mirror of
https://github.com/wazuh/wazuh-docker.git
synced 2025-10-24 08:33:46 +00:00
Compare commits
7 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
e9c1ab98f1 | ||
|
623021be27 | ||
|
|
095d878b04 | ||
|
|
53903126cf | ||
|
|
63ceab20b0 | ||
|
|
5fb369f9e8 | ||
|
6ddaecd7b5 |
4
.env
4
.env
@@ -1,3 +1,3 @@
|
||||
WAZUH_VERSION=4.5.1
|
||||
WAZUH_IMAGE_VERSION=4.5.1
|
||||
WAZUH_VERSION=4.3.11
|
||||
WAZUH_IMAGE_VERSION=4.3.11
|
||||
WAZUH_TAG_REVISION=1
|
||||
|
||||
2
.github/.goss.yaml
vendored
2
.github/.goss.yaml
vendored
@@ -56,7 +56,7 @@ package:
|
||||
wazuh-manager:
|
||||
installed: true
|
||||
versions:
|
||||
- 4.5.1-1
|
||||
- 4.3.11-1
|
||||
port:
|
||||
tcp:1514:
|
||||
listening: true
|
||||
|
||||
6
.github/workflows/push.yml
vendored
6
.github/workflows/push.yml
vendored
@@ -126,7 +126,7 @@ jobs:
|
||||
|
||||
- name: Check documents into wazuh-alerts index
|
||||
run: |
|
||||
docs="`curl -XGET "https://0.0.0.0:9200/wazuh-alerts*/_count" -u admin:SecretPassword -k -s | jq -r ".count"`"
|
||||
docs="`curl -XGET "https://0.0.0.0:9200/wazuh-alerts*/_doc/_search" -u admin:SecretPassword -k -s | jq -r ".hits.total.value"`"
|
||||
if [[ $docs -gt 100 ]]; then
|
||||
echo "wazuh-alerts index documents: ${docs}"
|
||||
else
|
||||
@@ -250,8 +250,8 @@ jobs:
|
||||
|
||||
- name: Check documents into wazuh-alerts index
|
||||
run: |
|
||||
docs="`curl -XGET "https://0.0.0.0:9200/wazuh-alerts*/_count" -u admin:SecretPassword -k -s | jq -r ".count"`"
|
||||
if [[ $docs -gt 100 ]]; then
|
||||
docs="`curl -XGET "https://0.0.0.0:9200/wazuh-alerts*/_doc/_search" -u admin:SecretPassword -k -s | jq -r ".hits.total.value"`"
|
||||
if [[ $docs -gt 200 ]]; then
|
||||
echo "wazuh-alerts index documents: ${docs}"
|
||||
else
|
||||
echo "wazuh-alerts index documents: ${docs}"
|
||||
|
||||
40
CHANGELOG.md
40
CHANGELOG.md
@@ -1,46 +1,6 @@
|
||||
# Change Log
|
||||
All notable changes to this project will be documented in this file.
|
||||
|
||||
## Wazuh Docker v4.5.1
|
||||
### Added
|
||||
|
||||
- Update Wazuh to version [4.5.1](https://github.com/wazuh/wazuh/blob/v4.5.1/CHANGELOG.md#v451)
|
||||
|
||||
## Wazuh Docker v4.5.0
|
||||
### Added
|
||||
|
||||
- Update Wazuh to version [4.5.0](https://github.com/wazuh/wazuh/blob/v4.5.0/CHANGELOG.md#v450)
|
||||
|
||||
## Wazuh Docker v4.4.5
|
||||
### Added
|
||||
|
||||
- Update Wazuh to version [4.4.5](https://github.com/wazuh/wazuh/blob/v4.4.5/CHANGELOG.md#v445)
|
||||
|
||||
## Wazuh Docker v4.4.4
|
||||
### Added
|
||||
|
||||
- Update Wazuh to version [4.4.4](https://github.com/wazuh/wazuh/blob/v4.4.4/CHANGELOG.md#v444)
|
||||
|
||||
## Wazuh Docker v4.4.3
|
||||
### Added
|
||||
|
||||
- Update Wazuh to version [4.4.3](https://github.com/wazuh/wazuh/blob/v4.4.3/CHANGELOG.md#v443)
|
||||
|
||||
## Wazuh Docker v4.4.2
|
||||
### Added
|
||||
|
||||
- Update Wazuh to version [4.4.2](https://github.com/wazuh/wazuh/blob/v4.4.2/CHANGELOG.md#v442)
|
||||
|
||||
## Wazuh Docker v4.4.1
|
||||
### Added
|
||||
|
||||
- Update Wazuh to version [4.4.1](https://github.com/wazuh/wazuh/blob/v4.4.1/CHANGELOG.md#v441)
|
||||
|
||||
## Wazuh Docker v4.4.0
|
||||
### Added
|
||||
|
||||
- Update Wazuh to version [4.4.0](https://github.com/wazuh/wazuh/blob/v4.4.0/CHANGELOG.md#v440)
|
||||
|
||||
## Wazuh Docker v4.3.11
|
||||
### Added
|
||||
|
||||
|
||||
@@ -195,14 +195,6 @@ WAZUH_MONITORING_REPLICAS=0 ##
|
||||
|
||||
| Wazuh version | ODFE | XPACK |
|
||||
|---------------|---------|--------|
|
||||
| v4.5.1 | | |
|
||||
| v4.5.0 | | |
|
||||
| v4.4.5 | | |
|
||||
| v4.4.4 | | |
|
||||
| v4.4.3 | | |
|
||||
| v4.4.2 | | |
|
||||
| v4.4.1 | | |
|
||||
| v4.4.0 | | |
|
||||
| v4.3.11 | | |
|
||||
| v4.3.10 | | |
|
||||
| v4.3.9 | | |
|
||||
|
||||
4
VERSION
4
VERSION
@@ -1,2 +1,2 @@
|
||||
WAZUH-DOCKER_VERSION="4.5.1"
|
||||
REVISION="40503"
|
||||
WAZUH-DOCKER_VERSION="4.3.11"
|
||||
REVISION="40324"
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
WAZUH_IMAGE_VERSION=4.5.1
|
||||
WAZUH_IMAGE_VERSION=4.3.11
|
||||
WAZUH_VERSION=$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g')
|
||||
WAZUH_TAG_REVISION=1
|
||||
WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g')
|
||||
|
||||
@@ -9,8 +9,8 @@ export CONFIG_DIR=${INSTALLATION_DIR}/config
