opensearch +plugins.security.authcz.admin_dn: +- "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US" +plugins.security.check_snapshot_restore_write_privileges: true +plugins.security.enable_snapshot_restore_privilege: true +plugins.security.nodes_dn: +- "CN=wazuh.indexer,OU=Wazuh,O=Wazuh,L=California,C=US" +plugins.security.restapi.roles_enabled: +- "all_access" +- "security_rest_api_access" +plugins.security.system_indices.enabled: true +plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opensearch-observability", ".opendistro-asynchronous-search-response*", ".replication-metadata-store"] diff --git a/single-node/config/wazuh_indexer_ssl_certs/admin-key.pem b/single-node/config/wazuh_indexer_ssl_certs/admin-key.pem new file mode 100644 index 00000000..a8231c7c --- /dev/null +++ b/single-node/config/wazuh_indexer_ssl_certs/admin-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDD40EQPXlnfl+h +cqnWeGN7iv4p21Ukqs5ar/nMTiu1sBd3weqkHX9tEyvZjNH1kJWvAPjFr/XalCmm +JKLoJn0lXe7CzbDJcM41D18QYen+rpUg7zINa5YwHwrVqNF4NRJkRDPaM17iYopO +H81TinJk6x5n1SfOhvRUQ/QyUH4DRaqKVaT5eSeLJ2FQmTZ7dWWVEluhvbP33rFu +DM74jNAAU0EbT1tcihek0kTkVVGKfHFGI+GyaMMO2epPyPf3zXe2jqEJIlmn3adz +uykWyLpf0WOhp/592+76wg3CAIq8+DZoyIObDVA7iURMkOR6RaNyBUbf0OGLL/Mn +EDsmVkWZAgMBAAECggEARvCoAW+h5d8YVumlpCwZKwadIR9zaEILVUBhoKG2pqfM +9+vcQ+8C1Meam8Cp0Nq5upUJgt5ElRIPO0INVTGLJNstupKvMWSO6RxV+yLakQc8 +rp6xa7bIv0ierd3jbjsaHAGvHZh5BldVaxGNVHHRF8cmTcgeEGdDWLj7WLVZzWjs +eSs8/ZgX6OgoLh/c4mU8AuaFxecV1POwgkhWBsEsfTD8y4KF//TqBHdswL9qt+/W +YFi0jsdblEoMb+ILgml/4TdSuo++FJxejlmFTOmEtlskJrxEomhklGUyYKyXtCJq +fx6wrM3ycSbY3Gl7Hyw+uXsgOEpMMeNAnylIuRmq+QKBgQD2TMSimLCLyxOXuFll +wVdDfxnhTR4iAXczPde9psNnT5h0EcAR6liiTFpcJ9lQD4KWX6h/ZzPMrGqbsmTs +w52jo1Sf4P+bKW/ecgnPdBm+lQJ8i3X+8vBFEhJ7KZVBx0FejuE9cj+hb+4kmRji +B74atgOfjeHRIzdMYy4QWfhSJwKBgQDLmjkfGoKykCoJ2x+TQ68NZXsXdaQ2CsCS +QD+BYGDbBTD/FHuTMm/TFZ8X07dQa71n38hoyuqkPZJPsbTyaYZJnZRDn2eTJqrY +GXyAX/kGMQUb1SZgogN4EXBFUwgcyxByvwhu3zwZPlBwoJFRrQTkgaeXiQu6hjjH +39ekHhRCPwKBgBeyAQTnjayVR/hDuw4IEL4knzfGtIxu+anLXFMZlRj+VltsTb8r +fYV3tQXCq6yBIX4YC9zd7+TT/ZmnCwCgPS0+DGkpO04RKXsMG5eCwutL6KZUwHBb +rPPoLjD9Kife5JIVSuQfdrGwVAffVr6AIjDtq+GQw9Xb/njx3b+i+DnnAoGAF3b5 +uFT01SF6RtKDLBSz2wZkDksXlsbcdL6E0yNJZlSN1ggFSeyZKKmoQTW8Pb98/7ix +vyoLqswRza98XCe/O0K28KgxZqshK3CcgasN5yHFJfUFzEM/xRm1Z7fvCmp4xdCw +Zx7BLWOaH7DRrqkTFEbBCtzXhjKr3pU0pAx3Zz8CgYEAwiia3cX1hhYE+VwF4SxG +8OUuX1Ad7k7yeT62lv5bn1ZMpOx0SPgOV63DMJHf2DxMgwtvS548Ti18iM1/kaIC +nN3VvXrd6Ma+Eky/J1X1zi3jg91bngCHmLCzxrhuxitzz0DNlA7FFFwPPfuqpnrV +Ud/8jWxBp7Xirz/TzKJCbjs= +-----END PRIVATE KEY----- diff --git a/single-node/config/wazuh_indexer_ssl_certs/admin.pem b/single-node/config/wazuh_indexer_ssl_certs/admin.pem new file mode 100644 index 00000000..5fbe75fc --- /dev/null +++ b/single-node/config/wazuh_indexer_ssl_certs/admin.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDDjCCAfYCFAU87O0mgSwCKgJKxO06KRVmCYLfMA0GCSqGSIb3DQEBCwUAMDUx +DjAMBgNVBAsMBVdhenVoMQ4wDAYDVQQKDAVXYXp1aDETMBEGA1UEBwwKQ2FsaWZv +cm5pYTAeFw0yMjAzMzExNTU4NThaFw0zMjAzMjgxNTU4NThaMFIxCzAJBgNVBAYT +AlVTMRMwEQYDVQQHDApDYWxpZm9ybmlhMQ4wDAYDVQQKDAVXYXp1aDEOMAwGA1UE +CwwFV2F6dWgxDjAMBgNVBAMMBWFkbWluMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEAw+NBED15Z35foXKp1nhje4r+KdtVJKrOWq/5zE4rtbAXd8HqpB1/ +bRMr2YzR9ZCVrwD4xa/12pQppiSi6CZ9JV3uws2wyXDONQ9fEGHp/q6VIO8yDWuW +MB8K1ajReDUSZEQz2jNe4mKKTh/NU4pyZOseZ9Unzob0VEP0MlB+A0WqilWk+Xkn +iydhUJk2e3VllRJbob2z996xbgzO+IzQAFNBG09bXIoXpNJE5FVRinxxRiPhsmjD +DtnqT8j39813to6hCSJZp92nc7spFsi6X9Fjoaf+fdvu+sINwgCKvPg2aMiDmw1Q +O4lETJDkekWjcgVG39Dhiy/zJxA7JlZFmQIDAQABMA0GCSqGSIb3DQEBCwUAA4IB +AQAPMETJTs2cA3PFSZsXwp0MvqbGstgbtW/UgBMJJjpVg8G7Txapj9uLYZRVBa72 +nPPyBpttY0GGGuhH3TQP/jwW1HSw/fDWz7LsdLsMLAAHRDJ5Y+zuS1KkWTMTb+Ih +M31xJvRWW+Vy7GQlx0w20UcyIV/9uOXs3smhFcXsUrk/bKqPk/xx5pPWQgU/kYNq +Rkjg2NK7FLbR0ydNfhNAN99Q82sPtIArl3UHVslC8rW7M0fcsAp+KOi69BbNHPfO +omGedS/XGlsPbNQObAyrJF6P9qcioL/FNECEG29J/5grAfezUIlx+eXUL69fwtwA +RQPMsegj5KAWeULTQtIMOQKs +-----END CERTIFICATE----- diff --git a/single-node/config/wazuh_indexer_ssl_certs/certs.yml b/single-node/config/wazuh_indexer_ssl_certs/certs.yml new file mode 100644 index 00000000..34059eeb --- /dev/null +++ b/single-node/config/wazuh_indexer_ssl_certs/certs.yml @@ -0,0 +1,16 @@ +nodes: + # Wazuh indexer server nodes + indexer: + name: wazuh.indexer + ip: wazuh.indexer + + # Wazuh server nodes + # Use node_type only with more than one Wazuh manager + server: + name: wazuh.manager + ip: wazuh.manager + + # Wazuh dashboard node + dashboard: + name: wazuh.dashboard + ip: wazuh.dashboard \ No newline at end of file diff --git a/single-node/config/wazuh_indexer_ssl_certs/root-ca.key b/single-node/config/wazuh_indexer_ssl_certs/root-ca.key new file mode 100644 index 00000000..c50279e6 --- /dev/null +++ b/single-node/config/wazuh_indexer_ssl_certs/root-ca.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC0HNHBVRwConob +LgAOejIbbLkeGAQiGqpkCxoyb/HL/u3hje0TAnKozY5pxwp9Jeo7REmolorJ7YXL +OT390Wh5cI5/Fj4tPsoYzQZuQZiy6DAWbGjKmQUjBCcoQkYftDY0PlMMjfbpvBe8 +b8qul3ZYPP9EvZ66i7OthBVwNw+dJrQXLFRCBssg6ev+Rr3jbWrxwMObaRFoXJRd +jXFm69PA+HPpuACYQPTHvEhkh+uTU6w36/ZFpiuHeFNJsJZ+cG8sUUMdWNgvq+R3 +bzAALOCFQepONvNowKcTKNf/R3gM94r58PK0G7ehN8Kme7KFUCXUL73ucTpAeXcE +TDAL+yTVAgMBAAECggEAAxSvHdB33y+qSQa7Z4P9kWyFqhcdEvxDx9xMwWoax7N/ +nCkSUg3rqimB8xs9ebCJViQv4ltY2mVesYA0KEBJujILre7Sd3GogU4YexBSLVU9 +ZVTLYhPF+7hZdx3TFz28453hS8it3YejHE0JOX1Lv+yjLSjVKzmyhBhLSZUXhkeY +118drOwj4Ji0KrzTZilpWBPAPHJMkChClLbaJcbOexUkQxvoXgWUQfYi+CtY67Rm +tRnuot29kCTq/r97Iz4NiEHGzAu6IA6xE2S1qJ2ndjoiFRhfKF8wL0f0a71zp9Vo +jXl85qV13Kb0FN17DbmQnSx7dBKIly1Y7cLLq6PkoQKBgQDjWkkx3YqD5VW3c6fr +lyC7Jl0AIvd/1lpOksCofVc2GUBEfR1D87YMc9H917t6rfRjgE3wgYis9Wk2AfIl +Iky/8x+MZHZFOrAcNTArlyBBhXlXIFcAM3br+gTeJKbQwCrMbukGPuBl2+GtYcFh +eEdb9yimAKOlaKIFDEOtt1LxmQKBgQDKzrWtsB4CGPZ1EZZXNfZ6BDtFXdStjirA +411ffc0xNLVducD+bb8jzupOlzstvnnosCnX6QZUzjz8A89ePX6gTwwFUjp03JcK +sb0QcIOVNNt1cHRUx5e0mMQhM/LGhWuZkwO6L7m4DcVb4B4hu12p8503USVZ/YlR +vowtvDUKnQKBgGvm7dY8zwDKV2Q5//hQQbiQ/JKUBeMmWLXx8H4G/t0uHtJijwEx +KbW/Qmq3eMNAzDxtKJB86eEsmEKJqeL15Hc1bEO1amxw7iR1GeeWUjjGoFA5iREP +W+GjR6wmuQVaLvXXrcDJFrdBJFqliqI386YyJ5ihtQlMH5lFuNk5qKQBAoGAXUXW +XqxaEMLkTpEpILDry9A4Zj2yO6Pf29h1sB5OiavhIdr1fM6Ckvht4HlDOVWaAb9L +b0Z3p/c2Kv2hmIkVvKq+L5BS3D47pSp7dp0Ylz25FPkEN52YEvITeeXHaTAhfX8U +vsOGWbTTqN6ZXRAsEqa9DpzeXdXyGstU8w/VIS0CgYBFzwoivG/EgFMUofcVqRf9 +DR9nbF3dAgCVP2pjPevuEUn7CgxhBNdjyBfZQ9AePh8N+snlzvWxCBCNH43/Bbzf +KLXoP/w3i16NyhLRiNWEDWdgBmh0DexuQkXStUYItk8749WH5PItEuUbFImPJ7sz +xMKXRy85xA+O8Ys15v/z+w== +-----END PRIVATE KEY----- diff --git a/single-node/config/wazuh_indexer_ssl_certs/root-ca.pem b/single-node/config/wazuh_indexer_ssl_certs/root-ca.pem new file mode 100644 index 00000000..aa65ed21 --- /dev/null +++ b/single-node/config/wazuh_indexer_ssl_certs/root-ca.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDSzCCAjOgAwIBAgIUc6jxrdFdpeRz9LqBXbPnL10xwIwwDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDMzMTE1NTg1OFoXDTMyMDMyODE1NTg1OFowNTEOMAwG +A1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApDYWxpZm9ybmlh +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBzRwVUcAqJ6Gy4ADnoy +G2y5HhgEIhqqZAsaMm/xy/7t4Y3tEwJyqM2OaccKfSXqO0RJqJaKye2Fyzk9/dFo +eXCOfxY+LT7KGM0GbkGYsugwFmxoypkFIwQnKEJGH7Q2ND5TDI326bwXvG/Krpd2 +WDz/RL2euouzrYQVcDcPnSa0FyxUQgbLIOnr/ka9421q8cDDm2kRaFyUXY1xZuvT +wPhz6bgAmED0x7xIZIfrk1OsN+v2RaYrh3hTSbCWfnBvLFFDHVjYL6vkd28wACzg +hUHqTjbzaMCnEyjX/0d4DPeK+fDytBu3oTfCpnuyhVAl1C+97nE6QHl3BEwwC/sk +1QIDAQABo1MwUTAdBgNVHQ4EFgQUhwVk/zxcbNU6lDR9eD1UtbdGMqUwHwYDVR0j +BBgwFoAUhwVk/zxcbNU6lDR9eD1UtbdGMqUwDwYDVR0TAQH/BAUwAwEB/zANBgkq +hkiG9w0BAQsFAAOCAQEAVYq19mPRxRvfTj70gUQUuoDiHU48/VM58L0dEs2EPvzN +IiaMI0ablsInQE1ZJZc2GYsmnPZjoAuE7R6FIMSS6XErhPeJLxLkieibmhQXpElI +kEik3Uwhv4kjwh5TEwPqjVORRgvthLO9kl1riwlyu3rAEsohJlvUB1uWT99+emSc +jRivo3pXHmu9PI+JBcCxbzc2mixpSuqUalVkx8r7+RayD2EMdckK0WGz9SRplx8p +aNJI6Z0M3+yk4D5bvmAtkX0p1Wk9fk6HLsynLoSZ2CwT9rjm89lIYHEPcUsZHyor +gW64BfUXTNJDcycEg8zDlosdi2zCe/qfmZXgC0t9dA== +-----END CERTIFICATE----- diff --git a/single-node/config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem b/single-node/config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem new file mode 100644 index 00000000..cb55bfe5 --- /dev/null +++ b/single-node/config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDDyjevayE979UH +0Y8IhN6tMSiwlr8C1E4UmK1oTK+4fjy0/zoyaBfwcYVmGqqcPDvDdU4r937SPP9r +CPGH24gUuoAL+c1E4IyR1iCPs2N8UcyRAQfZX3t3SSD7HxFmRtKlTypL1Uc70NEZ +aXVmsBQIXBYpOfJNAEjcbvD5rB2fmYUZ8QTx+aNiwTnLJMUAkqax1NASRhnVw9jo +MJ41q2yveR3Wk2f0ODiGYLDekIH3FOuGf1ypFIDfyrMEh5VYJnIqYrgZt2ljuMcV +O7THkW8jhZ7l+3cMT3LXVMr4PY61ad5Nw5bz2fHZyo6rl2D7Ks7s0WVkun9kKRf9 +nCeRMArrAgMBAAECggEBAKciU4Damcjul9MRz+D8073SziJYvPvkUjcA0l7Lv+Fl +WdtEWOC4vV7S+YZc0zGFtZq346BiqQ89ZOhw/QX1oGfZgP84IkNe0ICZ4rfo8c8p +YNCTqaik+peshIv6THcblCvrtXaAvUtRiX4A6WhcfO1Z9s0Am1eiG5CY3/qyM6OO +Ae+3TGF6GtMYsKPZvtbOkWs6CzAfn/cfzyM8TJQA17HhX0UVTalFWMunYJIbk9jP +nGGzuBxeICtFmQ0c3vJq4dNs7FeGV6EHOYXeaZrPFMFWnu0aWmgVw3ONKPBXY2hb +b+ykHXGzPZrgt01wW6S7NL3aYrd0ocZzUCsbMVGcpZECgYEA7qIjNRIym6jyr0cV +6T7g7hHb+3u5p0BUhWZrxfzVLpZf5AOOl97tQiHRXGnNjEuddcvA5O25yWJl1Amk +mHYkSuLfTVL+qqXKrrDEvqdwUetPjZWdo9MEoUjQvnjirsn59fMzFPSbw7sYI8/i +ZpNyXwll2AZHDSaGPC+BOWCFukkCgYEA0gnid5+4sm8r0DWR7r1WCXbODFhNnqkA +ptfpyp3NfX6ALJ7kT6vGzhCxC1XQXNwR61V1x6/CBTSZ779eNT9sDYr+4ZHaVz8f +bQA2Cmes4z/3NifsWC4HtvzJxkS8ZLD1ImPMa4MFkezA/H//c27uy/8w2YSB34JD +9KoG53y9e5MCgYBl1zpRTufcOJkBpsO6HESgNWz9gYr0zuaDW/eIsmNEk5Zu1/nF +5LS6sXYJC3pWcnrLp941lSLhyCWO/WKKUnkgoHwOIupeZ4z9SqFcgFbWDyePVBfH +r6ndLxcvAqYzVC1iAp19Rvsm6DTgK7sCbdC0sG0PaXZvLU7CZr+uffv0SQKBgQC1 +XiG3aC1lrwenR8rW25mCnJs6H7oOyiKs736LHo6F0gk9/oppnYwS/mjSv+wnc0Tp +8Ka+oq8oLY7LbnUcB8L3QtHq2DYw5mnthqQjgfjRVrfShNDaKA0zXr+hPFNtozxZ +0NGA+OeDZWwT3TcpZ14+uwJkob4/0U165KMHmzhHjwKBgQDd7RfgePWsT/pB4Imd +I/u1KC/7AkqBHx81kCL2XTFtKoSYKAKjHo/VfoQiohPvEdpJuP7dRIdKN/leC9xF +TGe/TRjv6Sir6a61iHAKRif7gorMMu7WMPS4gt9/A+uVRD2ywsYBUOYqJGmjbRKM +RHwR71NJ2edSI3i6/3TBJTbnSg== +-----END PRIVATE KEY----- diff --git a/single-node/config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem b/single-node/config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem new file mode 100644 index 00000000..ac273dcc --- /dev/null +++ b/single-node/config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDdjCCAl6gAwIBAgIUBTzs7SaBLAIqAkrE7TopFWYJguIwDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDMzMTE1NTg1OFoXDTMyMDMyODE1NTg1OFowXDELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEYMBYGA1UEAwwPd2F6dWguZGFzaGJvYXJkMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8o3r2shPe/VB9GPCITerTEosJa/AtRO +FJitaEyvuH48tP86MmgX8HGFZhqqnDw7w3VOK/d+0jz/awjxh9uIFLqAC/nNROCM +kdYgj7NjfFHMkQEH2V97d0kg+x8RZkbSpU8qS9VHO9DRGWl1ZrAUCFwWKTnyTQBI +3G7w+awdn5mFGfEE8fmjYsE5yyTFAJKmsdTQEkYZ1cPY6DCeNatsr3kd1pNn9Dg4 +hmCw3pCB9xTrhn9cqRSA38qzBIeVWCZyKmK4GbdpY7jHFTu0x5FvI4We5ft3DE9y +11TK+D2OtWneTcOW89nx2cqOq5dg+yrO7NFlZLp/ZCkX/ZwnkTAK6wIDAQABo1cw +VTAfBgNVHSMEGDAWgBSHBWT/PFxs1TqUNH14PVS1t0YypTAJBgNVHRMEAjAAMAsG +A1UdDwQEAwIE8DAaBgNVHREEEzARgg93YXp1aC5kYXNoYm9hcmQwDQYJKoZIhvcN +AQELBQADggEBAKatO2nfF24Z9mrYzyHBs4BN0m7H29VrYi953YB7qKlWOr8CDFGe +olfaDgrY7Hc7MM5kzGtCF7POywVMfX6ug9WiAeYX+kaAJxHYctwy/AMyYeEhDjKx +et/SD++rR8V6EDeuevag+21HhqzOptiRKAyg1P13B4d8/UwK/d42T8Rgujh4tAB1 +PYN269ID3tQ3GMG1y0QaAwtpPEpBv3AF/kANVkHV+rwtWyKQKK8WEVxcqAppY1ap +AY4zUTpEO8rAZXSfOk/tJ9hPJrF6+Ld44pcxDzw1fs0LOY4r/RY9V4DT0ayForrG +uBUpPEkB1rh1eHAi1OWfNj4sseYMysYmz5c= +-----END CERTIFICATE----- diff --git a/single-node/config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem b/single-node/config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem new file mode 100644 index 00000000..376ccf7a --- /dev/null +++ b/single-node/config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC8V/BRL1YWMZmO +YCNBMtSxLnyBUOkVneF+o6fNuAF2szv/H2CpH9oEpmH4gB9x66bNNuwfb2THOwfO +fYySA3IGwyKk8xyC1+6mW0QIWzNvAYROBpDD0lZwMxLwf3PecFXzN2hEuTOPavS6 +B6BaTlhYfOgSFwKQUJIKLzq+/TfwzJUW87/5uI6+GpSXdVBFFOrjcmntxahMrnBv +3mxJlsr60LHcfXcPc+qtrNGVmmD/V0sFE0Gi9m07vpK2nDnja0IME4A6s/Jo0TlX +pGKlXi8BXixjas1WZn9gfe7VrTtCYpkGFLjWC+Rz1tHBnwKkjoVNQrxrvd7h7tU/ +OmSs7gTHAgMBAAECggEBALIbWvf7EqakOvknss8aGYaAVl8Xu4OkrLRMYQgqZL/y +WN82tfrZUxuol+ceih354eAYewxzE9NP4F8F3SPLPE5mw+FGwYR+XIFWtyxLyoTD +43DBxq5Xv0QVGGjzrggBJVZ95A1xMfADDfDJ+3rKscLkQ7Wvqs38U05sQVqRLRB5 +VnArp6hn5Lj4Y37/6ER2hyB/CahE5i6SQTe8dWHlvs3eiXfeXx7AmJzvNRezH9Zo +LVUDoGpdU7Zm5eo0kQevfHjs1Wrtn4Oq+tev+WSninOWR1j/2T0T7SLNI6cABP/K +LtObnhdZhpMEiWe7AN/oDxrkEo954QZTkj3Dkub2QWECgYEA7DEDBYMEGMmvQbKx +jF1qtWqHABdbjR29YtFfpcAm8yAadaftvX0qZq7Ym2DwHCwPX8O8kpGUpN5zYr+W +xsja1s/bUDat82on2RRn1+e5cBfJ1dyLGisvMu1QN1/b/593WfZwbPGxDq5nFjUd +1SyJE0/EKSCnNjcTNpgLbEB9+XECgYEAzCOj48yhIfhQY8UhUgDojiEhEhAmrMBY +MYb+LZvTg5b2fruPwgsA/MADoL68pwF0LSSoysbS7SIFEUTvyHv3zjNvtPR3kEuE +/JHS4vppFvuFKozf+tMHcIIF7pigyLRkGpePgPaeQ86AvKitq8YHn0I8nVD15n2f +0TlLl+hZhbcCgYBd+8q2AMI6ktZ4EADyV6HEepUphiHZ70GS9rlWnTVifR3KP34s +bofWwDBU86fXrfiYJKz+rYs2Z4YGfzIh+36JB8C/FGL3fwBIMwR3Ny/k2LJptQ5s +5U4st525yx0hhHTbiWKHF01bCC7g+VXbo5MP6iemLeYbfqLYkHvLIYZ/IQKBgENe +T6vR0Cthw0XpvIFPg2/ERyGq6th/8ZsGrcNndXory9UvGNY0w3Kl+4yE5cVHmYt8 +WafxzZIsc/erBGbpYnJOT0MsmnioM48WoL3/XccT4nKUYyZnlkDu5/5BqG4T+iU8 +d0NcIAbIk3uvPwE9LS7FsTNJkJ0sQB3QBr5vE3wpAoGBAM5aCO/GIa++tCQZ5N9x +eNd3Uta8C6JI+KVROCNda8auFHeh9lfYgv1Kj64nmJZErG4PwuYwdWQ8FnDrpM+f +YMRz/rpcvqL01XswnYgr72EV/qnEDtVLG4x6rY0n2Rd2/i4NMMIcqxVZZdnoAh7A +Y+IqIDCAvPM/NjRTAMUDqFj3 +-----END PRIVATE KEY----- diff --git a/single-node/config/wazuh_indexer_ssl_certs/wazuh.indexer.pem b/single-node/config/wazuh_indexer_ssl_certs/wazuh.indexer.pem new file mode 100644 index 00000000..6fd0dfba --- /dev/null +++ b/single-node/config/wazuh_indexer_ssl_certs/wazuh.indexer.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDcjCCAlqgAwIBAgIUBTzs7SaBLAIqAkrE7TopFWYJguAwDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDMzMTE1NTg1OFoXDTMyMDMyODE1NTg1OFowWjELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEWMBQGA1UEAwwNd2F6dWguaW5kZXhlcjCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBALxX8FEvVhYxmY5gI0Ey1LEufIFQ6RWd4X6j +p824AXazO/8fYKkf2gSmYfiAH3Hrps027B9vZMc7B859jJIDcgbDIqTzHILX7qZb +RAhbM28BhE4GkMPSVnAzEvB/c95wVfM3aES5M49q9LoHoFpOWFh86BIXApBQkgov +Or79N/DMlRbzv/m4jr4alJd1UEUU6uNyae3FqEyucG/ebEmWyvrQsdx9dw9z6q2s +0ZWaYP9XSwUTQaL2bTu+kracOeNrQgwTgDqz8mjROVekYqVeLwFeLGNqzVZmf2B9 +7tWtO0JimQYUuNYL5HPW0cGfAqSOhU1CvGu93uHu1T86ZKzuBMcCAwEAAaNVMFMw +HwYDVR0jBBgwFoAUhwVk/zxcbNU6lDR9eD1UtbdGMqUwCQYDVR0TBAIwADALBgNV +HQ8EBAMCBPAwGAYDVR0RBBEwD4INd2F6dWguaW5kZXhlcjANBgkqhkiG9w0BAQsF +AAOCAQEAXAgTFAGo4BVcGSCSRtqpW2Y6NmYOx2n60sN+1Gkvqkto8qngimr/D3o0 +Biy14GO5Y8he9lVVXaM/r5UTm96VRYRoTP2jug6J2wBAag/gTIBbwwwV71luBAq6 +jiccjPSdrZumHj0alO1yMYAxTowqg9wiBlzYgDiURmaX6Yty+48BGiwetAxdb9FI +XW9fJgWdvjdPzbdtB60ce9mqdKKg1gHzIQaBKYuYxNfHaJ6NEO6NqBGiXKJ0RFDG +cZ8L5U+vieD/9re0v0wUPjfOyccqg684/Hexiad3uQpeppFGKqdwSMR4WjYIsvWu +55a2YACV03UKQrwTb+Kn4ejlWKF8rA== +-----END CERTIFICATE----- diff --git a/single-node/config/wazuh_indexer_ssl_certs/wazuh.manager-key.pem b/single-node/config/wazuh_indexer_ssl_certs/wazuh.manager-key.pem new file mode 100644 index 00000000..ebb7cc55 --- /dev/null +++ b/single-node/config/wazuh_indexer_ssl_certs/wazuh.manager-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDe35HaipLAWf9F +PxdMNeH6e3iQS39iQs9TgVsnxMw3Xvhi17kyt42sEfZkzxT0nHirQXNI5cAYHZR8 +baa25vMdNPQTX1OxdeL8ptsvDnn37pREbxlqZN4rZ7mIrIVSbCoS0f/nrk2EZVeD +vTqU6zWtVPmXMfRGl/cAQLP+ieTB8ZkmKzwNn7/hyj3qVbX2201JLZIKhUlo02gD +u5XnVuQZJG244G6BmBJTb9Bq8K7NwJmAKRxVgAWLrbwneyn3X67UoZn7tbO2QyyG +JRR5dnapi6EpSx27uMHNWptUp51/TxgIuP7bw8ZAv81RTy2jlYHzR3tZGapWVAeH +B8S+SCnJAgMBAAECggEBAJWLIcynyowyVuxZxwIl7Xkqu9zmK5T9CywW0dk/XV+R +48w+v09ehjr82n0NzhvLmdQfWIGDV39W6bkLwh9bm6jvTQ5qmjeqyCGKu+s5JXHM +rcO1YDJZeBFbycwBJnwFg72ZFsKX2/+IGE6W++XMZPnm2IowxJ1RfjS3NY8Ha20N +s9Pilp801fnBkEXr5dFwMggeD9mbALa9MW0KuXCGwIIeXbsIP7C/HohTxgwp+cxg +0FqagILBcQ0Gw+cx2f2WFY5d238OMWF9S6587T8A1wIXUVfqyv0TIwJh8kQWgUxz +LXYZYQxC4bty8TEh58hsTlrBw4Y0vtNM51yevGtjdGECgYEA/4c3vHANOKY25z/j +LkRAhhBqQxSO2Hl3tTC0l54yZ6KJ/pdQik+66mRe10hUcfCES/5FzHlJIiF1sVFa +N6n4AigrzF8opjRYLoM/JEMFZKBITkYT9huh9CY1MN5gvXJgEjxHaZ3gr7BBhNfj +/Ds/v7oP4sGx8c4RxxC5lxpa7i0CgYEA30jqtHQpF4AuIqKZTbfbClThfOgvCX93 +mEPEmckcv8GUpfZvhNqmul/IYxPSwGtNh875DheDg37COAwhqVZhqPH5R4vAaJgt +BqDqsLjzRtstWDmAsyue+HfJmujLmaBqdv+ZZWzPS285gLL3AuoHUEnF7t43wZ0d +CUCtEI4Gx40CgYEAlDJe7+nosRctNncGEhpBdb9lcZwlsITaGXqy8lAsmZBaCg7G +BkFxfWlS2/a2CxLcF5rT7l/VO3c+Y+Vztl7cWJvlsvTphWNMVUWHREeehBq1dLgN +8albB1d1d+8xGg6Qi2LsY+PNoPdPOHVhYzMVqOOHPRLrWfsSsmoPyQPfAs0CgYBN +PX0rpY9deNL82kCsGPDl9wz116AF6hlmC/Nju6V9VCrm6oQTckwA5wd79qyOMdBl +LZ0MWef9wgjPuKqgWKh5+BLixB5wUEwrIdlt/tzxYvqhrWqvEGTy0QVl2CguYcbS +mYLoCib/kl9S/RXj5S9Yf9y/0BF7oa0cuUnlEyyXNQKBgFktEg1mnIZ4NNurwVVy +GscbGTaNqiLCVar5/sEICAb46oWeEiTubm9nIrml7L5PHgWBX8ko0bCNECvZB6oP +hsHTw5q7mSPT//TO9hQhNK2WvK82e8yuuNGEiAZ1TIHILqxDCcTKPATIU/PO//aZ +ziy5/xTwidJVHqPBuZrjHLD9 +-----END PRIVATE KEY----- diff --git a/single-node/config/wazuh_indexer_ssl_certs/wazuh.manager.pem b/single-node/config/wazuh_indexer_ssl_certs/wazuh.manager.pem new file mode 100644 index 00000000..9d0e69fd --- /dev/null +++ b/single-node/config/wazuh_indexer_ssl_certs/wazuh.manager.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDcjCCAlqgAwIBAgIUBTzs7SaBLAIqAkrE7TopFWYJguEwDQYJKoZIhvcNAQEL +BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD +YWxpZm9ybmlhMB4XDTIyMDMzMTE1NTg1OFoXDTMyMDMyODE1NTg1OFowWjELMAkG +A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w +DAYDVQQLDAVXYXp1aDEWMBQGA1UEAwwNd2F6dWgubWFuYWdlcjCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAN7fkdqKksBZ/0U/F0w14fp7eJBLf2JCz1OB +WyfEzDde+GLXuTK3jawR9mTPFPSceKtBc0jlwBgdlHxtprbm8x009BNfU7F14vym +2y8OeffulERvGWpk3itnuYishVJsKhLR/+euTYRlV4O9OpTrNa1U+Zcx9EaX9wBA +s/6J5MHxmSYrPA2fv+HKPepVtfbbTUktkgqFSWjTaAO7ledW5BkkbbjgboGYElNv +0Grwrs3AmYApHFWABYutvCd7KfdfrtShmfu1s7ZDLIYlFHl2dqmLoSlLHbu4wc1a +m1SnnX9PGAi4/tvDxkC/zVFPLaOVgfNHe1kZqlZUB4cHxL5IKckCAwEAAaNVMFMw +HwYDVR0jBBgwFoAUhwVk/zxcbNU6lDR9eD1UtbdGMqUwCQYDVR0TBAIwADALBgNV +HQ8EBAMCBPAwGAYDVR0RBBEwD4INd2F6dWgubWFuYWdlcjANBgkqhkiG9w0BAQsF +AAOCAQEAJzaP0Ui4dnXJnruBNIu/XjZUC82+BmQ+DhwfQO5BKT9DXSllGLli2ZcQ +fRmaaqtgO8T3ar/eMVH7296qZNrLvNLBjyuxm1fOKyDtANTUsJdXbpHJuzWrq9rT +BvovBkrP3HJQNX3R9nHM+ZcrONA4uQCgDTqNnvle9N3R7FhXVMFtrMlha1N1jehJ +hs9JGfVA0W3txw8nPiyLs1xyenQSALpROntIr5e8zN+GVRGtYCDjk4Mcuiw9TNqc +mVKADqxH2CBOQ/+tpOvmUFC6iLf2hPcp/gQ2Bgp/6L2ko4KYsLGTeA34OZJuSjIh +9zldYNWPUbg4IcpMhQ8rXE1qetOlug== +-----END CERTIFICATE----- diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index d5cc463c..356160ea 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -14,8 +14,13 @@ services: environment: - INDEXER_URL=https://wazuh.indexer:9200 - INDEXER_USERNAME=admin - - INDEXER_PASSWORD=admin - - FILEBEAT_SSL_VERIFICATION_MODE=none + - INDEXER_PASSWORD=SecretPassword + - FILEBEAT_SSL_VERIFICATION_MODE=full + - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem + - SSL_CERTIFICATE=/etc/ssl/filebeat.pem + - SSL_KEY=/etc/ssl/filebeat.key + - API_USERNAME=acme-user + - API_PASSWORD=MyS3cr37P450r.*- volumes: - wazuh_api_configuration:/var/ossec/api/configuration - wazuh_etc:/var/ossec/etc @@ -28,6 +33,10 @@ services: - wazuh_wodles:/var/ossec/wodles - filebeat_etc:/etc/filebeat - filebeat_var:/var/lib/filebeat + - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem + - ./config/wazuh_indexer_ssl_certs/wazuh.manager.pem:/etc/ssl/filebeat.pem + - ./config/wazuh_indexer_ssl_certs/wazuh.manager-key.pem:/etc/ssl/filebeat.key + - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.indexer: image: wazuh/wazuh-indexer:4.3.0 @@ -46,6 +55,13 @@ services: hard: 65536 volumes: - wazuh-indexer-data:/var/lib/wazuh-indexer + - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/root-ca.pem + - ./config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/config/wazuh.indexer.key + - ./config/wazuh_indexer_ssl_certs/wazuh.indexer.pem:/usr/share/wazuh-indexer/config/wazuh.indexer.pem + - ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/config/admin.pem + - ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/config/admin-key.pem + - ./config/wazuh_indexer/wazuh.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml + - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml wazuh.dashboard: image: wazuh/wazuh-dashboard:4.3.0 @@ -57,6 +73,14 @@ services: - INDEXER_USERNAME=admin - INDEXER_PASSWORD=admin - WAZUH_API_URL=https://wazuh.manager + - API_USERNAME=acme-user + - API_PASSWORD=MyS3cr37P450r.