mirror of
https://github.com/wazuh/wazuh-docker.git
synced 2025-11-02 04:53:19 +00:00
clean Dockerfile and docker-compose start script
This commit is contained in:
vcerenu
@@ -1,31 +0,0 @@
|
||||
network.host: 0.0.0.0
|
||||
cluster.name: wazuh-cluster
|
||||
node.name: elasticsearch
|
||||
discovery.seed_hosts: elasticsearch,elasticsearch-2,elasticsearch-3
|
||||
cluster.initial_master_nodes: elasticsearch,elasticsearch-2,elasticsearch-3
|
||||
bootstrap.memory_lock: true
|
||||
|
||||
opendistro_security.ssl.transport.pemcert_filepath: node1.pem
|
||||
opendistro_security.ssl.transport.pemkey_filepath: node1.key
|
||||
opendistro_security.ssl.transport.pemtrustedcas_filepath: root-ca.pem
|
||||
opendistro_security.ssl.transport.enforce_hostname_verification: false
|
||||
opendistro_security.ssl.transport.resolve_hostname: false
|
||||
opendistro_security.ssl.http.enabled: true
|
||||
opendistro_security.ssl.http.pemcert_filepath: node1.pem
|
||||
opendistro_security.ssl.http.pemkey_filepath: node1.key
|
||||
opendistro_security.ssl.http.pemtrustedcas_filepath: root-ca.pem
|
||||
opendistro_security.allow_default_init_securityindex: true
|
||||
opendistro_security.nodes_dn:
|
||||
- 'CN=node1,OU=Ops,O=Example\, Inc.,DC=example,DC=com'
|
||||
- 'CN=node2,OU=Ops,O=Example\, Inc.,DC=example,DC=com'
|
||||
- 'CN=node3,OU=Ops,O=Example\, Inc.,DC=example,DC=com'
|
||||
- 'CN=filebeat,OU=Ops,O=Example\, Inc.,DC=example,DC=com'
|
||||
opendistro_security.authcz.admin_dn: ['CN=admin,OU=Ops,O=Example\, Inc.,DC=example,DC=com']
|
||||
opendistro_security.audit.type: internal_elasticsearch
|
||||
opendistro_security.enable_snapshot_restore_privilege: true
|
||||
opendistro_security.check_snapshot_restore_write_privileges: true
|
||||
opendistro_security.restapi.roles_enabled: ["all_access", "security_rest_api_access"]
|
||||
cluster.routing.allocation.disk.threshold_enabled: false
|
||||
#opendistro_security.audit.config.disabled_rest_categories: NONE
|
||||
#opendistro_security.audit.config.disabled_transport_categories: NONE
|
||||
opendistro_security.audit.log_request_body: false
|
||||
@@ -1,31 +0,0 @@
|
||||
network.host: 0.0.0.0
|
||||
cluster.name: wazuh-cluster
|
||||
node.name: elasticsearch-2
|
||||
discovery.seed_hosts: elasticsearch,elasticsearch-2,elasticsearch-3
|
||||
cluster.initial_master_nodes: elasticsearch,elasticsearch-2,elasticsearch-3
|
||||
bootstrap.memory_lock: true
|
||||
|
||||
opendistro_security.ssl.transport.pemcert_filepath: node2.pem
|
||||
opendistro_security.ssl.transport.pemkey_filepath: node2.key
|
||||
opendistro_security.ssl.transport.pemtrustedcas_filepath: root-ca.pem
|
||||
opendistro_security.ssl.transport.enforce_hostname_verification: false
|
||||
opendistro_security.ssl.transport.resolve_hostname: false
|
||||
opendistro_security.ssl.http.enabled: true
|
||||
opendistro_security.ssl.http.pemcert_filepath: node2.pem
|
||||
opendistro_security.ssl.http.pemkey_filepath: node2.key
|
||||
opendistro_security.ssl.http.pemtrustedcas_filepath: root-ca.pem
|
||||
opendistro_security.allow_default_init_securityindex: true
|
||||
opendistro_security.nodes_dn:
|
||||
- 'CN=node1,OU=Ops,O=Example\, Inc.,DC=example,DC=com'
|
||||
- 'CN=node2,OU=Ops,O=Example\, Inc.,DC=example,DC=com'
|
||||
- 'CN=node3,OU=Ops,O=Example\, Inc.,DC=example,DC=com'