|
||||
|
||||
## Variables
|
||||
CERT_TOOL=wazuh-certs-tool.sh
|
||||
PACKAGES_URL=https://packages.wazuh.com/4.5/
|
||||
PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.5/
|
||||
PACKAGES_URL=https://packages.wazuh.com/4.3/
|
||||
PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.3/
|
||||
|
||||
## Check if the cert tool exists in S3 buckets
|
||||
CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}')
|
||||
|
||||
@@ -1,25 +1,12 @@
|
||||
REPOSITORY="packages.wazuh.com/4.x"
|
||||
WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-)
|
||||
MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1)
|
||||
MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2)
|
||||
MINOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f3)
|
||||
MAJOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f1)
|
||||
MID_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f2)
|
||||
MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3)
|
||||
WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g') && \
|
||||
WAZUH_IMAGE_VERSION=$(echo $WAZUH_VERSION | sed -e 's/\.//g') && \
|
||||
|
||||
## check version to use the correct repository
|
||||
if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then
|
||||
REPOSITORY="packages-dev.wazuh.com/pre-release"
|
||||
elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then
|
||||
if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then
|
||||
REPOSITORY="packages-dev.wazuh.com/pre-release"
|
||||
elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then
|
||||
if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then
|
||||
REPOSITORY="packages-dev.wazuh.com/pre-release"
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ "$WAZUH_IMAGE_VERSION" -le "$WAZUH_CURRENT_VERSION" ]; then
|
||||
REPOSITORY="packages.wazuh.com"
|
||||
else
|
||||
REPOSITORY="packages-dev.wazuh.com"
|
||||
fi
|
||||
|
||||
|
||||
curl -o wazuh-dashboard-base.tar.xz https://${REPOSITORY}/stack/dashboard/wazuh-dashboard-base-${WAZUH_VERSION}-${WAZUH_TAG_REVISION}-linux-x64.tar.xz
|
||||
|
||||
curl -o wazuh-dashboard-base.tar.xz https://${REPOSITORY}/stack/dashboard/base/wazuh-dashboard-base-${WAZUH_VERSION}-${WAZUH_TAG_REVISION}-linux-x64.tar.xz
|
||||
tar -xf wazuh-dashboard-base.tar.xz --directory $INSTALL_DIR --strip-components=1
|
||||
|
||||
@@ -1,24 +1,11 @@
|
||||
## variables
|
||||
WAZUH_APP=https://packages.wazuh.com/4.x/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
|
||||
WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-)
|
||||
MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1)
|
||||
MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2)
|
||||
MINOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f3)
|
||||
MAJOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f1)
|
||||
MID_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f2)
|
||||
MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3)
|
||||
|
||||
## check version to use the correct repository
|
||||
if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then
|
||||
## Variables
|
||||
WAZUH_IMAGE_VERSION=$(echo $WAZUH_VERSION | sed -e 's/\.//g')
|
||||
WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g')
|
||||
## If wazuh manager exists in apt dev repository, change variables, if not exit 1
|
||||
if [ "$WAZUH_IMAGE_VERSION" -le "$WAZUH_CURRENT_VERSION" ]; then
|
||||
WAZUH_APP=https://packages.wazuh.com/4.x/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
|
||||
else
|
||||
WAZUH_APP=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
|
||||
elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then
|
||||
if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then
|
||||
WAZUH_APP=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
|
||||
elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then
|
||||
if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then
|
||||
WAZUH_APP=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
# Install Wazuh App
|
||||
|
||||
@@ -59,15 +59,14 @@ COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/systemd /usr/lib/s
|
||||
COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/sysctl.d /usr/lib/sysctl.d
|
||||
COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/tmpfiles.d /usr/lib/tmpfiles.d
|
||||
|
||||
RUN chown -R 1000:1000 /usr/share/wazuh-indexer
|
||||
|
||||
RUN mkdir -p /var/lib/wazuh-indexer && chown 1000:1000 /var/lib/wazuh-indexer && \
|
||||
mkdir -p /usr/share/wazuh-indexer/logs && chown 1000:1000 /usr/share/wazuh-indexer/logs && \
|
||||
mkdir -p /run/wazuh-indexer && chown 1000:1000 /run/wazuh-indexer && \
|
||||
mkdir -p /var/log/wazuh-indexer && chown 1000:1000 /var/log/wazuh-indexer && \
|
||||
chmod 700 /usr/share/wazuh-indexer && \
|
||||
chmod 600 /usr/share/wazuh-indexer/jvm.options && \
|
||||
chmod 600 /usr/share/wazuh-indexer/opensearch.yml
|
||||
chmod 700 /usr/share/wazuh-indexer/config && \
|
||||
chmod 600 /usr/share/wazuh-indexer/config/jvm.options && \
|
||||
chmod 600 /usr/share/wazuh-indexer/config/opensearch.yml
|
||||
|
||||
USER wazuh-indexer
|
||||
|
||||
|
||||
@@ -4,6 +4,8 @@ export DH_OPTIONS
|
||||
|
||||
export NAME=wazuh-indexer
|
||||
export TARGET_DIR=${CURDIR}/debian/${NAME}
|
||||
export WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g')
|
||||
export WAZUH_IMAGE_VERSION=$(echo $WAZUH_VERSION | sed -e 's/\.//g')
|
||||
|
||||
# Package build options
|
||||
export USER=${NAME}
|
||||
@@ -13,7 +15,7 @@ export LOG_DIR=/var/log/${NAME}
|
||||
export LIB_DIR=/var/lib/${NAME}
|
||||
export PID_DIR=/run/${NAME}
|
||||
export INSTALLATION_DIR=/usr/share/${NAME}
|
||||
export CONFIG_DIR=${INSTALLATION_DIR}
|
||||
export CONFIG_DIR=${INSTALLATION_DIR}/config
|
||||
export BASE_DIR=${NAME}-*
|
||||
export INDEXER_FILE=wazuh-indexer-base.tar.xz
|
||||
export BASE_FILE=wazuh-indexer-base-${VERSION}-linux-x64.tar.xz
|
||||
@@ -21,31 +23,13 @@ export REPO_DIR=/unattended_installer
|
||||
|
||||
rm -rf ${INSTALLATION_DIR}/
|
||||
|
||||
## variables
|
||||
REPOSITORY="packages.wazuh.com/4.x"
|
||||
WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-)
|
||||
MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1)
|
||||
MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2)
|
||||
MINOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f3)
|
||||
MAJOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f1)
|
||||
MID_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f2)
|
||||
MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3)
|
||||
|
||||
## check version to use the correct repository
|
||||
if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then
|
||||
REPOSITORY="packages-dev.wazuh.com/pre-release"
|
||||
elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then
|
||||
if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then
|
||||
REPOSITORY="packages-dev.wazuh.com/pre-release"
|
||||
elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then
|
||||
if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then
|
||||
REPOSITORY="packages-dev.wazuh.com/pre-release"
|
||||
fi
|
||||
fi
|
||||
if [ "$WAZUH_IMAGE_VERSION" -le "$WAZUH_CURRENT_VERSION" ]; then
|
||||
REPOSITORY="packages.wazuh.com"
|
||||
else
|
||||
REPOSITORY="packages-dev.wazuh.com"
|
||||
fi
|
||||
|
||||
|
||||
curl -o ${INDEXER_FILE} https://${REPOSITORY}/stack/indexer/${BASE_FILE}
|
||||
curl -o ${INDEXER_FILE} https://${REPOSITORY}/stack/indexer/base/${BASE_FILE}
|
||||
tar -xf ${INDEXER_FILE}
|
||||
|
||||
## TOOLS
|
||||
@@ -53,8 +37,8 @@ tar -xf ${INDEXER_FILE}
|
||||
## Variables
|
||||
CERT_TOOL=wazuh-certs-tool.sh
|
||||
PASSWORD_TOOL=wazuh-passwords-tool.sh
|
||||
PACKAGES_URL=https://packages.wazuh.com/4.5/
|
||||
PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.5/
|
||||
PACKAGES_URL=https://packages.wazuh.com/4.3/
|
||||
PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.3/
|
||||
|
||||
## Check if the cert tool exists in S3 buckets
|
||||
CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}')
|
||||
@@ -93,7 +77,6 @@ chmod 755 $CERT_TOOL && bash /$CERT_TOOL -A
|
||||
|
||||
# copy to target
|
||||
mkdir -p ${TARGET_DIR}${INSTALLATION_DIR}
|
||||
mkdir -p ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/
|
||||
mkdir -p ${TARGET_DIR}${CONFIG_DIR}
|
||||
mkdir -p ${TARGET_DIR}${LIB_DIR}
|
||||
mkdir -p ${TARGET_DIR}${LOG_DIR}
|
||||
@@ -118,9 +101,9 @@ cp -pr ${BASE_DIR}/* ${TARGET_DIR}${INSTALLATION_DIR}
|
||||
cp /$CERT_TOOL ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/
|
||||
cp /$PASSWORD_TOOL ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/
