mirror of
https://github.com/wazuh/wazuh-docker.git
synced 2025-10-23 06:11:57 +00:00
Added missing config
This commit is contained in:
Raul Del Pozo Moreno
4
.github/workflows/push.yml
vendored
4
.github/workflows/push.yml
vendored
@@ -49,8 +49,8 @@ jobs:
|
||||
with:
|
||||
version: v0.3.16
|
||||
|
||||
- name: Execute Goss tests (wazuh-odfe)
|
||||
run: dgoss run wazuh/wazuh-manager:4.5.0
|
||||
- name: Execute Goss tests (wazuh-manager)
|
||||
run: dgoss run wazuh/wazuh-manager:${{env.WAZUH_IMAGE_VERSION}}
|
||||
env:
|
||||
GOSS_SLEEP: 30
|
||||
GOSS_FILE: .github/.goss.yaml
|
||||
|
||||
72
CHANGELOG.md
72
CHANGELOG.md
@@ -11,14 +11,86 @@ All notable changes to this project will be documented in this file.
|
||||
|
||||
- Update Wazuh to version [4.5.0](https://github.com/wazuh/wazuh/blob/v4.5.0/CHANGELOG.md#v450)
|
||||
|
||||
## Wazuh Docker v4.4.1
|
||||
### Added
|
||||
|
||||
- Update Wazuh to version [4.4.1](https://github.com/wazuh/wazuh/blob/v4.4.1/CHANGELOG.md#v441)
|
||||
|
||||
## Wazuh Docker v4.4.0
|
||||
### Added
|
||||
|
||||
- Update Wazuh to version [4.4.0](https://github.com/wazuh/wazuh/blob/v4.4.0/CHANGELOG.md#v440)
|
||||
|
||||
## Wazuh Docker v4.3.11
|
||||
### Added
|
||||
|
||||
- Update Wazuh to version [4.3.11](https://github.com/wazuh/wazuh/blob/v4.3.11/CHANGELOG.md#v4311)
|
||||
|
||||
## Wazuh Docker v4.3.10
|
||||
### Added
|
||||
|
||||
- Update Wazuh to version [4.3.10](https://github.com/wazuh/wazuh/blob/v4.3.10/CHANGELOG.md#v4310)
|
||||
|
||||
|
||||
## Wazuh Docker v4.3.9
|
||||
### Added
|
||||
|
||||
- Update Wazuh to version [4.3.9](https://github.com/wazuh/wazuh/blob/v4.3.9/CHANGELOG.md#v439)
|
||||
|
||||
|
||||
## Wazuh Docker v4.3.8
|
||||
### Added
|
||||
|
||||
- Update Wazuh to version [4.3.8](https://github.com/wazuh/wazuh/blob/v4.3.8/CHANGELOG.md#v438)
|
||||
|
||||
## Wazuh Docker v4.3.7
|
||||
### Added
|
||||
|
||||
- Update Wazuh to version [4.3.7](https://github.com/wazuh/wazuh/blob/v4.3.7/CHANGELOG.md#v437)
|
||||
|
||||
## Wazuh Docker v4.3.6
|
||||
### Added
|
||||
|
||||
- Update Wazuh to version [4.3.6](https://github.com/wazuh/wazuh/blob/v4.3.6/CHANGELOG.md#v436)
|
||||
|
||||
## Wazuh Docker v4.3.5
|
||||
### Added
|
||||
|
||||
- Update Wazuh to version [4.3.5](https://github.com/wazuh/wazuh/blob/v4.3.5/CHANGELOG.md#v435)
|
||||
|
||||
## Wazuh Docker v4.3.4
|
||||
### Added
|
||||
|
||||
- Update Wazuh to version [4.3.4](https://github.com/wazuh/wazuh/blob/v4.3.4/CHANGELOG.md#v434)
|
||||
|
||||
## Wazuh Docker v4.3.3
|
||||
### Added
|
||||
|
||||
- Update Wazuh to version [4.3.3](https://github.com/wazuh/wazuh/blob/v4.3.3/CHANGELOG.md#v433)
|
||||
|
||||
## Wazuh Docker v4.3.2
|
||||
### Added
|
||||
|
||||
- Update Wazuh to version [4.3.2](https://github.com/wazuh/wazuh/blob/v4.3.2/CHANGELOG.md#v432)
|
||||
|
||||
## Wazuh Docker v4.3.1
|
||||
### Added
|
||||
|
||||
- Update Wazuh to version [4.3.1](https://github.com/wazuh/wazuh/blob/v4.3.1/CHANGELOG.md#v431)
|
||||
|
||||
## Wazuh Docker v4.3.0
|
||||
### Added
|
||||
|
||||
- Update Wazuh to version [4.3.0](https://github.com/wazuh/wazuh/blob/v4.3.0/CHANGELOG.md#v430)
|
||||
|
||||
## Wazuh Docker v4.2.7
|
||||
### Added
|
||||
|
||||
- Update Wazuh to version [4.2.7](https://github.com/wazuh/wazuh/blob/v4.2.7/CHANGELOG.md#v427)
|
||||
|
||||
## Wazuh Docker v4.2.6
|
||||
### Added
|
||||
|
||||
- Update Wazuh to version [4.2.6](https://github.com/wazuh/wazuh/blob/v4.2.6/CHANGELOG.md#v426)
|
||||
|
||||
## Wazuh Docker v4.2.5
|
||||
|
||||
@@ -197,7 +197,9 @@ WAZUH_MONITORING_REPLICAS=0 ##
|
||||
|---------------|---------|--------|
|
||||
| v4.6.0 | | |
|
||||
| v4.5.0 | | |
|
||||
| v4.4.1 | | |
|
||||
| v4.4.0 | | |
|
||||
| v4.3.11 | | |
|
||||
| v4.3.10 | | |
|
||||
| v4.3.9 | | |
|
||||
| v4.3.8 | | |
|
||||
|
||||
@@ -3,8 +3,12 @@ version: '3.7'
|
||||
|
||||
services:
|
||||
wazuh.manager:
|
||||
build: wazuh-manager/
|
||||
image: wazuh/wazuh-manager:4.5.0
|
||||
build:
|
||||
context: wazuh-manager/
|
||||
args:
|
||||
WAZUH_VERSION: ${WAZUH_VERSION}
|
||||
WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION}
|
||||
image: wazuh/wazuh-manager:${WAZUH_IMAGE_VERSION}
|
||||
hostname: wazuh.manager
|
||||
restart: always
|
||||
ports:
|
||||
|
||||
@@ -1,7 +1,8 @@
|
||||
# Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)
|
||||
FROM ubuntu:focal AS builder
|
||||
|
||||
