Merge pull request #327 from wazuh/release-wazuh_3.12.2_7.6.2

Release wazuh 3.12.2_7.6.2

CHANGELOG.md

@@ -1,6 +1,49 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## Wazuh Docker v3.12.2_7.6.2
+
+### Added
+
+- Update to Wazuh version 3.12.2_7.6.2
+
+## Wazuh Docker v3.12.1_7.6.2
+
+### Added
+
+- Update to Wazuh version 3.12.1_7.6.2
+
+### Fixed
+
+- Agent timestamp not being properly saved ([@xr09](https://github.com/xr09)) [#323](https://github.com/wazuh/wazuh-docker/pull/323)
+
+
+## Wazuh Docker v3.12.0_7.6.1
+
+### Added
+
+- Update to Wazuh version 3.12.0_7.6.1
+
+
+## Wazuh Docker v3.11.4_7.6.1
+
+### Added
+
+- Update to Wazuh version 3.11.4_7.6.1
+
+- Enable HTTP v2 on nginx ([@xr09](https://github.com/xr09)) [#308](https://github.com/wazuh/wazuh-docker/pull/308)
+
+### Fixed
+
+- Updated NGINX config syntax ([@xr09](https://github.com/xr09)) [#303](https://github.com/wazuh/wazuh-docker/pull/303)
+
+
+## Wazuh Docker v3.11.3_7.5.2
+
+### Added
+
+- Update to Wazuh version 3.11.3_7.5.2
+
 ## Wazuh Docker v3.11.2_7.5.1
 
 ### Added

LICENSE

@@ -1,5 +1,5 @@
 
- Portions Copyright (C) 2019 Wazuh, Inc.
+ Portions Copyright (C) 2020 Wazuh, Inc.
  Based on work Copyright (C) 2003 - 2013 Trend Micro, Inc.
 
  This program is a free software; you can redistribute it and/or modify

README.md

@@ -70,7 +70,7 @@ We thank you them and everyone else who has contributed to this project.
 
 ## License and copyright
 
-Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 
 ## Web references
 

VERSION

@@ -1,2 +1,2 @@
-WAZUH-DOCKER_VERSION="3.11.2_7.5.1"
+WAZUH-DOCKER_VERSION="3.12.2_7.6.2"
-REVISION="31120"
+REVISION="31220"

docker-compose.yml

@@ -1,9 +1,9 @@
-# Wazuh App Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh App Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 version: '2'
 
 services:
   wazuh:
-    image: wazuh/wazuh:3.11.2_7.5.1
+    image: wazuh/wazuh:3.12.2_7.6.2
     hostname: wazuh-manager
     restart: always
     ports:
@@ -13,7 +13,7 @@ services:
       - "55000:55000"
 
   elasticsearch:
-    image: wazuh/wazuh-elasticsearch:3.11.2_7.5.1
+    image: wazuh/wazuh-elasticsearch:3.12.2_7.6.2
     hostname: elasticsearch
     restart: always
     ports:
@@ -30,7 +30,7 @@ services:
     mem_limit: 2g
 
   kibana:
-    image: wazuh/wazuh-kibana:3.11.2_7.5.1
+    image: wazuh/wazuh-kibana:3.12.2_7.6.2
     hostname: kibana
     restart: always
     depends_on:
@@ -38,8 +38,9 @@ services:
     links:
       - elasticsearch:elasticsearch
       - wazuh:wazuh
+
   nginx:
-    image: wazuh/wazuh-nginx:3.11.2_7.5.1
+    image: wazuh/wazuh-nginx:3.12.2_7.6.2
     hostname: nginx
     restart: always
     environment:

elasticsearch/Dockerfile

@@ -1,5 +1,5 @@
-# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
-ARG ELASTIC_VERSION=7.5.1
+ARG ELASTIC_VERSION=7.6.2
 FROM docker.elastic.co/elasticsearch/elasticsearch:${ELASTIC_VERSION}
 ARG ELASTIC_VERSION
 ARG S3_PLUGIN_URL="https://artifacts.elastic.co/downloads/elasticsearch-plugins/repository-s3/repository-s3-${ELASTIC_VERSION}.zip"
@@ -16,7 +16,7 @@ ENV XPACK_ML="true"
 
 ENV ENABLE_CONFIGURE_S3="false"
 
-ARG TEMPLATE_VERSION=v3.11.2
+ARG TEMPLATE_VERSION=v3.12.2
 
 # Elasticearch cluster configuration environment variables
 # If ELASTIC_CLUSTER is set to "true" the following variables will be added to the Elasticsearch configuration

elasticsearch/config/config_cluster.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 
 elastic_config_file="/usr/share/elasticsearch/config/elasticsearch.yml"
 

elasticsearch/config/configure_s3.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 
 set -e
 

elasticsearch/config/entrypoint.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 
 # For more information https://github.com/elastic/elasticsearch-docker/blob/6.8.0/build/elasticsearch/bin/docker-entrypoint.sh
 

elasticsearch/config/load_settings.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 
 set -e
 

kibana/Dockerfile

@@ -1,15 +1,14 @@
-# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
-FROM docker.elastic.co/kibana/kibana:7.5.1
+FROM docker.elastic.co/kibana/kibana:7.6.2
 USER kibana
-ARG ELASTIC_VERSION=7.5.1
+ARG ELASTIC_VERSION=7.6.2
-ARG WAZUH_VERSION=3.11.2
+ARG WAZUH_VERSION=3.12.2
 ARG WAZUH_APP_VERSION="${WAZUH_VERSION}_${ELASTIC_VERSION}"
 
