Added missing config

.github/workflows/push.yml

@@ -49,8 +49,8 @@ jobs:
       with:
         version: v0.3.16
 
-    - name: Execute Goss tests (wazuh-odfe)
+    - name: Execute Goss tests (wazuh-manager)
-      run: dgoss run wazuh/wazuh-manager:4.5.0
+      run: dgoss run wazuh/wazuh-manager:${{env.WAZUH_IMAGE_VERSION}}
       env:
         GOSS_SLEEP: 30
         GOSS_FILE: .github/.goss.yaml

CHANGELOG.md

@@ -11,14 +11,86 @@ All notable changes to this project will be documented in this file.
 
 - Update Wazuh to version [4.5.0](https://github.com/wazuh/wazuh/blob/v4.5.0/CHANGELOG.md#v450)
 
+## Wazuh Docker v4.4.1
+### Added
+
+- Update Wazuh to version [4.4.1](https://github.com/wazuh/wazuh/blob/v4.4.1/CHANGELOG.md#v441)
+
 ## Wazuh Docker v4.4.0
 ### Added
 
 - Update Wazuh to version [4.4.0](https://github.com/wazuh/wazuh/blob/v4.4.0/CHANGELOG.md#v440)
 
+## Wazuh Docker v4.3.11
+### Added
+
+- Update Wazuh to version [4.3.11](https://github.com/wazuh/wazuh/blob/v4.3.11/CHANGELOG.md#v4311)
+
+## Wazuh Docker v4.3.10
+### Added
+
+- Update Wazuh to version [4.3.10](https://github.com/wazuh/wazuh/blob/v4.3.10/CHANGELOG.md#v4310)
+
+
+## Wazuh Docker v4.3.9
+### Added
+
+- Update Wazuh to version [4.3.9](https://github.com/wazuh/wazuh/blob/v4.3.9/CHANGELOG.md#v439)
+
+
+## Wazuh Docker v4.3.8
+### Added
+
+- Update Wazuh to version [4.3.8](https://github.com/wazuh/wazuh/blob/v4.3.8/CHANGELOG.md#v438)
+
+## Wazuh Docker v4.3.7
+### Added
+
+- Update Wazuh to version [4.3.7](https://github.com/wazuh/wazuh/blob/v4.3.7/CHANGELOG.md#v437)
+
+## Wazuh Docker v4.3.6
+### Added
+
+- Update Wazuh to version [4.3.6](https://github.com/wazuh/wazuh/blob/v4.3.6/CHANGELOG.md#v436)
+
+## Wazuh Docker v4.3.5
+### Added
+
+- Update Wazuh to version [4.3.5](https://github.com/wazuh/wazuh/blob/v4.3.5/CHANGELOG.md#v435)
+
+## Wazuh Docker v4.3.4
+### Added
+
+- Update Wazuh to version [4.3.4](https://github.com/wazuh/wazuh/blob/v4.3.4/CHANGELOG.md#v434)
+
+## Wazuh Docker v4.3.3
+### Added
+
+- Update Wazuh to version [4.3.3](https://github.com/wazuh/wazuh/blob/v4.3.3/CHANGELOG.md#v433)
+
+## Wazuh Docker v4.3.2
+### Added
+
+- Update Wazuh to version [4.3.2](https://github.com/wazuh/wazuh/blob/v4.3.2/CHANGELOG.md#v432)
+
+## Wazuh Docker v4.3.1
+### Added
+
+- Update Wazuh to version [4.3.1](https://github.com/wazuh/wazuh/blob/v4.3.1/CHANGELOG.md#v431)
+
 ## Wazuh Docker v4.3.0
 ### Added
 
+- Update Wazuh to version [4.3.0](https://github.com/wazuh/wazuh/blob/v4.3.0/CHANGELOG.md#v430)
+
+## Wazuh Docker v4.2.7
+### Added
+
+- Update Wazuh to version [4.2.7](https://github.com/wazuh/wazuh/blob/v4.2.7/CHANGELOG.md#v427)
+
+## Wazuh Docker v4.2.6
+### Added
+
 - Update Wazuh to version [4.2.6](https://github.com/wazuh/wazuh/blob/v4.2.6/CHANGELOG.md#v426)
 
 ## Wazuh Docker v4.2.5

README.md

@@ -197,7 +197,9 @@ WAZUH_MONITORING_REPLICAS=0         ##
 |---------------|---------|--------|
 | v4.6.0        |         |        |
 | v4.5.0        |         |        |
+| v4.4.1        |         |        |
 | v4.4.0        |         |        |
+| v4.3.11       |         |        |
 | v4.3.10       |         |        |
 | v4.3.9        |         |        |
 | v4.3.8        |         |        |

build-docker-images/build-images.yml

@@ -3,8 +3,12 @@ version: '3.7'
 
 services:
   wazuh.manager:
-    build:  wazuh-manager/
+    build:
-    image: wazuh/wazuh-manager:4.5.0
+      context: wazuh-manager/
+      args:
+        WAZUH_VERSION: ${WAZUH_VERSION}
+        WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION}
+    image: wazuh/wazuh-manager:${WAZUH_IMAGE_VERSION}
     hostname: wazuh.manager
     restart: always
     ports:

build-docker-images/wazuh-dashboard/Dockerfile

@@ -1,7 +1,8 @@
 # Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)
 FROM ubuntu:focal AS builder
 
-ARG WAZUH_VERSION=4.5.0
+ARG WAZUH_VERSION
+ARG WAZUH_TAG_REVISION
 ARG INSTALL_DIR=/usr/share/wazuh-dashboard
 ARG WAZUH_UI_REVISION=1
 

build-docker-images/wazuh-indexer/config/config.sh

@@ -8,7 +8,7 @@ export TARGET_DIR=${CURDIR}/debian/${NAME}
 # Package build options
 export USER=${NAME}
 export GROUP=${NAME}
-export VERSION=4.5.0
+export VERSION=${WAZUH_VERSION}-${WAZUH_TAG_REVISION}
 export LOG_DIR=/var/log/${NAME}
 export LIB_DIR=/var/lib/${NAME}
 export PID_DIR=/run/${NAME}

build-docker-images/wazuh-manager/Dockerfile

@@ -8,9 +8,7 @@ ARG WAZUH_TAG_REVISION
 ARG TEMPLATE_VERSION=4.6
 ARG FILEBEAT_CHANNEL=filebeat-oss
 ARG FILEBEAT_VERSION=7.10.2
-ARG WAZUH_VERSION=4.4.0-1
+ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.2.tar.gz"
-ARG TEMPLATE_VERSION="master"
-ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz"
 
 RUN apt-get update && apt install curl apt-transport-https lsb-release gnupg -y
 

docker-compose.yml

@@ -1,82 +0,0 @@
-# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2)
-version: '3.7'
-
-services:
-  wazuh:
-    image: wazuh/wazuh-odfe:4.4.0
-    hostname: wazuh-manager
-    restart: always
-    ports:
-      - "1514:1514"
-      - "1515:1515"
-      - "514:514/udp"
-      - "55000:55000"
-    environment:
-      - ELASTICSEARCH_URL=https://elasticsearch:9200
-      - ELASTIC_USERNAME=admin
-      - ELASTIC_PASSWORD=admin
-      - FILEBEAT_SSL_VERIFICATION_MODE=none
-    volumes:
-      - ossec_api_configuration:/var/ossec/api/configuration
-      - ossec_etc:/var/ossec/etc
-      - ossec_logs:/var/ossec/logs
-      - ossec_queue:/var/ossec/queue
-      - ossec_var_multigroups:/var/ossec/var/multigroups
-      - ossec_integrations:/var/ossec/integrations
-      - ossec_active_response:/var/ossec/active-response/bin
-      - ossec_agentless:/var/ossec/agentless
-      - ossec_wodles:/var/ossec/wodles
-      - filebeat_etc:/etc/filebeat
-      - filebeat_var:/var/lib/filebeat
-
-  elasticsearch:
-    image: amazon/opendistro-for-elasticsearch:1.13.2
-    hostname: elasticsearch
-    restart: always
-    ports:
-      - "9200:9200"
-    environment:
-      - discovery.type=single-node
-      - cluster.name=wazuh-cluster
-      - network.host=0.0.0.0
-      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
-      - bootstrap.memory_lock=true
-    ulimits:
-      memlock:
-        soft: -1
-        hard: -1
-      nofile:
-        soft: 65536
-        hard: 65536
-
-  kibana:
-    image: wazuh/wazuh-kibana-odfe:4.4.0
-    hostname: kibana
-    restart: always
-    ports:
-      - 443:5601
-    environment:
-      - ELASTICSEARCH_USERNAME=admin
-      - ELASTICSEARCH_PASSWORD=admin
-      - SERVER_SSL_ENABLED=true
-      - SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/opendistroforelasticsearch.example.org.cert
-      - SERVER_SSL_KEY=/usr/share/kibana/config/opendistroforelasticsearch.example.org.key
-
-    depends_on:
-      - elasticsearch
-    links:
-      - elasticsearch:elasticsearch
-      - wazuh:wazuh
-
-volumes:
-  ossec_api_configuration:
-  ossec_etc:
-  ossec_logs:
-  ossec_queue:
-  ossec_var_multigroups:
-  ossec_integrations:
-  ossec_active_response:
-  ossec_agentless:
-  ossec_wodles:
-  filebeat_etc:
-  filebeat_var:

indexer-certs-creator/config/entrypoint.sh

@@ -54,8 +54,8 @@ cp /certificates/root-ca.key /certificates/root-ca-manager.key
 chown 101:101 /certificates/root-ca-manager.pem
 chown 101:101 /certificates/root-ca-manager.key
 
-for i in ${node_names[@]}; 
+for i in ${node_names[@]};
-do 
+do
   chown 101:101 "/certificates/${i}.pem"
   chown 101:101 "/certificates/${i}-key.pem"
 done

kibana-odfe/Dockerfile

@@ -1,59 +0,0 @@
-# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2)
-FROM amazon/opendistro-for-elasticsearch-kibana:1.13.2
-USER kibana
-ARG ELASTIC_VERSION=7.10.2
-ARG WAZUH_VERSION=4.4.0
-ARG WAZUH_APP_VERSION="${WAZUH_VERSION}_${ELASTIC_VERSION}"
-
-WORKDIR /usr/share/kibana
-RUN ./bin/kibana-plugin install https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana-${WAZUH_APP_VERSION}-1.zip
-
-WORKDIR /
-USER root
-COPY config/entrypoint.sh ./entrypoint.sh
-RUN chmod 755 ./entrypoint.sh
-
-ENV PATTERN="" \
-    CHECKS_PATTERN="" \
-    CHECKS_TEMPLATE="" \
-    CHECKS_API="" \
-    CHECKS_SETUP="" \
-    EXTENSIONS_PCI="" \
-    EXTENSIONS_GDPR="" \
-    EXTENSIONS_HIPAA="" \
-    EXTENSIONS_NIST="" \
-    EXTENSIONS_TSC="" \
-    EXTENSIONS_AUDIT="" \
-    EXTENSIONS_OSCAP="" \
-    EXTENSIONS_CISCAT="" \
-    EXTENSIONS_AWS="" \
-    EXTENSIONS_GCP="" \
-    EXTENSIONS_VIRUSTOTAL="" \
-    EXTENSIONS_OSQUERY="" \
-    EXTENSIONS_DOCKER="" \
-    APP_TIMEOUT="" \
-    API_SELECTOR="" \
-    IP_SELECTOR="" \
-    IP_IGNORE="" \
-    WAZUH_MONITORING_ENABLED="" \
-    WAZUH_MONITORING_FREQUENCY="" \
-    WAZUH_MONITORING_SHARDS="" \
-    WAZUH_MONITORING_REPLICAS="" \
-    ADMIN_PRIVILEGES=""
-
-USER kibana
-
-COPY ./config/custom_welcome /tmp/custom_welcome
-COPY --chown=kibana:kibana ./config/welcome_wazuh.sh ./
-RUN chmod +x ./welcome_wazuh.sh
-ARG CHANGE_WELCOME="true"
-RUN ./welcome_wazuh.sh
-
-COPY --chown=kibana:kibana ./config/wazuh.yml /usr/share/kibana/data/wazuh/config/wazuh.yml
-COPY --chown=kibana:kibana ./config/wazuh_app_config.sh ./
-RUN chmod +x ./wazuh_app_config.sh
-
-COPY --chown=kibana:kibana ./config/kibana_settings.sh ./
-RUN chmod +x ./kibana_settings.sh
-
-ENTRYPOINT ./entrypoint.sh

kibana/Dockerfile

@@ -1,64 +0,0 @@
-# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2)
-FROM docker.elastic.co/kibana/kibana:7.10.2
-USER kibana
-ARG ELASTIC_VERSION=7.10.2
-ARG WAZUH_VERSION=4.4.0
-ARG WAZUH_APP_VERSION="${WAZUH_VERSION}_${ELASTIC_VERSION}"
-
-WORKDIR /usr/share/kibana
-RUN ./bin/kibana-plugin install https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana-${WAZUH_APP_VERSION}-1.zip
-
-ENV PATTERN="" \
-    CHECKS_PATTERN="" \
-    CHECKS_TEMPLATE="" \
-    CHECKS_API="" \
-    CHECKS_SETUP="" \
-    EXTENSIONS_PCI="" \
-    EXTENSIONS_GDPR="" \
-    EXTENSIONS_HIPAA="" \
-    EXTENSIONS_NIST="" \
-    EXTENSIONS_TSC="" \
-    EXTENSIONS_AUDIT="" \
-    EXTENSIONS_OSCAP="" \
-    EXTENSIONS_CISCAT="" \
-    EXTENSIONS_AWS="" \
-    EXTENSIONS_GCP="" \
-    EXTENSIONS_VIRUSTOTAL="" \
-    EXTENSIONS_OSQUERY="" \
-    EXTENSIONS_DOCKER="" \
-    APP_TIMEOUT="" \
-    API_SELECTOR="" \
-    IP_SELECTOR="" \
-    IP_IGNORE="" \
-    WAZUH_MONITORING_ENABLED="" \
-    WAZUH_MONITORING_FREQUENCY="" \
-    WAZUH_MONITORING_SHARDS="" \
-    WAZUH_MONITORING_REPLICAS="" \
-    ADMIN_PRIVILEGES="" \
-    XPACK_CANVAS="true" \
-    XPACK_LOGS="true"   \
-    XPACK_INFRA="true"  \
-    XPACK_ML="true" \
-    XPACK_DEVTOOLS="true"   \
-    XPACK_MONITORING="true" \
-    XPACK_APM="true"
-
-WORKDIR /
-USER kibana
-
-COPY --chown=kibana:kibana config/entrypoint.sh ./entrypoint.sh
-RUN chmod 755 ./entrypoint.sh
-
-RUN printf "\nserver.defaultRoute: /app/wazuh\n" >> /usr/share/kibana/config/kibana.yml
-
-COPY --chown=kibana:kibana ./config/wazuh.yml /usr/share/kibana/data/wazuh/config/wazuh.yml
-COPY --chown=kibana:kibana ./config/wazuh_app_config.sh ./
-RUN chmod +x ./wazuh_app_config.sh
-
-COPY --chown=kibana:kibana ./config/kibana_settings.sh ./
-RUN chmod +x ./kibana_settings.sh
-
-COPY --chown=kibana:kibana ./config/xpack_config.sh ./
-RUN chmod +x ./xpack_config.sh
-
-ENTRYPOINT ./entrypoint.sh

production-cluster.yml

@@ -1,206 +0,0 @@
-# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2)
-version: '3.7'
-
-services:
-  wazuh-master:
-    image: wazuh/wazuh-odfe:4.4.0
-    hostname: wazuh-master
-    restart: always
-    ports:
-      - "1515:1515"
-      - "514:514/udp"
-      - "55000:55000"
-    environment:
-      - ELASTICSEARCH_URL=https://elasticsearch:9200
-      - ELASTIC_USERNAME=admin
-      - ELASTIC_PASSWORD=SecretPassword
-      - FILEBEAT_SSL_VERIFICATION_MODE=full
-      - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem
-      - SSL_CERTIFICATE=/etc/ssl/filebeat.pem
-      - SSL_KEY=/etc/ssl/filebeat.key
-      - API_USERNAME=acme-user
-      - API_PASSWORD=MyS3cr37P450r.*-
-    volumes:
-      - ossec-api-configuration:/var/ossec/api/configuration
-      - ossec-etc:/var/ossec/etc
-      - ossec-logs:/var/ossec/logs
-      - ossec-queue:/var/ossec/queue
-      - ossec-var-multigroups:/var/ossec/var/multigroups
-      - ossec-integrations:/var/ossec/integrations
-      - ossec-active-response:/var/ossec/active-response/bin
-      - ossec-agentless:/var/ossec/agentless
-      - ossec-wodles:/var/ossec/wodles
-      - filebeat-etc:/etc/filebeat
-      - filebeat-var:/var/lib/filebeat
-      - ./production_cluster/ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem
-      - ./production_cluster/ssl_certs/filebeat.pem:/etc/ssl/filebeat.pem
-      - ./production_cluster/ssl_certs/filebeat.key:/etc/ssl/filebeat.key
-      - ./production_cluster/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
-
-  wazuh-worker:
-    image: wazuh/wazuh-odfe:4.4.0
-    hostname: wazuh-worker
-    restart: always
-    environment:
-      - ELASTICSEARCH_URL=https://elasticsearch:9200
-      - ELASTIC_USERNAME=admin
-      - ELASTIC_PASSWORD=SecretPassword
-      - FILEBEAT_SSL_VERIFICATION_MODE=full
-      - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem
-      - SSL_CERTIFICATE=/etc/ssl/filebeat.pem
-      - SSL_KEY=/etc/ssl/filebeat.key
-    volumes:
-      - worker-ossec-api-configuration:/var/ossec/api/configuration
-      - worker-ossec-etc:/var/ossec/etc
-      - worker-ossec-logs:/var/ossec/logs
-      - worker-ossec-queue:/var/ossec/queue
-      - worker-ossec-var-multigroups:/var/ossec/var/multigroups
-      - worker-ossec-integrations:/var/ossec/integrations
-      - worker-ossec-active-response:/var/ossec/active-response/bin
-      - worker-ossec-agentless:/var/ossec/agentless
-      - worker-ossec-wodles:/var/ossec/wodles
-      - worker-filebeat-etc:/etc/filebeat
-      - worker-filebeat-var:/var/lib/filebeat
-      - ./production_cluster/ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem
-      - ./production_cluster/ssl_certs/filebeat.pem:/etc/ssl/filebeat.pem
-      - ./production_cluster/ssl_certs/filebeat.key:/etc/ssl/filebeat.key
-      - ./production_cluster/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf
-
-  elasticsearch:
-    image: amazon/opendistro-for-elasticsearch:1.13.2
-    hostname: elasticsearch
-    restart: always
-    ports:
-      - "9200:9200"
-    environment:
-      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
-    ulimits:
-      memlock:
-        soft: -1
-        hard: -1
-      nofile:
-        soft: 65536
-        hard: 65536
-    volumes:
-      - elastic-data-1:/usr/share/elasticsearch/data
-      - ./production_cluster/ssl_certs/root-ca.pem:/usr/share/elasticsearch/config/root-ca.pem
-      - ./production_cluster/ssl_certs/node1.key:/usr/share/elasticsearch/config/node1.key
-      - ./production_cluster/ssl_certs/node1.pem:/usr/share/elasticsearch/config/node1.pem
-      - ./production_cluster/ssl_certs/admin.pem:/usr/share/elasticsearch/config/admin.pem