ARG WAZUH_VERSION=4.5.0
|
||||
ARG WAZUH_VERSION
|
||||
ARG WAZUH_TAG_REVISION
|
||||
ARG INSTALL_DIR=/usr/share/wazuh-dashboard
|
||||
ARG WAZUH_UI_REVISION=1
|
||||
|
||||
|
||||
@@ -8,7 +8,7 @@ export TARGET_DIR=${CURDIR}/debian/${NAME}
|
||||
# Package build options
|
||||
export USER=${NAME}
|
||||
export GROUP=${NAME}
|
||||
export VERSION=4.5.0
|
||||
export VERSION=${WAZUH_VERSION}-${WAZUH_TAG_REVISION}
|
||||
export LOG_DIR=/var/log/${NAME}
|
||||
export LIB_DIR=/var/lib/${NAME}
|
||||
export PID_DIR=/run/${NAME}
|
||||
|
||||
@@ -8,9 +8,7 @@ ARG WAZUH_TAG_REVISION
|
||||
ARG TEMPLATE_VERSION=4.6
|
||||
ARG FILEBEAT_CHANNEL=filebeat-oss
|
||||
ARG FILEBEAT_VERSION=7.10.2
|
||||
ARG WAZUH_VERSION=4.4.0-1
|
||||
ARG TEMPLATE_VERSION="master"
|
||||
ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz"
|
||||
ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.2.tar.gz"
|
||||
|
||||
RUN apt-get update && apt install curl apt-transport-https lsb-release gnupg -y
|
||||
|
||||
|
||||
@@ -1,82 +0,0 @@
|
||||
# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2)
|
||||
version: '3.7'
|
||||
|
||||
services:
|
||||
wazuh:
|
||||
image: wazuh/wazuh-odfe:4.4.0
|
||||
hostname: wazuh-manager
|
||||
restart: always
|
||||
ports:
|
||||
- "1514:1514"
|
||||
- "1515:1515"
|
||||
- "514:514/udp"
|
||||
- "55000:55000"
|
||||
environment:
|
||||
- ELASTICSEARCH_URL=https://elasticsearch:9200
|
||||
- ELASTIC_USERNAME=admin
|
||||
- ELASTIC_PASSWORD=admin
|
||||
- FILEBEAT_SSL_VERIFICATION_MODE=none
|
||||
volumes:
|
||||
- ossec_api_configuration:/var/ossec/api/configuration
|
||||
- ossec_etc:/var/ossec/etc
|
||||
- ossec_logs:/var/ossec/logs
|
||||
- ossec_queue:/var/ossec/queue
|
||||
- ossec_var_multigroups:/var/ossec/var/multigroups
|
||||
- ossec_integrations:/var/ossec/integrations
|
||||
- ossec_active_response:/var/ossec/active-response/bin
|
||||
- ossec_agentless:/var/ossec/agentless
|
||||
- ossec_wodles:/var/ossec/wodles
|
||||
- filebeat_etc:/etc/filebeat
|
||||
- filebeat_var:/var/lib/filebeat
|
||||
|
||||
elasticsearch:
|
||||
image: amazon/opendistro-for-elasticsearch:1.13.2
|
||||
hostname: elasticsearch
|
||||
restart: always
|
||||
ports:
|
||||
- "9200:9200"
|
||||
environment:
|
||||
- discovery.type=single-node
|
||||
- cluster.name=wazuh-cluster
|
||||
- network.host=0.0.0.0
|
||||
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
|
||||
- bootstrap.memory_lock=true
|
||||
ulimits:
|
||||
memlock:
|
||||
soft: -1
|
||||
hard: -1
|
||||
nofile:
|
||||
soft: 65536
|
||||
hard: 65536
|
||||
|
||||
kibana:
|
||||
image: wazuh/wazuh-kibana-odfe:4.4.0
|
||||
hostname: kibana
|
||||
restart: always
|
||||
ports:
|
||||
- 443:5601
|
||||
environment:
|
||||
- ELASTICSEARCH_USERNAME=admin
|
||||
- ELASTICSEARCH_PASSWORD=admin
|
||||
- SERVER_SSL_ENABLED=true
|
||||
- SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/opendistroforelasticsearch.example.org.cert
|
||||
- SERVER_SSL_KEY=/usr/share/kibana/config/opendistroforelasticsearch.example.org.key
|
||||
|
||||
depends_on:
|
||||
- elasticsearch
|
||||
links:
|
||||
- elasticsearch:elasticsearch
|
||||
- wazuh:wazuh
|
||||
|
||||
volumes:
|
||||
ossec_api_configuration:
|
||||
ossec_etc:
|
||||
ossec_logs:
|
||||
ossec_queue:
|
||||
ossec_var_multigroups:
|
||||
ossec_integrations:
|
||||
ossec_active_response:
|
||||
ossec_agentless:
|
||||
ossec_wodles:
|
||||
filebeat_etc:
|
||||
filebeat_var:
|
||||
@@ -54,8 +54,8 @@ cp /certificates/root-ca.key /certificates/root-ca-manager.key
|
||||
chown 101:101 /certificates/root-ca-manager.pem
|
||||
chown 101:101 /certificates/root-ca-manager.key
|
||||
|
||||
for i in ${node_names[@]};
|
||||
do
|
||||
for i in ${node_names[@]};
|
||||
do
|
||||
chown 101:101 "/certificates/${i}.pem"
|
||||
chown 101:101 "/certificates/${i}-key.pem"
|
||||
done
|
||||
|
||||
@@ -1,59 +0,0 @@
|
||||
# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2)
|
||||
FROM amazon/opendistro-for-elasticsearch-kibana:1.13.2
|
||||
USER kibana
|
||||
ARG ELASTIC_VERSION=7.10.2
|
||||
ARG WAZUH_VERSION=4.4.0
|
||||
ARG WAZUH_APP_VERSION="${WAZUH_VERSION}_${ELASTIC_VERSION}"
|
||||
|
||||
WORKDIR /usr/share/kibana
|
||||
RUN ./bin/kibana-plugin install https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana-${WAZUH_APP_VERSION}-1.zip
|
||||
|
||||
WORKDIR /
|
||||
USER root
|
||||
COPY config/entrypoint.sh ./entrypoint.sh
