From d84631761a920eb994b26c633b319a3feecd9e9b Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <1380243+xr09@users.noreply.github.com>
Date: Thu, 4 Feb 2021 18:25:39 +0100
Subject: [PATCH] Update xpack-compose

---
 xpack-compose.yml | 125 ++++++++++++++++++++++++++++++++++++++++++----
 1 file changed, 116 insertions(+), 9 deletions(-)

diff --git a/xpack-compose.yml b/xpack-compose.yml
index fbbc20c3..52025636 100644
--- a/xpack-compose.yml
+++ b/xpack-compose.yml
@@ -17,10 +17,13 @@ services:
       - "514:514/udp"
       - "55000:55000"
     environment:
-      - ELASTICSEARCH_URL=http://elasticsearch:9200
-      - ELASTIC_USERNAME=admin
-      - ELASTIC_PASSWORD=admin
+      - ELASTICSEARCH_URL=https://elasticsearch:9200
+      - ELASTIC_USERNAME=elastic
+      - ELASTIC_PASSWORD=SecretPassword
       - FILEBEAT_SSL_VERIFICATION_MODE=none
+      - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/ca.crt
+      - SSL_CERTIFICATE=/etc/ssl/wazuh.crt
+      - SSL_KEY=/etc/ssl/wazuh.key
     volumes:
       - ossec_api_configuration:/var/ossec/api/configuration
       - ossec_etc:/var/ossec/etc
@@ -33,6 +36,10 @@ services:
       - ossec_wodles:/var/ossec/wodles
       - filebeat_etc:/etc/filebeat
       - filebeat_var:/var/lib/filebeat
+      - ./xpack/ca/ca.crt:/etc/ssl/ca.crt
+      - ./xpack/wazuh/wazuh.crt:/etc/ssl/wazuh.crt
+      - ./xpack/wazuh/wazuh.key:/etc/ssl/wazuh.key
+
 
   elasticsearch:
     image: docker.elastic.co/elasticsearch/elasticsearch:7.9.3
@@ -41,11 +48,24 @@ services:
     ports:
       - "9200:9200"
     environment:
-      - discovery.type=single-node
       - cluster.name=wazuh-cluster
-      - network.host=0.0.0.0
+      - node.name=elasticsearch
+      - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3
+      - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3
+      - ELASTIC_PASSWORD=SecretPassword
       - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
       - bootstrap.memory_lock=true
+      - xpack.license.self_generated.type=basic
+      - xpack.security.enabled=true
+      - xpack.security.http.ssl.enabled=true
+      - xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
+      - xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
+      - xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
+      - xpack.security.transport.ssl.enabled=true
+      - xpack.security.transport.ssl.verification_mode=certificate
+      - xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
+      - xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
+      - xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
     ulimits:
       memlock:
         soft: -1
@@ -53,6 +73,82 @@ services:
       nofile:
         soft: 65536
         hard: 65536
+    volumes:
+      - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt
+      - ./xpack/elasticsearch/elasticsearch.key:/usr/share/elasticsearch/config/elasticsearch.key
+      - ./xpack/elasticsearch/elasticsearch.crt:/usr/share/elasticsearch/config/elasticsearch.crt
+
+  elasticsearch2:
+    image: docker.elastic.co/elasticsearch/elasticsearch:7.9.3
+    hostname: elasticsearch2
+    restart: always
+    environment:
+      - cluster.name=wazuh-cluster
+      - node.name=elasticsearch2
+      - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3
+      - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3
+      - ELASTIC_PASSWORD=SecretPassword
+      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
+      - bootstrap.memory_lock=true
+      - xpack.license.self_generated.type=basic
+      - xpack.security.enabled=true
+      - xpack.security.http.ssl.enabled=true
+      - xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
+      - xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
+      - xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
+      - xpack.security.transport.ssl.enabled=true
+      - xpack.security.transport.ssl.verification_mode=certificate
+      - xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
+      - xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
+      - xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
+    ulimits:
+      memlock:
+        soft: -1
+        hard: -1
+      nofile:
+        soft: 65536
+        hard: 65536
+    volumes:
+      - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt
+      - ./xpack/elasticsearch2/elasticsearch2.key:/usr/share/elasticsearch/config/elasticsearch.key
+      - ./xpack/elasticsearch2/elasticsearch2.crt:/usr/share/elasticsearch/config/elasticsearch.crt
+
+  elasticsearch3:
+    image: docker.elastic.co/elasticsearch/elasticsearch:7.9.3
+    hostname: elasticsearch3
+    restart: always
+    environment:
+      - cluster.name=wazuh-cluster
+      - node.name=elasticsearch3
+      - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3
+      - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3
+      - ELASTIC_PASSWORD=SecretPassword
+      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
+      - bootstrap.memory_lock=true
+      - xpack.license.self_generated.type=basic
+      - xpack.security.enabled=true
+      - xpack.security.http.ssl.enabled=true
+      - xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
+      - xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
+      - xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
+      - xpack.security.transport.ssl.enabled=true
+      - xpack.security.transport.ssl.verification_mode=certificate
+      - xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
+      - xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
+      - xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
+    ulimits:
+      memlock:
+        soft: -1
+        hard: -1
+      nofile:
+        soft: 65536
+        hard: 65536
+    volumes:
+      - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt
+      - ./xpack/elasticsearch3/elasticsearch3.key:/usr/share/elasticsearch/config/elasticsearch.key
+      - ./xpack/elasticsearch3/elasticsearch3.crt:/usr/share/elasticsearch/config/elasticsearch.crt
+
+
 
   kibana:
     build: kibana/
@@ -60,11 +156,22 @@ services:
     hostname: kibana
     restart: always
     ports:
-      - 5601:5601
+      - 443:5601
     environment:
-      - ELASTICSEARCH_USERNAME=admin
-      - ELASTICSEARCH_PASSWORD=admin
-      - ELASTICSEARCH_URL=http://elasticsearch:9200
+      - SERVERNAME=localhost
+      - ELASTICSEARCH_USERNAME=elastic
+      - ELASTICSEARCH_PASSWORD=SecretPassword
+      - ELASTICSEARCH_URL=https://elasticsearch:9200
+      - ELASTICSEARCH_HOSTS=https://elasticsearch:9200
+      - ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=/usr/share/kibana/config/ca.crt
+      - SERVER_SSL_ENABLED=true
+      - XPACK_SECURITY_ENABLED=true
+      - SERVER_SSL_KEY=/usr/share/kibana/config/kibana.key
+      - SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/kibana.crt
+    volumes:
+      - ./xpack/ca/ca.crt:/usr/share/kibana/config/ca.crt
+      - ./xpack/kibana/kibana.key:/usr/share/kibana/config/kibana.key
+      - ./xpack/kibana/kibana.crt:/usr/share/kibana/config/kibana.crt
     depends_on:
       - elasticsearch
     links: