paulmataruso/wazuh-docker-mirror
1
0
Fork 0
mirror of https://github.com/wazuh/wazuh-docker.git synced 2025-10-23 04:51:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
70be87cec8fac486ce66628f17edca02b939d19a
wazuh-docker-mirror/elasticsearch/Dockerfile
AlfonsoRBJ 99d54f1776 Adapt to 3.11.4_7.4.2 (#314) 
Former-commit-id: 7fe1c6bd1b
2020-03-25 18:45:58 +01:00

97 lines
4.7 KiB
Docker
Raw Blame History

# Wazuh Docker Copyright (C) 2019 Wazuh Inc. (License GPLv2)
ARG ELASTIC_VERSION=7.4.2
FROM docker.elastic.co/elasticsearch/elasticsearch:${ELASTIC_VERSION}
ARG TEMPLATE_VERSION=v3.11.4
ENV ELASTICSEARCH_URL="http://elasticsearch:9200"
ENV API_USER="foo" \
API_PASS="bar"
ENV XPACK_ML="true"
ENV ENABLE_CONFIGURE_S3="false"
ENV WAZUH_ALERTS_SHARDS="1" \
WAZUH_ALERTS_REPLICAS="0"
ADD https://raw.githubusercontent.com/wazuh/wazuh/$TEMPLATE_VERSION/extensions/elasticsearch/7.x/wazuh-template.json /usr/share/elasticsearch/config
RUN yum install epel-release -y && \
yum install jq -y
# This CA is created for testing. Please set your own CA zip containing the key and the signed certificate.
# command: $ docker build <elasticsearch_directory> --build-arg SECURITY_CA_PEM_LOCATION=<CA_PEM_LOCATION> --build-arg SECURITY_CA_KEY_LOCATION=<CA_KEY_LOCATION>
# ENV variables are necessary: SECURITY_CA_PEM, SECURITY_CA_KEY, SECURITY_CA_TRUST, SECURITY_OPENSSL_CONF
# Example:
# ARG SECURITY_CA_PEM_LOCATION="config/server.TEST-CA-signed.pem"
# ARG SECURITY_CA_KEY_LOCATION="config/server.TEST-CA.key"
# ARG SECURITY_OPENSSL_CONF_LOCATION="config/TEST_openssl.cnf"
# ARG SECURITY_CA_TRUST_LOCATION="config/server.TEST-CA-signed.pem"
ARG SECURITY_CA_PEM_LOCATION=""
ARG SECURITY_CA_KEY_LOCATION=""
ARG SECURITY_OPENSSL_CONF_LOCATION=""
ARG SECURITY_CA_TRUST_LOCATION=""
# Elasticearch cluster configuration environment variables
# If ELASTIC_CLUSTER is set to "true" the following variables will be added to the Elasticsearch configuration
# CLUSTER_INITIAL_MASTER_NODES set to own node by default.
ENV ELASTIC_CLUSTER="false" \
CLUSTER_NAME="wazuh" \
CLUSTER_NODE_MASTER="false" \
CLUSTER_NODE_DATA="true" \
CLUSTER_NODE_INGEST="true" \
CLUSTER_MEMORY_LOCK="true" \
CLUSTER_DISCOVERY_SERVICE="wazuh-elasticsearch" \
CLUSTER_NUMBER_OF_MASTERS="2" \
CLUSTER_MAX_NODES="1" \
CLUSTER_DELAYED_TIMEOUT="1m" \
CLUSTER_INITIAL_MASTER_NODES="wazuh-elasticsearch" \
CLUSTER_DISCOVERY_SEED="elasticsearch"
# CA cert for Transport SSL
ADD $SECURITY_CA_PEM_LOCATION /usr/share/elasticsearch/config
ADD $SECURITY_CA_KEY_LOCATION /usr/share/elasticsearch/config
ADD $SECURITY_OPENSSL_CONF_LOCATION /usr/share/elasticsearch/config
ADD $SECURITY_CA_TRUST_LOCATION /usr/share/elasticsearch/config
RUN mkdir /entrypoint-scripts
COPY config/entrypoint.sh /entrypoint.sh
RUN chmod 755 /entrypoint.sh
RUN bin/elasticsearch-plugin install repository-s3 -b
COPY --chown=elasticsearch:elasticsearch ./config/10-config_cluster.sh /entrypoint-scripts/10-config_cluster.sh
COPY --chown=elasticsearch:elasticsearch ./config/15-get_CA_key.sh /entrypoint-scripts/15-get_CA_key.sh
COPY --chown=elasticsearch:elasticsearch ./config/20-security_instances.sh /entrypoint-scripts/20-security_instances.sh
COPY --chown=elasticsearch:elasticsearch ./config/22-security_certs.sh /entrypoint-scripts/22-security_certs.sh
COPY --chown=elasticsearch:elasticsearch ./config/24-security_configuration.sh /entrypoint-scripts/24-security_configuration.sh
COPY --chown=elasticsearch:elasticsearch ./config/26-security_keystore.sh /entrypoint-scripts/26-security_keystore.sh
COPY --chown=elasticsearch:elasticsearch ./config/30-decrypt_credentials.sh /entrypoint-scripts/30-decrypt_credentials.sh
COPY --chown=elasticsearch:elasticsearch ./config/35-entrypoint.sh /entrypoint-scripts/35-entrypoint.sh
COPY --chown=elasticsearch:elasticsearch ./config/35-entrypoint_load_settings.sh ./
COPY config/35-load_settings_configure_s3.sh ./config/35-load_settings_configure_s3.sh
COPY --chown=elasticsearch:elasticsearch ./config/35-load_settings_users_management.sh ./
COPY --chown=elasticsearch:elasticsearch ./config/35-load_settings_policies.sh ./
COPY --chown=elasticsearch:elasticsearch ./config/35-load_settings_templates.sh ./
COPY --chown=elasticsearch:elasticsearch ./config/35-load_settings_aliases.sh ./
RUN chmod +x /entrypoint-scripts/10-config_cluster.sh && \
chmod +x /entrypoint-scripts/15-get_CA_key.sh && \
chmod +x /entrypoint-scripts/20-security_instances.sh && \
chmod +x /entrypoint-scripts/22-security_certs.sh && \
chmod +x /entrypoint-scripts/24-security_configuration.sh && \
chmod +x /entrypoint-scripts/26-security_keystore.sh && \
chmod +x /entrypoint-scripts/30-decrypt_credentials.sh && \
chmod +x /entrypoint-scripts/35-entrypoint.sh && \
chmod +x ./35-entrypoint_load_settings.sh && \
chmod 755 ./config/35-load_settings_configure_s3.sh && \
chmod +x ./35-load_settings_users_management.sh && \
chmod +x ./35-load_settings_policies.sh && \
chmod +x ./35-load_settings_templates.sh && \
chmod +x ./35-load_settings_aliases.sh
ENTRYPOINT ["/entrypoint.sh"]
CMD ["elasticsearch"]
Reference in New Issue View Git Blame Copy Permalink