|
||||
RUN chmod 755 ./entrypoint.sh
|
||||
|
||||
ENV PATTERN="" \
|
||||
CHECKS_PATTERN="" \
|
||||
CHECKS_TEMPLATE="" \
|
||||
CHECKS_API="" \
|
||||
CHECKS_SETUP="" \
|
||||
EXTENSIONS_PCI="" \
|
||||
EXTENSIONS_GDPR="" \
|
||||
EXTENSIONS_HIPAA="" \
|
||||
EXTENSIONS_NIST="" \
|
||||
EXTENSIONS_TSC="" \
|
||||
EXTENSIONS_AUDIT="" \
|
||||
EXTENSIONS_OSCAP="" \
|
||||
EXTENSIONS_CISCAT="" \
|
||||
EXTENSIONS_AWS="" \
|
||||
EXTENSIONS_GCP="" \
|
||||
EXTENSIONS_VIRUSTOTAL="" \
|
||||
EXTENSIONS_OSQUERY="" \
|
||||
EXTENSIONS_DOCKER="" \
|
||||
APP_TIMEOUT="" \
|
||||
API_SELECTOR="" \
|
||||
IP_SELECTOR="" \
|
||||
IP_IGNORE="" \
|
||||
WAZUH_MONITORING_ENABLED="" \
|
||||
WAZUH_MONITORING_FREQUENCY="" \
|
||||
WAZUH_MONITORING_SHARDS="" \
|
||||
WAZUH_MONITORING_REPLICAS="" \
|
||||
ADMIN_PRIVILEGES=""
|
||||
|
||||
USER kibana
|
||||
|
||||
COPY ./config/custom_welcome /tmp/custom_welcome
|
||||
COPY --chown=kibana:kibana ./config/welcome_wazuh.sh ./
|
||||
RUN chmod +x ./welcome_wazuh.sh
|
||||
ARG CHANGE_WELCOME="true"
|
||||
RUN ./welcome_wazuh.sh
|
||||
|
||||
COPY --chown=kibana:kibana ./config/wazuh.yml /usr/share/kibana/data/wazuh/config/wazuh.yml
|
||||
COPY --chown=kibana:kibana ./config/wazuh_app_config.sh ./
|
||||
RUN chmod +x ./wazuh_app_config.sh
|
||||
|
||||
COPY --chown=kibana:kibana ./config/kibana_settings.sh ./
|
||||
RUN chmod +x ./kibana_settings.sh
|
||||
|
||||
ENTRYPOINT ./entrypoint.sh
|
||||
@@ -1,64 +0,0 @@
|
||||
# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2)
|
||||
FROM docker.elastic.co/kibana/kibana:7.10.2
|
||||
USER kibana
|
||||
ARG ELASTIC_VERSION=7.10.2
|
||||
ARG WAZUH_VERSION=4.4.0
|
||||
ARG WAZUH_APP_VERSION="${WAZUH_VERSION}_${ELASTIC_VERSION}"
|
||||
|
||||
WORKDIR /usr/share/kibana
|
||||
RUN ./bin/kibana-plugin install https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana-${WAZUH_APP_VERSION}-1.zip
|
||||
|
||||
ENV PATTERN="" \
|
||||
CHECKS_PATTERN="" \
|
||||
CHECKS_TEMPLATE="" \
|
||||
CHECKS_API="" \
|
||||
CHECKS_SETUP="" \
|
||||
EXTENSIONS_PCI="" \
|
||||
EXTENSIONS_GDPR="" \
|
||||
EXTENSIONS_HIPAA="" \
|
||||
EXTENSIONS_NIST="" \
|
||||
EXTENSIONS_TSC="" \
|
||||
EXTENSIONS_AUDIT="" \
|
||||
EXTENSIONS_OSCAP="" \
|
||||
EXTENSIONS_CISCAT="" \
|
||||
EXTENSIONS_AWS="" \
|
||||
EXTENSIONS_GCP="" \
|
||||
EXTENSIONS_VIRUSTOTAL="" \
|
||||
EXTENSIONS_OSQUERY="" \
|
||||
EXTENSIONS_DOCKER="" \
|
||||
APP_TIMEOUT="" \
|
||||
API_SELECTOR="" \
|
||||
IP_SELECTOR="" \
|
||||
IP_IGNORE="" \
|
||||
WAZUH_MONITORING_ENABLED="" \
|
||||
WAZUH_MONITORING_FREQUENCY="" \
|
||||
WAZUH_MONITORING_SHARDS="" \
|
||||
WAZUH_MONITORING_REPLICAS="" \
|
||||
ADMIN_PRIVILEGES="" \
|
||||
XPACK_CANVAS="true" \
|
||||
XPACK_LOGS="true" \
|
||||
XPACK_INFRA="true" \
|
||||
XPACK_ML="true" \
|
||||
XPACK_DEVTOOLS="true" \
|
||||
XPACK_MONITORING="true" \
|
||||
XPACK_APM="true"
|
||||
|
||||
WORKDIR /
|
||||
USER kibana
|
||||
|
||||
COPY --chown=kibana:kibana config/entrypoint.sh ./entrypoint.sh
|
||||
RUN chmod 755 ./entrypoint.sh
|
||||
|
||||
RUN printf "\nserver.defaultRoute: /app/wazuh\n" >> /usr/share/kibana/config/kibana.yml
|
||||
|
||||
COPY --chown=kibana:kibana ./config/wazuh.yml /usr/share/kibana/data/wazuh/config/wazuh.yml
|
||||
COPY --chown=kibana:kibana ./config/wazuh_app_config.sh ./
|
||||
RUN chmod +x ./wazuh_app_config.sh
|
||||
|
||||
COPY --chown=kibana:kibana ./config/kibana_settings.sh ./
|
||||
RUN chmod +x ./kibana_settings.sh
|
||||
|
||||
COPY --chown=kibana:kibana ./config/xpack_config.sh ./
|
||||
RUN chmod +x ./xpack_config.sh
|
||||
|
||||
ENTRYPOINT ./entrypoint.sh
|
||||
@@ -1,206 +0,0 @@
|
||||
# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2)
|
||||
version: '3.7'
|
||||
|
||||
services:
|
||||
wazuh-master:
|
||||
image: wazuh/wazuh-odfe:4.4.0
|
||||
hostname: wazuh-master
|
||||
restart: always
|
||||
ports:
|
||||
- "1515:1515"
|
||||
- "514:514/udp"
|
||||
- "55000:55000"
|
||||
environment:
|
||||
- ELASTICSEARCH_URL=https://elasticsearch:9200
|
||||
- ELASTIC_USERNAME=admin
|
||||
- ELASTIC_PASSWORD=SecretPassword
|
||||
- FILEBEAT_SSL_VERIFICATION_MODE=full
|
||||
- SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem
|
||||
- SSL_CERTIFICATE=/etc/ssl/filebeat.pem
|
||||
- SSL_KEY=/etc/ssl/filebeat.key
|
||||
- API_USERNAME=acme-user
|
||||
- API_PASSWORD=MyS3cr37P450r.*-
|
||||
volumes:
|
||||
- ossec-api-configuration:/var/ossec/api/configuration
|
||||
- ossec-etc:/var/ossec/etc
|
||||
- ossec-logs:/var/ossec/logs
|
||||
- ossec-queue:/var/ossec/queue
|
||||
- ossec-var-multigroups:/var/ossec/var/multigroups
|
||||
- ossec-integrations:/var/ossec/integrations
|
||||
- ossec-active-response:/var/ossec/active-response/bin
|
||||
- ossec-agentless:/var/ossec/agentless
|
||||
- ossec-wodles:/var/ossec/wodles
|
||||
- filebeat-etc:/etc/filebeat
|
||||
- filebeat-var:/var/lib/filebeat
|
||||
- ./production_cluster/ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem
|
||||
- ./production_cluster/ssl_certs/filebeat.pem:/etc/ssl/filebeat.pem
|
||||
- ./production_cluster/ssl_certs/filebeat.key:/etc/ssl/filebeat.key
|
||||
- ./production_cluster/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
|
||||
|
||||
wazuh-worker:
|
||||
image: wazuh/wazuh-odfe:4.4.0
|
||||
hostname: wazuh-worker
|
||||
restart: always
|
||||
environment:
|
||||
- ELASTICSEARCH_URL=https://elasticsearch:9200
|
||||
- ELASTIC_USERNAME=admin
|
||||
- ELASTIC_PASSWORD=SecretPassword
|
||||
- FILEBEAT_SSL_VERIFICATION_MODE=full
|
||||
- SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem
|
||||
- SSL_CERTIFICATE=/etc/ssl/filebeat.pem
|
||||
- SSL_KEY=/etc/ssl/filebeat.key
|
||||
volumes:
|
||||
- worker-ossec-api-configuration:/var/ossec/api/configuration
|
||||
- worker-ossec-etc:/var/ossec/etc
|
||||
- worker-ossec-logs:/var/ossec/logs
|
||||
- worker-ossec-queue:/var/ossec/queue
|
||||
- worker-ossec-var-multigroups:/var/ossec/var/multigroups
|
||||
- worker-ossec-integrations:/var/ossec/integrations
|
||||
- worker-ossec-active-response:/var/ossec/active-response/bin
|
||||
- worker-ossec-agentless:/var/ossec/agentless
|
||||
- worker-ossec-wodles:/var/ossec/wodles
|
||||
- worker-filebeat-etc:/etc/filebeat
|
||||
- worker-filebeat-var:/var/lib/filebeat
|
||||
- ./production_cluster/ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem
|
||||
- ./production_cluster/ssl_certs/filebeat.pem:/etc/ssl/filebeat.pem
|
||||
- ./production_cluster/ssl_certs/filebeat.key:/etc/ssl/filebeat.key
|
||||
- ./production_cluster/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf
|
||||
|
||||
elasticsearch:
|
||||
image: amazon/opendistro-for-elasticsearch:1.13.2
|
||||
hostname: elasticsearch
|
||||
restart: always
|
||||
ports:
|
||||
- "9200:9200"
|
||||
environment:
|
||||
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
|
||||
ulimits:
|
||||
memlock:
|
||||
soft: -1
|
||||
hard: -1
|
||||
nofile:
|
||||
soft: 65536
|
||||
hard: 65536
|
||||
volumes:
|
||||
- elastic-data-1:/usr/share/elasticsearch/data
|
||||
- ./production_cluster/ssl_certs/root-ca.pem:/usr/share/elasticsearch/config/root-ca.pem
|
||||
- ./production_cluster/ssl_certs/node1.key:/usr/share/elasticsearch/config/node1.key
|
||||
- ./production_cluster/ssl_certs/node1.pem:/usr/share/elasticsearch/config/node1.pem
|
||||
- ./production_cluster/ssl_certs/admin.pem:/usr/share/elasticsearch/config/admin.pem
|
||||
- ./production_cluster/ssl_certs/admin.key:/usr/share/elasticsearch/config/admin.key
|
||||
- ./production_cluster/elastic_opendistro/elasticsearch-node1.yml:/usr/share/elasticsearch/config/elasticsearch.yml
|
||||
- ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml
|
||||
|
||||
elasticsearch-2:
|
||||
image: amazon/opendistro-for-elasticsearch:1.13.2
|
||||
hostname: elasticsearch-2
|
||||
restart: always
|
||||
environment:
|
||||
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
|
||||
ulimits:
|
||||
memlock:
|
||||
soft: -1
|
||||
hard: -1
|
||||
nofile:
|
||||
soft: 65536
|
||||
hard: 65536
|
||||
volumes:
|
||||
- elastic-data-2:/usr/share/elasticsearch/data
|
||||
- ./production_cluster/ssl_certs/root-ca.pem:/usr/share/elasticsearch/config/root-ca.pem
|
||||
- ./production_cluster/ssl_certs/node2.key:/usr/share/elasticsearch/config/node2.key
|
||||
- ./production_cluster/ssl_certs/node2.pem:/usr/share/elasticsearch/config/node2.pem
|
||||
- ./production_cluster/elastic_opendistro/elasticsearch-node2.yml:/usr/share/elasticsearch/config/elasticsearch.yml
|
||||
- ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml
|
||||
|
||||
elasticsearch-3:
|
||||
image: amazon/opendistro-for-elasticsearch:1.13.2
|
||||
hostname: elasticsearch-3
|
||||
restart: always
|
||||
environment:
|
||||
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
|
||||
ulimits:
|
||||
memlock:
|
||||
soft: -1
|
||||
hard: -1
|
||||
nofile:
|
||||
soft: 65536
|
||||
hard: 65536
|
||||
volumes:
|
||||
- elastic-data-3:/usr/share/elasticsearch/data
|
||||
- ./production_cluster/ssl_certs/root-ca.pem:/usr/share/elasticsearch/config/root-ca.pem
|
||||
- ./production_cluster/ssl_certs/node3.key:/usr/share/elasticsearch/config/node3.key
|
||||
- ./production_cluster/ssl_certs/node3.pem:/usr/share/elasticsearch/config/node3.pem
|
||||
- ./production_cluster/elastic_opendistro/elasticsearch-node3.yml:/usr/share/elasticsearch/config/elasticsearch.yml
|
||||
- ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml
|
||||
|
||||
kibana:
|
||||
image: wazuh/wazuh-kibana-odfe:4.4.0
|
||||
hostname: kibana
|
||||
restart: always
|
||||
ports:
|
||||
- 5601:5601
|
||||
environment:
|
||||
- ELASTICSEARCH_USERNAME=admin
|
||||
- ELASTICSEARCH_PASSWORD=SecretPassword
|
||||
- SERVER_SSL_ENABLED=true
|
||||
- SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/cert.pem
|
||||
- SERVER_SSL_KEY=/usr/share/kibana/config/key.pem
|
||||
- WAZUH_API_URL="https://wazuh-master"
|
||||
- API_USERNAME=acme-user
|
||||
- API_PASSWORD=MyS3cr37P450r.*-
|
||||
volumes:
|
||||
- ./production_cluster/kibana_ssl/cert.pem:/usr/share/kibana/config/cert.pem
|
||||
- ./production_cluster/kibana_ssl/key.pem:/usr/share/kibana/config/key.pem
|
||||
|
||||
depends_on:
|
||||
- elasticsearch
|
||||
links:
|
||||
- elasticsearch:elasticsearch
|
||||
- wazuh-master:wazuh-master
|
||||
|
||||
nginx:
|
||||
image: nginx:stable
|
||||
hostname: nginx
|
||||
restart: always
|
||||
ports:
|
||||
- "80:80"
|
||||
- "443:443"
|
||||
- "1514:1514"
|
||||
depends_on:
|
||||
- wazuh-master
|
||||
- wazuh-worker
|
||||
- kibana
|
||||
links:
|
||||
- wazuh-master:wazuh-master
|
||||
- wazuh-worker:wazuh-worker
|
||||
- kibana:kibana
|
||||
volumes:
|
||||
- ./production_cluster/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
|
||||
- ./production_cluster/nginx/ssl:/etc/nginx/ssl:ro
|
||||
|
||||
volumes:
|
||||
ossec-api-configuration:
|
||||
ossec-etc:
|
||||
ossec-logs:
|
||||
ossec-queue:
|
||||
ossec-var-multigroups:
|
||||
ossec-integrations:
|
||||
ossec-active-response:
|
||||
ossec-agentless:
|
||||
ossec-wodles:
|
||||
filebeat-etc:
|
||||
filebeat-var:
|
||||
worker-ossec-api-configuration:
|
||||
worker-ossec-etc:
|
||||
worker-ossec-logs:
|
||||
worker-ossec-queue:
|
||||
worker-ossec-var-multigroups:
|
||||
worker-ossec-integrations:
|
||||
worker-ossec-active-response:
|
||||
worker-ossec-agentless:
|
||||
worker-ossec-wodles:
|
||||
worker-filebeat-etc:
|
||||
worker-filebeat-var:
|
||||
elastic-data-1:
|
||||
elastic-data-2:
|
||||
elastic-data-3:
|
||||
@@ -1,186 +0,0 @@
|
||||
# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2)
|
||||
version: '3.7'
|
||||
|
||||
services:
|
||||
wazuh:
|
||||
image: wazuh/wazuh:4.4.0
|
||||
hostname: wazuh-manager
|
||||
restart: always
|
||||
ports:
|
||||
- "1514:1514"
|
||||
- "1515:1515"
|
||||
- "514:514/udp"
|
||||
- "55000:55000"
|
||||
environment:
|
||||
- ELASTICSEARCH_URL=https://elasticsearch:9200
|
||||
- ELASTIC_USERNAME=elastic
|
||||
- ELASTIC_PASSWORD=SecretPassword
|
||||
- FILEBEAT_SSL_VERIFICATION_MODE=none
|
||||
- SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/ca.crt
|
||||
- SSL_CERTIFICATE=/etc/ssl/wazuh.crt
|
||||
- SSL_KEY=/etc/ssl/wazuh.key
|
||||
volumes:
|
||||
- ossec_api_configuration:/var/ossec/api/configuration
|
||||
- ossec_etc:/var/ossec/etc
|
||||
- ossec_logs:/var/ossec/logs
|
||||
- ossec_queue:/var/ossec/queue
|
||||
- ossec_var_multigroups:/var/ossec/var/multigroups
|
||||
- ossec_integrations:/var/ossec/integrations
|
||||
- ossec_active_response:/var/ossec/active-response/bin
|
||||
- ossec_agentless:/var/ossec/agentless
|
||||
- ossec_wodles:/var/ossec/wodles
|
||||
- filebeat_etc:/etc/filebeat
|
||||
- filebeat_var:/var/lib/filebeat
|
||||
- ./xpack/ca/ca.crt:/etc/ssl/ca.crt
|
||||
- ./xpack/wazuh/wazuh.crt:/etc/ssl/wazuh.crt
|
||||
- ./xpack/wazuh/wazuh.key:/etc/ssl/wazuh.key
|
||||
|
||||
|
||||
elasticsearch:
|
||||
image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2
|
||||
hostname: elasticsearch
|
||||
restart: always
|
||||
ports:
|
||||
- "9200:9200"
|
||||
environment:
|
||||
- cluster.name=wazuh-cluster
|
||||
- node.name=elasticsearch
|
||||
- discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3