-#ADD  https://packages.wazuh.com/wazuhapp/wazuhapp-${WAZUH_APP_VERSION}.zip /usr/share/kibana/
+WORKDIR /usr/share/kibana
-
+RUN ./bin/kibana-plugin install https://packages.wazuh.com/wazuhapp/wazuhapp-${WAZUH_APP_VERSION}.zip
-RUN /usr/share/kibana/bin/kibana-plugin install https://packages.wazuh.com/wazuhapp/wazuhapp-${WAZUH_APP_VERSION}.zip
-# RUN rm -rf /tmp/wazuhapp-${WAZUH_APP_VERSION}.zip
 
+WORKDIR /
 USER root
 COPY config/entrypoint.sh ./entrypoint.sh
 RUN chmod 755 ./entrypoint.sh
@@ -71,6 +70,6 @@ RUN chmod +x ./welcome_wazuh.sh
 
 RUN ./welcome_wazuh.sh
 USER kibana
-RUN /usr/local/bin/kibana-docker --optimize
+RUN NODE_OPTIONS="--max-old-space-size=2048" /usr/local/bin/kibana-docker --optimize
 
 ENTRYPOINT ./entrypoint.sh

kibana/config/entrypoint.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 
 set -e
 

kibana/config/kibana_settings.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 
 WAZUH_MAJOR=3
 

kibana/config/wazuh_app_config.sh

@@ -1,12 +1,14 @@
 #!/bin/bash
-# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 
 wazuh_url="${WAZUH_API_URL:-https://wazuh}"
 wazuh_port="${API_PORT:-55000}"
 api_user="${API_USER:-foo}"
 api_password="${API_PASS:-bar}"
 
-kibana_config_file="/usr/share/kibana/plugins/wazuh/wazuh.yml"
+kibana_config_file="/usr/share/kibana/optimize/wazuh/config/wazuh.yml"
+mkdir -p /usr/share/kibana/optimize/wazuh/config/
+touch $kibana_config_file
 
 declare -A CONFIG_MAP=(
   [pattern]=$PATTERN
@@ -53,7 +55,8 @@ grep -q 1513629884013 $kibana_config_file
 _config_exists=$?
 
 if [[ "x$CONFIG_CODE" != "x200" && $_config_exists -ne 0 ]]; then
-cat << EOF >> $kibana_config_file 
+cat << EOF > $kibana_config_file
+hosts:
   - 1513629884013:
       url: $wazuh_url
       port: $wazuh_port

kibana/config/welcome_wazuh.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 
 if [[ $CHANGE_WELCOME == "true" ]]
 then
@@ -21,4 +21,3 @@ then
     sed -i 's#visible: true#visible: false#g' $kibana_path/node_modules/x-pack/plugins/rollup/public/crud_app/index.js
     sed -i 's#visible: true#visible: false#g' $kibana_path/node_modules/x-pack/plugins/license_management/public/management_section.js
 fi
-

kibana/config/xpack_config.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 
 kibana_config_file="/usr/share/kibana/config/kibana.yml"
 if grep -Fq  "#xpack features" "$kibana_config_file";

nginx/Dockerfile

@@ -1,4 +1,4 @@
-# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 FROM nginx:latest
 
 ENV DEBIAN_FRONTEND noninteractive
@@ -16,4 +16,4 @@ VOLUME ["/etc/nginx/conf.d"]
 ENV NGINX_NAME="foo" \
     NGINX_PWD="bar"
 
-ENTRYPOINT /entrypoint.sh
+ENTRYPOINT [ "/entrypoint.sh" ]

nginx/config/entrypoint.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 
 set -e
 
@@ -30,14 +30,14 @@ if [ ! -f /etc/nginx/conf.d/kibana.htpasswd ]; then
     do
       IFS=':' read -r -a credentials <<< "${users[index]}"
       if [ $index -eq 0 ]; then
-        echo ${credentials[1]}|htpasswd -i -c /etc/nginx/conf.d/kibana.htpasswd ${credentials[0]} >/dev/null
+        htpasswd -b -c /etc/nginx/conf.d/kibana.htpasswd ${credentials[0]} ${credentials[1]} >/dev/null
       else
-        echo ${credentials[1]}|htpasswd -i /etc/nginx/conf.d/kibana.htpasswd  ${credentials[0]} >/dev/null
+        htpasswd -b /etc/nginx/conf.d/kibana.htpasswd  ${credentials[0]} ${credentials[1]} >/dev/null
       fi
     done
   else
     # NGINX_PWD and NGINX_NAME are declared in nginx/Dockerfile
-    echo $NGINX_PWD|htpasswd -i -c /etc/nginx/conf.d/kibana.htpasswd $NGINX_NAME >/dev/null
+    htpasswd -b -c /etc/nginx/conf.d/kibana.htpasswd $NGINX_NAME $NGINX_PWD >/dev/null
   fi
 else
   echo "Kibana credentials already configured"
@@ -60,9 +60,8 @@ server {
 }
 