|
||||
- 'CN=filebeat,OU=Ops,O=Example\, Inc.,DC=example,DC=com'
|
||||
opendistro_security.authcz.admin_dn: ['CN=admin,OU=Ops,O=Example\, Inc.,DC=example,DC=com']
|
||||
opendistro_security.audit.type: internal_elasticsearch
|
||||
opendistro_security.enable_snapshot_restore_privilege: true
|
||||
opendistro_security.check_snapshot_restore_write_privileges: true
|
||||
opendistro_security.restapi.roles_enabled: ["all_access", "security_rest_api_access"]
|
||||
cluster.routing.allocation.disk.threshold_enabled: false
|
||||
#opendistro_security.audit.config.disabled_rest_categories: NONE
|
||||
#opendistro_security.audit.config.disabled_transport_categories: NONE
|
||||
opendistro_security.audit.log_request_body: false
|
||||
@@ -1,31 +0,0 @@
|
||||
network.host: 0.0.0.0
|
||||
cluster.name: wazuh-cluster
|
||||
node.name: elasticsearch-3
|
||||
discovery.seed_hosts: elasticsearch,elasticsearch-2,elasticsearch-3
|
||||
cluster.initial_master_nodes: elasticsearch,elasticsearch-2,elasticsearch-3
|
||||
bootstrap.memory_lock: true
|
||||
|
||||
opendistro_security.ssl.transport.pemcert_filepath: node3.pem
|
||||
opendistro_security.ssl.transport.pemkey_filepath: node3.key
|
||||
opendistro_security.ssl.transport.pemtrustedcas_filepath: root-ca.pem
|
||||
opendistro_security.ssl.transport.enforce_hostname_verification: false
|
||||
opendistro_security.ssl.transport.resolve_hostname: false
|
||||
opendistro_security.ssl.http.enabled: true
|
||||
opendistro_security.ssl.http.pemcert_filepath: node3.pem
|
||||
opendistro_security.ssl.http.pemkey_filepath: node3.key
|
||||
opendistro_security.ssl.http.pemtrustedcas_filepath: root-ca.pem
|
||||
opendistro_security.allow_default_init_securityindex: true
|
||||
opendistro_security.nodes_dn:
|
||||
- 'CN=node1,OU=Ops,O=Example\, Inc.,DC=example,DC=com'
|
||||
- 'CN=node2,OU=Ops,O=Example\, Inc.,DC=example,DC=com'
|
||||
- 'CN=node3,OU=Ops,O=Example\, Inc.,DC=example,DC=com'
|
||||
- 'CN=filebeat,OU=Ops,O=Example\, Inc.,DC=example,DC=com'
|
||||
opendistro_security.authcz.admin_dn: ['CN=admin,OU=Ops,O=Example\, Inc.,DC=example,DC=com']
|
||||
opendistro_security.audit.type: internal_elasticsearch
|
||||
opendistro_security.enable_snapshot_restore_privilege: true
|
||||
opendistro_security.check_snapshot_restore_write_privileges: true
|
||||
opendistro_security.restapi.roles_enabled: ["all_access", "security_rest_api_access"]
|
||||
cluster.routing.allocation.disk.threshold_enabled: false
|
||||
#opendistro_security.audit.config.disabled_rest_categories: NONE
|
||||
#opendistro_security.audit.config.disabled_transport_categories: NONE
|
||||
opendistro_security.audit.log_request_body: false
|
||||
@@ -1,56 +0,0 @@
|
||||
---
|
||||
# This is the internal user database
|
||||
# The hash value is a bcrypt hash and can be generated with plugin/tools/hash.sh
|
||||
|
||||
_meta:
|
||||
type: "internalusers"
|
||||
config_version: 2
|
||||
|
||||
# Define your internal users here
|
||||
|
||||
## Demo users
|
||||
|
||||
admin:
|
||||
hash: "$2y$12$K/SpwjtB.wOHJ/Nc6GVRDuc1h0rM1DfvziFRNPtk27P.c4yDr9njO"
|
||||
reserved: true
|
||||
backend_roles:
|
||||
- "admin"
|
||||
description: "Demo admin user"
|
||||
|
||||
kibanaserver:
|
||||
hash: "$2a$12$4AcgAt3xwOWadA5s5blL6ev39OXDNhmOesEoo33eZtrq2N0YrU3H."