|
||||
- cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3
|
||||
- ELASTIC_PASSWORD=SecretPassword
|
||||
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
|
||||
- bootstrap.memory_lock=true
|
||||
- xpack.license.self_generated.type=basic
|
||||
- xpack.security.enabled=true
|
||||
- xpack.security.http.ssl.enabled=true
|
||||
- xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
|
||||
- xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
|
||||
- xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
|
||||
- xpack.security.transport.ssl.enabled=true
|
||||
- xpack.security.transport.ssl.verification_mode=certificate
|
||||
- xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
|
||||
- xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
|
||||
- xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
|
||||
ulimits:
|
||||
memlock:
|
||||
soft: -1
|
||||
hard: -1
|
||||
nofile:
|
||||
soft: 65536
|
||||
hard: 65536
|
||||
volumes:
|
||||
- ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt
|
||||
- ./xpack/elasticsearch/elasticsearch.key:/usr/share/elasticsearch/config/elasticsearch.key
|
||||
- ./xpack/elasticsearch/elasticsearch.crt:/usr/share/elasticsearch/config/elasticsearch.crt
|
||||
|
||||
elasticsearch2:
|
||||
image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2
|
||||
hostname: elasticsearch2
|
||||
restart: always
|
||||
environment:
|
||||
- cluster.name=wazuh-cluster
|
||||
- node.name=elasticsearch2
|
||||
- discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3
|
||||
- cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3
|
||||
- ELASTIC_PASSWORD=SecretPassword
|
||||
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
|
||||
- bootstrap.memory_lock=true
|
||||
- xpack.license.self_generated.type=basic
|
||||
- xpack.security.enabled=true
|
||||
- xpack.security.http.ssl.enabled=true
|
||||
- xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
|
||||
- xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
|
||||
- xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
|
||||
- xpack.security.transport.ssl.enabled=true
|
||||
- xpack.security.transport.ssl.verification_mode=certificate
|
||||
- xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
|
||||
- xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
|
||||
- xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
|
||||
ulimits:
|
||||
memlock:
|
||||
soft: -1
|
||||
hard: -1
|
||||
nofile:
|
||||
soft: 65536
|
||||
hard: 65536
|
||||
volumes:
|
||||
- ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt
|
||||
- ./xpack/elasticsearch2/elasticsearch2.key:/usr/share/elasticsearch/config/elasticsearch.key
|
||||
- ./xpack/elasticsearch2/elasticsearch2.crt:/usr/share/elasticsearch/config/elasticsearch.crt
|
||||
|
||||
elasticsearch3:
|
||||
image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2
|
||||
hostname: elasticsearch3
|
||||
restart: always
|
||||
environment:
|
||||
- cluster.name=wazuh-cluster
|
||||
- node.name=elasticsearch3
|
||||
- discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3
|
||||
- cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3
|
||||
- ELASTIC_PASSWORD=SecretPassword
|
||||
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
|
||||
- bootstrap.memory_lock=true
|
||||
- xpack.license.self_generated.type=basic
|
||||
- xpack.security.enabled=true
|
||||
- xpack.security.http.ssl.enabled=true
|
||||
- xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
|
||||
- xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
|
||||
- xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
|
||||
- xpack.security.transport.ssl.enabled=true
|
||||
- xpack.security.transport.ssl.verification_mode=certificate
|
||||
- xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
|
||||
- xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
|
||||
- xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
|
||||
ulimits:
|
||||
memlock:
|
||||
soft: -1
|
||||
hard: -1
|
||||
nofile:
|
||||
soft: 65536
|
||||
hard: 65536
|
||||
volumes:
|
||||
- ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt
|
||||
- ./xpack/elasticsearch3/elasticsearch3.key:/usr/share/elasticsearch/config/elasticsearch.key
|
||||
- ./xpack/elasticsearch3/elasticsearch3.crt:/usr/share/elasticsearch/config/elasticsearch.crt
|
||||
|
||||
|
||||
|
||||
kibana:
|
||||