|
||||
# Copy Wazuh's config files for the security plugin
|
||||
cp -pr /roles_mapping.yml ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/
|
||||
cp -pr /roles.yml ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/
|
||||
cp -pr /internal_users.yml ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/
|
||||
cp -pr /roles_mapping.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/
|
||||
cp -pr /roles.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/
|
||||
cp -pr /internal_users.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/
|
||||
cp -pr /opensearch.yml ${TARGET_DIR}${CONFIG_DIR}
|
||||
# Copy Wazuh indexer's certificates
|
||||
cp -pr /wazuh-certificates/demo.indexer.pem ${TARGET_DIR}${CONFIG_DIR}/certs/indexer.pem
|
||||
|
||||
@@ -6,7 +6,7 @@ umask 0002
|
||||
|
||||
export USER=wazuh-indexer
|
||||
export INSTALLATION_DIR=/usr/share/wazuh-indexer
|
||||
export OPENSEARCH_PATH_CONF=${INSTALLATION_DIR}
|
||||
export OPENSEARCH_PATH_CONF=${INSTALLATION_DIR}/config
|
||||
export JAVA_HOME=${INSTALLATION_DIR}/jdk
|
||||
export DISCOVERY=$(grep -oP "(?<=discovery.type: ).*" ${OPENSEARCH_PATH_CONF}/opensearch.yml)
|
||||
export CACERT=$(grep -oP "(?<=plugins.security.ssl.transport.pemtrustedcas_filepath: ).*" ${OPENSEARCH_PATH_CONF}/opensearch.yml)
|
||||
@@ -59,7 +59,7 @@ if [[ -f bin/opensearch-users ]]; then
|
||||
# enabled, but we have no way of knowing which node we are yet. We'll just
|
||||
# honor the variable if it's present.
|
||||
if [[ -n "$INDEXER_PASSWORD" ]]; then
|
||||
[[ -f /usr/share/wazuh-indexer/opensearch.keystore ]] || (run_as_other_user_if_needed opensearch-keystore create)
|
||||
[[ -f /usr/share/wazuh-indexer/config/opensearch.keystore ]] || (run_as_other_user_if_needed opensearch-keystore create)
|
||||
if ! (run_as_other_user_if_needed opensearch-keystore has-passwd --silent) ; then
|
||||
# keystore is unencrypted
|
||||
if ! (run_as_other_user_if_needed opensearch-keystore list | grep -q '^bootstrap.password$'); then
|
||||
@@ -84,10 +84,10 @@ if [[ "$(id -u)" == "0" ]]; then
|
||||
fi
|
||||
|
||||
|
||||
#if [[ "$DISCOVERY" == "single-node" ]] && [[ ! -f "/var/lib/wazuh-indexer/.flag" ]]; then
|
||||
if [[ "$DISCOVERY" == "single-node" ]] && [[ ! -f "/var/lib/wazuh-indexer/.flag" ]]; then
|
||||
# run securityadmin.sh for single node with CACERT, CERT and KEY parameter
|
||||
# nohup /securityadmin.sh &
|
||||
# touch "/var/lib/wazuh-indexer/.flag"
|
||||
#fi
|
||||
nohup /securityadmin.sh &
|
||||
touch "/var/lib/wazuh-indexer/.flag"
|
||||
fi
|
||||
|
||||
run_as_other_user_if_needed /usr/share/wazuh-indexer/bin/opensearch <<<"$KEYSTORE_PASSWORD"
|
||||
@@ -4,12 +4,12 @@ path.data: /var/lib/wazuh-indexer
|
||||
path.logs: /var/log/wazuh-indexer
|
||||
discovery.type: single-node
|
||||
compatibility.override_main_response_version: true
|
||||
plugins.security.ssl.http.pemcert_filepath: /usr/share/wazuh-indexer/certs/indexer.pem
|
||||
plugins.security.ssl.http.pemkey_filepath: /usr/share/wazuh-indexer/certs/indexer-key.pem
|
||||
plugins.security.ssl.http.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem
|
||||
plugins.security.ssl.transport.pemcert_filepath: /usr/share/wazuh-indexer/certs/indexer.pem
|
||||
plugins.security.ssl.transport.pemkey_filepath: /usr/share/wazuh-indexer/certs/indexer-key.pem
|
||||
plugins.security.ssl.transport.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem
|
||||
plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/indexer.pem
|
||||
plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/indexer-key.pem
|
||||
plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem
|
||||
plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/indexer.pem
|
||||
plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/indexer-key.pem
|
||||
plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem
|
||||
plugins.security.ssl.http.enabled: true
|
||||
plugins.security.ssl.transport.enforce_hostname_verification: false
|
||||
plugins.security.ssl.transport.resolve_hostname: false
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
# Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)
|
||||
sleep 30
|
||||
bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/opensearch-security/ -nhnv -cacert $CACERT -cert $CERT -key $KEY -p 9200 -icl
|
||||
bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/ -nhnv -cacert $CACERT -cert $CERT -key $KEY -p 9300 -icl
|
||||
@@ -5,7 +5,7 @@ RUN rm /bin/sh && ln -s /bin/bash /bin/sh
|
||||
|
||||
ARG WAZUH_VERSION
|
||||
ARG WAZUH_TAG_REVISION
|
||||
ARG TEMPLATE_VERSION=4.5
|
||||
ARG TEMPLATE_VERSION=4.3
|
||||
ARG FILEBEAT_CHANNEL=filebeat-oss
|
||||
ARG FILEBEAT_VERSION=7.10.2
|
||||
ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.2.tar.gz"
|
||||
|
||||
@@ -1,29 +1,13 @@
|
||||
## variables
|
||||
APT_KEY=https://packages.wazuh.com/key/GPG-KEY-WAZUH
|
||||
REPOSITORY="deb https://packages.wazuh.com/4.x/apt/ stable main"
|
||||
WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-)
|
||||
MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1)
|
||||
MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2)
|
||||
MINOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f3)
|
||||
MAJOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f1)
|
||||
MID_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f2)
|
||||
MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3)
|
||||
|
||||
## check version to use the correct repository
|
||||
if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then
|
||||
## Variables
|
||||
WAZUH_IMAGE_VERSION=$(echo $WAZUH_VERSION | sed -e 's/\.//g')
|
||||
WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g')
|
||||
## If wazuh manager exists in apt dev repository, change variables, if not exit 1
|
||||
if [ "$WAZUH_IMAGE_VERSION" -le "$WAZUH_CURRENT_VERSION" ]; then
|
||||
APT_KEY=https://packages.wazuh.com/key/GPG-KEY-WAZUH
|
||||
REPOSITORY="deb https://packages.wazuh.com/4.x/apt/ stable main"
|
||||
else
|
||||
APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH
|
||||
REPOSITORY="deb https://packages-dev.wazuh.com/pre-release/apt/ unstable main"
|
||||
elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then
|
||||
if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then
|
||||
APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH
|
||||
REPOSITORY="deb https://packages-dev.wazuh.com/pre-release/apt/ unstable main"
|
||||
elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then
|
||||
if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then
|
||||
APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH
|
||||
REPOSITORY="deb https://packages-dev.wazuh.com/pre-release/apt/ unstable main"
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
apt-key adv --fetch-keys ${APT_KEY}
|
||||
echo ${REPOSITORY} | tee -a /etc/apt/sources.list.d/wazuh.list
|
||||
@@ -8,8 +8,8 @@
|
||||
## Variables
|
||||
CERT_TOOL=wazuh-certs-tool.sh
|
||||
PASSWORD_TOOL=wazuh-passwords-tool.sh
|
||||
PACKAGES_URL=https://packages.wazuh.com/4.5/
|
||||
PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.5/
|
||||
PACKAGES_URL=https://packages.wazuh.com/4.3/
|
||||
PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.3/
|
||||
|
||||
## Check if the cert tool exists in S3 buckets
|
||||
CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}')
|
||||
@@ -17,13 +17,13 @@ CERT_TOOL_PACKAGES_DEV=$(curl --silent -I $PACKAGES_DEV_URL$CERT_TOOL | grep -E
|
||||
|
||||
## If cert tool exists in some bucket, download it, if not exit 1
|
||||
if [ "$CERT_TOOL_PACKAGES" = "200" ]; then
|
||||
curl -o $CERT_TOOL $PACKAGES_URL$CERT_TOOL -s
|
||||
echo "The tool to create the certificates exists in the in Packages bucket"
|
||||
curl -o $CERT_TOOL $PACKAGES_URL$CERT_TOOL
|
||||
echo "Cert tool exists in Packages bucket"
|
||||
elif [ "$CERT_TOOL_PACKAGES_DEV" = "200" ]; then
|
||||
curl -o $CERT_TOOL $PACKAGES_DEV_URL$CERT_TOOL -s
|
||||
echo "The tool to create the certificates exists in Packages-dev bucket"
|
||||
curl -o $CERT_TOOL $PACKAGES_DEV_URL$CERT_TOOL
|
||||
echo "Cert tool exists in Packages-dev bucket"
|
||||
else
|
||||
echo "The tool to create the certificates does not exist in any bucket"
|
||||
echo "Cert tool does not exist in any bucket"
|
||||
echo "ERROR: certificates were not created"
|
||||
exit 1
|
||||
fi
|
||||
@@ -41,9 +41,9 @@ source /$CERT_TOOL -A
|
||||
nodes_server=$( cert_parseYaml /config.yml | grep nodes_server__name | sed 's/nodes_server__name=//' )
|
||||
