add ism policies

2025-11-03 13:33:15 +00:00 · 2023-11-09 09:25:00 -03:00
parent a68da465d3
commit b55cfaa9a0
6 changed files with 24 additions and 3 deletions
--- a/.env
+++ b/.env
@@ -1,3 +1,6 @@
 WAZUH_VERSION=4.8.0
 WAZUH_IMAGE_VERSION=4.8.0
-WAZUH_TAG_REVISION=1
+WAZUH_TAG_REVISION=40800
+FILEBEAT_TEMPLATE_BRANCH=4.8.0
+WAZUH_FILEBEAT_MODULE=wazuh-filebeat-0.2.tar.gz
+WAZUH_UI_REVISION=40800
--- a/build-docker-images/wazuh-indexer/Dockerfile
+++ b/build-docker-images/wazuh-indexer/Dockerfile
@@ -35,6 +35,8 @@ ENV USER="wazuh-indexer" \
    NAME="wazuh-indexer" \
    INSTALL_DIR="/usr/share/wazuh-indexer"

+RUN apt-get update -y && apt-get install curl -y
+
 RUN getent group $GROUP || groupadd -r -g 1000 $GROUP

 RUN useradd --system \
@@ -52,7 +54,9 @@ COPY config/entrypoint.sh /

 COPY config/securityadmin.sh /

-RUN chmod 700 /entrypoint.sh && chmod 700 /securityadmin.sh
+COPY config/ism-check.sh /
+
+RUN chmod 700 /entrypoint.sh && chmod 700 /securityadmin.sh && chmod 700 /ism-check.sh

 RUN chown 1000:1000 /*.sh

--- a/build-docker-images/wazuh-indexer/config/entrypoint.sh
+++ b/build-docker-images/wazuh-indexer/config/entrypoint.sh
@@ -90,4 +90,6 @@ fi
 #  touch "/var/lib/wazuh-indexer/.flag"
 #fi

+nohup /ism-check.sh &
+
 run_as_other_user_if_needed /usr/share/wazuh-indexer/bin/opensearch <<<"$KEYSTORE_PASSWORD"
--- a/build-docker-images/wazuh-indexer/config/ism-check.sh
+++ b/build-docker-images/wazuh-indexer/config/ism-check.sh
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+if [[ -n "$INDEXER_PASSWORD"  ]]; then
+    until [[ `curl -XGET https://0.0.0.0:9200/_cat/indices -u admin:SecretPassword -k -s  | grep .opendistro_security | wc -l`  -eq 1 ]]
+    do
+        echo "Wazuh indexer Security is not initiaized";
+        sleep 30
+    done
+    bash /usr/share/wazuh-indexer/bin/indexer-ism-init.sh -i 127.0.0.1 -p $INDEXER_PASSWORD
+fi
--- a/multi-node/docker-compose.yml
+++ b/multi-node/docker-compose.yml
@@ -89,6 +89,7 @@ services:
    environment:
      - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g"
      - "bootstrap.memory_lock=true"
+      - 'INDEXER_PASSWORD=SecretPassword'
    ulimits:
      memlock:
        soft: -1
--- a/single-node/docker-compose.yml
+++ b/single-node/docker-compose.yml
@@ -52,7 +52,8 @@ services:
    ports:
      - "9200:9200"
    environment:
-      - "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m"
+      - "OPENSEARCH_JAVA_OPTS=-Xms1024m -Xmx1024m"
+      - 'INDEXER_PASSWORD=SecretPassword'
    ulimits:
      memlock:
        soft: -1