|
||||
reserved: true
|
||||
description: "Demo kibanaserver user"
|
||||
|
||||
kibanaro:
|
||||
hash: "$2a$12$JJSXNfTowz7Uu5ttXfeYpeYE0arACvcwlPBStB1F.MI7f0U9Z4DGC"
|
||||
reserved: false
|
||||
backend_roles:
|
||||
- "kibanauser"
|
||||
- "readall"
|
||||
attributes:
|
||||
attribute1: "value1"
|
||||
attribute2: "value2"
|
||||
attribute3: "value3"
|
||||
description: "Demo kibanaro user"
|
||||
|
||||
logstash:
|
||||
hash: "$2a$12$u1ShR4l4uBS3Uv59Pa2y5.1uQuZBrZtmNfqB3iM/.jL0XoV9sghS2"
|
||||
reserved: false
|
||||
backend_roles:
|
||||
- "logstash"
|
||||
description: "Demo logstash user"
|
||||
|
||||
readall:
|
||||
hash: "$2a$12$ae4ycwzwvLtZxwZ82RmiEunBbIPiAmGZduBAjKN0TXdwQFtCwARz2"
|
||||
reserved: false
|
||||
backend_roles:
|
||||
- "readall"
|
||||
description: "Demo readall user"
|
||||
|
||||
snapshotrestore:
|
||||
hash: "$2y$12$DpwmetHKwgYnorbgdvORCenv4NAK8cPUg8AI6pxLCuWf/ALc0.v7W"
|
||||
reserved: false
|
||||
backend_roles:
|
||||
- "snapshotrestore"
|
||||
description: "Demo snapshotrestore user"
|
||||
@@ -1,13 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
|
||||
cd $DIR
|
||||
|
||||
if [ -s key.pem ]
|
||||
then
|
||||
echo "Certificate already exists"
|
||||
exit
|
||||
else
|
||||
openssl req -x509 -batch -nodes -days 365 -newkey rsa:2048 -keyout key.pem -out cert.pem
|
||||
chown -R 1000:1000 *.pem
|
||||
fi
|
||||
@@ -1,35 +0,0 @@
|
||||
ca:
|
||||
root:
|
||||
dn: CN=root-ca,OU=CA,O=Example\, Inc.,DC=example,DC=com
|
||||
pkPassword: none
|
||||
keysize: 2048
|
||||
file: root-ca.pem
|
||||
intermediate:
|
||||
dn: CN=intermediate,OU=CA,O=Example\, Inc.,DC=example,DC=com
|
||||
keysize: 2048
|
||||
validityDays: 3650
|
||||
pkPassword: intermediate-ca-password
|
||||
file: intermediate-ca.pem
|
||||
|
||||
nodes:
|
||||
- name: node1
|
||||
dn: CN=node1,OU=Ops,O=Example\, Inc.,DC=example,DC=com
|
||||
dns:
|
||||
- elasticsearch
|
||||
- name: node2
|
||||
dn: CN=node2,OU=Ops,O=Example\, Inc.,DC=example,DC=com
|
||||
dns:
|
||||
- elasticsearch-2
|
||||
- name: node3
|
||||
dn: CN=node3,OU=Ops,O=Example\, Inc.,DC=example,DC=com
|
||||
dns:
|
||||
- elasticsearch-3
|
||||
- name: filebeat
|
||||
dn: CN=filebeat,OU=Ops,O=Example\, Inc.,DC=example,DC=com
|
||||
dns:
|
||||
- wazuh
|
||||
|
||||
clients:
|
||||
- name: admin
|
||||
dn: CN=admin,OU=Ops,O=Example\, Inc.,DC=example,DC=com
|
||||
admin: true
|
||||
Reference in New Issue
Block a user