node_names=($nodes_server)
|
||||
|
||||
echo "Moving created certificates to the destination directory"
|
||||
echo "Moving created certificates to destination directory"
|
||||
cp /wazuh-certificates/* /certificates/
|
||||
echo "Changing certificate permissions"
|
||||
echo "changing certificate permissions"
|
||||
chmod -R 500 /certificates
|
||||
chmod -R 400 /certificates/*
|
||||
echo "Setting UID indexer and dashboard"
|
||||
@@ -54,8 +54,8 @@ cp /certificates/root-ca.key /certificates/root-ca-manager.key
|
||||
chown 101:101 /certificates/root-ca-manager.pem
|
||||
chown 101:101 /certificates/root-ca-manager.key
|
||||
|
||||
for i in ${node_names[@]};
|
||||
do
|
||||
for i in ${node_names[@]};
|
||||
do
|
||||
chown 101:101 "/certificates/${i}.pem"
|
||||
chown 101:101 "/certificates/${i}-key.pem"
|
||||
done
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# Opendistro data migration to Wazuh indexer on docker.
|
||||
This procedure explains how to migrate Opendistro data from Opendistro to Wazuh indexer in docker production deployments.
|
||||
The example is migrating from v4.2 to v4.4.
|
||||
The example is migrating from v4.2 to v4.3.
|
||||
|
||||
## Procedure
|
||||
Assuming that you have a v4.2 production deployment, perform the following steps.
|
||||
@@ -350,9 +350,9 @@ docker container run --rm -it \
|
||||
alpine ash -c "cd /from ; cp -avp . /to"
|
||||
```
|
||||
|
||||
**7. Start the 4.4 environment.**
|
||||
**7. Start the 4.3 environment.**
|
||||
```
|
||||
git checkout 4.4
|
||||
git checkout 4.3
|
||||
cd multi-node
|
||||
docker-compose -f generate-indexer-certs.yml run --rm generator
|
||||
docker-compose up -d
|
||||
@@ -21,4 +21,4 @@ nodes:
|
||||
# Wazuh dashboard node
|
||||
dashboard:
|
||||
- name: wazuh.dashboard
|
||||
ip: wazuh.dashboard
|
||||
ip: wazuh.dashboard
|
||||
@@ -153,6 +153,7 @@
|
||||
<!-- Aggregate vulnerabilities -->
|
||||
<provider name="nvd">
|
||||
<enabled>yes</enabled>
|
||||
<update_from_year>2010</update_from_year>
|
||||
<update_interval>1h</update_interval>
|
||||
</provider>
|
||||
|
||||
|
||||
@@ -153,6 +153,7 @@
|
||||
<!-- Aggregate vulnerabilities -->
|
||||
<provider name="nvd">
|
||||
<enabled>yes</enabled>
|
||||
<update_from_year>2010</update_from_year>
|
||||
<update_interval>1h</update_interval>
|
||||
</provider>
|
||||
|
||||
|
||||
@@ -3,16 +3,9 @@ version: '3.7'
|
||||
|
||||
services:
|
||||
wazuh.master:
|
||||
image: wazuh/wazuh-manager:4.5.1
|
||||
image: wazuh/wazuh-manager:4.3.11
|
||||
hostname: wazuh.master
|
||||
restart: always
|
||||
ulimits:
|
||||
memlock:
|
||||
soft: -1
|
||||
hard: -1
|
||||
nofile:
|
||||
soft: 655360
|
||||
hard: 655360
|
||||
ports:
|
||||
- "1515:1515"
|
||||
- "514:514/udp"
|
||||
@@ -45,16 +38,9 @@ services:
|
||||
- ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
|
||||
|
||||
wazuh.worker:
|
||||
image: wazuh/wazuh-manager:4.5.1
|
||||
image: wazuh/wazuh-manager:4.3.11
|
||||
hostname: wazuh.worker
|
||||
restart: always
|
||||
ulimits:
|
||||
memlock:
|
||||
soft: -1
|
||||
hard: -1
|
||||
nofile:
|
||||
soft: 655360
|
||||
hard: 655360
|
||||
environment:
|
||||
- INDEXER_URL=https://wazuh1.indexer:9200
|
||||
- INDEXER_USERNAME=admin
|
||||
@@ -81,7 +67,7 @@ services:
|
||||
- ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf
|
||||
|
||||
wazuh1.indexer:
|
||||
image: wazuh/wazuh-indexer:4.5.1
|
||||
image: wazuh/wazuh-indexer:4.3.11
|
||||
hostname: wazuh1.indexer
|
||||
restart: always
|
||||
ports:
|
||||
@@ -98,16 +84,16 @@ services:
|
||||
hard: 65536
|
||||
volumes:
|
||||
- wazuh-indexer-data-1:/var/lib/wazuh-indexer
|
||||
- ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem
|
||||
- ./config/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh1.indexer.key
|
||||
- ./config/wazuh_indexer_ssl_certs/wazuh1.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh1.indexer.pem
|
||||
- ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/certs/admin.pem
|
||||
- ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/certs/admin-key.pem
|
||||
- ./config/wazuh_indexer/wazuh1.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml
|
||||
- ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
|
||||
- ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem
|
||||
- ./config/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh1.indexer.key
|
||||
- ./config/wazuh_indexer_ssl_certs/wazuh1.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh1.indexer.pem
|
||||
- ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/config/certs/admin.pem
|
||||
- ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/config/certs/admin-key.pem
|
||||
- ./config/wazuh_indexer/wazuh1.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml
|
||||
- ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml
|
||||
|
||||
wazuh2.indexer:
|
||||
image: wazuh/wazuh-indexer:4.5.1
|
||||
image: wazuh/wazuh-indexer:4.3.11
|
||||
hostname: wazuh2.indexer
|
||||
restart: always
|
||||
environment:
|
||||
@@ -122,14 +108,14 @@ services:
|
||||
hard: 65536
|
||||
volumes:
|
||||
- wazuh-indexer-data-2:/var/lib/wazuh-indexer
|
||||
- ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem
|
||||
- ./config/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh2.indexer.key
|
||||
- ./config/wazuh_indexer_ssl_certs/wazuh2.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh2.indexer.pem
|
||||
- ./config/wazuh_indexer/wazuh2.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml
|
||||
- ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
|
||||
- ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem
|
||||
- ./config/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh2.indexer.key
|
||||
- ./config/wazuh_indexer_ssl_certs/wazuh2.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh2.indexer.pem
|
||||
- ./config/wazuh_indexer/wazuh2.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml
|
||||
- ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml
|
||||
|
||||
wazuh3.indexer:
|
||||
image: wazuh/wazuh-indexer:4.5.1
|
||||
image: wazuh/wazuh-indexer:4.3.11
|
||||
hostname: wazuh3.indexer
|
||||
restart: always
|
||||
environment:
|
||||
@@ -144,14 +130,14 @@ services:
|
||||
hard: 65536
|
||||
volumes:
|
||||
- wazuh-indexer-data-3:/var/lib/wazuh-indexer
|
||||
- ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem
|
||||
- ./config/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh3.indexer.key
|
||||
- ./config/wazuh_indexer_ssl_certs/wazuh3.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh3.indexer.pem
|
||||
- ./config/wazuh_indexer/wazuh3.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml
|
||||
- ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
|
||||
- ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem
|
||||
- ./config/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh3.indexer.key
|
||||
- ./config/wazuh_indexer_ssl_certs/wazuh3.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh3.indexer.pem
|
||||
- ./config/wazuh_indexer/wazuh3.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml
|
||||
- ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml
|
||||
|
||||
wazuh.dashboard:
|
||||
image: wazuh/wazuh-dashboard:4.5.1
|
||||
image: wazuh/wazuh-dashboard:4.3.11
|
||||
hostname: wazuh.dashboard
|
||||
restart: always
|
||||
ports:
|
||||
@@ -161,8 +147,6 @@ services:
|
||||
- WAZUH_API_URL="https://wazuh.master"
|
||||
- API_USERNAME=wazuh-wui
|
||||
- API_PASSWORD=MyS3cr37P450r.*-
|
||||
- DASHBOARD_USERNAME=kibanaserver
|
||||
- DASHBOARD_PASSWORD=kibanaserver
|
||||
volumes:
|
||||
- ./config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem
|
||||
- ./config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem
|
||||
|
||||
@@ -13,4 +13,4 @@ nodes:
|
||||
# Wazuh dashboard node
|
||||
dashboard:
|
||||
- name: wazuh.dashboard
|
||||
ip: wazuh.dashboard
|
||||
ip: wazuh.dashboard
|
||||
@@ -153,6 +153,7 @@
|
||||
<!-- Aggregate vulnerabilities -->
|
||||
<provider name="nvd">
|
||||
<enabled>yes</enabled>
|
||||
<update_from_year>2010</update_from_year>
|
||||
<update_interval>1h</update_interval>
|
||||
</provider>
|
||||
|
||||
@@ -330,11 +331,11 @@
|
||||
<name>wazuh</name>
|
||||
<node_name>node01</node_name>
|
||||
<node_type>master</node_type>
|
||||
<key>aa093264ef885029653eea20dfcf51ae</key>
|
||||
<key></key>
|
||||
<port>1516</port>
|
||||
<bind_addr>0.0.0.0</bind_addr>
|
||||
<nodes>
|
||||
<node>wazuh.manager</node>
|
||||
<node>NODE_IP</node>
|
||||
</nodes>
|
||||
<hidden>no</hidden>
|
||||