*- + volumes: + - ./config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem + - ./config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem + - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem + - ./config/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml + - ./config/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml depends_on: - wazuh.indexer links: diff --git a/single-node/generate-indexer-certs.yml b/single-node/generate-indexer-certs.yml new file mode 100644 index 00000000..c29c50d6 --- /dev/null +++ b/single-node/generate-indexer-certs.yml @@ -0,0 +1,10 @@ +# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2) +version: '3' + +services: + generator: + image: wazuh/wazuh-certs-generator:0.0.1 + hostname: wazuh-certs-generator + volumes: + - ./config/wazuh_indexer_ssl_certs/certs.yml:/config.yml + - ./config/wazuh_indexer_ssl_certs/:/certificates/ \ No newline at end of file From a3e39bd5c097927de24f7a4f1a5a703b226d3499 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 31 Mar 2022 13:21:01 -0300 Subject: [PATCH 106/163] Add persistence in single node --- .../wazuh_indexer_ssl_certs/admin-key.pem | 28 ------------------- .../config/wazuh_indexer_ssl_certs/admin.pem | 19 ------------- .../wazuh_indexer_ssl_certs/root-ca.key | 28 ------------------- .../wazuh_indexer_ssl_certs/root-ca.pem | 20 ------------- .../wazuh.dashboard-key.pem | 28 ------------------- .../wazuh.dashboard.pem | 21 -------------- .../wazuh.indexer-key.pem | 28 ------------------- .../wazuh_indexer_ssl_certs/wazuh.indexer.pem | 21 -------------- .../wazuh.manager-key.pem | 28 ------------------- .../wazuh_indexer_ssl_certs/wazuh.manager.pem | 21 -------------- 10 files changed, 242 deletions(-) delete mode 100644 single-node/config/wazuh_indexer_ssl_certs/admin-key.pem delete mode 100644 single-node/config/wazuh_indexer_ssl_certs/admin.pem delete mode 100644 single-node/config/wazuh_indexer_ssl_certs/root-ca.key delete mode 100644 single-node/config/wazuh_indexer_ssl_certs/root-ca.pem delete mode 100644 single-node/config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem delete mode 100644 single-node/config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem delete mode 100644 single-node/config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem delete mode 100644 single-node/config/wazuh_indexer_ssl_certs/wazuh.indexer.pem delete mode 100644 single-node/config/wazuh_indexer_ssl_certs/wazuh.manager-key.pem delete mode 100644 single-node/config/wazuh_indexer_ssl_certs/wazuh.manager.pem diff --git a/single-node/config/wazuh_indexer_ssl_certs/admin-key.pem b/single-node/config/wazuh_indexer_ssl_certs/admin-key.pem deleted file mode 100644 index a8231c7c..00000000 --- a/single-node/config/wazuh_indexer_ssl_certs/admin-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDD40EQPXlnfl+h -cqnWeGN7iv4p21Ukqs5ar/nMTiu1sBd3weqkHX9tEyvZjNH1kJWvAPjFr/XalCmm -JKLoJn0lXe7CzbDJcM41D18QYen+rpUg7zINa5YwHwrVqNF4NRJkRDPaM17iYopO -H81TinJk6x5n1SfOhvRUQ/QyUH4DRaqKVaT5eSeLJ2FQmTZ7dWWVEluhvbP33rFu -DM74jNAAU0EbT1tcihek0kTkVVGKfHFGI+GyaMMO2epPyPf3zXe2jqEJIlmn3adz -uykWyLpf0WOhp/592+76wg3CAIq8+DZoyIObDVA7iURMkOR6RaNyBUbf0OGLL/Mn -EDsmVkWZAgMBAAECggEARvCoAW+h5d8YVumlpCwZKwadIR9zaEILVUBhoKG2pqfM -9+vcQ+8C1Meam8Cp0Nq5upUJgt5ElRIPO0INVTGLJNstupKvMWSO6RxV+yLakQc8 -rp6xa7bIv0ierd3jbjsaHAGvHZh5BldVaxGNVHHRF8cmTcgeEGdDWLj7WLVZzWjs -eSs8/ZgX6OgoLh/c4mU8AuaFxecV1POwgkhWBsEsfTD8y4KF//TqBHdswL9qt+/W -YFi0jsdblEoMb+ILgml/4TdSuo++FJxejlmFTOmEtlskJrxEomhklGUyYKyXtCJq -fx6wrM3ycSbY3Gl7Hyw+uXsgOEpMMeNAnylIuRmq+QKBgQD2TMSimLCLyxOXuFll -wVdDfxnhTR4iAXczPde9psNnT5h0EcAR6liiTFpcJ9lQD4KWX6h/ZzPMrGqbsmTs -w52jo1Sf4P+bKW/ecgnPdBm+lQJ8i3X+8vBFEhJ7KZVBx0FejuE9cj+hb+4kmRji -B74atgOfjeHRIzdMYy4QWfhSJwKBgQDLmjkfGoKykCoJ2x+TQ68NZXsXdaQ2CsCS -QD+BYGDbBTD/FHuTMm/TFZ8X07dQa71n38hoyuqkPZJPsbTyaYZJnZRDn2eTJqrY -GXyAX/kGMQUb1SZgogN4EXBFUwgcyxByvwhu3zwZPlBwoJFRrQTkgaeXiQu6hjjH -39ekHhRCPwKBgBeyAQTnjayVR/hDuw4IEL4knzfGtIxu+anLXFMZlRj+VltsTb8r -fYV3tQXCq6yBIX4YC9zd7+TT/ZmnCwCgPS0+DGkpO04RKXsMG5eCwutL6KZUwHBb -rPPoLjD9Kife5JIVSuQfdrGwVAffVr6AIjDtq+GQw9Xb/njx3b+i+DnnAoGAF3b5 -uFT01SF6RtKDLBSz2wZkDksXlsbcdL6E0yNJZlSN1ggFSeyZKKmoQTW8Pb98/7ix -vyoLqswRza98XCe/O0K28KgxZqshK3CcgasN5yHFJfUFzEM/xRm1Z7fvCmp4xdCw -Zx7BLWOaH7DRrqkTFEbBCtzXhjKr3pU0pAx3Zz8CgYEAwiia3cX1hhYE+VwF4SxG -8OUuX1Ad7k7yeT62lv5bn1ZMpOx0SPgOV63DMJHf2DxMgwtvS548Ti18iM1/kaIC -nN3VvXrd6Ma+Eky/J1X1zi3jg91bngCHmLCzxrhuxitzz0DNlA7FFFwPPfuqpnrV -Ud/8jWxBp7Xirz/TzKJCbjs= ------END PRIVATE KEY----- diff --git a/single-node/config/wazuh_indexer_ssl_certs/admin.pem b/single-node/config/wazuh_indexer_ssl_certs/admin.pem deleted file mode 100644 index 5fbe75fc..00000000 --- a/single-node/config/wazuh_indexer_ssl_certs/admin.pem +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDDjCCAfYCFAU87O0mgSwCKgJKxO06KRVmCYLfMA0GCSqGSIb3DQEBCwUAMDUx -DjAMBgNVBAsMBVdhenVoMQ4wDAYDVQQKDAVXYXp1aDETMBEGA1UEBwwKQ2FsaWZv -cm5pYTAeFw0yMjAzMzExNTU4NThaFw0zMjAzMjgxNTU4NThaMFIxCzAJBgNVBAYT -AlVTMRMwEQYDVQQHDApDYWxpZm9ybmlhMQ4wDAYDVQQKDAVXYXp1aDEOMAwGA1UE -CwwFV2F6dWgxDjAMBgNVBAMMBWFkbWluMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A -MIIBCgKCAQEAw+NBED15Z35foXKp1nhje4r+KdtVJKrOWq/5zE4rtbAXd8HqpB1/ -bRMr2YzR9ZCVrwD4xa/12pQppiSi6CZ9JV3uws2wyXDONQ9fEGHp/q6VIO8yDWuW -MB8K1ajReDUSZEQz2jNe4mKKTh/NU4pyZOseZ9Unzob0VEP0MlB+A0WqilWk+Xkn -iydhUJk2e3VllRJbob2z996xbgzO+IzQAFNBG09bXIoXpNJE5FVRinxxRiPhsmjD -DtnqT8j39813to6hCSJZp92nc7spFsi6X9Fjoaf+fdvu+sINwgCKvPg2aMiDmw1Q -O4lETJDkekWjcgVG39Dhiy/zJxA7JlZFmQIDAQABMA0GCSqGSIb3DQEBCwUAA4IB -AQAPMETJTs2cA3PFSZsXwp0MvqbGstgbtW/UgBMJJjpVg8G7Txapj9uLYZRVBa72 -nPPyBpttY0GGGuhH3TQP/jwW1HSw/fDWz7LsdLsMLAAHRDJ5Y+zuS1KkWTMTb+Ih -M31xJvRWW+Vy7GQlx0w20UcyIV/9uOXs3smhFcXsUrk/bKqPk/xx5pPWQgU/kYNq -Rkjg2NK7FLbR0ydNfhNAN99Q82sPtIArl3UHVslC8rW7M0fcsAp+KOi69BbNHPfO -omGedS/XGlsPbNQObAyrJF6P9qcioL/FNECEG29J/5grAfezUIlx+eXUL69fwtwA -RQPMsegj5KAWeULTQtIMOQKs ------END CERTIFICATE----- diff --git a/single-node/config/wazuh_indexer_ssl_certs/root-ca.key b/single-node/config/wazuh_indexer_ssl_certs/root-ca.key deleted file mode 100644 index c50279e6..00000000 --- a/single-node/config/wazuh_indexer_ssl_certs/root-ca.key +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC0HNHBVRwConob -LgAOejIbbLkeGAQiGqpkCxoyb/HL/u3hje0TAnKozY5pxwp9Jeo7REmolorJ7YXL -OT390Wh5cI5/Fj4tPsoYzQZuQZiy6DAWbGjKmQUjBCcoQkYftDY0PlMMjfbpvBe8 -b8qul3ZYPP9EvZ66i7OthBVwNw+dJrQXLFRCBssg6ev+Rr3jbWrxwMObaRFoXJRd -jXFm69PA+HPpuACYQPTHvEhkh+uTU6w36/ZFpiuHeFNJsJZ+cG8sUUMdWNgvq+R3 -bzAALOCFQepONvNowKcTKNf/R3gM94r58PK0G7ehN8Kme7KFUCXUL73ucTpAeXcE -TDAL+yTVAgMBAAECggEAAxSvHdB33y+qSQa7Z4P9kWyFqhcdEvxDx9xMwWoax7N/ -nCkSUg3rqimB8xs9ebCJViQv4ltY2mVesYA0KEBJujILre7Sd3GogU4YexBSLVU9 -ZVTLYhPF+7hZdx3TFz28453hS8it3YejHE0JOX1Lv+yjLSjVKzmyhBhLSZUXhkeY -118drOwj4Ji0KrzTZilpWBPAPHJMkChClLbaJcbOexUkQxvoXgWUQfYi+CtY67Rm -tRnuot29kCTq/r97Iz4NiEHGzAu6IA6xE2S1qJ2ndjoiFRhfKF8wL0f0a71zp9Vo -jXl85qV13Kb0FN17DbmQnSx7dBKIly1Y7cLLq6PkoQKBgQDjWkkx3YqD5VW3c6fr -lyC7Jl0AIvd/1lpOksCofVc2GUBEfR1D87YMc9H917t6rfRjgE3wgYis9Wk2AfIl -Iky/8x+MZHZFOrAcNTArlyBBhXlXIFcAM3br+gTeJKbQwCrMbukGPuBl2+GtYcFh -eEdb9yimAKOlaKIFDEOtt1LxmQKBgQDKzrWtsB4CGPZ1EZZXNfZ6BDtFXdStjirA -411ffc0xNLVducD+bb8jzupOlzstvnnosCnX6QZUzjz8A89ePX6gTwwFUjp03JcK -sb0QcIOVNNt1cHRUx5e0mMQhM/LGhWuZkwO6L7m4DcVb4B4hu12p8503USVZ/YlR -vowtvDUKnQKBgGvm7dY8zwDKV2Q5//hQQbiQ/JKUBeMmWLXx8H4G/t0uHtJijwEx -KbW/Qmq3eMNAzDxtKJB86eEsmEKJqeL15Hc1bEO1amxw7iR1GeeWUjjGoFA5iREP -W+GjR6wmuQVaLvXXrcDJFrdBJFqliqI386YyJ5ihtQlMH5lFuNk5qKQBAoGAXUXW -XqxaEMLkTpEpILDry9A4Zj2yO6Pf29h1sB5OiavhIdr1fM6Ckvht4HlDOVWaAb9L -b0Z3p/c2Kv2hmIkVvKq+L5BS3D47pSp7dp0Ylz25FPkEN52YEvITeeXHaTAhfX8U -vsOGWbTTqN6ZXRAsEqa9DpzeXdXyGstU8w/VIS0CgYBFzwoivG/EgFMUofcVqRf9 -DR9nbF3dAgCVP2pjPevuEUn7CgxhBNdjyBfZQ9AePh8N+snlzvWxCBCNH43/Bbzf -KLXoP/w3i16NyhLRiNWEDWdgBmh0DexuQkXStUYItk8749WH5PItEuUbFImPJ7sz -xMKXRy85xA+O8Ys15v/z+w== ------END PRIVATE KEY----- diff --git a/single-node/config/wazuh_indexer_ssl_certs/root-ca.pem b/single-node/config/wazuh_indexer_ssl_certs/root-ca.pem deleted file mode 100644 index aa65ed21..00000000 --- a/single-node/config/wazuh_indexer_ssl_certs/root-ca.pem +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDSzCCAjOgAwIBAgIUc6jxrdFdpeRz9LqBXbPnL10xwIwwDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDMzMTE1NTg1OFoXDTMyMDMyODE1NTg1OFowNTEOMAwG -A1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApDYWxpZm9ybmlh -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBzRwVUcAqJ6Gy4ADnoy -G2y5HhgEIhqqZAsaMm/xy/7t4Y3tEwJyqM2OaccKfSXqO0RJqJaKye2Fyzk9/dFo -eXCOfxY+LT7KGM0GbkGYsugwFmxoypkFIwQnKEJGH7Q2ND5TDI326bwXvG/Krpd2 -WDz/RL2euouzrYQVcDcPnSa0FyxUQgbLIOnr/ka9421q8cDDm2kRaFyUXY1xZuvT -wPhz6bgAmED0x7xIZIfrk1OsN+v2RaYrh3hTSbCWfnBvLFFDHVjYL6vkd28wACzg -hUHqTjbzaMCnEyjX/0d4DPeK+fDytBu3oTfCpnuyhVAl1C+97nE6QHl3BEwwC/sk -1QIDAQABo1MwUTAdBgNVHQ4EFgQUhwVk/zxcbNU6lDR9eD1UtbdGMqUwHwYDVR0j -BBgwFoAUhwVk/zxcbNU6lDR9eD1UtbdGMqUwDwYDVR0TAQH/BAUwAwEB/zANBgkq -hkiG9w0BAQsFAAOCAQEAVYq19mPRxRvfTj70gUQUuoDiHU48/VM58L0dEs2EPvzN -IiaMI0ablsInQE1ZJZc2GYsmnPZjoAuE7R6FIMSS6XErhPeJLxLkieibmhQXpElI -kEik3Uwhv4kjwh5TEwPqjVORRgvthLO9kl1riwlyu3rAEsohJlvUB1uWT99+emSc -jRivo3pXHmu9PI+JBcCxbzc2mixpSuqUalVkx8r7+RayD2EMdckK0WGz9SRplx8p -aNJI6Z0M3+yk4D5bvmAtkX0p1Wk9fk6HLsynLoSZ2CwT9rjm89lIYHEPcUsZHyor -gW64BfUXTNJDcycEg8zDlosdi2zCe/qfmZXgC0t9dA== ------END CERTIFICATE----- diff --git a/single-node/config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem b/single-node/config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem deleted file mode 100644 index cb55bfe5..00000000 --- a/single-node/config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDDyjevayE979UH -0Y8IhN6tMSiwlr8C1E4UmK1oTK+4fjy0/zoyaBfwcYVmGqqcPDvDdU4r937SPP9r -CPGH24gUuoAL+c1E4IyR1iCPs2N8UcyRAQfZX3t3SSD7HxFmRtKlTypL1Uc70NEZ -aXVmsBQIXBYpOfJNAEjcbvD5rB2fmYUZ8QTx+aNiwTnLJMUAkqax1NASRhnVw9jo -MJ41q2yveR3Wk2f0ODiGYLDekIH3FOuGf1ypFIDfyrMEh5VYJnIqYrgZt2ljuMcV -O7THkW8jhZ7l+3cMT3LXVMr4PY61ad5Nw5bz2fHZyo6rl2D7Ks7s0WVkun9kKRf9 -nCeRMArrAgMBAAECggEBAKciU4Damcjul9MRz+D8073SziJYvPvkUjcA0l7Lv+Fl -WdtEWOC4vV7S+YZc0zGFtZq346BiqQ89ZOhw/QX1oGfZgP84IkNe0ICZ4rfo8c8p -YNCTqaik+peshIv6THcblCvrtXaAvUtRiX4A6WhcfO1Z9s0Am1eiG5CY3/qyM6OO -Ae+3TGF6GtMYsKPZvtbOkWs6CzAfn/cfzyM8TJQA17HhX0UVTalFWMunYJIbk9jP -nGGzuBxeICtFmQ0c3vJq4dNs7FeGV6EHOYXeaZrPFMFWnu0aWmgVw3ONKPBXY2hb -b+ykHXGzPZrgt01wW6S7NL3aYrd0ocZzUCsbMVGcpZECgYEA7qIjNRIym6jyr0cV -6T7g7hHb+3u5p0BUhWZrxfzVLpZf5AOOl97tQiHRXGnNjEuddcvA5O25yWJl1Amk -mHYkSuLfTVL+qqXKrrDEvqdwUetPjZWdo9MEoUjQvnjirsn59fMzFPSbw7sYI8/i -ZpNyXwll2AZHDSaGPC+BOWCFukkCgYEA0gnid5+4sm8r0DWR7r1WCXbODFhNnqkA -ptfpyp3NfX6ALJ7kT6vGzhCxC1XQXNwR61V1x6/CBTSZ779eNT9sDYr+4ZHaVz8f -bQA2Cmes4z/3NifsWC4HtvzJxkS8ZLD1ImPMa4MFkezA/H//c27uy/8w2YSB34JD -9KoG53y9e5MCgYBl1zpRTufcOJkBpsO6HESgNWz9gYr0zuaDW/eIsmNEk5Zu1/nF -5LS6sXYJC3pWcnrLp941lSLhyCWO/WKKUnkgoHwOIupeZ4z9SqFcgFbWDyePVBfH -r6ndLxcvAqYzVC1iAp19Rvsm6DTgK7sCbdC0sG0PaXZvLU7CZr+uffv0SQKBgQC1 -XiG3aC1lrwenR8rW25mCnJs6H7oOyiKs736LHo6F0gk9/oppnYwS/mjSv+wnc0Tp -8Ka+oq8oLY7LbnUcB8L3QtHq2DYw5mnthqQjgfjRVrfShNDaKA0zXr+hPFNtozxZ -0NGA+OeDZWwT3TcpZ14+uwJkob4/0U165KMHmzhHjwKBgQDd7RfgePWsT/pB4Imd -I/u1KC/7AkqBHx81kCL2XTFtKoSYKAKjHo/VfoQiohPvEdpJuP7dRIdKN/leC9xF -TGe/TRjv6Sir6a61iHAKRif7gorMMu7WMPS4gt9/A+uVRD2ywsYBUOYqJGmjbRKM -RHwR71NJ2edSI3i6/3TBJTbnSg== ------END PRIVATE KEY----- diff --git a/single-node/config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem b/single-node/config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem deleted file mode 100644 index ac273dcc..00000000 --- a/single-node/config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDdjCCAl6gAwIBAgIUBTzs7SaBLAIqAkrE7TopFWYJguIwDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDMzMTE1NTg1OFoXDTMyMDMyODE1NTg1OFowXDELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEYMBYGA1UEAwwPd2F6dWguZGFzaGJvYXJkMIIBIjANBgkq -hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8o3r2shPe/VB9GPCITerTEosJa/AtRO -FJitaEyvuH48tP86MmgX8HGFZhqqnDw7w3VOK/d+0jz/awjxh9uIFLqAC/nNROCM -kdYgj7NjfFHMkQEH2V97d0kg+x8RZkbSpU8qS9VHO9DRGWl1ZrAUCFwWKTnyTQBI -3G7w+awdn5mFGfEE8fmjYsE5yyTFAJKmsdTQEkYZ1cPY6DCeNatsr3kd1pNn9Dg4 -hmCw3pCB9xTrhn9cqRSA38qzBIeVWCZyKmK4GbdpY7jHFTu0x5FvI4We5ft3DE9y -11TK+D2OtWneTcOW89nx2cqOq5dg+yrO7NFlZLp/ZCkX/ZwnkTAK6wIDAQABo1cw -VTAfBgNVHSMEGDAWgBSHBWT/PFxs1TqUNH14PVS1t0YypTAJBgNVHRMEAjAAMAsG -A1UdDwQEAwIE8DAaBgNVHREEEzARgg93YXp1aC5kYXNoYm9hcmQwDQYJKoZIhvcN -AQELBQADggEBAKatO2nfF24Z9mrYzyHBs4BN0m7H29VrYi953YB7qKlWOr8CDFGe -olfaDgrY7Hc7MM5kzGtCF7POywVMfX6ug9WiAeYX+kaAJxHYctwy/AMyYeEhDjKx -et/SD++rR8V6EDeuevag+21HhqzOptiRKAyg1P13B4d8/UwK/d42T8Rgujh4tAB1 -PYN269ID3tQ3GMG1y0QaAwtpPEpBv3AF/kANVkHV+rwtWyKQKK8WEVxcqAppY1ap -AY4zUTpEO8rAZXSfOk/tJ9hPJrF6+Ld44pcxDzw1fs0LOY4r/RY9V4DT0ayForrG -uBUpPEkB1rh1eHAi1OWfNj4sseYMysYmz5c= ------END CERTIFICATE----- diff --git a/single-node/config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem b/single-node/config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem deleted file mode 100644 index 376ccf7a..00000000 --- a/single-node/config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC8V/BRL1YWMZmO -YCNBMtSxLnyBUOkVneF+o6fNuAF2szv/H2CpH9oEpmH4gB9x66bNNuwfb2THOwfO -fYySA3IGwyKk8xyC1+6mW0QIWzNvAYROBpDD0lZwMxLwf3PecFXzN2hEuTOPavS6 -B6BaTlhYfOgSFwKQUJIKLzq+/TfwzJUW87/5uI6+GpSXdVBFFOrjcmntxahMrnBv -3mxJlsr60LHcfXcPc+qtrNGVmmD/V0sFE0Gi9m07vpK2nDnja0IME4A6s/Jo0TlX -pGKlXi8BXixjas1WZn9gfe7VrTtCYpkGFLjWC+Rz1tHBnwKkjoVNQrxrvd7h7tU/ -OmSs7gTHAgMBAAECggEBALIbWvf7EqakOvknss8aGYaAVl8Xu4OkrLRMYQgqZL/y -WN82tfrZUxuol+ceih354eAYewxzE9NP4F8F3SPLPE5mw+FGwYR+XIFWtyxLyoTD -43DBxq5Xv0QVGGjzrggBJVZ95A1xMfADDfDJ+3rKscLkQ7Wvqs38U05sQVqRLRB5 -VnArp6hn5Lj4Y37/6ER2hyB/CahE5i6SQTe8dWHlvs3eiXfeXx7AmJzvNRezH9Zo -LVUDoGpdU7Zm5eo0kQevfHjs1Wrtn4Oq+tev+WSninOWR1j/2T0T7SLNI6cABP/K -LtObnhdZhpMEiWe7AN/oDxrkEo954QZTkj3Dkub2QWECgYEA7DEDBYMEGMmvQbKx -jF1qtWqHABdbjR29YtFfpcAm8yAadaftvX0qZq7Ym2DwHCwPX8O8kpGUpN5zYr+W -xsja1s/bUDat82on2RRn1+e5cBfJ1dyLGisvMu1QN1/b/593WfZwbPGxDq5nFjUd -1SyJE0/EKSCnNjcTNpgLbEB9+XECgYEAzCOj48yhIfhQY8UhUgDojiEhEhAmrMBY -MYb+LZvTg5b2fruPwgsA/MADoL68pwF0LSSoysbS7SIFEUTvyHv3zjNvtPR3kEuE -/JHS4vppFvuFKozf+tMHcIIF7pigyLRkGpePgPaeQ86AvKitq8YHn0I8nVD15n2f -0TlLl+hZhbcCgYBd+8q2AMI6ktZ4EADyV6HEepUphiHZ70GS9rlWnTVifR3KP34s -bofWwDBU86fXrfiYJKz+rYs2Z4YGfzIh+36JB8C/FGL3fwBIMwR3Ny/k2LJptQ5s -5U4st525yx0hhHTbiWKHF01bCC7g+VXbo5MP6iemLeYbfqLYkHvLIYZ/IQKBgENe -T6vR0Cthw0XpvIFPg2/ERyGq6th/8ZsGrcNndXory9UvGNY0w3Kl+4yE5cVHmYt8 -WafxzZIsc/erBGbpYnJOT0MsmnioM48WoL3/XccT4nKUYyZnlkDu5/5BqG4T+iU8 -d0NcIAbIk3uvPwE9LS7FsTNJkJ0sQB3QBr5vE3wpAoGBAM5aCO/GIa++tCQZ5N9x -eNd3Uta8C6JI+KVROCNda8auFHeh9lfYgv1Kj64nmJZErG4PwuYwdWQ8FnDrpM+f -YMRz/rpcvqL01XswnYgr72EV/qnEDtVLG4x6rY0n2Rd2/i4NMMIcqxVZZdnoAh7A -Y+IqIDCAvPM/NjRTAMUDqFj3 ------END PRIVATE KEY----- diff --git a/single-node/config/wazuh_indexer_ssl_certs/wazuh.indexer.pem b/single-node/config/wazuh_indexer_ssl_certs/wazuh.indexer.pem deleted file mode 100644 index 6fd0dfba..00000000 --- a/single-node/config/wazuh_indexer_ssl_certs/wazuh.indexer.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDcjCCAlqgAwIBAgIUBTzs7SaBLAIqAkrE7TopFWYJguAwDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDMzMTE1NTg1OFoXDTMyMDMyODE1NTg1OFowWjELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEWMBQGA1UEAwwNd2F6dWguaW5kZXhlcjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBALxX8FEvVhYxmY5gI0Ey1LEufIFQ6RWd4X6j -p824AXazO/8fYKkf2gSmYfiAH3Hrps027B9vZMc7B859jJIDcgbDIqTzHILX7qZb -RAhbM28BhE4GkMPSVnAzEvB/c95wVfM3aES5M49q9LoHoFpOWFh86BIXApBQkgov -Or79N/DMlRbzv/m4jr4alJd1UEUU6uNyae3FqEyucG/ebEmWyvrQsdx9dw9z6q2s -0ZWaYP9XSwUTQaL2bTu+kracOeNrQgwTgDqz8mjROVekYqVeLwFeLGNqzVZmf2B9 -7tWtO0JimQYUuNYL5HPW0cGfAqSOhU1CvGu93uHu1T86ZKzuBMcCAwEAAaNVMFMw -HwYDVR0jBBgwFoAUhwVk/zxcbNU6lDR9eD1UtbdGMqUwCQYDVR0TBAIwADALBgNV -HQ8EBAMCBPAwGAYDVR0RBBEwD4INd2F6dWguaW5kZXhlcjANBgkqhkiG9w0BAQsF -AAOCAQEAXAgTFAGo4BVcGSCSRtqpW2Y6NmYOx2n60sN+1Gkvqkto8qngimr/D3o0 -Biy14GO5Y8he9lVVXaM/r5UTm96VRYRoTP2jug6J2wBAag/gTIBbwwwV71luBAq6 -jiccjPSdrZumHj0alO1yMYAxTowqg9wiBlzYgDiURmaX6Yty+48BGiwetAxdb9FI -XW9fJgWdvjdPzbdtB60ce9mqdKKg1gHzIQaBKYuYxNfHaJ6NEO6NqBGiXKJ0RFDG -cZ8L5U+vieD/9re0v0wUPjfOyccqg684/Hexiad3uQpeppFGKqdwSMR4WjYIsvWu -55a2YACV03UKQrwTb+Kn4ejlWKF8rA== ------END CERTIFICATE----- diff --git a/single-node/config/wazuh_indexer_ssl_certs/wazuh.manager-key.pem b/single-node/config/wazuh_indexer_ssl_certs/wazuh.manager-key.pem deleted file mode 100644 index ebb7cc55..00000000 --- a/single-node/config/wazuh_indexer_ssl_certs/wazuh.manager-key.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDe35HaipLAWf9F -PxdMNeH6e3iQS39iQs9TgVsnxMw3Xvhi17kyt42sEfZkzxT0nHirQXNI5cAYHZR8 -baa25vMdNPQTX1OxdeL8ptsvDnn37pREbxlqZN4rZ7mIrIVSbCoS0f/nrk2EZVeD -vTqU6zWtVPmXMfRGl/cAQLP+ieTB8ZkmKzwNn7/hyj3qVbX2201JLZIKhUlo02gD -u5XnVuQZJG244G6BmBJTb9Bq8K7NwJmAKRxVgAWLrbwneyn3X67UoZn7tbO2QyyG -JRR5dnapi6EpSx27uMHNWptUp51/TxgIuP7bw8ZAv81RTy2jlYHzR3tZGapWVAeH -B8S+SCnJAgMBAAECggEBAJWLIcynyowyVuxZxwIl7Xkqu9zmK5T9CywW0dk/XV+R -48w+v09ehjr82n0NzhvLmdQfWIGDV39W6bkLwh9bm6jvTQ5qmjeqyCGKu+s5JXHM -rcO1YDJZeBFbycwBJnwFg72ZFsKX2/+IGE6W++XMZPnm2IowxJ1RfjS3NY8Ha20N -s9Pilp801fnBkEXr5dFwMggeD9mbALa9MW0KuXCGwIIeXbsIP7C/HohTxgwp+cxg -0FqagILBcQ0Gw+cx2f2WFY5d238OMWF9S6587T8A1wIXUVfqyv0TIwJh8kQWgUxz -LXYZYQxC4bty8TEh58hsTlrBw4Y0vtNM51yevGtjdGECgYEA/4c3vHANOKY25z/j -LkRAhhBqQxSO2Hl3tTC0l54yZ6KJ/pdQik+66mRe10hUcfCES/5FzHlJIiF1sVFa -N6n4AigrzF8opjRYLoM/JEMFZKBITkYT9huh9CY1MN5gvXJgEjxHaZ3gr7BBhNfj -/Ds/v7oP4sGx8c4RxxC5lxpa7i0CgYEA30jqtHQpF4AuIqKZTbfbClThfOgvCX93 -mEPEmckcv8GUpfZvhNqmul/IYxPSwGtNh875DheDg37COAwhqVZhqPH5R4vAaJgt -BqDqsLjzRtstWDmAsyue+HfJmujLmaBqdv+ZZWzPS285gLL3AuoHUEnF7t43wZ0d -CUCtEI4Gx40CgYEAlDJe7+nosRctNncGEhpBdb9lcZwlsITaGXqy8lAsmZBaCg7G -BkFxfWlS2/a2CxLcF5rT7l/VO3c+Y+Vztl7cWJvlsvTphWNMVUWHREeehBq1dLgN -8albB1d1d+8xGg6Qi2LsY+PNoPdPOHVhYzMVqOOHPRLrWfsSsmoPyQPfAs0CgYBN -PX0rpY9deNL82kCsGPDl9wz116AF6hlmC/Nju6V9VCrm6oQTckwA5wd79qyOMdBl -LZ0MWef9wgjPuKqgWKh5+BLixB5wUEwrIdlt/tzxYvqhrWqvEGTy0QVl2CguYcbS -mYLoCib/kl9S/RXj5S9Yf9y/0BF7oa0cuUnlEyyXNQKBgFktEg1mnIZ4NNurwVVy -GscbGTaNqiLCVar5/sEICAb46oWeEiTubm9nIrml7L5PHgWBX8ko0bCNECvZB6oP -hsHTw5q7mSPT//TO9hQhNK2WvK82e8yuuNGEiAZ1TIHILqxDCcTKPATIU/PO//aZ -ziy5/xTwidJVHqPBuZrjHLD9 ------END PRIVATE KEY----- diff --git a/single-node/config/wazuh_indexer_ssl_certs/wazuh.manager.pem b/single-node/config/wazuh_indexer_ssl_certs/wazuh.manager.pem deleted file mode 100644 index 9d0e69fd..00000000 --- a/single-node/config/wazuh_indexer_ssl_certs/wazuh.manager.pem +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDcjCCAlqgAwIBAgIUBTzs7SaBLAIqAkrE7TopFWYJguEwDQYJKoZIhvcNAQEL -BQAwNTEOMAwGA1UECwwFV2F6dWgxDjAMBgNVBAoMBVdhenVoMRMwEQYDVQQHDApD -YWxpZm9ybmlhMB4XDTIyMDMzMTE1NTg1OFoXDTMyMDMyODE1NTg1OFowWjELMAkG -A1UEBhMCVVMxEzARBgNVBAcMCkNhbGlmb3JuaWExDjAMBgNVBAoMBVdhenVoMQ4w -DAYDVQQLDAVXYXp1aDEWMBQGA1UEAwwNd2F6dWgubWFuYWdlcjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAN7fkdqKksBZ/0U/F0w14fp7eJBLf2JCz1OB -WyfEzDde+GLXuTK3jawR9mTPFPSceKtBc0jlwBgdlHxtprbm8x009BNfU7F14vym -2y8OeffulERvGWpk3itnuYishVJsKhLR/+euTYRlV4O9OpTrNa1U+Zcx9EaX9wBA -s/6J5MHxmSYrPA2fv+HKPepVtfbbTUktkgqFSWjTaAO7ledW5BkkbbjgboGYElNv -0Grwrs3AmYApHFWABYutvCd7KfdfrtShmfu1s7ZDLIYlFHl2dqmLoSlLHbu4wc1a -m1SnnX9PGAi4/tvDxkC/zVFPLaOVgfNHe1kZqlZUB4cHxL5IKckCAwEAAaNVMFMw -HwYDVR0jBBgwFoAUhwVk/zxcbNU6lDR9eD1UtbdGMqUwCQYDVR0TBAIwADALBgNV -HQ8EBAMCBPAwGAYDVR0RBBEwD4INd2F6dWgubWFuYWdlcjANBgkqhkiG9w0BAQsF -AAOCAQEAJzaP0Ui4dnXJnruBNIu/XjZUC82+BmQ+DhwfQO5BKT9DXSllGLli2ZcQ -fRmaaqtgO8T3ar/eMVH7296qZNrLvNLBjyuxm1fOKyDtANTUsJdXbpHJuzWrq9rT -BvovBkrP3HJQNX3R9nHM+ZcrONA4uQCgDTqNnvle9N3R7FhXVMFtrMlha1N1jehJ -hs9JGfVA0W3txw8nPiyLs1xyenQSALpROntIr5e8zN+GVRGtYCDjk4Mcuiw9TNqc -mVKADqxH2CBOQ/+tpOvmUFC6iLf2hPcp/gQ2Bgp/6L2ko4KYsLGTeA34OZJuSjIh -9zldYNWPUbg4IcpMhQ8rXE1qetOlug== ------END CERTIFICATE----- From dd179c82dc20d86d6f3fc85b5b85b456a537a9ec Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 31 Mar 2022 13:39:53 -0300 Subject: [PATCH 107/163] Add persistence in single node --- single-node/README.md | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/single-node/README.md b/single-node/README.md index 9ae37099..605c61dd 100644 --- a/single-node/README.md +++ b/single-node/README.md @@ -7,21 +7,25 @@ In case of upgrading from 4.2, the deployment hosted in the multi-node directory For the next deployment, the following steps must be performed: 1) Increase max_map_count on your host (Linux) - +``` $ sysctl -w vm.max_map_count=262144 - +``` This command must be run with root permissions 2) Run the certificate creation script: - +``` $ docker-compose -f generate-indexer-certs.yml run --rm generator - +``` 3) Start the stack with docker-compose: In Foregroud: +``` $ docker-compose up +``` -Background +Background: +``` $ docker-compose up -d +``` The stack takes about 1 minute to get up for the first time, since Wazuh Indexer must be started for the first time and the Indexes and Index Patterns must be generated. \ No newline at end of file From 3914ea7639809c354a8d510cf2f425cefd5814dd Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 31 Mar 2022 13:59:49 -0300 Subject: [PATCH 108/163] Add persistence in single node --- build-docker-images/README.md | 16 ++++++++++++++++ indexer_certs_creator/README.md | 9 +++++++++ multi-node/README.md | 31 +++++++++++++++++++++++++++++++ single-node/README.md | 8 +++++--- 4 files changed, 61 insertions(+), 3 deletions(-) create mode 100644 build-docker-images/README.md create mode 100644 indexer_certs_creator/README.md create mode 100644 multi-node/README.md diff --git a/build-docker-images/README.md b/build-docker-images/README.md new file mode 100644 index 00000000..d7a09f6d --- /dev/null +++ b/build-docker-images/README.md @@ -0,0 +1,16 @@ +# Wazuh Docker Image Builder + +By executing this stack, the Docker images of Wazuh manager, indexer and dashboard are created. +This process can be used in case of any problem accessing the Docker images that are hosted on Docker Hub. + +To execute this process, the following command must be executed: + +``` +$ docker-compose up -d --build +``` + +Once the image creation process is finished, a Wazuh test stack will also be executed, which must be terminated with the following command: + +``` +$ docker-compose down +``` \ No newline at end of file diff --git a/indexer_certs_creator/README.md b/indexer_certs_creator/README.md new file mode 100644 index 00000000..b7dbc565 --- /dev/null +++ b/indexer_certs_creator/README.md @@ -0,0 +1,9 @@ +# Certificate creation image build + +The dockerfile hosted in this directory is used to build the image used to boot Wazuh's single node and multi node stacks. + +To create the image, the following command must be executed: + +``` +$ docker build -t wazuh/wazuh-certs-generator:0.0.1 . +``` diff --git a/multi-node/README.md b/multi-node/README.md new file mode 100644 index 00000000..b646c5e0 --- /dev/null +++ b/multi-node/README.md @@ -0,0 +1,31 @@ +# Deploy Wazuh Docker in multi node configuration + +This deployment generates a Docker Compose stack with 2 Wazuh Manager container, 3 Wazuh Indexer container and 1 Wazuh Dashboard container. + +For the next deployment, the following steps must be performed: + +1) Increase max_map_count on your host (Linux) +``` +$ sysctl -w vm.max_map_count=262144 +``` + This command must be run with root permissions + + +2) Run the certificate creation script: +``` +$ docker-compose -f generate-indexer-certs.yml run --rm generator +``` +3) Start the stack with docker-compose: + + In Foregroud: +``` +$ docker-compose up +``` + + In Background: +``` +$ docker-compose up -d +``` + + +The stack takes about 1 minute to get up for the first time, since Wazuh Indexer must be started for the first time and the Indexes and Index Patterns must be generated. \ No newline at end of file diff --git a/single-node/README.md b/single-node/README.md index 605c61dd..a89039e9 100644 --- a/single-node/README.md +++ b/single-node/README.md @@ -10,7 +10,8 @@ For the next deployment, the following steps must be performed: ``` $ sysctl -w vm.max_map_count=262144 ``` -This command must be run with root permissions + This command must be run with root permissions + 2) Run the certificate creation script: ``` @@ -18,14 +19,15 @@ $ docker-compose -f generate-indexer-certs.yml run --rm generator ``` 3) Start the stack with docker-compose: -In Foregroud: + In Foregroud: ``` $ docker-compose up ``` -Background: + In Background: ``` $ docker-compose up -d ``` + The stack takes about 1 minute to get up for the first time, since Wazuh Indexer must be started for the first time and the Indexes and Index Patterns must be generated. \ No newline at end of file From 50cb61443e639b4887f35b31add31f25a92969ef Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 31 Mar 2022 14:35:41 -0300 Subject: [PATCH 109/163] Add persistence in single node --- {indexer_certs_creator => indexer-certs-creator}/Dockerfile | 0 {indexer_certs_creator => indexer-certs-creator}/README.md | 0 .../config/entrypoint.sh | 0 3 files changed, 0 insertions(+), 0 deletions(-) rename {indexer_certs_creator => indexer-certs-creator}/Dockerfile (100%) rename {indexer_certs_creator => indexer-certs-creator}/README.md (100%) rename {indexer_certs_creator => indexer-certs-creator}/config/entrypoint.sh (100%) diff --git a/indexer_certs_creator/Dockerfile b/indexer-certs-creator/Dockerfile similarity index 100% rename from indexer_certs_creator/Dockerfile rename to indexer-certs-creator/Dockerfile diff --git a/indexer_certs_creator/README.md b/indexer-certs-creator/README.md similarity index 100% rename from indexer_certs_creator/README.md rename to indexer-certs-creator/README.md diff --git a/indexer_certs_creator/config/entrypoint.sh b/indexer-certs-creator/config/entrypoint.sh similarity index 100% rename from indexer_certs_creator/config/entrypoint.sh rename to indexer-certs-creator/config/entrypoint.sh From 9887b103c309eae55bc74e3d961e742328133bb0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alberto=20Rodr=C3=ADguez?= Date: Thu, 31 Mar 2022 21:10:09 +0200 Subject: [PATCH 110/163] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 682d7d21..8419df5c 100644 --- a/README.md +++ b/README.md @@ -129,7 +129,7 @@ ADMIN_PRIVILEGES=true # App privileges │   │   └── wazuh.repo │   └── Dockerfile ├── CHANGELOG.md - ├── indexer_certs_creator + ├── indexer-certs-creator │   ├── config │   │   └── entrypoint.sh │   └── Dockerfile From 2f4b127787edf7f9ba35eed25aef0015d8eaa5d0 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 31 Mar 2022 17:10:19 -0300 Subject: [PATCH 111/163] Wazuh master name fix --- multi-node/Migration-to-Wazuh-4.3.md | 4 ++-- multi-node/config/wazuh_cluster/wazuh_manager.conf | 2 +- multi-node/config/wazuh_cluster/wazuh_worker.conf | 2 +- multi-node/volume-migrator.sh | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/multi-node/Migration-to-Wazuh-4.3.md b/multi-node/Migration-to-Wazuh-4.3.md index 528d8fa6..20351ca8 100644 --- a/multi-node/Migration-to-Wazuh-4.3.md +++ b/multi-node/Migration-to-Wazuh-4.3.md @@ -1,4 +1,4 @@ -# Opendistro data migration to Wazuh indexer on docker. +# Opendistro data migration to Wazuh indexer on docker. This procedure explains how to migrate Opendistro data from Opendistro to Wazuh indexer in docker production deployments. The example is migrating from v4.2 to v4.3. @@ -51,7 +51,7 @@ docker volume create \ --label com.docker.compose.project=multi-node \ --label com.docker.compose.version=1.25.0 \ --label com.docker.compose.volume=master_wazuh_etc \ - wazuh-master_docker_wazuh_etc + multi-node_docker_wazuh_etc ``` ``` docker volume create \ diff --git a/multi-node/config/wazuh_cluster/wazuh_manager.conf b/multi-node/config/wazuh_cluster/wazuh_manager.conf index 8b6c33cb..fddb7fc6 100644 --- a/multi-node/config/wazuh_cluster/wazuh_manager.conf +++ b/multi-node/config/wazuh_cluster/wazuh_manager.conf @@ -332,7 +332,7 @@ 1516 0.0.0.0 - wazuh-master + wazuh.master no no diff --git a/multi-node/config/wazuh_cluster/wazuh_worker.conf b/multi-node/config/wazuh_cluster/wazuh_worker.conf index a91e6e16..30670045 100644 --- a/multi-node/config/wazuh_cluster/wazuh_worker.conf +++ b/multi-node/config/wazuh_cluster/wazuh_worker.conf @@ -332,7 +332,7 @@ 1516 0.0.0.0 - wazuh-master + wazuh.master no no diff --git a/multi-node/volume-migrator.sh b/multi-node/volume-migrator.sh index 7a4a0738..f11a1da6 100755 --- a/multi-node/volume-migrator.sh +++ b/multi-node/volume-migrator.sh @@ -26,7 +26,7 @@ docker volume create \ --label com.docker.compose.project=$2 \ --label com.docker.compose.version=$1 \ --label com.docker.compose.volume=master_wazuh_etc \ - wazuh-master_docker_wazuh_etc + $2_docker_wazuh_etc docker volume create \ --label com.docker.compose.project=$2 \ From 621095329eb788cb1a185e4664cdc7002ffa3d1c Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Thu, 31 Mar 2022 18:40:44 -0300 Subject: [PATCH 112/163] Fix permission in certificates --- indexer_certs_creator/config/entrypoint.sh | 3 ++- wazuh-dashboard/config/config.sh | 3 ++- wazuh-indexer/config/config.sh | 3 +++ 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/indexer_certs_creator/config/entrypoint.sh b/indexer_certs_creator/config/entrypoint.sh index 6ab0ba05..3efb877e 100644 --- a/indexer_certs_creator/config/entrypoint.sh +++ b/indexer_certs_creator/config/entrypoint.sh @@ -38,4 +38,5 @@ chmod 700 /$CERT_TOOL echo "Moving created certificates to destination directory" cp /wazuh-certificates/* /certificates/ echo "changing certificate permissions" -chmod -R 666 /certificates/* +chmod -R 500 /certificates +chmod -R 400 /certificates/* diff --git a/wazuh-dashboard/config/config.sh b/wazuh-dashboard/config/config.sh index 629a5988..71cc485b 100644 --- a/wazuh-dashboard/config/config.sh +++ b/wazuh-dashboard/config/config.sh @@ -38,4 +38,5 @@ cp /wazuh-certificates/demo.dashboard.pem ${CONFIG_DIR}/certs/dashboard.pem cp /wazuh-certificates/demo.dashboard-key.pem ${CONFIG_DIR}/certs/dashboard-key.pem cp /wazuh-certificates/root-ca.pem ${CONFIG_DIR}/certs/root-ca.pem -chmod 640 ${CONFIG_DIR}/certs/* +chmod -R 500 ${CONFIG_DIR}/certs +chmod -R 400 ${CONFIG_DIR}/certs/* \ No newline at end of file diff --git a/wazuh-indexer/config/config.sh b/wazuh-indexer/config/config.sh index a56a52d7..2c9de154 100644 --- a/wazuh-indexer/config/config.sh +++ b/wazuh-indexer/config/config.sh @@ -104,3 +104,6 @@ cp -pr /wazuh-certificates/root-ca.key ${TARGET_DIR}${CONFIG_DIR}/root-ca.key cp -pr /wazuh-certificates/root-ca.pem ${TARGET_DIR}${CONFIG_DIR}/root-ca.pem cp -pr /wazuh-certificates/admin.pem ${TARGET_DIR}${CONFIG_DIR}/admin.pem cp -pr /wazuh-certificates/admin-key.pem ${TARGET_DIR}${CONFIG_DIR}/admin-key.pem + +chmod -R 500 ${TARGET_DIR}${CONFIG_DIR} +chmod -R 400 ${TARGET_DIR}${CONFIG_DIR}/* \ No newline at end of file From 6cde5f5c600fc1c68103456a0265e0d8979c4b4c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alberto=20Rodr=C3=ADguez?= Date: Fri, 1 Apr 2022 11:23:30 +0200 Subject: [PATCH 113/163] Update README.md --- build-docker-images/README.md | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/build-docker-images/README.md b/build-docker-images/README.md index d7a09f6d..5839ac52 100644 --- a/build-docker-images/README.md +++ b/build-docker-images/README.md @@ -1,16 +1,13 @@ # Wazuh Docker Image Builder -By executing this stack, the Docker images of Wazuh manager, indexer and dashboard are created. -This process can be used in case of any problem accessing the Docker images that are hosted on Docker Hub. - -To execute this process, the following command must be executed: +This stack allows you to build the Wazuh manager, indexer, and dashboard images locally by running the command: ``` $ docker-compose up -d --build ``` -Once the image creation process is finished, a Wazuh test stack will also be executed, which must be terminated with the following command: +Once the image creation process is finished, a Wazuh single-node environment will be spinned up. It can be terminated with the following command: ``` $ docker-compose down -``` \ No newline at end of file +``` From 42df77d89cc2f89bcfdbee45ebdccdd095ab0a2a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alberto=20Rodr=C3=ADguez?= Date: Fri, 1 Apr 2022 11:34:52 +0200 Subject: [PATCH 114/163] Update README.md --- multi-node/README.md | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) diff --git a/multi-node/README.md b/multi-node/README.md index b646c5e0..f06963e8 100644 --- a/multi-node/README.md +++ b/multi-node/README.md @@ -1,31 +1,26 @@ # Deploy Wazuh Docker in multi node configuration -This deployment generates a Docker Compose stack with 2 Wazuh Manager container, 3 Wazuh Indexer container and 1 Wazuh Dashboard container. +This deployment is defined in the `docker-compose.yml` file with two Wazuh manager containers, three Wazuh indexer containers, and one Wazuh dashboard container. It can be deployed by following these steps: -For the next deployment, the following steps must be performed: - -1) Increase max_map_count on your host (Linux) +1) Increase max_map_count on your host (Linux). This command must be run with root permissions: ``` $ sysctl -w vm.max_map_count=262144 ``` - This command must be run with root permissions - - 2) Run the certificate creation script: ``` $ docker-compose -f generate-indexer-certs.yml run --rm generator ``` -3) Start the stack with docker-compose: +3) Start the environment with docker-compose: - In Foregroud: +- In Foregroud: ``` $ docker-compose up ``` - In Background: +- In Background: ``` $ docker-compose up -d ``` -The stack takes about 1 minute to get up for the first time, since Wazuh Indexer must be started for the first time and the Indexes and Index Patterns must be generated. \ No newline at end of file +The environment takes about 1 minute to get up (depending on your Docker host) for the first time since Wazuh Indexer must be started for the first time and the Indexes and Index Patterns must be generated. From 139065a87c5a2f1a35d998e5f19c8dca86eb3f34 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alberto=20Rodr=C3=ADguez?= Date: Fri, 1 Apr 2022 11:39:56 +0200 Subject: [PATCH 115/163] Update Migration-to-Wazuh-4.3.md --- multi-node/Migration-to-Wazuh-4.3.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/multi-node/Migration-to-Wazuh-4.3.md b/multi-node/Migration-to-Wazuh-4.3.md index 20351ca8..5b884743 100644 --- a/multi-node/Migration-to-Wazuh-4.3.md +++ b/multi-node/Migration-to-Wazuh-4.3.md @@ -8,16 +8,16 @@ Assuming that you have a v4.2 production deployment, perform the following steps **1. Stop 4.2 environment** `docker-compose -f production-cluster.yml stop` -**2. List Elastic volumesStop 4.2 environment** +**2. List elasticsearch volumes** `docker volume ls --filter name='wazuh-docker_elastic-data'` -**3. Inspect Elastic volume** +**3. Inspect elasticsearch volume** `docker volume inspect wazuh-docker_elastic-data-1` -**4. down the 4.2 environment.** +**4. Spin down the 4.2 environment.** `docker-compose -f production-cluster.yml down` -**5. Run the volume create command:** create new Indexer and Wazuh Manager volumes using the `com.docker.compose.version` label value from the previous command. +**5. Run the volume create command:** create new indexer and Wazuh manager volumes using the `com.docker.compose.version` label value from the previous command. ``` docker volume create \ --label com.docker.compose.project=multi-node \ @@ -193,7 +193,7 @@ docker volume create \ --label com.docker.compose.volume=worker-filebeat-var \ multi-node_worker-filebeat-var ``` -**6. Copy the volume content from Elastic to Wazuh indexer volumes and old Wazuh Manager content to new volumes.** +**6. Copy the volume content from elasticsearch to Wazuh indexer volumes and old Wazuh manager content to new volumes.** ``` docker container run --rm -it \ -v wazuh-docker_elastic-data-1:/from \ @@ -345,7 +345,7 @@ docker container run --rm -it \ alpine ash -c "cd /from ; cp -avp . /to" ``` -**Steps 5 and 6 can be done with the volume-migrator.sh script, specifying Docker Version and project name as parameters.** +**Steps 5 and 6 can be done with the volume-migrator.sh script, specifying Docker version and project name as parameters.** Ex: $ multi-node/volume-migrator.sh 1.25.0 multi-node @@ -357,4 +357,4 @@ docker-compose -f generate-indexer-certs.yml run --rm generator docker-compose up -d ``` -**8. Check the access to Wazuh dashboard**: go to the Wazuh Dashboard WebUI and check if everything is working. \ No newline at end of file +**8. Check the access to Wazuh dashboard**: go to the Wazuh dashboard using the web browser and check the data. From afb0d19a12595b0ca086f25f70ff613b0af0199d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alberto=20Rodr=C3=ADguez?= Date: Fri, 1 Apr 2022 11:53:39 +0200 Subject: [PATCH 116/163] Update README.md --- multi-node/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/multi-node/README.md b/multi-node/README.md index f06963e8..f97fea4d 100644 --- a/multi-node/README.md +++ b/multi-node/README.md @@ -23,4 +23,4 @@ $ docker-compose up -d ``` -The environment takes about 1 minute to get up (depending on your Docker host) for the first time since Wazuh Indexer must be started for the first time and the Indexes and Index Patterns must be generated. +The environment takes about 1 minute to get up (depending on your Docker host) for the first time since Wazuh Indexer must be started for the first time and the indexes and index patterns must be generated. From 8bb6650b2d19bcadb139d4ceefca94d5eae3ff7c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alberto=20Rodr=C3=ADguez?= Date: Fri, 1 Apr 2022 11:55:47 +0200 Subject: [PATCH 117/163] Update README.md --- multi-node/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/multi-node/README.md b/multi-node/README.md index f97fea4d..57120c28 100644 --- a/multi-node/README.md +++ b/multi-node/README.md @@ -12,12 +12,12 @@ $ docker-compose -f generate-indexer-certs.yml run --rm generator ``` 3) Start the environment with docker-compose: -- In Foregroud: +- In foregroud: ``` $ docker-compose up ``` -- In Background: +- In background: ``` $ docker-compose up -d ``` From 8b66ae464c767bea24a436cad58551ee22c49c4a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alberto=20Rodr=C3=ADguez?= Date: Fri, 1 Apr 2022 11:56:47 +0200 Subject: [PATCH 118/163] Update README.md --- multi-node/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/multi-node/README.md b/multi-node/README.md index 57120c28..c1e8b998 100644 --- a/multi-node/README.md +++ b/multi-node/README.md @@ -12,12 +12,12 @@ $ docker-compose -f generate-indexer-certs.yml run --rm generator ``` 3) Start the environment with docker-compose: -- In foregroud: +- In the foregroud: ``` $ docker-compose up ``` -- In background: +- In the background: ``` $ docker-compose up -d ``` From 5076bcc94933af8079d4556b593ab60c95217d40 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alberto=20Rodr=C3=ADguez?= Date: Fri, 1 Apr 2022 11:56:57 +0200 Subject: [PATCH 119/163] Update README.md --- single-node/README.md | 21 ++++++--------------- 1 file changed, 6 insertions(+), 15 deletions(-) diff --git a/single-node/README.md b/single-node/README.md index a89039e9..efd303c7 100644 --- a/single-node/README.md +++ b/single-node/README.md @@ -1,33 +1,24 @@ # Deploy Wazuh Docker in single node configuration -This deployment generates a Docker Compose stack with 1 Wazuh Manager container, 1 Wazuh Indexer container and 1 Wazuh Dashboard container. +This deployment is defined in the `docker-compose.yml` file with one Wazuh manager containers, one Wazuh indexer containers, and one Wazuh dashboard container. It can be deployed by following these steps: -In case of upgrading from 4.2, the deployment hosted in the multi-node directory should be reviewed - -For the next deployment, the following steps must be performed: - -1) Increase max_map_count on your host (Linux) +1) Increase max_map_count on your host (Linux). This command must be run with root permissions: ``` $ sysctl -w vm.max_map_count=262144 ``` - This command must be run with root permissions - - 2) Run the certificate creation script: ``` $ docker-compose -f generate-indexer-certs.yml run --rm generator ``` -3) Start the stack with docker-compose: +3) Start the environment with docker-compose: - In Foregroud: +- In the foregroud: ``` $ docker-compose up ``` - - In Background: +- In the background: ``` $ docker-compose up -d ``` - -The stack takes about 1 minute to get up for the first time, since Wazuh Indexer must be started for the first time and the Indexes and Index Patterns must be generated. \ No newline at end of file +The environment takes about 1 minute to get up (depending on your Docker host) for the first time since Wazuh Indexer must be started for the first time and the indexes and index patterns must be generated. From ecb6e322aa3d81b648d6aa05427701ffce0409ec Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 1 Apr 2022 08:53:10 -0300 Subject: [PATCH 120/163] Fix dashbaord --- single-node/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index 356160ea..5d5e3137 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -71,7 +71,7 @@ services: - 443:443 environment: - INDEXER_USERNAME=admin - - INDEXER_PASSWORD=admin + - INDEXER_PASSWORD=SecretPassword - WAZUH_API_URL=https://wazuh.manager - API_USERNAME=acme-user - API_PASSWORD=MyS3cr37P450r.