image: wazuh/wazuh-kibana:4.4.0
|
||||
hostname: kibana
|
||||
restart: always
|
||||
ports:
|
||||
- 443:5601
|
||||
environment:
|
||||
- SERVERNAME=localhost
|
||||
- ELASTICSEARCH_USERNAME=elastic
|
||||
- ELASTICSEARCH_PASSWORD=SecretPassword
|
||||
- ELASTICSEARCH_URL=https://elasticsearch:9200
|
||||
- ELASTICSEARCH_HOSTS=https://elasticsearch:9200
|
||||
- ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=/usr/share/kibana/config/ca.crt
|
||||
- SERVER_SSL_ENABLED=true
|
||||
- XPACK_SECURITY_ENABLED=true
|
||||
- SERVER_SSL_KEY=/usr/share/kibana/config/kibana.key
|
||||
- SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/kibana.crt
|
||||
volumes:
|
||||
- ./xpack/ca/ca.crt:/usr/share/kibana/config/ca.crt
|
||||
- ./xpack/kibana/kibana.key:/usr/share/kibana/config/kibana.key
|
||||
- ./xpack/kibana/kibana.crt:/usr/share/kibana/config/kibana.crt
|
||||
depends_on:
|
||||
- elasticsearch
|
||||
links:
|
||||
- elasticsearch:elasticsearch
|
||||
- wazuh:wazuh
|
||||
|
||||
volumes:
|
||||
ossec_api_configuration:
|
||||
ossec_etc:
|
||||
ossec_logs:
|
||||
ossec_queue:
|
||||
ossec_var_multigroups:
|
||||
ossec_integrations:
|
||||
ossec_active_response:
|
||||
ossec_agentless:
|
||||
ossec_wodles:
|
||||
filebeat_etc:
|
||||
filebeat_var:
|
||||
@@ -1,192 +0,0 @@
|
||||
# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2)
|
||||
version: '3.7'
|
||||
|
||||
services:
|
||||
wazuh:
|
||||
build:
|
||||
context: wazuh-odfe/
|
||||
args:
|
||||
- FILEBEAT_CHANNEL=filebeat
|
||||
- FILEBEAT_VERSION=7.11.2
|
||||
image: wazuh/wazuh:4.4.0
|
||||
hostname: wazuh-manager
|
||||
restart: always
|
||||
ports:
|
||||
- "1514:1514"
|
||||
- "1515:1515"
|
||||
- "514:514/udp"
|
||||
- "55000:55000"
|
||||
environment:
|
||||
- ELASTICSEARCH_URL=https://elasticsearch:9200
|
||||
- ELASTIC_USERNAME=elastic
|
||||
- ELASTIC_PASSWORD=SecretPassword
|
||||
- FILEBEAT_SSL_VERIFICATION_MODE=none
|
||||
- SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/ca.crt
|
||||
- SSL_CERTIFICATE=/etc/ssl/wazuh.crt
|
||||
- SSL_KEY=/etc/ssl/wazuh.key
|
||||
volumes:
|
||||
- ossec_api_configuration:/var/ossec/api/configuration
|
||||
- ossec_etc:/var/ossec/etc
|
||||
- ossec_logs:/var/ossec/logs
|
||||
- ossec_queue:/var/ossec/queue
|
||||
- ossec_var_multigroups:/var/ossec/var/multigroups
|
||||
- ossec_integrations:/var/ossec/integrations
|
||||
- ossec_active_response:/var/ossec/active-response/bin
|
||||
- ossec_agentless:/var/ossec/agentless
|
||||
- ossec_wodles:/var/ossec/wodles
|
||||
- filebeat_etc:/etc/filebeat
|
||||
- filebeat_var:/var/lib/filebeat
|
||||
- ./xpack/ca/ca.crt:/etc/ssl/ca.crt
|
||||
- ./xpack/wazuh/wazuh.crt:/etc/ssl/wazuh.crt
|
||||
- ./xpack/wazuh/wazuh.key:/etc/ssl/wazuh.key
|
||||
|
||||
|
||||
elasticsearch:
|
||||
image: docker.elastic.co/elasticsearch/elasticsearch:7.11.2
|
||||
hostname: elasticsearch
|
||||
restart: always
|
||||
ports:
|
||||
- "9200:9200"
|
||||
environment:
|
||||
- cluster.name=wazuh-cluster
|
||||
- node.name=elasticsearch
|
||||
- discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3
|
||||
- cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3
|
||||
- ELASTIC_PASSWORD=SecretPassword
|
||||
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
|
||||
- bootstrap.memory_lock=true
|
||||
- xpack.license.self_generated.type=basic
|
||||
- xpack.security.enabled=true
|
||||
- xpack.security.http.ssl.enabled=true
|
||||
- xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
|
||||
- xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
|
||||
- xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
|
||||
- xpack.security.transport.ssl.enabled=true
|
||||
- xpack.security.transport.ssl.verification_mode=certificate
|
||||
- xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
|
||||
- xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
|
||||
- xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
|
||||
ulimits:
|
||||
memlock:
|
||||
soft: -1
|
||||
hard: -1
|
||||
nofile:
|
||||
soft: 65536
|
||||
hard: 65536
|
||||
volumes:
|
||||
- ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt
|
||||
- ./xpack/elasticsearch/elasticsearch.key:/usr/share/elasticsearch/config/elasticsearch.key
|
||||
- ./xpack/elasticsearch/elasticsearch.crt:/usr/share/elasticsearch/config/elasticsearch.crt
|
||||
|
||||
elasticsearch2:
|
||||
image: docker.elastic.co/elasticsearch/elasticsearch:7.11.2