<disabled>yes</disabled>
|
||||
|
||||
@@ -3,15 +3,13 @@ node.name: "wazuh.indexer"
|
||||
path.data: /var/lib/wazuh-indexer
|
||||
path.logs: /var/log/wazuh-indexer
|
||||
discovery.type: single-node
|
||||
http.port: 9200-9299
|
||||
transport.tcp.port: 9300-9399
|
||||
compatibility.override_main_response_version: true
|
||||
plugins.security.ssl.http.pemcert_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.pem
|
||||
plugins.security.ssl.http.pemkey_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.key
|
||||
plugins.security.ssl.http.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem
|
||||
plugins.security.ssl.transport.pemcert_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.pem
|
||||
plugins.security.ssl.transport.pemkey_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.key
|
||||
plugins.security.ssl.transport.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem
|
||||
plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh.indexer.pem
|
||||
plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh.indexer.key
|
||||
plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem
|
||||
plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh.indexer.pem
|
||||
plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh.indexer.key
|
||||
plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem
|
||||
plugins.security.ssl.http.enabled: true
|
||||
plugins.security.ssl.transport.enforce_hostname_verification: false
|
||||
plugins.security.ssl.transport.resolve_hostname: false
|
||||
|
||||
@@ -3,16 +3,9 @@ version: '3.7'
|
||||
|
||||
services:
|
||||
wazuh.manager:
|
||||
image: wazuh/wazuh-manager:4.5.1
|
||||
image: wazuh/wazuh-manager:4.3.11
|
||||
hostname: wazuh.manager
|
||||
restart: always
|
||||
ulimits:
|
||||
memlock:
|
||||
soft: -1
|
||||
hard: -1
|
||||
nofile:
|
||||
soft: 655360
|
||||
hard: 655360
|
||||
ports:
|
||||
- "1514:1514"
|
||||
- "1515:1515"
|
||||
@@ -46,7 +39,7 @@ services:
|
||||
- ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
|
||||
|
||||
wazuh.indexer:
|
||||
image: wazuh/wazuh-indexer:4.5.1
|
||||
image: wazuh/wazuh-indexer:4.3.11
|
||||
hostname: wazuh.indexer
|
||||
restart: always
|
||||
ports:
|
||||
@@ -62,16 +55,16 @@ services:
|
||||
hard: 65536
|
||||
volumes:
|
||||
- wazuh-indexer-data:/var/lib/wazuh-indexer
|
||||
- ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem
|
||||
- ./config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.key
|
||||
- ./config/wazuh_indexer_ssl_certs/wazuh.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.pem
|
||||
- ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/certs/admin.pem
|
||||
- ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/certs/admin-key.pem
|
||||
- ./config/wazuh_indexer/wazuh.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml
|
||||
- ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
|
||||
- ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem
|
||||
- ./config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh.indexer.key
|
||||
- ./config/wazuh_indexer_ssl_certs/wazuh.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh.indexer.pem
|
||||
- ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/config/certs/admin.pem
|
||||
- ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/config/certs/admin-key.pem
|
||||
- ./config/wazuh_indexer/wazuh.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml
|
||||
- ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml
|
||||
|
||||
wazuh.dashboard:
|
||||
image: wazuh/wazuh-dashboard:4.5.1
|
||||
image: wazuh/wazuh-dashboard:4.3.11
|
||||
hostname: wazuh.dashboard
|
||||
restart: always
|
||||
ports:
|
||||
@@ -80,8 +73,6 @@ services:
|
||||
- INDEXER_USERNAME=admin
|
||||
- INDEXER_PASSWORD=SecretPassword
|
||||
- WAZUH_API_URL=https://wazuh.manager
|
||||
- DASHBOARD_USERNAME=kibanaserver
|
||||
- DASHBOARD_PASSWORD=kibanaserver
|
||||
- API_USERNAME=wazuh-wui
|
||||
- API_PASSWORD=MyS3cr37P450r.*-
|
||||
volumes:
|
||||
|
||||
@@ -7,4 +7,4 @@ services:
|
||||
hostname: wazuh-certs-generator
|
||||
volumes:
|
||||
- ./config/wazuh_indexer_ssl_certs/:/certificates/
|
||||
- ./config/certs.yml:/config/certs.yml
|
||||
- ./config/certs.yml:/config/certs.yml
|
||||
Reference in New Issue
Block a user