*- From c8d8a51d6aaa0dc579a2019be3ddd2ee87feb2a1 Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Mon, 4 Apr 2022 16:35:04 -0300 Subject: [PATCH 121/163] Fix permision problem for manager and worker, setting uid correctly --- indexer-certs-creator/config/entrypoint.sh | 42 ++++++++++++++++++++++ multi-node/docker-compose.yml | 4 +-- single-node/docker-compose.yml | 2 +- 3 files changed, 45 insertions(+), 3 deletions(-) diff --git a/indexer-certs-creator/config/entrypoint.sh b/indexer-certs-creator/config/entrypoint.sh index 3efb877e..d8975d0f 100644 --- a/indexer-certs-creator/config/entrypoint.sh +++ b/indexer-certs-creator/config/entrypoint.sh @@ -30,6 +30,31 @@ fi chmod 700 /$CERT_TOOL +############################################################################## +# Functions +############################################################################## + +function cert_parseYaml() { + + local prefix=${2} + local s='[[:space:]]*' + local w='[a-zA-Z0-9_]*' + local fs=$(echo @|tr @ '\034') + sed -ne "s|^\($s\):|\1|" \ + -e "s|^\($s\)\($w\)$s:$s[\"']\(.*\)[\"']$s\$|\1$fs\2$fs\3|p" \ + -e "s|^\($s\)\($w\)$s:$s\(.*\)$s\$|\1$fs\2$fs\3|p" ${1} | + awk -F$fs '{ + indent = length($1)/2; + vname[indent] = $2; + for (i in vname) {if (i > indent) {delete vname[i]}} + if (length($3) > 0) { + vn=""; for (i=0; i Date: Mon, 4 Apr 2022 17:33:56 -0300 Subject: [PATCH 122/163] Set permission to 1000:1000 --- indexer-certs-creator/config/entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/indexer-certs-creator/config/entrypoint.sh b/indexer-certs-creator/config/entrypoint.sh index d8975d0f..4da3adb6 100644 --- a/indexer-certs-creator/config/entrypoint.sh +++ b/indexer-certs-creator/config/entrypoint.sh @@ -66,7 +66,7 @@ echo "changing certificate permissions" chmod -R 500 /certificates chmod -R 400 /certificates/* echo "Setting UID indexer and dashboard" -chown 1000 /certificates/* +chown 1000:1000 /certificates/* echo "Setting UID for wazuh manager and worker" cp /certificates/root-ca.pem /certificates/root-ca-manager.pem cp /certificates/root-ca.key /certificates/root-ca-manager.key From d9276985c3ea8165610b749cf00f29ee44609757 Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Tue, 5 Apr 2022 11:31:02 -0300 Subject: [PATCH 123/163] Move certificates to certs directory for dashboard --- .../wazuh-indexer/config/config.sh | 17 +++++++------- .../wazuh-indexer/config/entrypoint.sh | 4 ++-- .../wazuh-indexer/config/opensearch.yml | 12 +++++----- .../config/wazuh_indexer/wazuh1.indexer.yml | 12 +++++----- .../config/wazuh_indexer/wazuh2.indexer.yml | 12 +++++----- .../config/wazuh_indexer/wazuh3.indexer.yml | 12 +++++----- multi-node/docker-compose.yml | 22 +++++++++---------- single-node/docker-compose.yml | 10 ++++----- 8 files changed, 51 insertions(+), 50 deletions(-) diff --git a/build-docker-images/wazuh-indexer/config/config.sh b/build-docker-images/wazuh-indexer/config/config.sh index 2c9de154..a598ecf8 100644 --- a/build-docker-images/wazuh-indexer/config/config.sh +++ b/build-docker-images/wazuh-indexer/config/config.sh @@ -78,6 +78,7 @@ mkdir -p ${TARGET_DIR}/etc/default mkdir -p ${TARGET_DIR}/usr/lib/tmpfiles.d mkdir -p ${TARGET_DIR}/usr/lib/sysctl.d mkdir -p ${TARGET_DIR}/usr/lib/systemd/system +mkdir -p ${TARGET_DIR}${CONFIG_DIR}/certs # Move configuration files for wazuh-indexer mv -f ${BASE_DIR}/etc/init.d/${NAME} ${TARGET_DIR}/etc/init.d/${NAME} mv -f ${BASE_DIR}/etc/wazuh-indexer/* ${TARGET_DIR}${CONFIG_DIR} @@ -98,12 +99,12 @@ cp -pr /roles.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/s cp -pr /internal_users.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ cp -pr /opensearch.yml ${TARGET_DIR}${CONFIG_DIR} # Copy Wazuh indexer's certificates -cp -pr /wazuh-certificates/demo.indexer.pem ${TARGET_DIR}${CONFIG_DIR}/indexer.pem -cp -pr /wazuh-certificates/demo.indexer-key.pem ${TARGET_DIR}${CONFIG_DIR}/indexer-key.pem -cp -pr /wazuh-certificates/root-ca.key ${TARGET_DIR}${CONFIG_DIR}/root-ca.key -cp -pr /wazuh-certificates/root-ca.pem ${TARGET_DIR}${CONFIG_DIR}/root-ca.pem -cp -pr /wazuh-certificates/admin.pem ${TARGET_DIR}${CONFIG_DIR}/admin.pem -cp -pr /wazuh-certificates/admin-key.pem ${TARGET_DIR}${CONFIG_DIR}/admin-key.pem +cp -pr /wazuh-certificates/demo.indexer.pem ${TARGET_DIR}${CONFIG_DIR}/certs/indexer.pem +cp -pr /wazuh-certificates/demo.indexer-key.pem ${TARGET_DIR}${CONFIG_DIR}/certs/indexer-key.pem +cp -pr /wazuh-certificates/root-ca.key ${TARGET_DIR}${CONFIG_DIR}/certs/root-ca.key +cp -pr /wazuh-certificates/root-ca.pem ${TARGET_DIR}${CONFIG_DIR}/certs/root-ca.pem +cp -pr /wazuh-certificates/admin.pem ${TARGET_DIR}${CONFIG_DIR}/certs/admin.pem +cp -pr /wazuh-certificates/admin-key.pem ${TARGET_DIR}${CONFIG_DIR}/certs/admin-key.pem -chmod -R 500 ${TARGET_DIR}${CONFIG_DIR} -chmod -R 400 ${TARGET_DIR}${CONFIG_DIR}/* \ No newline at end of file +chmod -R 500 ${TARGET_DIR}${CONFIG_DIR}/certs +chmod -R 400 ${TARGET_DIR}${CONFIG_DIR}/certs/* \ No newline at end of file diff --git a/build-docker-images/wazuh-indexer/config/entrypoint.sh b/build-docker-images/wazuh-indexer/config/entrypoint.sh index f0a8b99f..157a9ba5 100644 --- a/build-docker-images/wazuh-indexer/config/entrypoint.sh +++ b/build-docker-images/wazuh-indexer/config/entrypoint.sh @@ -10,8 +10,8 @@ export OPENSEARCH_PATH_CONF=${INSTALLATION_DIR}/config export JAVA_HOME=${INSTALLATION_DIR}/jdk export DISCOVERY=$(grep -oP "(?<=discovery.type: ).*" ${OPENSEARCH_PATH_CONF}/opensearch.yml) export CACERT=$(grep -oP "(?<=plugins.security.ssl.transport.pemtrustedcas_filepath: ).*" ${OPENSEARCH_PATH_CONF}/opensearch.yml) -export CERT="${OPENSEARCH_PATH_CONF}/admin.pem" -export KEY="${OPENSEARCH_PATH_CONF}/admin-key.pem" +export CERT="${OPENSEARCH_PATH_CONF}/certs/admin.pem" +export KEY="${OPENSEARCH_PATH_CONF}/certs/admin-key.pem" run_as_other_user_if_needed() { if [[ "$(id -u)" == "0" ]]; then diff --git a/build-docker-images/wazuh-indexer/config/opensearch.yml b/build-docker-images/wazuh-indexer/config/opensearch.yml index 922e86e5..0a992fb7 100644 --- a/build-docker-images/wazuh-indexer/config/opensearch.yml +++ b/build-docker-images/wazuh-indexer/config/opensearch.yml @@ -4,12 +4,12 @@ path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer discovery.type: single-node compatibility.override_main_response_version: true -plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/indexer.pem -plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/indexer-key.pem -plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/root-ca.pem -plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/indexer.pem -plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/indexer-key.pem -plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/root-ca.pem +plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/indexer.pem +plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/indexer-key.pem +plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem +plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/indexer.pem +plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/indexer-key.pem +plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem plugins.security.ssl.http.enabled: true plugins.security.ssl.transport.enforce_hostname_verification: false plugins.security.ssl.transport.resolve_hostname: false diff --git a/multi-node/config/wazuh_indexer/wazuh1.indexer.yml b/multi-node/config/wazuh_indexer/wazuh1.indexer.yml index b3fdcf1f..bbcfc80e 100644 --- a/multi-node/config/wazuh_indexer/wazuh1.indexer.yml +++ b/multi-node/config/wazuh_indexer/wazuh1.indexer.yml @@ -12,12 +12,12 @@ discovery.seed_hosts: node.max_local_storage_nodes: "3" path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer -plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/wazuh1.indexer.pem -plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/wazuh1.indexer.key -plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/root-ca.pem -plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/wazuh1.indexer.pem -plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/wazuh1.indexer.key -plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/root-ca.pem +plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh1.indexer.pem +plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh1.indexer.key +plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem +plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh1.indexer.pem +plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh1.indexer.key +plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem plugins.security.ssl.http.enabled: true plugins.security.ssl.transport.enforce_hostname_verification: false plugins.security.ssl.transport.resolve_hostname: false diff --git a/multi-node/config/wazuh_indexer/wazuh2.indexer.yml b/multi-node/config/wazuh_indexer/wazuh2.indexer.yml index e7b8285f..4df75839 100644 --- a/multi-node/config/wazuh_indexer/wazuh2.indexer.yml +++ b/multi-node/config/wazuh_indexer/wazuh2.indexer.yml @@ -12,12 +12,12 @@ discovery.seed_hosts: node.max_local_storage_nodes: "3" path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer -plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/wazuh2.indexer.pem -plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/wazuh2.indexer.key -plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/root-ca.pem -plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/wazuh2.indexer.pem -plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/wazuh2.indexer.key -plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/root-ca.pem +plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh2.indexer.pem +plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh2.indexer.key +plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem +plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh2.indexer.pem +plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh2.indexer.key +plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem plugins.security.ssl.http.enabled: true plugins.security.ssl.transport.enforce_hostname_verification: false plugins.security.ssl.transport.resolve_hostname: false diff --git a/multi-node/config/wazuh_indexer/wazuh3.indexer.yml b/multi-node/config/wazuh_indexer/wazuh3.indexer.yml index 864acc26..1b923fed 100644 --- a/multi-node/config/wazuh_indexer/wazuh3.indexer.yml +++ b/multi-node/config/wazuh_indexer/wazuh3.indexer.yml @@ -12,12 +12,12 @@ discovery.seed_hosts: node.max_local_storage_nodes: "3" path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer -plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/wazuh3.indexer.pem -plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/wazuh3.indexer.key -plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/root-ca.pem -plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/wazuh3.indexer.pem -plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/wazuh3.indexer.key -plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/root-ca.pem +plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh3.indexer.pem +plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh3.indexer.key +plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem +plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh3.indexer.pem +plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh3.indexer.key +plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem plugins.security.ssl.http.enabled: true plugins.security.ssl.transport.enforce_hostname_verification: false plugins.security.ssl.transport.resolve_hostname: false diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index 00648130..877e684a 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -84,11 +84,11 @@ services: hard: 65536 volumes: - wazuh-indexer-data-1:/var/lib/wazuh-indexer - - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/root-ca.pem - - ./config/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem:/usr/share/wazuh-indexer/config/wazuh1.indexer.key - - ./config/wazuh_indexer_ssl_certs/wazuh1.indexer.pem:/usr/share/wazuh-indexer/config/wazuh1.indexer.pem - - ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/config/admin.pem - - ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/config/admin-key.pem + - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem + - ./config/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh1.indexer.key + - ./config/wazuh_indexer_ssl_certs/wazuh1.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh1.indexer.pem + - ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/config/certs/admin.pem + - ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/config/certs/admin-key.pem - ./config/wazuh_indexer/wazuh1.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml @@ -108,9 +108,9 @@ services: hard: 65536 volumes: - wazuh-indexer-data-2:/var/lib/wazuh-indexer - - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/root-ca.pem - - ./config/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem:/usr/share/wazuh-indexer/config/wazuh2.indexer.key - - ./config/wazuh_indexer_ssl_certs/wazuh2.indexer.pem:/usr/share/wazuh-indexer/config/wazuh2.indexer.pem + - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem + - ./config/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh2.indexer.key + - ./config/wazuh_indexer_ssl_certs/wazuh2.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh2.indexer.pem - ./config/wazuh_indexer/wazuh2.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml @@ -130,9 +130,9 @@ services: hard: 65536 volumes: - wazuh-indexer-data-3:/var/lib/wazuh-indexer - - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/root-ca.pem - - ./config/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem:/usr/share/wazuh-indexer/config/wazuh3.indexer.key - - ./config/wazuh_indexer_ssl_certs/wazuh3.indexer.pem:/usr/share/wazuh-indexer/config/wazuh3.indexer.pem + - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem + - ./config/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh3.indexer.key + - ./config/wazuh_indexer_ssl_certs/wazuh3.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh3.indexer.pem - ./config/wazuh_indexer/wazuh3.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index 12223290..d156e10b 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -55,11 +55,11 @@ services: hard: 65536 volumes: - wazuh-indexer-data:/var/lib/wazuh-indexer - - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/root-ca.pem - - ./config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/config/wazuh.indexer.key - - ./config/wazuh_indexer_ssl_certs/wazuh.indexer.pem:/usr/share/wazuh-indexer/config/wazuh.indexer.pem - - ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/config/admin.pem - - ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/config/admin-key.pem + - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem + - ./config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh.indexer.key + - ./config/wazuh_indexer_ssl_certs/wazuh.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh.indexer.pem + - ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/config/certs/admin.pem + - ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/config/certs/admin-key.pem - ./config/wazuh_indexer/wazuh.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml From 119eddd220de2abeb024c9727b8d375c0dec9334 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 5 Apr 2022 17:18:51 -0300 Subject: [PATCH 124/163] Misc fixes --- build-docker-images/wazuh-dashboard/Dockerfile | 9 +-------- build-docker-images/wazuh-dashboard/config/wazuh.yml | 6 ------ .../wazuh-indexer/config/roles_mapping.yml | 4 ++-- multi-node/config/wazuh_indexer/wazuh1.indexer.yml | 4 ++-- multi-node/config/wazuh_indexer/wazuh2.indexer.yml | 4 ++-- multi-node/config/wazuh_indexer/wazuh3.indexer.yml | 4 ++-- single-node/config/wazuh_indexer/wazuh.indexer.yml | 6 +++++- 7 files changed, 14 insertions(+), 23 deletions(-) diff --git a/build-docker-images/wazuh-dashboard/Dockerfile b/build-docker-images/wazuh-dashboard/Dockerfile index 8f38685f..8a40a99c 100644 --- a/build-docker-images/wazuh-dashboard/Dockerfile +++ b/build-docker-images/wazuh-dashboard/Dockerfile @@ -79,14 +79,7 @@ ENV PATTERN="" \ WAZUH_MONITORING_FREQUENCY="" \ WAZUH_MONITORING_SHARDS="" \ WAZUH_MONITORING_REPLICAS="" \ - ADMIN_PRIVILEGES="" \ - XPACK_CANVAS="true" \ - XPACK_LOGS="true" \ - XPACK_INFRA="true" \ - XPACK_ML="true" \ - XPACK_DEVTOOLS="true" \ - XPACK_MONITORING="true" \ - XPACK_APM="true" + ADMIN_PRIVILEGES="" # Create wazuh-dashboard user and group RUN getent group $GROUP || groupadd -r -g 1000 $GROUP diff --git a/build-docker-images/wazuh-dashboard/config/wazuh.yml b/build-docker-images/wazuh-dashboard/config/wazuh.yml index aeb519f7..2c5649d7 100644 --- a/build-docker-images/wazuh-dashboard/config/wazuh.yml +++ b/build-docker-images/wazuh-dashboard/config/wazuh.yml @@ -77,12 +77,6 @@ # List of index patterns to be ignored #ip.ignore: [] # -# -------------------------------- X-Pack RBAC --------------------------------- -# -# Custom setting to enable/disable built-in X-Pack RBAC security capabilities. -# Default: enabled -#xpack.rbac.enabled: true -# # ------------------------------ wazuh-monitoring ------------------------------ # # Custom setting to enable/disable wazuh-monitoring indices. diff --git a/build-docker-images/wazuh-indexer/config/roles_mapping.yml b/build-docker-images/wazuh-indexer/config/roles_mapping.yml index 7d8429cb..6f893132 100644 --- a/build-docker-images/wazuh-indexer/config/roles_mapping.yml +++ b/build-docker-images/wazuh-indexer/config/roles_mapping.yml @@ -1,6 +1,6 @@ --- -# In this file users, backendroles and hosts can be mapped to Open Distro Security roles. -# Permissions for Opendistro roles are configured in roles.yml +# In this file users, backendroles and hosts can be mapped to Wazuh indexer Security roles. +# Permissions for Wazuh indexer roles are configured in roles.yml _meta: type: "rolesmapping" diff --git a/multi-node/config/wazuh_indexer/wazuh1.indexer.yml b/multi-node/config/wazuh_indexer/wazuh1.indexer.yml index b3fdcf1f..8e1953db 100644 --- a/multi-node/config/wazuh_indexer/wazuh1.indexer.yml +++ b/multi-node/config/wazuh_indexer/wazuh1.indexer.yml @@ -36,6 +36,6 @@ plugins.security.restapi.roles_enabled: - "security_rest_api_access" plugins.security.allow_default_init_securityindex: true cluster.routing.allocation.disk.threshold_enabled: false -opendistro_security.audit.config.disabled_rest_categories: NONE -opendistro_security.audit.config.disabled_transport_categories: NONE +plugins.security.audit.config.disabled_rest_categories: NONE +plugins.security.audit.config.disabled_transport_categories: NONE compatibility.override_main_response_version: true diff --git a/multi-node/config/wazuh_indexer/wazuh2.indexer.yml b/multi-node/config/wazuh_indexer/wazuh2.indexer.yml index e7b8285f..f0472be3 100644 --- a/multi-node/config/wazuh_indexer/wazuh2.indexer.yml +++ b/multi-node/config/wazuh_indexer/wazuh2.indexer.yml @@ -36,6 +36,6 @@ plugins.security.restapi.roles_enabled: - "security_rest_api_access" plugins.security.allow_default_init_securityindex: true cluster.routing.allocation.disk.threshold_enabled: false -opendistro_security.audit.config.disabled_rest_categories: NONE -opendistro_security.audit.config.disabled_transport_categories: NONE +plugins.security.audit.config.disabled_rest_categories: NONE +plugins.security.audit.config.disabled_transport_categories: NONE compatibility.override_main_response_version: true \ No newline at end of file diff --git a/multi-node/config/wazuh_indexer/wazuh3.indexer.yml b/multi-node/config/wazuh_indexer/wazuh3.indexer.yml index 864acc26..15ca069e 100644 --- a/multi-node/config/wazuh_indexer/wazuh3.indexer.yml +++ b/multi-node/config/wazuh_indexer/wazuh3.indexer.yml @@ -36,6 +36,6 @@ plugins.security.restapi.roles_enabled: - "security_rest_api_access" plugins.security.allow_default_init_securityindex: true cluster.routing.allocation.disk.threshold_enabled: false -opendistro_security.audit.config.disabled_rest_categories: NONE -opendistro_security.audit.config.disabled_transport_categories: NONE +plugins.security.audit.config.disabled_rest_categories: NONE +plugins.security.audit.config.disabled_transport_categories: NONE compatibility.override_main_response_version: true \ No newline at end of file diff --git a/single-node/config/wazuh_indexer/wazuh.indexer.yml b/single-node/config/wazuh_indexer/wazuh.indexer.yml index ec3220ef..2f4de700 100644 --- a/single-node/config/wazuh_indexer/wazuh.indexer.yml +++ b/single-node/config/wazuh_indexer/wazuh.indexer.yml @@ -3,7 +3,6 @@ node.name: "wazuh.indexer" path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer discovery.type: single-node -compatibility.override_main_response_version: true plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/wazuh.indexer.pem plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/wazuh.indexer.key plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/root-ca.pem @@ -25,3 +24,8 @@ plugins.security.restapi.roles_enabled: - "security_rest_api_access" plugins.security.system_indices.enabled: true plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opensearch-observability", ".opendistro-asynchronous-search-response*", ".replication-metadata-store"] +plugins.security.allow_default_init_securityindex: true +cluster.routing.allocation.disk.threshold_enabled: false +plugins.security.audit.config.disabled_rest_categories: NONE +plugins.security.audit.config.disabled_transport_categories: NONE +compatibility.override_main_response_version: true \ No newline at end of file From ea9e03485c3786e988d30e99afb091e8b01a409c Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Wed, 6 Apr 2022 12:50:42 -0300 Subject: [PATCH 125/163] Modify to use source funtion cert_parseYaml of wazuh_cert_tools.sh --- indexer-certs-creator/config/entrypoint.sh | 28 ++-------------------- 1 file changed, 2 insertions(+), 26 deletions(-) diff --git a/indexer-certs-creator/config/entrypoint.sh b/indexer-certs-creator/config/entrypoint.sh index 4da3adb6..41817f22 100644 --- a/indexer-certs-creator/config/entrypoint.sh +++ b/indexer-certs-creator/config/entrypoint.sh @@ -30,31 +30,6 @@ fi chmod 700 /$CERT_TOOL -############################################################################## -# Functions -############################################################################## - -function cert_parseYaml() { - - local prefix=${2} - local s='[[:space:]]*' - local w='[a-zA-Z0-9_]*' - local fs=$(echo @|tr @ '\034') - sed -ne "s|^\($s\):|\1|" \ - -e "s|^\($s\)\($w\)$s:$s[\"']\(.*\)[\"']$s\$|\1$fs\2$fs\3|p" \ - -e "s|^\($s\)\($w\)$s:$s\(.*\)$s\$|\1$fs\2$fs\3|p" ${1} | - awk -F$fs '{ - indent = length($1)/2; - vname[indent] = $2; - for (i in vname) {if (i > indent) {delete vname[i]}} - if (length($3) > 0) { - vn=""; for (i=0; i Date: Wed, 6 Apr 2022 17:16:50 -0300 Subject: [PATCH 126/163] Miscelanious fixes --- multi-node/Migration-to-Wazuh-4.3.md | 9 +++++---- multi-node/config/wazuh_indexer/wazuh1.indexer.yml | 2 -- multi-node/config/wazuh_indexer/wazuh2.indexer.yml | 2 -- multi-node/config/wazuh_indexer/wazuh3.indexer.yml | 2 -- single-node/config/wazuh_indexer/wazuh.indexer.yml | 2 -- 5 files changed, 5 insertions(+), 12 deletions(-) diff --git a/multi-node/Migration-to-Wazuh-4.3.md b/multi-node/Migration-to-Wazuh-4.3.md index 5b884743..97d49f0e 100644 --- a/multi-node/Migration-to-Wazuh-4.3.md +++ b/multi-node/Migration-to-Wazuh-4.3.md @@ -17,7 +17,12 @@ Assuming that you have a v4.2 production deployment, perform the following steps **4. Spin down the 4.2 environment.** `docker-compose -f production-cluster.yml down` +**Steps 5 and 6 can be done with the volume-migrator.sh script, specifying Docker version and project name as parameters.** + +Ex: $ multi-node/volume-migrator.sh 1.25.0 multi-node + **5. Run the volume create command:** create new indexer and Wazuh manager volumes using the `com.docker.compose.version` label value from the previous command. + ``` docker volume create \ --label com.docker.compose.project=multi-node \ @@ -345,10 +350,6 @@ docker container run --rm -it \ alpine ash -c "cd /from ; cp -avp . /to" ``` -**Steps 5 and 6 can be done with the volume-migrator.sh script, specifying Docker version and project name as parameters.** - -Ex: $ multi-node/volume-migrator.sh 1.25.0 multi-node - **7. Start the 4.3 environment.** ``` git checkout 4.3 diff --git a/multi-node/config/wazuh_indexer/wazuh1.indexer.yml b/multi-node/config/wazuh_indexer/wazuh1.indexer.yml index 8e1953db..d48c01d9 100644 --- a/multi-node/config/wazuh_indexer/wazuh1.indexer.yml +++ b/multi-node/config/wazuh_indexer/wazuh1.indexer.yml @@ -36,6 +36,4 @@ plugins.security.restapi.roles_enabled: - "security_rest_api_access" plugins.security.allow_default_init_securityindex: true cluster.routing.allocation.disk.threshold_enabled: false -plugins.security.audit.config.disabled_rest_categories: NONE -plugins.security.audit.config.disabled_transport_categories: NONE compatibility.override_main_response_version: true diff --git a/multi-node/config/wazuh_indexer/wazuh2.indexer.yml b/multi-node/config/wazuh_indexer/wazuh2.indexer.yml index f0472be3..43d82e6b 100644 --- a/multi-node/config/wazuh_indexer/wazuh2.indexer.yml +++ b/multi-node/config/wazuh_indexer/wazuh2.indexer.yml @@ -36,6 +36,4 @@ plugins.security.restapi.roles_enabled: - "security_rest_api_access" plugins.security.allow_default_init_securityindex: true cluster.routing.allocation.disk.threshold_enabled: false -plugins.security.audit.config.disabled_rest_categories: NONE -plugins.security.audit.config.disabled_transport_categories: NONE compatibility.override_main_response_version: true \ No newline at end of file diff --git a/multi-node/config/wazuh_indexer/wazuh3.indexer.yml b/multi-node/config/wazuh_indexer/wazuh3.indexer.yml index 15ca069e..2ca2ff17 100644 --- a/multi-node/config/wazuh_indexer/wazuh3.indexer.yml +++ b/multi-node/config/wazuh_indexer/wazuh3.indexer.yml @@ -36,6 +36,4 @@ plugins.security.restapi.roles_enabled: - "security_rest_api_access" plugins.security.allow_default_init_securityindex: true cluster.routing.allocation.disk.threshold_enabled: false -plugins.security.audit.config.disabled_rest_categories: NONE -plugins.security.audit.config.disabled_transport_categories: NONE compatibility.override_main_response_version: true \ No newline at end of file diff --git a/single-node/config/wazuh_indexer/wazuh.indexer.yml b/single-node/config/wazuh_indexer/wazuh.indexer.yml index 2f4de700..2a3136f1 100644 --- a/single-node/config/wazuh_indexer/wazuh.indexer.yml +++ b/single-node/config/wazuh_indexer/wazuh.indexer.yml @@ -26,6 +26,4 @@ plugins.security.system_indices.enabled: true plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opensearch-observability", ".opendistro-asynchronous-search-response*", ".replication-metadata-store"] plugins.security.allow_default_init_securityindex: true cluster.routing.allocation.disk.threshold_enabled: false -plugins.security.audit.config.disabled_rest_categories: NONE -plugins.security.audit.config.disabled_transport_categories: NONE compatibility.override_main_response_version: true \ No newline at end of file From 928bf657e93820fd1f03086f355432eafce12718 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 7 Apr 2022 15:20:47 -0300 Subject: [PATCH 127/163] fix entrypoint for certs builder --- indexer-certs-creator/config/entrypoint.sh | 13 +++++++------ multi-node/generate-indexer-certs.yml | 1 - single-node/generate-indexer-certs.yml | 1 - 3 files changed, 7 insertions(+), 8 deletions(-) diff --git a/indexer-certs-creator/config/entrypoint.sh b/indexer-certs-creator/config/entrypoint.sh index 41817f22..3a7a7491 100644 --- a/indexer-certs-creator/config/entrypoint.sh +++ b/indexer-certs-creator/config/entrypoint.sh @@ -28,13 +28,19 @@ else exit 1 fi +cp /certificates/certs.yml /config.yml + chmod 700 /$CERT_TOOL ############################################################################## # Creating Cluster certificates ############################################################################## -/$CERT_TOOL -A +## Execute cert tool and parsin cert.yml to set UID permissions +source /$CERT_TOOL -A +nodes_server=$( cert_parseYaml /config.yml | grep nodes_server_name | sed 's/nodes_server_name=//' ) +arr=($nodes_server) + echo "Moving created certificates to destination directory" cp /wazuh-certificates/* /certificates/ echo "changing certificate permissions" @@ -48,11 +54,6 @@ cp /certificates/root-ca.key /certificates/root-ca-manager.key chown 999:997 /certificates/root-ca-manager.pem chown 999:997 /certificates/root-ca-manager.key -## Parsin cert.yml to set UID permissions -source /$CERT_TOOL -nodes_server=$( cert_parseYaml /certificates/certs.yml | grep nodes_server_name | sed 's/nodes_server_name=//' ) -arr=($nodes_server) - for i in ${arr[@]}; do chown 999:997 "/certificates/${i}.pem" diff --git a/multi-node/generate-indexer-certs.yml b/multi-node/generate-indexer-certs.yml index c29c50d6..0886acd3 100644 --- a/multi-node/generate-indexer-certs.yml +++ b/multi-node/generate-indexer-certs.yml @@ -6,5 +6,4 @@ services: image: wazuh/wazuh-certs-generator:0.0.1 hostname: wazuh-certs-generator volumes: - - ./config/wazuh_indexer_ssl_certs/certs.yml:/config.yml - ./config/wazuh_indexer_ssl_certs/:/certificates/ \ No newline at end of file diff --git a/single-node/generate-indexer-certs.yml b/single-node/generate-indexer-certs.yml index c29c50d6..0886acd3 100644 --- a/single-node/generate-indexer-certs.yml +++ b/single-node/generate-indexer-certs.yml @@ -6,5 +6,4 @@ services: image: wazuh/wazuh-certs-generator:0.0.1 hostname: wazuh-certs-generator volumes: - - ./config/wazuh_indexer_ssl_certs/certs.yml:/config.yml - ./config/wazuh_indexer_ssl_certs/:/certificates/ \ No newline at end of file From 3dd41620ca4296313af35378ae32d50d5b91e1bb Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 7 Apr 2022 16:43:26 -0300 Subject: [PATCH 128/163] Fix opensearch.yml for single-node deploy --- single-node/config/wazuh_indexer/wazuh.indexer.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/single-node/config/wazuh_indexer/wazuh.indexer.yml b/single-node/config/wazuh_indexer/wazuh.indexer.yml index ec3220ef..e9c480ca 100644 --- a/single-node/config/wazuh_indexer/wazuh.indexer.yml +++ b/single-node/config/wazuh_indexer/wazuh.indexer.yml @@ -4,12 +4,12 @@ path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer discovery.type: single-node compatibility.override_main_response_version: true -plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/wazuh.indexer.pem -plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/wazuh.indexer.key -plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/root-ca.pem -plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/wazuh.indexer.pem -plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/wazuh.indexer.key -plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/root-ca.pem +plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh.indexer.pem +plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh.indexer.key +plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem +plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh.indexer.pem +plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh.indexer.key +plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem plugins.security.ssl.http.enabled: true plugins.security.ssl.transport.enforce_hostname_verification: false plugins.security.ssl.transport.resolve_hostname: false From 1e79861fecaed773c4a01bf089f69ef6374353f9 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 7 Apr 2022 16:56:08 -0300 Subject: [PATCH 129/163] Change readme for wazuh docker images builder --- build-docker-images/README.md | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/build-docker-images/README.md b/build-docker-images/README.md index 5839ac52..9860d8b0 100644 --- a/build-docker-images/README.md +++ b/build-docker-images/README.md @@ -3,11 +3,5 @@ This stack allows you to build the Wazuh manager, indexer, and dashboard images locally by running the command: ``` -$ docker-compose up -d --build -``` - -Once the image creation process is finished, a Wazuh single-node environment will be spinned up. It can be terminated with the following command: - -``` -$ docker-compose down -``` +$ docker-compose build +``` \ No newline at end of file From 6f053fece2a8ddd3ee91d86dd1aa4297e96ebf32 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alberto=20Rodr=C3=ADguez?= Date: Thu, 7 Apr 2022 22:00:09 +0200 Subject: [PATCH 130/163] Update entrypoint.sh --- indexer-certs-creator/config/entrypoint.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/indexer-certs-creator/config/entrypoint.sh b/indexer-certs-creator/config/entrypoint.sh index 3a7a7491..9c25d705 100644 --- a/indexer-certs-creator/config/entrypoint.sh +++ b/indexer-certs-creator/config/entrypoint.sh @@ -39,7 +39,7 @@ chmod 700 /$CERT_TOOL ## Execute cert tool and parsin cert.yml to set UID permissions source /$CERT_TOOL -A nodes_server=$( cert_parseYaml /config.yml | grep nodes_server_name | sed 's/nodes_server_name=//' ) -arr=($nodes_server) +node_name=($nodes_server) echo "Moving created certificates to destination directory" cp /wazuh-certificates/* /certificates/ @@ -54,7 +54,7 @@ cp /certificates/root-ca.key /certificates/root-ca-manager.key chown 999:997 /certificates/root-ca-manager.pem chown 999:997 /certificates/root-ca-manager.key -for i in ${arr[@]}; +for i in ${node_name[@]}; do chown 999:997 "/certificates/${i}.pem" chown 999:997 "/certificates/${i}-key.pem" From 9dca2f589a69e7b32bbc4197bd5492bf9aeffc10 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alberto=20Rodr=C3=ADguez?= Date: Thu, 7 Apr 2022 22:00:48 +0200 Subject: [PATCH 131/163] Update entrypoint.sh --- indexer-certs-creator/config/entrypoint.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/indexer-certs-creator/config/entrypoint.sh b/indexer-certs-creator/config/entrypoint.sh index 9c25d705..84382867 100644 --- a/indexer-certs-creator/config/entrypoint.sh +++ b/indexer-certs-creator/config/entrypoint.sh @@ -39,7 +39,7 @@ chmod 700 /$CERT_TOOL ## Execute cert tool and parsin cert.yml to set UID permissions source /$CERT_TOOL -A nodes_server=$( cert_parseYaml /config.yml | grep nodes_server_name | sed 's/nodes_server_name=//' ) -node_name=($nodes_server) +node_names=($nodes_server) echo "Moving created certificates to destination directory" cp /wazuh-certificates/* /certificates/ @@ -54,7 +54,7 @@ cp /certificates/root-ca.key /certificates/root-ca-manager.key chown 999:997 /certificates/root-ca-manager.pem chown 999:997 /certificates/root-ca-manager.key -for i in ${node_name[@]}; +for i in ${node_names[@]}; do chown 999:997 "/certificates/${i}.pem" chown 999:997 "/certificates/${i}-key.pem" From b5b1f96a9e55902a0af7e2e9d00e95f4cd161de4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Fern=C3=A1ndez?= Date: Fri, 8 Apr 2022 14:12:41 +0200 Subject: [PATCH 132/163] Changed config.yml format --- .../wazuh-dashboard/config/config.yml | 4 +-- .../wazuh-indexer/config/config.yml | 4 +-- .../config/wazuh_indexer_ssl_certs/certs.yml | 28 +++++++++---------- .../config/wazuh_indexer_ssl_certs/certs.yml | 12 ++++---- 4 files changed, 24 insertions(+), 24 deletions(-) diff --git a/build-docker-images/wazuh-dashboard/config/config.yml b/build-docker-images/wazuh-dashboard/config/config.yml index d736a41f..24764d54 100644 --- a/build-docker-images/wazuh-dashboard/config/config.yml +++ b/build-docker-images/wazuh-dashboard/config/config.yml @@ -1,5 +1,5 @@ nodes: # Wazuh dashboard server nodes dashboard: - name: demo.dashboard - ip: demo.dashboard \ No newline at end of file + - name: demo.dashboard + ip: demo.dashboard \ No newline at end of file diff --git a/build-docker-images/wazuh-indexer/config/config.yml b/build-docker-images/wazuh-indexer/config/config.yml index b3f56cea..e5383c7c 100644 --- a/build-docker-images/wazuh-indexer/config/config.yml +++ b/build-docker-images/wazuh-indexer/config/config.yml @@ -1,5 +1,5 @@ nodes: # Wazuh indexer server nodes indexer: - name: demo.indexer - ip: demo.indexer \ No newline at end of file + - name: demo.indexer + ip: demo.indexer \ No newline at end of file diff --git a/multi-node/config/wazuh_indexer_ssl_certs/certs.yml b/multi-node/config/wazuh_indexer_ssl_certs/certs.yml index 984a96a2..f88f5f7f 100644 --- a/multi-node/config/wazuh_indexer_ssl_certs/certs.yml +++ b/multi-node/config/wazuh_indexer_ssl_certs/certs.yml @@ -1,24 +1,24 @@ nodes: # Wazuh indexer server nodes indexer: - name: wazuh1.indexer - ip: wazuh1.indexer - name: wazuh2.indexer - ip: wazuh2.indexer - name: wazuh3.indexer - ip: wazuh3.indexer + - name: wazuh1.indexer + ip: wazuh1.indexer + - name: wazuh2.indexer + ip: wazuh2.indexer + - name: wazuh3.indexer + ip: wazuh3.indexer # Wazuh server nodes # Use node_type only with more than one Wazuh manager server: - name: wazuh.master - ip: wazuh.master - node_type: master - name: wazuh.worker - ip: wazuh.worker - node_type: worker + - name: wazuh.master + ip: wazuh.master + node_type: master + - name: wazuh.worker + ip: wazuh.worker + node_type: worker # Wazuh dashboard node dashboard: - name: wazuh.dashboard - ip: wazuh.dashboard \ No newline at end of file + - name: wazuh.dashboard + ip: wazuh.dashboard \ No newline at end of file diff --git a/single-node/config/wazuh_indexer_ssl_certs/certs.yml b/single-node/config/wazuh_indexer_ssl_certs/certs.yml index 34059eeb..8cb8d3f2 100644 --- a/single-node/config/wazuh_indexer_ssl_certs/certs.yml +++ b/single-node/config/wazuh_indexer_ssl_certs/certs.yml @@ -1,16 +1,16 @@ nodes: # Wazuh indexer server nodes indexer: - name: wazuh.indexer - ip: wazuh.indexer + - name: wazuh.indexer + ip: wazuh.indexer # Wazuh server nodes # Use node_type only with more than one Wazuh manager server: - name: wazuh.manager - ip: wazuh.manager + - name: wazuh.manager + ip: wazuh.manager # Wazuh dashboard node dashboard: - name: wazuh.dashboard - ip: wazuh.dashboard \ No newline at end of file + - name: wazuh.dashboard + ip: wazuh.dashboard \ No newline at end of file From 5f078b6d2950a5c1660b892f8fc50502edf09d8d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alberto=20Rodr=C3=ADguez?= Date: Fri, 8 Apr 2022 19:49:10 +0200 Subject: [PATCH 133/163] Update README.md --- README.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 8419df5c..73943c58 100644 --- a/README.md +++ b/README.md @@ -9,11 +9,12 @@ In this repository you will find the containers to run: * Wazuh manager: it runs the Wazuh manager, Wazuh API and Filebeat OSS * Wazuh dashboard: provides a web user interface to browse through alerts data and allows you to visualize agents configuration and status. -* Wazuh indexer: Wazuh indexer container (working as a single-node cluster). **Be aware to increase the `vm.max_map_count` setting, as it's detailed in the [Wazuh documentation](https://documentation.wazuh.com/current/docker/wazuh-container.html#increase-max-map-count-on-your-host-linux).** +* Wazuh indexer: Wazuh indexer container (working as a single-node cluster or as a multi-node cluster). **Be aware to increase the `vm.max_map_count` setting, as it's detailed in the [Wazuh documentation](https://documentation.wazuh.com/current/docker/wazuh-container.html#increase-max-map-count-on-your-host-linux).