 server {
-    listen ${NGINX_PORT} default_server;
+    listen ${NGINX_PORT} default_server ssl http2;
-    listen [::]:${NGINX_PORT};
+    listen [::]:${NGINX_PORT} ssl http2;
-    ssl on;
     ssl_certificate /etc/nginx/conf.d/ssl/certs/kibana-access.pem;
     ssl_certificate_key /etc/nginx/conf.d/ssl/private/kibana-access.key;
     location / {
@@ -76,4 +75,4 @@ server {
 }
 EOF
 
-nginx -g 'daemon off;'
+exec nginx -g 'daemon off;'

wazuh/Dockerfile

@@ -1,14 +1,14 @@
-# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 FROM phusion/baseimage:latest
 
-ARG FILEBEAT_VERSION=7.5.1
+ARG FILEBEAT_VERSION=7.6.2
 
-ARG WAZUH_VERSION=3.11.2-1
+ARG WAZUH_VERSION=3.12.2-1
 
 ENV API_USER="foo" \
    API_PASS="bar"
 
-ARG TEMPLATE_VERSION="v3.11.2"
+ARG TEMPLATE_VERSION="v3.12.2"
 
 # Set repositories.
 RUN set -x && echo "deb https://packages.wazuh.com/3.x/apt/ stable main" | tee /etc/apt/sources.list.d/wazuh.list && \

wazuh/config/00-wazuh.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 
 # Wazuh container bootstrap. See the README for information of the environment
 # variables expected by this script.
@@ -52,6 +52,15 @@ then
 fi
 rm /var/ossec/queue/db/.template.db
 
+# copy missing files from queue-template (in case this is an upgrade from previous versions)
+for filename in /var/ossec/queue-template/*; do
+  fname=$(basename $filename)
+  echo $fname
+  if test ! -e "/var/ossec/data/queue/$fname"; then
+    cp -rp "/var/ossec/queue-template/$fname" /var/ossec/data/queue/
+  fi
+done
+
 touch ${DATA_PATH}/process_list
 chgrp ossec ${DATA_PATH}/process_list
 chmod g+rw ${DATA_PATH}/process_list

wazuh/config/01-config_filebeat.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Wazuh App Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh App Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 
 set -e
 
@@ -16,4 +16,3 @@ fi
 curl -s "https://packages.wazuh.com/3.x/filebeat/${WAZUH_FILEBEAT_MODULE}" | tar -xvz -C /usr/share/filebeat/module
 mkdir -p /usr/share/filebeat/module/wazuh
 chmod 755 -R /usr/share/filebeat/module/wazuh
-

wazuh/config/data_dirs.env

@@ -2,14 +2,6 @@ i=0
 DATA_DIRS[((i++))]="api/configuration"
 DATA_DIRS[((i++))]="etc"
 DATA_DIRS[((i++))]="logs"
-DATA_DIRS[((i++))]="queue/db"
+DATA_DIRS[((i++))]="queue"
-DATA_DIRS[((i++))]="queue/rootcheck"
-DATA_DIRS[((i++))]="queue/agent-groups"
-DATA_DIRS[((i++))]="queue/agent-info"
-DATA_DIRS[((i++))]="queue/agents-timestamp"
-DATA_DIRS[((i++))]="queue/agentless"
-DATA_DIRS[((i++))]="queue/cluster"
-DATA_DIRS[((i++))]="queue/rids"
-DATA_DIRS[((i++))]="queue/fts"
 DATA_DIRS[((i++))]="var/multigroups"
 export DATA_DIRS

wazuh/config/entrypoint.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 
 # It will run every .sh script located in entrypoint-scripts folder in lexicographical order
 for script in `ls /entrypoint-scripts/*.sh | sort -n`; do

wazuh/config/filebeat.runit.service

@@ -1,4 +1,4 @@
 #!/bin/sh
-# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 service filebeat start
 tail -f /var/log/filebeat/filebeat

wazuh/config/init.bash

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 
 # Initialize the custom data directory layout
 source /data_dirs.env

wazuh/config/postfix.runit.service

@@ -1,4 +1,4 @@
 #!/bin/sh
-# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 service postfix start
 tail -f /var/log/mail.log

wazuh/config/wazuh-api.runit.service

@@ -1,5 +1,4 @@
 #!/bin/sh
-# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 service wazuh-api start
 tail -f /var/ossec/data/logs/api.log
-

wazuh/config/wazuh.runit.service

@@ -1,5 +1,4 @@
 #!/bin/sh
-# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 service wazuh-manager start
 tail -f /var/ossec/data/logs/ossec.log
-