|
||||
hostname: elasticsearch2
|
||||
restart: always
|
||||
environment:
|
||||
- cluster.name=wazuh-cluster
|
||||
- node.name=elasticsearch2
|
||||
- discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3
|
||||
- cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3
|
||||
- ELASTIC_PASSWORD=SecretPassword
|
||||
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
|
||||
- bootstrap.memory_lock=true
|
||||
- xpack.license.self_generated.type=basic
|
||||
- xpack.security.enabled=true
|
||||
- xpack.security.http.ssl.enabled=true
|
||||
- xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
|
||||
- xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
|
||||
- xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
|
||||
- xpack.security.transport.ssl.enabled=true
|
||||
- xpack.security.transport.ssl.verification_mode=certificate
|
||||
- xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
|
||||
- xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
|
||||
- xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
|
||||
ulimits:
|
||||
memlock:
|
||||
soft: -1
|
||||
hard: -1
|
||||
nofile:
|
||||
soft: 65536
|
||||
hard: 65536
|
||||
volumes:
|
||||
- ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt
|
||||
- ./xpack/elasticsearch2/elasticsearch2.key:/usr/share/elasticsearch/config/elasticsearch.key
|
||||
- ./xpack/elasticsearch2/elasticsearch2.crt:/usr/share/elasticsearch/config/elasticsearch.crt
|
||||
|
||||
elasticsearch3:
|
||||
image: docker.elastic.co/elasticsearch/elasticsearch:7.11.2
|
||||
hostname: elasticsearch3
|
||||
restart: always
|
||||
environment:
|
||||
- cluster.name=wazuh-cluster
|
||||
- node.name=elasticsearch3
|
||||
- discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3
|
||||
- cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3
|
||||
- ELASTIC_PASSWORD=SecretPassword
|
||||
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
|
||||
- bootstrap.memory_lock=true
|
||||
- xpack.license.self_generated.type=basic
|
||||
- xpack.security.enabled=true
|
||||
- xpack.security.http.ssl.enabled=true
|
||||
- xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
|
||||
- xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
|
||||
- xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
|
||||
- xpack.security.transport.ssl.enabled=true
|
||||
- xpack.security.transport.ssl.verification_mode=certificate
|
||||
- xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
|
||||
- xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
|
||||
- xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
|
||||
ulimits:
|
||||
memlock:
|
||||
soft: -1
|
||||
hard: -1
|
||||
nofile:
|
||||
soft: 65536
|
||||
hard: 65536
|
||||
volumes:
|
||||
- ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt
|
||||
- ./xpack/elasticsearch3/elasticsearch3.key:/usr/share/elasticsearch/config/elasticsearch.key
|
||||
- ./xpack/elasticsearch3/elasticsearch3.crt:/usr/share/elasticsearch/config/elasticsearch.crt
|
||||
|
||||
|
||||
|
||||
kibana:
|
||||
build: kibana/
|
||||
image: wazuh/wazuh-kibana:4.4.0
|
||||
hostname: kibana
|
||||
restart: always
|
||||
ports:
|
||||
- 443:5601
|
||||
environment:
|
||||
- SERVERNAME=localhost
|
||||
- ELASTICSEARCH_USERNAME=elastic
|
||||
- ELASTICSEARCH_PASSWORD=SecretPassword
|
||||
- ELASTICSEARCH_URL=https://elasticsearch:9200
|
||||
- ELASTICSEARCH_HOSTS=https://elasticsearch:9200
|
||||
- ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=/usr/share/kibana/config/ca.crt
|
||||
- SERVER_SSL_ENABLED=true
|
||||
- XPACK_SECURITY_ENABLED=true
|
||||
- SERVER_SSL_KEY=/usr/share/kibana/config/kibana.key
|
||||
- SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/kibana.crt
|
||||
volumes:
|
||||
- ./xpack/ca/ca.crt:/usr/share/kibana/config/ca.crt
|
||||
- ./xpack/kibana/kibana.key:/usr/share/kibana/config/kibana.key
|
||||
- ./xpack/kibana/kibana.crt:/usr/share/kibana/config/kibana.crt
|
||||
depends_on:
|
||||
- elasticsearch
|
||||
links:
|
||||
- elasticsearch:elasticsearch
|
||||
- wazuh:wazuh
|
||||
|
||||
volumes:
|
||||
ossec_api_configuration:
|
||||
ossec_etc:
|
||||
ossec_logs:
|
||||
ossec_queue:
|
||||
ossec_var_multigroups:
|
||||
ossec_integrations:
|
||||
ossec_active_response:
|
||||
ossec_agentless:
|
||||
ossec_wodles:
|
||||
filebeat_etc:
|
||||
filebeat_var:
|
||||
Reference in New Issue
Block a user