** -In addition, a docker-compose file is provided to launch the containers mentioned above. - -* Wazuh indexer cluster. In the Wazuh indexer Dockerfile we can visualize variables to configure an Wazuh indexer Cluster. These variables are used in the file *config_cluster.sh* to set them in the *opensearch.yml* configuration file. You can see the meaning of the node variables and other cluster settings [here](https://opensearch.org/docs/latest/opensearch/cluster/). +The folder `build-docker-images` contains a README explaining how to build the Wazuh images and the necessary assets. +The folder `indexer-certs-creator` contains a README explaining how to create the certificates creator tool and the necessary assets. +The folder `single-node` contains a README explaining how to run a Wazuh environment with one Wazuh manager, one Wazuh indexer, and one Wazuh dashboard. +The folder `multi-node` contains a README explaining how to run a Wazuh environment with two Wazuh managers, three Wazuh indexer, and one Wazuh dashboard. ## Documentation From a4bd34e2029b4afcb3e06e460a8e7dbbdecf4a71 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 8 Apr 2022 16:17:10 -0300 Subject: [PATCH 134/163] Remove admin_privileges option --- README.md | 8 +++----- build-docker-images/wazuh-dashboard/Dockerfile | 3 +-- .../wazuh-dashboard/config/wazuh_app_config.sh | 1 - 3 files changed, 4 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 73943c58..f08f61fd 100644 --- a/README.md +++ b/README.md @@ -11,9 +11,9 @@ In this repository you will find the containers to run: * Wazuh dashboard: provides a web user interface to browse through alerts data and allows you to visualize agents configuration and status. * Wazuh indexer: Wazuh indexer container (working as a single-node cluster or as a multi-node cluster). **Be aware to increase the `vm.max_map_count` setting, as it's detailed in the [Wazuh documentation](https://documentation.wazuh.com/current/docker/wazuh-container.html#increase-max-map-count-on-your-host-linux).** -The folder `build-docker-images` contains a README explaining how to build the Wazuh images and the necessary assets. -The folder `indexer-certs-creator` contains a README explaining how to create the certificates creator tool and the necessary assets. -The folder `single-node` contains a README explaining how to run a Wazuh environment with one Wazuh manager, one Wazuh indexer, and one Wazuh dashboard. +The folder `build-docker-images` contains a README explaining how to build the Wazuh images and the necessary assets. +The folder `indexer-certs-creator` contains a README explaining how to create the certificates creator tool and the necessary assets. +The folder `single-node` contains a README explaining how to run a Wazuh environment with one Wazuh manager, one Wazuh indexer, and one Wazuh dashboard. The folder `multi-node` contains a README explaining how to run a Wazuh environment with two Wazuh managers, three Wazuh indexer, and one Wazuh dashboard. ## Documentation @@ -82,8 +82,6 @@ WAZUH_MONITORING_ENABLED=true # Custom settings to enable/disable wazuh-mo WAZUH_MONITORING_FREQUENCY=900 # Custom setting to set the frequency for wazuh-monitoring indices cron task WAZUH_MONITORING_SHARDS=2 # Configure wazuh-monitoring-* indices shards and replicas WAZUH_MONITORING_REPLICAS=0 # - -ADMIN_PRIVILEGES=true # App privileges ``` ## Directory structure diff --git a/build-docker-images/wazuh-dashboard/Dockerfile b/build-docker-images/wazuh-dashboard/Dockerfile index 8a40a99c..3853f180 100644 --- a/build-docker-images/wazuh-dashboard/Dockerfile +++ b/build-docker-images/wazuh-dashboard/Dockerfile @@ -78,8 +78,7 @@ ENV PATTERN="" \ WAZUH_MONITORING_ENABLED="" \ WAZUH_MONITORING_FREQUENCY="" \ WAZUH_MONITORING_SHARDS="" \ - WAZUH_MONITORING_REPLICAS="" \ - ADMIN_PRIVILEGES="" + WAZUH_MONITORING_REPLICAS="" # Create wazuh-dashboard user and group RUN getent group $GROUP || groupadd -r -g 1000 $GROUP diff --git a/build-docker-images/wazuh-dashboard/config/wazuh_app_config.sh b/build-docker-images/wazuh-dashboard/config/wazuh_app_config.sh index 784f10eb..3b5f2f5d 100644 --- a/build-docker-images/wazuh-dashboard/config/wazuh_app_config.sh +++ b/build-docker-images/wazuh-dashboard/config/wazuh_app_config.sh @@ -36,7 +36,6 @@ declare -A CONFIG_MAP=( [wazuh.monitoring.frequency]=$WAZUH_MONITORING_FREQUENCY [wazuh.monitoring.shards]=$WAZUH_MONITORING_SHARDS [wazuh.monitoring.replicas]=$WAZUH_MONITORING_REPLICAS - [admin]=$ADMIN_PRIVILEGES ) for i in "${!CONFIG_MAP[@]}" From 67d2444a849aa101ef1dcde256fe2f68cbfb065c Mon Sep 17 00:00:00 2001 From: vcerenu Date: Mon, 11 Apr 2022 11:27:09 -0300 Subject: [PATCH 135/163] duplicate option in wazuh.indexer.yml --- single-node/config/wazuh_indexer/wazuh.indexer.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/single-node/config/wazuh_indexer/wazuh.indexer.yml b/single-node/config/wazuh_indexer/wazuh.indexer.yml index 1c04e7be..c2480ca4 100644 --- a/single-node/config/wazuh_indexer/wazuh.indexer.yml +++ b/single-node/config/wazuh_indexer/wazuh.indexer.yml @@ -26,5 +26,4 @@ plugins.security.restapi.roles_enabled: plugins.security.system_indices.enabled: true plugins.security.system_indices.indices: [".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opendistro-notifications-*", ".opendistro-notebooks", ".opensearch-observability", ".opendistro-asynchronous-search-response*", ".replication-metadata-store"] plugins.security.allow_default_init_securityindex: true -cluster.routing.allocation.disk.threshold_enabled: false -compatibility.override_main_response_version: true \ No newline at end of file +cluster.routing.allocation.disk.threshold_enabled: false \ No newline at end of file From ffcd5f5cdc7a3530ce09d42f51347a07d42e8ef6 Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Tue, 12 Apr 2022 12:58:23 -0300 Subject: [PATCH 136/163] Fix parse cert.yml according to wazuh_cert_tools modifications --- indexer-certs-creator/config/entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/indexer-certs-creator/config/entrypoint.sh b/indexer-certs-creator/config/entrypoint.sh index 84382867..804a8d90 100644 --- a/indexer-certs-creator/config/entrypoint.sh +++ b/indexer-certs-creator/config/entrypoint.sh @@ -38,7 +38,7 @@ chmod 700 /$CERT_TOOL ## Execute cert tool and parsin cert.yml to set UID permissions source /$CERT_TOOL -A -nodes_server=$( cert_parseYaml /config.yml | grep nodes_server_name | sed 's/nodes_server_name=//' ) +nodes_server=$( cert_parseYaml /config.yml | grep nodes_server__name | sed 's/nodes_server__name=//' ) node_names=($nodes_server) echo "Moving created certificates to destination directory" From f965c4f93d56265b0ea4c3c9cb46b4487541eb45 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 12 Apr 2022 13:04:33 -0300 Subject: [PATCH 137/163] Change base from Wazuh manager Dockerfile --- build-docker-images/wazuh-manager/Dockerfile | 36 +++++++++---------- .../wazuh-manager/config/wazuh.repo | 7 ---- 2 files changed, 16 insertions(+), 27 deletions(-) delete mode 100644 build-docker-images/wazuh-manager/config/wazuh.repo diff --git a/build-docker-images/wazuh-manager/Dockerfile b/build-docker-images/wazuh-manager/Dockerfile index 1da3d314..3348ff3c 100644 --- a/build-docker-images/wazuh-manager/Dockerfile +++ b/build-docker-images/wazuh-manager/Dockerfile @@ -1,27 +1,22 @@ # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) -FROM centos:7 +FROM ubuntu:focal +ARG WAZUH_VERSION=4.3.0 +ARG TEMPLATE_VERSION="master" ARG FILEBEAT_CHANNEL=filebeat-oss ARG FILEBEAT_VERSION=7.10.2 -ARG WAZUH_VERSION=4.3.0-1 -ARG TEMPLATE_VERSION="master" ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" -# Set repositories. -RUN rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH +RUN apt-get update && apt install curl apt-transport-https lsb-release gnupg -y -COPY config/wazuh.repo /etc/yum.repos.d/wazuh.repo +RUN curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | apt-key add - && \ + echo "deb https://packages.wazuh.com/4.x/apt/ stable main" | tee -a /etc/apt/sources.list.d/wazuh.list && \ + apt-get update && \ + apt-get install wazuh-manager=${WAZUH_VERSION}-1 -RUN yum --enablerepo=updates clean metadata && \ - yum upgrade -y && \ - yum -y install openssl which expect openssh-clients && yum install wazuh-manager-${WAZUH_VERSION} -y && \ - sed -i "s/^enabled=1/enabled=0/" /etc/yum.repos.d/wazuh.repo && \ - yum clean all && rm -rf /var/cache/yum - -RUN curl -L -O https://packages.wazuh.com/4.x/yum/${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm &&\ - rpm -i ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm && rm -f ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm - -RUN curl -s https://packages.wazuh.com/4.x/filebeat/${WAZUH_FILEBEAT_MODULE} | tar -xvz -C /usr/share/filebeat/module +RUN curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-amd64.deb &&\ + dpkg -i ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-amd64.deb && rm -f ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-amd64.deb && \ + curl -s https://packages.wazuh.com/4.x/filebeat/${WAZUH_FILEBEAT_MODULE} | tar -xvz -C /usr/share/filebeat/module RUN curl -L https://github.com/aelsabbahy/goss/releases/latest/download/goss-linux-amd64 -o /usr/local/bin/goss && chmod +rx /usr/local/bin/goss @@ -32,6 +27,9 @@ RUN curl --fail --silent -L https://github.com/just-containers/s6-overlay/releas tar xzf /tmp/s6-overlay-amd64.tar.gz -C /usr ./bin && \ rm /tmp/s6-overlay-amd64.tar.gz +COPY config/etc/ /etc/ +COPY --chown=root:wazuh config/create_user.py /var/ossec/framework/scripts/create_user.py + COPY config/filebeat.yml /etc/filebeat/ RUN chmod go-w /etc/filebeat/filebeat.yml @@ -39,11 +37,9 @@ RUN chmod go-w /etc/filebeat/filebeat.yml ADD https://raw.githubusercontent.com/wazuh/wazuh/$TEMPLATE_VERSION/extensions/elasticsearch/7.x/wazuh-template.json /etc/filebeat RUN chmod go-w /etc/filebeat/wazuh-template.json -COPY config/etc/ /etc/ -COPY --chown=root:1000 config/create_user.py /var/ossec/framework/scripts/create_user.py - # Prepare permanent data # Sync calls are due to https://github.com/docker/docker/issues/9547 + COPY config/permanent_data.env config/permanent_data.sh / RUN chmod 755 /permanent_data.sh && \ sync && /permanent_data.sh && \ @@ -52,4 +48,4 @@ RUN chmod 755 /permanent_data.sh && \ # Services ports EXPOSE 55000/tcp 1514/tcp 1515/tcp 514/udp 1516/tcp -ENTRYPOINT [ "/init" ] +ENTRYPOINT [ "/init" ] \ No newline at end of file diff --git a/build-docker-images/wazuh-manager/config/wazuh.repo b/build-docker-images/wazuh-manager/config/wazuh.repo deleted file mode 100644 index e230d6a9..00000000 --- a/build-docker-images/wazuh-manager/config/wazuh.repo +++ /dev/null @@ -1,7 +0,0 @@ -[wazuh_repo] -gpgcheck=1 -gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH -enabled=1 -name=Wazuh repository -baseurl=https://packages.wazuh.com/4.x/yum/ -protect=1 From 072bffd45478b5f44894c73144b18d631342324e Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 12 Apr 2022 15:41:23 -0300 Subject: [PATCH 138/163] Change base from Wazuh manager Dockerfile --- .../config/wazuh_cluster/wazuh_manager.conf | 105 +++++++++++------- .../config/wazuh_cluster/wazuh_worker.conf | 105 +++++++++++------- .../config/wazuh_indexer_ssl_certs/certs.yml | 0 .../config/wazuh_indexer_ssl_certs/certs.yml | 0 4 files changed, 130 insertions(+), 80 deletions(-) mode change 100644 => 100755 multi-node/config/wazuh_indexer_ssl_certs/certs.yml mode change 100644 => 100755 single-node/config/wazuh_indexer_ssl_certs/certs.yml diff --git a/multi-node/config/wazuh_cluster/wazuh_manager.conf b/multi-node/config/wazuh_cluster/wazuh_manager.conf index fddb7fc6..70bb61fc 100644 --- a/multi-node/config/wazuh_cluster/wazuh_manager.conf +++ b/multi-node/config/wazuh_cluster/wazuh_manager.conf @@ -10,6 +10,8 @@ recipient@example.wazuh.com 12 alerts.log + 10m + 0 @@ -43,8 +45,8 @@ 43200 - /var/ossec/etc/rootcheck/rootkit_files.txt - /var/ossec/etc/rootcheck/rootkit_trojans.txt + etc/rootcheck/rootkit_files.txt + etc/rootcheck/rootkit_trojans.txt yes @@ -79,6 +81,11 @@ yes yes yes + + + + 10 + @@ -91,6 +98,7 @@ no 5m + 6h yes @@ -108,6 +116,7 @@ no stretch buster + bullseye 1h @@ -121,6 +130,20 @@ 1h + + + no + amazon-linux + amazon-linux-2 + 1h + + + + + no + 1h + + yes @@ -199,70 +222,47 @@ 127.0.0.1 ^localhost.localdomain$ - 4.3.0.1 - 4.3.0.2 - 208.67.220.220 + 127.0.0.53 disable-account - disable-account.sh - user + disable-account yes - restart-ossec - restart-ossec.sh - + restart-wazuh + restart-wazuh firewall-drop - firewall-drop.sh - srcip + firewall-drop yes host-deny - host-deny.sh - srcip + host-deny yes route-null - route-null.sh - srcip + route-null yes win_route-null - route-null.cmd - srcip - yes - - - - win_route-null-2012 - route-null-2012.cmd - srcip + route-null.exe yes netsh - netsh.cmd - srcip - yes - - - - netsh-win-2016 - netsh-win-2016.cmd - srcip + netsh.exe yes @@ -306,21 +306,25 @@ etc/rules + + yes + 1 + 64 + 15m + + no 1515 no - yes - 0 yes no - yes HIGH:!ADH:!EXP:!MD5:!RC4:!3DES:!CAMELLIA:@STRENGTH no - /var/ossec/etc/sslmanager.cert - /var/ossec/etc/sslmanager.key + etc/sslmanager.cert + etc/sslmanager.key no @@ -345,4 +349,25 @@ syslog /var/ossec/logs/active-responses.log - + + + syslog + /var/log/auth.log + + + + syslog + /var/log/syslog + + + + syslog + /var/log/dpkg.log + + + + syslog + /var/log/kern.log + + + \ No newline at end of file diff --git a/multi-node/config/wazuh_cluster/wazuh_worker.conf b/multi-node/config/wazuh_cluster/wazuh_worker.conf index 30670045..38d72010 100644 --- a/multi-node/config/wazuh_cluster/wazuh_worker.conf +++ b/multi-node/config/wazuh_cluster/wazuh_worker.conf @@ -10,6 +10,8 @@ recipient@example.wazuh.com 12 alerts.log + 10m + 0 @@ -43,8 +45,8 @@ 43200 - /var/ossec/etc/rootcheck/rootkit_files.txt - /var/ossec/etc/rootcheck/rootkit_trojans.txt + etc/rootcheck/rootkit_files.txt + etc/rootcheck/rootkit_trojans.txt yes @@ -79,6 +81,11 @@ yes yes yes + + + + 10 + @@ -91,6 +98,7 @@ no 5m + 6h yes @@ -108,6 +116,7 @@ no stretch buster + bullseye 1h @@ -121,6 +130,20 @@ 1h + + + no + amazon-linux + amazon-linux-2 + 1h + + + + + no + 1h + + yes @@ -199,70 +222,47 @@ 127.0.0.1 ^localhost.localdomain$ - 4.3.0.1 - 4.3.0.2 - 208.67.220.220 + 127.0.0.53 disable-account - disable-account.sh - user + disable-account yes - restart-ossec - restart-ossec.sh - + restart-wazuh + restart-wazuh firewall-drop - firewall-drop.sh - srcip + firewall-drop yes host-deny - host-deny.sh - srcip + host-deny yes route-null - route-null.sh - srcip + route-null yes win_route-null - route-null.cmd - srcip - yes - - - - win_route-null-2012 - route-null-2012.cmd - srcip + route-null.exe yes netsh - netsh.cmd - srcip - yes - - - - netsh-win-2016 - netsh-win-2016.cmd - srcip + netsh.exe yes @@ -306,21 +306,25 @@ etc/rules + + yes + 1 + 64 + 15m + + no 1515 no - yes - 0 yes no - yes HIGH:!ADH:!EXP:!MD5:!RC4:!3DES:!CAMELLIA:@STRENGTH no - /var/ossec/etc/sslmanager.cert - /var/ossec/etc/sslmanager.key + etc/sslmanager.cert + etc/sslmanager.key no @@ -345,4 +349,25 @@ syslog /var/ossec/logs/active-responses.log - + + + syslog + /var/log/auth.log + + + + syslog + /var/log/syslog + + + + syslog + /var/log/dpkg.log + + + + syslog + /var/log/kern.log + + + \ No newline at end of file diff --git a/multi-node/config/wazuh_indexer_ssl_certs/certs.yml b/multi-node/config/wazuh_indexer_ssl_certs/certs.yml old mode 100644 new mode 100755 diff --git a/single-node/config/wazuh_indexer_ssl_certs/certs.yml b/single-node/config/wazuh_indexer_ssl_certs/certs.yml old mode 100644 new mode 100755 From 76966875ed5f87d0c66fc52b4135ef2aac3e369a Mon Sep 17 00:00:00 2001 From: vcerenu Date: Wed, 13 Apr 2022 10:47:32 -0300 Subject: [PATCH 139/163] change template_version parameter --- build-docker-images/wazuh-manager/Dockerfile | 2 +- multi-node/config/wazuh_indexer_ssl_certs/certs.yml | 0 2 files changed, 1 insertion(+), 1 deletion(-) mode change 100755 => 100644 multi-node/config/wazuh_indexer_ssl_certs/certs.yml diff --git a/build-docker-images/wazuh-manager/Dockerfile b/build-docker-images/wazuh-manager/Dockerfile index 3348ff3c..684426f1 100644 --- a/build-docker-images/wazuh-manager/Dockerfile +++ b/build-docker-images/wazuh-manager/Dockerfile @@ -2,7 +2,7 @@ FROM ubuntu:focal ARG WAZUH_VERSION=4.3.0 -ARG TEMPLATE_VERSION="master" +ARG TEMPLATE_VERSION=4.3 ARG FILEBEAT_CHANNEL=filebeat-oss ARG FILEBEAT_VERSION=7.10.2 ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" diff --git a/multi-node/config/wazuh_indexer_ssl_certs/certs.yml b/multi-node/config/wazuh_indexer_ssl_certs/certs.yml old mode 100755 new mode 100644 From ee1aae8f788ca579bfc932da4791ebdc70cdf8d3 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Wed, 13 Apr 2022 13:55:02 -0300 Subject: [PATCH 140/163] change apt-key add options --- build-docker-images/wazuh-manager/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build-docker-images/wazuh-manager/Dockerfile b/build-docker-images/wazuh-manager/Dockerfile index 684426f1..d4e433f7 100644 --- a/build-docker-images/wazuh-manager/Dockerfile +++ b/build-docker-images/wazuh-manager/Dockerfile @@ -9,7 +9,7 @@ ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" RUN apt-get update && apt install curl apt-transport-https lsb-release gnupg -y -RUN curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | apt-key add - && \ +RUN apt-key adv --fetch-keys https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH && \ echo "deb https://packages.wazuh.com/4.x/apt/ stable main" | tee -a /etc/apt/sources.list.d/wazuh.list && \ apt-get update && \ apt-get install wazuh-manager=${WAZUH_VERSION}-1 From e5331bf5ac3f1cb06687b94ccf629ffe7d97cc72 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Wed, 20 Apr 2022 11:09:05 -0300 Subject: [PATCH 141/163] disable multitenancy --- .../wazuh-dashboard/config/opensearch_dashboards.yml | 5 ++--- multi-node/config/wazuh_dashboard/opensearch_dashboards.yml | 2 +- single-node/config/wazuh_dashboard/opensearch_dashboards.yml | 2 +- 3 files changed, 4 insertions(+), 5 deletions(-) diff --git a/build-docker-images/wazuh-dashboard/config/opensearch_dashboards.yml b/build-docker-images/wazuh-dashboard/config/opensearch_dashboards.yml index bf8dc374..bec41c18 100644 --- a/build-docker-images/wazuh-dashboard/config/opensearch_dashboards.yml +++ b/build-docker-images/wazuh-dashboard/config/opensearch_dashboards.yml @@ -3,12 +3,11 @@ server.port: 443 opensearch.hosts: https://wazuh.indexer:9200 opensearch.ssl.verificationMode: none opensearch.requestHeadersWhitelist: [ authorization,securitytenant ] -opensearch_security.multitenancy.enabled: true -opensearch_security.multitenancy.tenants.preferred: ["Private", "Global"] +opensearch_security.multitenancy.enabled: false opensearch_security.readonly_mode.roles: ["kibana_read_only"] server.ssl.enabled: true server.ssl.key: "/usr/share/wazuh-dashboard/config/certs/dashboard-key.pem" server.ssl.certificate: "/usr/share/wazuh-dashboard/config/certs/dashboard.pem" opensearch.ssl.certificateAuthorities: ["/usr/share/wazuh-dashboard/config/certs/root-ca.pem"] -uiSettings.overrides.defaultRoute: /app/wazuh?security_tenant=global +uiSettings.overrides.defaultRoute: /app/wazuh diff --git a/multi-node/config/wazuh_dashboard/opensearch_dashboards.yml b/multi-node/config/wazuh_dashboard/opensearch_dashboards.yml index ba6bc3ea..012657ff 100644 --- a/multi-node/config/wazuh_dashboard/opensearch_dashboards.yml +++ b/multi-node/config/wazuh_dashboard/opensearch_dashboards.yml @@ -9,4 +9,4 @@ server.ssl.enabled: true server.ssl.key: "/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem" server.ssl.certificate: "/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem" opensearch.ssl.certificateAuthorities: ["/usr/share/wazuh-dashboard/certs/root-ca.pem"] -uiSettings.overrides.defaultRoute: /app/wazuh?security_tenant=global +uiSettings.overrides.defaultRoute: /app/wazuh diff --git a/single-node/config/wazuh_dashboard/opensearch_dashboards.yml b/single-node/config/wazuh_dashboard/opensearch_dashboards.yml index d56fe86b..b6526731 100644 --- a/single-node/config/wazuh_dashboard/opensearch_dashboards.yml +++ b/single-node/config/wazuh_dashboard/opensearch_dashboards.yml @@ -9,4 +9,4 @@ server.ssl.enabled: true server.ssl.key: "/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem" server.ssl.certificate: "/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem" opensearch.ssl.certificateAuthorities: ["/usr/share/wazuh-dashboard/certs/root-ca.pem"] -uiSettings.overrides.defaultRoute: /app/wazuh?security_tenant=global +uiSettings.overrides.defaultRoute: /app/wazuh From b160dba4209cfee1c44b5767d4a28b8861b867c5 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Wed, 20 Apr 2022 15:38:11 -0300 Subject: [PATCH 142/163] Remove plugin in opensearch.yml --- build-docker-images/wazuh-indexer/config/opensearch.yml | 1 - multi-node/config/wazuh_indexer/wazuh1.indexer.yml | 1 - multi-node/config/wazuh_indexer/wazuh2.indexer.yml | 1 - multi-node/config/wazuh_indexer/wazuh3.indexer.yml | 1 - single-node/config/wazuh_indexer/wazuh.indexer.yml | 1 - 5 files changed, 5 deletions(-) diff --git a/build-docker-images/wazuh-indexer/config/opensearch.yml b/build-docker-images/wazuh-indexer/config/opensearch.yml index 0a992fb7..4e944c89 100644 --- a/build-docker-images/wazuh-indexer/config/opensearch.yml +++ b/build-docker-images/wazuh-indexer/config/opensearch.yml @@ -13,7 +13,6 @@ plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/c plugins.security.ssl.http.enabled: true plugins.security.ssl.transport.enforce_hostname_verification: false plugins.security.ssl.transport.resolve_hostname: false -plugins.security.audit.type: internal_opensearch plugins.security.authcz.admin_dn: - "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US" plugins.security.check_snapshot_restore_write_privileges: true diff --git a/multi-node/config/wazuh_indexer/wazuh1.indexer.yml b/multi-node/config/wazuh_indexer/wazuh1.indexer.yml index 44067088..59cbe9bf 100644 --- a/multi-node/config/wazuh_indexer/wazuh1.indexer.yml +++ b/multi-node/config/wazuh_indexer/wazuh1.indexer.yml @@ -21,7 +21,6 @@ plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/c plugins.security.ssl.http.enabled: true plugins.security.ssl.transport.enforce_hostname_verification: false plugins.security.ssl.transport.resolve_hostname: false -plugins.security.audit.type: internal_opensearch plugins.security.authcz.admin_dn: - "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US" plugins.security.check_snapshot_restore_write_privileges: true diff --git a/multi-node/config/wazuh_indexer/wazuh2.indexer.yml b/multi-node/config/wazuh_indexer/wazuh2.indexer.yml index b60933ba..478ed1d0 100644 --- a/multi-node/config/wazuh_indexer/wazuh2.indexer.yml +++ b/multi-node/config/wazuh_indexer/wazuh2.indexer.yml @@ -21,7 +21,6 @@ plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/c plugins.security.ssl.http.enabled: true plugins.security.ssl.transport.enforce_hostname_verification: false plugins.security.ssl.transport.resolve_hostname: false -plugins.security.audit.type: internal_opensearch plugins.security.authcz.admin_dn: - "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US" plugins.security.check_snapshot_restore_write_privileges: true diff --git a/multi-node/config/wazuh_indexer/wazuh3.indexer.yml b/multi-node/config/wazuh_indexer/wazuh3.indexer.yml index 4f974bc0..8caa513d 100644 --- a/multi-node/config/wazuh_indexer/wazuh3.indexer.yml +++ b/multi-node/config/wazuh_indexer/wazuh3.indexer.yml @@ -21,7 +21,6 @@ plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/c plugins.security.ssl.http.enabled: true plugins.security.ssl.transport.enforce_hostname_verification: false plugins.security.ssl.transport.resolve_hostname: false -plugins.security.audit.type: internal_opensearch plugins.security.authcz.admin_dn: - "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US" plugins.security.check_snapshot_restore_write_privileges: true diff --git a/single-node/config/wazuh_indexer/wazuh.indexer.yml b/single-node/config/wazuh_indexer/wazuh.indexer.yml index c2480ca4..e87e35ea 100644 --- a/single-node/config/wazuh_indexer/wazuh.indexer.yml +++ b/single-node/config/wazuh_indexer/wazuh.indexer.yml @@ -13,7 +13,6 @@ plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/c plugins.security.ssl.http.enabled: true plugins.security.ssl.transport.enforce_hostname_verification: false plugins.security.ssl.transport.resolve_hostname: false -plugins.security.audit.type: internal_opensearch plugins.security.authcz.admin_dn: - "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US" plugins.security.check_snapshot_restore_write_privileges: true From 3b372e6f0f36e9224450de1229c342d35092eab0 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 21 Apr 2022 12:32:50 -0300 Subject: [PATCH 143/163] key url fix --- build-docker-images/wazuh-manager/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build-docker-images/wazuh-manager/Dockerfile b/build-docker-images/wazuh-manager/Dockerfile index d4e433f7..11a852e1 100644 --- a/build-docker-images/wazuh-manager/Dockerfile +++ b/build-docker-images/wazuh-manager/Dockerfile @@ -9,7 +9,7 @@ ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" RUN apt-get update && apt install curl apt-transport-https lsb-release gnupg -y -RUN apt-key adv --fetch-keys https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH && \ +RUN apt-key adv --fetch-keys https://packages.wazuh.com/key/GPG-KEY-WAZUH && \ echo "deb https://packages.wazuh.com/4.x/apt/ stable main" | tee -a /etc/apt/sources.list.d/wazuh.list && \ apt-get update && \ apt-get install wazuh-manager=${WAZUH_VERSION}-1 From a16d9ab969f9cb46155a84187b35739a5acf83ab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alberto=20Rodr=C3=ADguez?= Date: Tue, 26 Apr 2022 16:29:32 +0200 Subject: [PATCH 144/163] Create .gitignore --- .gitignore | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 00000000..a2abaa56 --- /dev/null +++ b/.gitignore @@ -0,0 +1,4 @@ +single-node/config/wazuh_indexer_ssl_certs/*.pem +single-node/config/wazuh_indexer_ssl_certs/*.key +multi-node/config/wazuh_indexer_ssl_certs/*.pem +multi-node/config/wazuh_indexer_ssl_certs/*.key From 16ac5b91030ae9ab3c81d43532635ab0a4bf1059 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 26 Apr 2022 12:11:52 -0300 Subject: [PATCH 145/163] fix certs.yml path --- indexer-certs-creator/config/entrypoint.sh | 2 +- multi-node/config/{wazuh_indexer_ssl_certs => }/certs.yml | 0 multi-node/generate-indexer-certs.yml | 3 ++- single-node/config/{wazuh_indexer_ssl_certs => }/certs.yml | 0 single-node/generate-indexer-certs.yml | 3 ++- 5 files changed, 5 insertions(+), 3 deletions(-) rename multi-node/config/{wazuh_indexer_ssl_certs => }/certs.yml (100%) rename single-node/config/{wazuh_indexer_ssl_certs => }/certs.yml (100%) diff --git a/indexer-certs-creator/config/entrypoint.sh b/indexer-certs-creator/config/entrypoint.sh index 804a8d90..86cc371f 100644 --- a/indexer-certs-creator/config/entrypoint.sh +++ b/indexer-certs-creator/config/entrypoint.sh @@ -28,7 +28,7 @@ else exit 1 fi -cp /certificates/certs.yml /config.yml +cp /config/certs.yml /config.yml chmod 700 /$CERT_TOOL diff --git a/multi-node/config/wazuh_indexer_ssl_certs/certs.yml b/multi-node/config/certs.yml similarity index 100% rename from multi-node/config/wazuh_indexer_ssl_certs/certs.yml rename to multi-node/config/certs.yml diff --git a/multi-node/generate-indexer-certs.yml b/multi-node/generate-indexer-certs.yml index 0886acd3..fb0f5c72 100644 --- a/multi-node/generate-indexer-certs.yml +++ b/multi-node/generate-indexer-certs.yml @@ -6,4 +6,5 @@ services: image: wazuh/wazuh-certs-generator:0.0.1 hostname: wazuh-certs-generator volumes: - - ./config/wazuh_indexer_ssl_certs/:/certificates/ \ No newline at end of file + - ./config/wazuh_indexer_ssl_certs/:/certificates/ + - ./config/certs.yml:/config/certs.yml \ No newline at end of file diff --git a/single-node/config/wazuh_indexer_ssl_certs/certs.yml b/single-node/config/certs.yml similarity index 100% rename from single-node/config/wazuh_indexer_ssl_certs/certs.yml rename to single-node/config/certs.yml diff --git a/single-node/generate-indexer-certs.yml b/single-node/generate-indexer-certs.yml index 0886acd3..fb0f5c72 100644 --- a/single-node/generate-indexer-certs.yml +++ b/single-node/generate-indexer-certs.yml @@ -6,4 +6,5 @@ services: image: wazuh/wazuh-certs-generator:0.0.1 hostname: wazuh-certs-generator volumes: - - ./config/wazuh_indexer_ssl_certs/:/certificates/ \ No newline at end of file + - ./config/wazuh_indexer_ssl_certs/:/certificates/ + - ./config/certs.yml:/config/certs.yml \ No newline at end of file From 45011c1b6882c288382577d5c295a0338221e28c Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 28 Apr 2022 10:47:07 -0300 Subject: [PATCH 146/163] change config file permissions --- build-docker-images/wazuh-indexer/Dockerfile | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/build-docker-images/wazuh-indexer/Dockerfile b/build-docker-images/wazuh-indexer/Dockerfile index a09d9e56..26aa1afc 100644 --- a/build-docker-images/wazuh-indexer/Dockerfile +++ b/build-docker-images/wazuh-indexer/Dockerfile @@ -60,7 +60,10 @@ COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/tmpfiles.d /usr/li RUN mkdir -p /var/lib/wazuh-indexer && chown 1000:1000 /var/lib/wazuh-indexer && \ mkdir -p /usr/share/wazuh-indexer/logs && chown 1000:1000 /usr/share/wazuh-indexer/logs && \ mkdir -p /run/wazuh-indexer && chown 1000:1000 /run/wazuh-indexer && \ - mkdir -p /var/log/wazuh-indexer && chown 1000:1000 /var/log/wazuh-indexer + mkdir -p /var/log/wazuh-indexer && chown 1000:1000 /var/log/wazuh-indexer && \ + chmod 700 /usr/share/wazuh_indexer/config && \ + chmod 600 /usr/share/wazuh_indexer/config/jvm.options && \ + chmod 600 /usr/share/wazuh_indexer/config/opensearch.yml USER wazuh-indexer From 40ce99e8aa7c757be75d3e8cdacfb4846e0f94cd Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 29 Apr 2022 10:31:53 -0300 Subject: [PATCH 147/163] change config file permissions --- build-docker-images/wazuh-indexer/Dockerfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/build-docker-images/wazuh-indexer/Dockerfile b/build-docker-images/wazuh-indexer/Dockerfile index 26aa1afc..e4c61e2a 100644 --- a/build-docker-images/wazuh-indexer/Dockerfile +++ b/build-docker-images/wazuh-indexer/Dockerfile @@ -61,9 +61,9 @@ RUN mkdir -p /var/lib/wazuh-indexer && chown 1000:1000 /var/lib/wazuh-indexer && mkdir -p /usr/share/wazuh-indexer/logs && chown 1000:1000 /usr/share/wazuh-indexer/logs && \ mkdir -p /run/wazuh-indexer && chown 1000:1000 /run/wazuh-indexer && \ mkdir -p /var/log/wazuh-indexer && chown 1000:1000 /var/log/wazuh-indexer && \ - chmod 700 /usr/share/wazuh_indexer/config && \ - chmod 600 /usr/share/wazuh_indexer/config/jvm.options && \ - chmod 600 /usr/share/wazuh_indexer/config/opensearch.yml + chmod 700 /usr/share/wazuh-indexer/config && \ + chmod 600 /usr/share/wazuh-indexer/config/jvm.options && \ + chmod 600 /usr/share/wazuh-indexer/config/opensearch.yml USER wazuh-indexer From 35c66186da0d2491290e27db1bb7954c065295d2 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Fri, 29 Apr 2022 17:51:10 -0300 Subject: [PATCH 148/163] New validation of empty dir --- .../wazuh-manager/config/etc/cont-init.d/0-wazuh-init | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init b/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init index 06408a2e..7a901881 100644 --- a/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init +++ b/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init @@ -41,12 +41,16 @@ exec_cmd_stdout() { mount_permanent_data() { for permanent_dir in "${PERMANENT_DATA[@]}"; do + data_tmp="${WAZUH_INSTALL_PATH}/data_tmp/permanent${permanent_dir}/" + print ${data_tmp} # Check if the path is not empty if find ${permanent_dir} -mindepth 1 | read; then print "The path ${permanent_dir} is already mounted" else - print "Installing ${permanent_dir}" - exec_cmd "cp -a ${WAZUH_INSTALL_PATH}/data_tmp/permanent${permanent_dir}/. ${permanent_dir}" + if find ${data_tmp} -mindepth 1 | read; then + print "Installing ${permanent_dir}" + exec_cmd "cp -a ${data_tmp}. ${permanent_dir}" + fi fi done } From 8afc88a16328c605924abf782e59a6bcb2398577 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Mon, 2 May 2022 12:30:03 -0300 Subject: [PATCH 149/163] permanent data mount fix --- .../wazuh-manager/config/etc/cont-init.d/0-wazuh-init | 2 ++ 1 file changed, 2 insertions(+) diff --git a/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init b/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init index 7a901881..c0e2ffff 100644 --- a/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init +++ b/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init @@ -50,6 +50,8 @@ mount_permanent_data() { if find ${data_tmp} -mindepth 1 | read; then print "Installing ${permanent_dir}" exec_cmd "cp -a ${data_tmp}. ${permanent_dir}" + else + print "The path ${permanent_dir} is empty, skiped" fi fi done From 56c0acd1bf68935f76a8427524ac83fbeb3cd4f9 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 5 May 2022 13:38:14 -0300 Subject: [PATCH 150/163] change dashboard repository --- build-docker-images/wazuh-dashboard/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build-docker-images/wazuh-dashboard/Dockerfile b/build-docker-images/wazuh-dashboard/Dockerfile index 3853f180..8b131f65 100644 --- a/build-docker-images/wazuh-dashboard/Dockerfile +++ b/build-docker-images/wazuh-dashboard/Dockerfile @@ -25,7 +25,7 @@ RUN $INSTALL_DIR/bin/opensearch-dashboards-keystore create --allow-root && \ echo kibanaserver | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.password --stdin --allow-root # Install Wazuh App -RUN $INSTALL_DIR/bin/opensearch-dashboards-plugin install https://packages.wazuh.com/4.x/ui/dashboard/wazuh-${WAZUH_VERSION}.zip --allow-root +RUN $INSTALL_DIR/bin/opensearch-dashboards-plugin install https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}.zip --allow-root # Copy and set permissions to config files COPY config/opensearch_dashboards.yml $INSTALL_DIR/config/ From e1ed44d8471843702b7155a41869e94d1ee33b52 Mon Sep 17 00:00:00 2001 From: Alberto R Date: Fri, 6 May 2022 08:36:59 +0200 Subject: [PATCH 151/163] Changed artifacts dev URLs --- build-docker-images/wazuh-dashboard/Dockerfile | 4 ++-- build-docker-images/wazuh-indexer/config/config.sh | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/build-docker-images/wazuh-dashboard/Dockerfile b/build-docker-images/wazuh-dashboard/Dockerfile index 8b131f65..adb2faac 100644 --- a/build-docker-images/wazuh-dashboard/Dockerfile +++ b/build-docker-images/wazuh-dashboard/Dockerfile @@ -11,7 +11,7 @@ RUN apt-get update && apt install curl libcap2-bin xz-utils -y RUN mkdir -p $INSTALL_DIR # Download and extract Wazuh dashboard base -RUN curl -o wazuh-dashboard-base.tar.xz https://packages-dev.wazuh.com/stack/dashboard/base/wazuh-dashboard-base-${WAZUH_VERSION}-linux-x64.tar.xz && \ +RUN curl -o wazuh-dashboard-base.tar.xz https://packages.wazuh.com/stack/dashboard/base/wazuh-dashboard-base-${WAZUH_VERSION}-linux-x64.tar.xz && \ tar -xf wazuh-dashboard-base.tar.xz --directory $INSTALL_DIR --strip-components=1 # Generate certificates @@ -25,7 +25,7 @@ RUN $INSTALL_DIR/bin/opensearch-dashboards-keystore create --allow-root && \ echo kibanaserver | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.password --stdin --allow-root # Install Wazuh App -RUN $INSTALL_DIR/bin/opensearch-dashboards-plugin install https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}.zip --allow-root +RUN $INSTALL_DIR/bin/opensearch-dashboards-plugin install https://packages.wazuh.com/4.x/ui/dashboard/wazuh-${WAZUH_VERSION}.zip --allow-root # Copy and set permissions to config files COPY config/opensearch_dashboards.yml $INSTALL_DIR/config/ diff --git a/build-docker-images/wazuh-indexer/config/config.sh b/build-docker-images/wazuh-indexer/config/config.sh index a598ecf8..e5b0624b 100644 --- a/build-docker-images/wazuh-indexer/config/config.sh +++ b/build-docker-images/wazuh-indexer/config/config.sh @@ -22,7 +22,7 @@ export REPO_DIR=/unattended_installer rm -rf ${INSTALLATION_DIR}/ -curl -o ${INDEXER_FILE} https://packages-dev.wazuh.com/stack/indexer/base/${BASE_FILE} +curl -o ${INDEXER_FILE} https://packages.wazuh.com/stack/indexer/base/${BASE_FILE} tar -xf ${INDEXER_FILE} ## TOOLS From 8d8b9e1336f2633bbeb035225327652e527b5b4a Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 6 May 2022 09:32:14 -0300 Subject: [PATCH 152/163] add dependencies for Wazuh dashboard --- build-docker-images/wazuh-dashboard/Dockerfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/build-docker-images/wazuh-dashboard/Dockerfile b/build-docker-images/wazuh-dashboard/Dockerfile index adb2faac..3d911c41 100644 --- a/build-docker-images/wazuh-dashboard/Dockerfile +++ b/build-docker-images/wazuh-dashboard/Dockerfile @@ -80,6 +80,9 @@ ENV PATTERN="" \ WAZUH_MONITORING_SHARDS="" \ WAZUH_MONITORING_REPLICAS="" +#Install dependencies +RUN apt update && apt install -y libnss3-dev fonts-liberation libfontconfig1 + # Create wazuh-dashboard user and group RUN getent group $GROUP || groupadd -r -g 1000 $GROUP RUN useradd --system \ From 3be8078248f9c1fa3b7f9d1895ba810a40e93f30 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 6 May 2022 10:03:32 -0300 Subject: [PATCH 153/163] add dependencies for Wazuh dashboard --- build-docker-images/wazuh-dashboard/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build-docker-images/wazuh-dashboard/Dockerfile b/build-docker-images/wazuh-dashboard/Dockerfile index 3d911c41..d8f5d00d 100644 --- a/build-docker-images/wazuh-dashboard/Dockerfile +++ b/build-docker-images/wazuh-dashboard/Dockerfile @@ -80,7 +80,7 @@ ENV PATTERN="" \ WAZUH_MONITORING_SHARDS="" \ WAZUH_MONITORING_REPLICAS="" -#Install dependencies +# Install dependencies RUN apt update && apt install -y libnss3-dev fonts-liberation libfontconfig1 # Create wazuh-dashboard user and group From ddcad4446866234f22277f8c021367c1134da614 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Wed, 11 May 2022 13:40:46 -0300 Subject: [PATCH 154/163] change Wazuh API user --- multi-node/config/wazuh_dashboard/wazuh.yml | 4 ++-- multi-node/docker-compose.yml | 8 ++++---- single-node/config/wazuh_dashboard/wazuh.yml | 4 ++-- single-node/docker-compose.yml | 8 ++++---- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/multi-node/config/wazuh_dashboard/wazuh.yml b/multi-node/config/wazuh_dashboard/wazuh.yml index 72ec6612..275be671 100644 --- a/multi-node/config/wazuh_dashboard/wazuh.yml +++ b/multi-node/config/wazuh_dashboard/wazuh.yml @@ -2,6 +2,6 @@ hosts: - 1513629884013: url: "https://wazuh.master" port: 55000 - username: acme-user - password: MyS3cr37P450r.*- + username: wazuh-wui + password: wazuh-wui run_as: false diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index 877e684a..92f45cc2 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -18,8 +18,8 @@ services: - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem - SSL_CERTIFICATE=/etc/ssl/filebeat.pem - SSL_KEY=/etc/ssl/filebeat.key - - API_USERNAME=acme-user - - API_PASSWORD=MyS3cr37P450r.*- + - API_USERNAME=wazuh-wui + - API_PASSWORD=wazuh-wui volumes: - master-wazuh-api-configuration:/var/ossec/api/configuration - master-wazuh-etc:/var/ossec/etc @@ -145,8 +145,8 @@ services: environment: - OPENSEARCH_HOSTS="https://wazuh1.indexer:9200" - WAZUH_API_URL="https://wazuh.master" - - API_USERNAME=acme-user - - API_PASSWORD=MyS3cr37P450r.*- + - API_USERNAME=wazuh-wui + - API_PASSWORD=wazuh-wui volumes: - ./config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem - ./config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem diff --git a/single-node/config/wazuh_dashboard/wazuh.yml b/single-node/config/wazuh_dashboard/wazuh.yml index 75ba953c..7a38d3c5 100644 --- a/single-node/config/wazuh_dashboard/wazuh.yml +++ b/single-node/config/wazuh_dashboard/wazuh.yml @@ -2,6 +2,6 @@ hosts: - 1513629884013: url: "https://wazuh.manager" port: 55000 - username: acme-user - password: MyS3cr37P450r.*- + username: wazuh-wui + password: wazuh-wui run_as: false diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index 827421cb..f5f40cd7 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -19,8 +19,8 @@ services: - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem - SSL_CERTIFICATE=/etc/ssl/filebeat.pem - SSL_KEY=/etc/ssl/filebeat.key - - API_USERNAME=acme-user - - API_PASSWORD=MyS3cr37P450r.*- + - API_USERNAME=wazuh-wui + - API_PASSWORD=wazuh-wui volumes: - wazuh_api_configuration:/var/ossec/api/configuration - wazuh_etc:/var/ossec/etc @@ -73,8 +73,8 @@ services: - INDEXER_USERNAME=admin - INDEXER_PASSWORD=SecretPassword - WAZUH_API_URL=https://wazuh.manager - - API_USERNAME=acme-user - - API_PASSWORD=MyS3cr37P450r.*- + - API_USERNAME=wazuh-wui + - API_PASSWORD=wazuh-wui volumes: - ./config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem - ./config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem From 446ecd86e68d48020a875ac9169cd36235c0d4f5 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Wed, 11 May 2022 14:05:44 -0300 Subject: [PATCH 155/163] change Wazuh API user --- multi-node/config/wazuh_dashboard/wazuh.yml | 2 +- multi-node/docker-compose.yml | 4 ++-- single-node/config/wazuh_dashboard/wazuh.yml | 2 +- single-node/docker-compose.yml | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/multi-node/config/wazuh_dashboard/wazuh.yml b/multi-node/config/wazuh_dashboard/wazuh.yml index 275be671..425686a3 100644 --- a/multi-node/config/wazuh_dashboard/wazuh.yml +++ b/multi-node/config/wazuh_dashboard/wazuh.yml @@ -3,5 +3,5 @@ hosts: url: "https://wazuh.master" port: 55000 username: wazuh-wui - password: wazuh-wui + password: MyS3cr37P450r.*- run_as: false diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index 92f45cc2..7a95f09d 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -19,7 +19,7 @@ services: - SSL_CERTIFICATE=/etc/ssl/filebeat.pem - SSL_KEY=/etc/ssl/filebeat.key - API_USERNAME=wazuh-wui - - API_PASSWORD=wazuh-wui + - API_PASSWORD=MyS3cr37P450r.*- volumes: - master-wazuh-api-configuration:/var/ossec/api/configuration - master-wazuh-etc:/var/ossec/etc @@ -146,7 +146,7 @@ services: - OPENSEARCH_HOSTS="https://wazuh1.indexer:9200" - WAZUH_API_URL="https://wazuh.master" - API_USERNAME=wazuh-wui - - API_PASSWORD=wazuh-wui + - API_PASSWORD=MyS3cr37P450r.*- volumes: - ./config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem - ./config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem diff --git a/single-node/config/wazuh_dashboard/wazuh.yml b/single-node/config/wazuh_dashboard/wazuh.yml index 7a38d3c5..ea5e82b4 100644 --- a/single-node/config/wazuh_dashboard/wazuh.yml +++ b/single-node/config/wazuh_dashboard/wazuh.yml @@ -3,5 +3,5 @@ hosts: url: "https://wazuh.manager" port: 55000 username: wazuh-wui - password: wazuh-wui + password: MyS3cr37P450r.*- run_as: false diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index f5f40cd7..5d47ce39 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -20,7 +20,7 @@ services: - SSL_CERTIFICATE=/etc/ssl/filebeat.pem - SSL_KEY=/etc/ssl/filebeat.key - API_USERNAME=wazuh-wui - - API_PASSWORD=wazuh-wui + - API_PASSWORD=MyS3cr37P450r.*- volumes: - wazuh_api_configuration:/var/ossec/api/configuration - wazuh_etc:/var/ossec/etc @@ -74,7 +74,7 @@ services: - INDEXER_PASSWORD=SecretPassword - WAZUH_API_URL=https://wazuh.manager - API_USERNAME=wazuh-wui - - API_PASSWORD=wazuh-wui + - API_PASSWORD=MyS3cr37P450r.*- volumes: - ./config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem - ./config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem From 3adb7809ddf1add3fccff6849b2861fb6cc2052f Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 12 May 2022 11:23:46 -0300 Subject: [PATCH 156/163] change doc migration --- multi-node/Migration-to-Wazuh-4.3.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/multi-node/Migration-to-Wazuh-4.3.md b/multi-node/Migration-to-Wazuh-4.3.md index 97d49f0e..611e14b8 100644 --- a/multi-node/Migration-to-Wazuh-4.3.md +++ b/multi-node/Migration-to-Wazuh-4.3.md @@ -17,7 +17,7 @@ Assuming that you have a v4.2 production deployment, perform the following steps **4. Spin down the 4.2 environment.** `docker-compose -f production-cluster.yml down` -**Steps 5 and 6 can be done with the volume-migrator.sh script, specifying Docker version and project name as parameters.** +**Steps 5 and 6 can be done with the volume-migrator.sh script, specifying Docker compose version and project name as parameters.** Ex: $ multi-node/volume-migrator.sh 1.25.0 multi-node From 80bfc148d0fcf8f3ab58972db3bb125fd162ec3f Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 12 May 2022 13:28:13 -0300 Subject: [PATCH 157/163] Change dashboard port --- .../wazuh-dashboard/config/opensearch_dashboards.yml | 2 +- multi-node/config/wazuh_dashboard/opensearch_dashboards.yml | 2 +- multi-node/docker-compose.yml | 2 +- single-node/config/wazuh_dashboard/opensearch_dashboards.yml | 2 +- single-node/docker-compose.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/build-docker-images/wazuh-dashboard/config/opensearch_dashboards.yml b/build-docker-images/wazuh-dashboard/config/opensearch_dashboards.yml index bec41c18..994b83e2 100644 --- a/build-docker-images/wazuh-dashboard/config/opensearch_dashboards.yml +++ b/build-docker-images/wazuh-dashboard/config/opensearch_dashboards.yml @@ -1,5 +1,5 @@ server.host: 0.0.0.0 -server.port: 443 +server.port: 5601 opensearch.hosts: https://wazuh.indexer:9200 opensearch.ssl.verificationMode: none opensearch.requestHeadersWhitelist: [ authorization,securitytenant ] diff --git a/multi-node/config/wazuh_dashboard/opensearch_dashboards.yml b/multi-node/config/wazuh_dashboard/opensearch_dashboards.yml index 012657ff..b065a625 100644 --- a/multi-node/config/wazuh_dashboard/opensearch_dashboards.yml +++ b/multi-node/config/wazuh_dashboard/opensearch_dashboards.yml @@ -1,5 +1,5 @@ server.host: 0.0.0.0 -server.port: 443 +server.port: 5601 opensearch.hosts: https://wazuh1.indexer:9200 opensearch.ssl.verificationMode: certificate opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"] diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index 7a95f09d..5a6c9766 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -141,7 +141,7 @@ services: hostname: wazuh.dashboard restart: always ports: - - 443:443 + - 443:5601 environment: - OPENSEARCH_HOSTS="https://wazuh1.indexer:9200" - WAZUH_API_URL="https://wazuh.master" diff --git a/single-node/config/wazuh_dashboard/opensearch_dashboards.yml b/single-node/config/wazuh_dashboard/opensearch_dashboards.yml index b6526731..2a9cdba2 100644 --- a/single-node/config/wazuh_dashboard/opensearch_dashboards.yml +++ b/single-node/config/wazuh_dashboard/opensearch_dashboards.yml @@ -1,5 +1,5 @@ server.host: 0.0.0.0 -server.port: 443 +server.port: 5601 opensearch.hosts: https://wazuh.indexer:9200 opensearch.ssl.verificationMode: certificate opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"] diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index 5d47ce39..882cb8f0 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -68,7 +68,7 @@ services: hostname: wazuh.dashboard restart: always ports: - - 443:443 + - 443:5601 environment: - INDEXER_USERNAME=admin - INDEXER_PASSWORD=SecretPassword From 86fbf77aa95b16362cb533b25a65a677157a0d22 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 13 May 2022 12:16:42 -0300 Subject: [PATCH 158/163] Bump 4.3.1 version --- .github/.goss.yaml | 2 +- .github/workflows/push.yml | 2 +- CHANGELOG.md | 5 +++++ README.md | 1 + VERSION | 4 ++-- build-docker-images/docker-compose.yml | 6 +++--- build-docker-images/wazuh-dashboard/Dockerfile | 2 +- build-docker-images/wazuh-indexer/config/config.sh | 2 +- build-docker-images/wazuh-manager/Dockerfile | 2 +- multi-node/docker-compose.yml | 12 ++++++------ single-node/docker-compose.yml | 6 +++--- 11 files changed, 25 insertions(+), 19 deletions(-) diff --git a/.github/.goss.yaml b/.github/.goss.yaml index 292c1a66..d0248b51 100644 --- a/.github/.goss.yaml +++ b/.github/.goss.yaml @@ -56,7 +56,7 @@ package: wazuh-manager: installed: true versions: - - 4.3.0 + - 4.3.1 port: tcp:1514: listening: true diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 4baac58a..37b0a58f 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -25,7 +25,7 @@ jobs: version: v0.3.16 - name: Execute Goss tests (wazuh-odfe) - run: dgoss run wazuh/wazuh-manager:4.3.0 + run: dgoss run wazuh/wazuh-manager:4.3.1 env: GOSS_SLEEP: 30 GOSS_FILE: .github/.goss.yaml \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md index 6e6992ca..4d6d9579 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,11 @@ # Change Log All notable changes to this project will be documented in this file. +## Wazuh Docker v4.3.1 +### Added + +- Update Wazuh to version [4.3.1](https://github.com/wazuh/wazuh/blob/v4.3.1/CHANGELOG.md#v431) + ## Wazuh Docker v4.3.0 ### Added diff --git a/README.md b/README.md index f08f61fd..ec18839a 100644 --- a/README.md +++ b/README.md @@ -193,6 +193,7 @@ WAZUH_MONITORING_REPLICAS=0 # | Wazuh version | ODFE | XPACK | |---------------|---------|--------| +| v4.3.1 | | | | v4.3.0 | | | | v4.2.5 | 1.13.2 | 7.11.2 | | v4.2.4 | 1.13.2 | 7.11.2 | diff --git a/VERSION b/VERSION index 5fedc35e..285e4dbc 100644 --- a/VERSION +++ b/VERSION @@ -1,2 +1,2 @@ -WAZUH-DOCKER_VERSION="4.3.0" -REVISION="43100" +WAZUH-DOCKER_VERSION="4.3.1" +REVISION="40311" diff --git a/build-docker-images/docker-compose.yml b/build-docker-images/docker-compose.yml index 0d9b9524..e7baf189 100644 --- a/build-docker-images/docker-compose.yml +++ b/build-docker-images/docker-compose.yml @@ -4,7 +4,7 @@ version: '3.7' services: wazuh.manager: build: wazuh-manager/ - image: wazuh/wazuh-manager:4.3.0 + image: wazuh/wazuh-manager:4.3.1 hostname: wazuh.manager restart: always ports: @@ -32,7 +32,7 @@ services: wazuh.indexer: build: wazuh-indexer/ - image: wazuh/wazuh-indexer:4.3.0 + image: wazuh/wazuh-indexer:4.3.1 hostname: wazuh.indexer restart: always ports: @@ -49,7 +49,7 @@ services: wazuh.dashboard: build: wazuh-dashboard/ - image: wazuh/wazuh-dashboard:4.3.0 + image: wazuh/wazuh-dashboard:4.3.1 hostname: wazuh.dashboard restart: always ports: diff --git a/build-docker-images/wazuh-dashboard/Dockerfile b/build-docker-images/wazuh-dashboard/Dockerfile index d8f5d00d..e53f84c7 100644 --- a/build-docker-images/wazuh-dashboard/Dockerfile +++ b/build-docker-images/wazuh-dashboard/Dockerfile @@ -1,7 +1,7 @@ # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) FROM ubuntu:focal AS builder -ARG WAZUH_VERSION=4.3.0 +ARG WAZUH_VERSION=4.3.1 ARG INSTALL_DIR=/usr/share/wazuh-dashboard # Update and install dependencies diff --git a/build-docker-images/wazuh-indexer/config/config.sh b/build-docker-images/wazuh-indexer/config/config.sh index e5b0624b..6043789b 100644 --- a/build-docker-images/wazuh-indexer/config/config.sh +++ b/build-docker-images/wazuh-indexer/config/config.sh @@ -8,7 +8,7 @@ export TARGET_DIR=${CURDIR}/debian/${NAME} # Package build options export USER=${NAME} export GROUP=${NAME} -export VERSION=4.3.0 +export VERSION=4.3.1 export LOG_DIR=/var/log/${NAME} export LIB_DIR=/var/lib/${NAME} export PID_DIR=/run/${NAME} diff --git a/build-docker-images/wazuh-manager/Dockerfile b/build-docker-images/wazuh-manager/Dockerfile index 11a852e1..27b2418b 100644 --- a/build-docker-images/wazuh-manager/Dockerfile +++ b/build-docker-images/wazuh-manager/Dockerfile @@ -1,7 +1,7 @@ # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) FROM ubuntu:focal -ARG WAZUH_VERSION=4.3.0 +ARG WAZUH_VERSION=4.3.1 ARG TEMPLATE_VERSION=4.3 ARG FILEBEAT_CHANNEL=filebeat-oss ARG FILEBEAT_VERSION=7.10.2 diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index 5a6c9766..e7d77de0 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.master: - image: wazuh/wazuh-manager:4.3.0 + image: wazuh/wazuh-manager:4.3.1 hostname: wazuh.master restart: always ports: @@ -38,7 +38,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: - image: wazuh/wazuh-manager:4.3.0 + image: wazuh/wazuh-manager:4.3.1 hostname: wazuh.worker restart: always environment: @@ -67,7 +67,7 @@ services: - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf wazuh1.indexer: - image: wazuh/wazuh-indexer:4.3.0 + image: wazuh/wazuh-indexer:4.3.1 hostname: wazuh1.indexer restart: always ports: @@ -93,7 +93,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml wazuh2.indexer: - image: wazuh/wazuh-indexer:4.3.0 + image: wazuh/wazuh-indexer:4.3.1 hostname: wazuh2.indexer restart: always environment: @@ -115,7 +115,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml wazuh3.indexer: - image: wazuh/wazuh-indexer:4.3.0 + image: wazuh/wazuh-indexer:4.3.1 hostname: wazuh3.indexer restart: always environment: @@ -137,7 +137,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.3.0 + image: wazuh/wazuh-dashboard:4.3.1 hostname: wazuh.dashboard restart: always ports: diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index 882cb8f0..0a0145a8 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.manager: - image: wazuh/wazuh-manager:4.3.0 + image: wazuh/wazuh-manager:4.3.1 hostname: wazuh.manager restart: always ports: @@ -39,7 +39,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.indexer: - image: wazuh/wazuh-indexer:4.3.0 + image: wazuh/wazuh-indexer:4.3.1 hostname: wazuh.indexer restart: always ports: @@ -64,7 +64,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.3.0 + image: wazuh/wazuh-dashboard:4.3.1 hostname: wazuh.dashboard restart: always ports: From 65fd592d52e60db667493354adbae0fce19385a9 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Mon, 16 May 2022 12:37:48 -0300 Subject: [PATCH 159/163] Bump 4.3.1 version --- build-docker-images/wazuh-indexer/config/entrypoint.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/build-docker-images/wazuh-indexer/config/entrypoint.sh b/build-docker-images/wazuh-indexer/config/entrypoint.sh index 157a9ba5..084573fc 100644 --- a/build-docker-images/wazuh-indexer/config/entrypoint.sh +++ b/build-docker-images/wazuh-indexer/config/entrypoint.sh @@ -84,9 +84,10 @@ if [[ "$(id -u)" == "0" ]]; then fi -if [[ "$DISCOVERY" == "single-node" ]]; then +if [[ "$DISCOVERY" == "single-node" ]] && [[ ! -f "/var/lib/wazuh-indexer/.flag" ]]; then # run securityadmin.sh for single node with CACERT, CERT and KEY parameter nohup /securityadmin.sh & + touch "/var/lib/wazuh-indexer/.flag" fi run_as_other_user_if_needed /usr/share/wazuh-indexer/bin/opensearch <<<"$KEYSTORE_PASSWORD" \ No newline at end of file From 020031c81d71266550df7a476da6621a7f101242 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 17 May 2022 15:49:38 -0300 Subject: [PATCH 160/163] Modify Dashboard user parameter --- build-docker-images/wazuh-dashboard/Dockerfile | 5 ----- .../wazuh-dashboard/config/entrypoint.sh | 10 ++++++++++ 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/build-docker-images/wazuh-dashboard/Dockerfile b/build-docker-images/wazuh-dashboard/Dockerfile index e53f84c7..6822025a 100644 --- a/build-docker-images/wazuh-dashboard/Dockerfile +++ b/build-docker-images/wazuh-dashboard/Dockerfile @@ -19,11 +19,6 @@ COPY config/config.sh . COPY config/config.yml / RUN bash config.sh -# Create and configure Wazuh dashboard keystore -RUN $INSTALL_DIR/bin/opensearch-dashboards-keystore create --allow-root && \ - echo kibanaserver | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.username --stdin --allow-root && \ - echo kibanaserver | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.password --stdin --allow-root - # Install Wazuh App RUN $INSTALL_DIR/bin/opensearch-dashboards-plugin install https://packages.wazuh.com/4.x/ui/dashboard/wazuh-${WAZUH_VERSION}.zip --allow-root diff --git a/build-docker-images/wazuh-dashboard/config/entrypoint.sh b/build-docker-images/wazuh-dashboard/config/entrypoint.sh index d25432fa..6d6b1932 100644 --- a/build-docker-images/wazuh-dashboard/config/entrypoint.sh +++ b/build-docker-images/wazuh-dashboard/config/entrypoint.sh @@ -1,6 +1,16 @@ #!/bin/bash # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) +INSTALL_DIR=/usr/share/wazuh-dashboard +DASHBOARD_USERNAME="${DASHBOARD_USERNAME:-kibanaserver}" +DASHBOARD_PASSWORD="${DASHBOARD_PASSWORD:-kibanaserver}" + +# Create and configure Wazuh dashboard keystore + +$INSTALL_DIR/bin/opensearch-dashboards-keystore create --allow-root && \ +echo $DASHBOARD_USERNAME | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.username --stdin --allow-root && \ +echo $DASHBOARD_PASSWORD | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.password --stdin --allow-root + ############################################################################## # Start Wazuh dashboard ############################################################################## From f678aaf1e02187141981f57b64622fb1a4f05483 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 17 May 2022 17:34:24 -0300 Subject: [PATCH 161/163] Modify Dashboard user parameter --- build-docker-images/wazuh-dashboard/config/entrypoint.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/build-docker-images/wazuh-dashboard/config/entrypoint.sh b/build-docker-images/wazuh-dashboard/config/entrypoint.sh index 6d6b1932..282f152c 100644 --- a/build-docker-images/wazuh-dashboard/config/entrypoint.sh +++ b/build-docker-images/wazuh-dashboard/config/entrypoint.sh @@ -7,7 +7,10 @@ DASHBOARD_PASSWORD="${DASHBOARD_PASSWORD:-kibanaserver}" # Create and configure Wazuh dashboard keystore -$INSTALL_DIR/bin/opensearch-dashboards-keystore create --allow-root && \ +$INSTALL_DIR/bin/opensearch-dashboards-keystore create --allow-root + +/wazuh_app_config.sh + echo $DASHBOARD_USERNAME | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.username --stdin --allow-root && \ echo $DASHBOARD_PASSWORD | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.password --stdin --allow-root @@ -15,6 +18,5 @@ echo $DASHBOARD_PASSWORD | $INSTALL_DIR/bin/opensearch-dashboards-keystore add o # Start Wazuh dashboard ############################################################################## -/wazuh_app_config.sh /usr/share/wazuh-dashboard/bin/opensearch-dashboards -c /usr/share/wazuh-dashboard/config/opensearch_dashboards.yml \ No newline at end of file From 7d06cb56efc51d61086ec70dbe6edf4aad45cc82 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 17 May 2022 17:58:22 -0300 Subject: [PATCH 162/163] Modify Dashboard user parameter --- build-docker-images/wazuh-dashboard/config/entrypoint.sh | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/build-docker-images/wazuh-dashboard/config/entrypoint.sh b/build-docker-images/wazuh-dashboard/config/entrypoint.sh index 282f152c..6356110c 100644 --- a/build-docker-images/wazuh-dashboard/config/entrypoint.sh +++ b/build-docker-images/wazuh-dashboard/config/entrypoint.sh @@ -7,10 +7,8 @@ DASHBOARD_PASSWORD="${DASHBOARD_PASSWORD:-kibanaserver}" # Create and configure Wazuh dashboard keystore -$INSTALL_DIR/bin/opensearch-dashboards-keystore create --allow-root - -/wazuh_app_config.sh - +$INSTALL_DIR/bin/opensearch-dashboards-keystore create --allow-root && \ +sleep 10 && \ echo $DASHBOARD_USERNAME | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.username --stdin --allow-root && \ echo $DASHBOARD_PASSWORD | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.password --stdin --allow-root @@ -18,5 +16,6 @@ echo $DASHBOARD_PASSWORD | $INSTALL_DIR/bin/opensearch-dashboards-keystore add o # Start Wazuh dashboard ############################################################################## +/wazuh_app_config.sh /usr/share/wazuh-dashboard/bin/opensearch-dashboards -c /usr/share/wazuh-dashboard/config/opensearch_dashboards.yml \ No newline at end of file From bfeb4b007a6fc85a08fb3d76965dda79494c9396 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gonzalo=20Acu=C3=B1a?= Date: Tue, 17 May 2022 19:45:53 -0300 Subject: [PATCH 163/163] Dashboard entrypoint update --- build-docker-images/wazuh-dashboard/config/entrypoint.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/build-docker-images/wazuh-dashboard/config/entrypoint.sh b/build-docker-images/wazuh-dashboard/config/entrypoint.sh index 6356110c..6d6b1932 100644 --- a/build-docker-images/wazuh-dashboard/config/entrypoint.sh +++ b/build-docker-images/wazuh-dashboard/config/entrypoint.sh @@ -8,7 +8,6 @@ DASHBOARD_PASSWORD="${DASHBOARD_PASSWORD:-kibanaserver}" # Create and configure Wazuh dashboard keystore $INSTALL_DIR/bin/opensearch-dashboards-keystore create --allow-root && \ -sleep 10 && \ echo $DASHBOARD_USERNAME | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.username --stdin --allow-root && \ echo $DASHBOARD_PASSWORD | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.password --stdin --allow-root