-      - ./production_cluster/ssl_certs/admin.key:/usr/share/elasticsearch/config/admin.key
-      - ./production_cluster/elastic_opendistro/elasticsearch-node1.yml:/usr/share/elasticsearch/config/elasticsearch.yml
-      - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml
-
-  elasticsearch-2:
-    image: amazon/opendistro-for-elasticsearch:1.13.2
-    hostname: elasticsearch-2
-    restart: always
-    environment:
-      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
-    ulimits:
-      memlock:
-        soft: -1
-        hard: -1
-      nofile:
-        soft: 65536
-        hard: 65536
-    volumes:
-      - elastic-data-2:/usr/share/elasticsearch/data
-      - ./production_cluster/ssl_certs/root-ca.pem:/usr/share/elasticsearch/config/root-ca.pem
-      - ./production_cluster/ssl_certs/node2.key:/usr/share/elasticsearch/config/node2.key
-      - ./production_cluster/ssl_certs/node2.pem:/usr/share/elasticsearch/config/node2.pem
-      - ./production_cluster/elastic_opendistro/elasticsearch-node2.yml:/usr/share/elasticsearch/config/elasticsearch.yml
-      - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml
-
-  elasticsearch-3:
-    image: amazon/opendistro-for-elasticsearch:1.13.2
-    hostname: elasticsearch-3
-    restart: always
-    environment:
-      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
-    ulimits:
-      memlock:
-        soft: -1
-        hard: -1
-      nofile:
-        soft: 65536
-        hard: 65536
-    volumes:
-      - elastic-data-3:/usr/share/elasticsearch/data
-      - ./production_cluster/ssl_certs/root-ca.pem:/usr/share/elasticsearch/config/root-ca.pem
-      - ./production_cluster/ssl_certs/node3.key:/usr/share/elasticsearch/config/node3.key
-      - ./production_cluster/ssl_certs/node3.pem:/usr/share/elasticsearch/config/node3.pem
-      - ./production_cluster/elastic_opendistro/elasticsearch-node3.yml:/usr/share/elasticsearch/config/elasticsearch.yml
-      - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml
-
-  kibana:
-    image: wazuh/wazuh-kibana-odfe:4.4.0
-    hostname: kibana
-    restart: always
-    ports:
-      - 5601:5601
-    environment:
-      - ELASTICSEARCH_USERNAME=admin
-      - ELASTICSEARCH_PASSWORD=SecretPassword
-      - SERVER_SSL_ENABLED=true
-      - SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/cert.pem
-      - SERVER_SSL_KEY=/usr/share/kibana/config/key.pem
-      - WAZUH_API_URL="https://wazuh-master"
-      - API_USERNAME=acme-user
-      - API_PASSWORD=MyS3cr37P450r.*-
-    volumes:
-      - ./production_cluster/kibana_ssl/cert.pem:/usr/share/kibana/config/cert.pem
-      - ./production_cluster/kibana_ssl/key.pem:/usr/share/kibana/config/key.pem
-
-    depends_on:
-      - elasticsearch
-    links:
-      - elasticsearch:elasticsearch
-      - wazuh-master:wazuh-master
-
-  nginx:
-    image: nginx:stable
-    hostname: nginx
-    restart: always
-    ports:
-      - "80:80"
-      - "443:443"
-      - "1514:1514"
-    depends_on:
-      - wazuh-master
-      - wazuh-worker
-      - kibana
-    links:
-      - wazuh-master:wazuh-master
-      - wazuh-worker:wazuh-worker
-      - kibana:kibana
-    volumes:
-      - ./production_cluster/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
-      - ./production_cluster/nginx/ssl:/etc/nginx/ssl:ro
-
-volumes:
-  ossec-api-configuration:
-  ossec-etc:
-  ossec-logs:
-  ossec-queue:
-  ossec-var-multigroups:
-  ossec-integrations:
-  ossec-active-response:
-  ossec-agentless:
-  ossec-wodles:
-  filebeat-etc:
-  filebeat-var:
-  worker-ossec-api-configuration:
-  worker-ossec-etc:
-  worker-ossec-logs:
-  worker-ossec-queue:
-  worker-ossec-var-multigroups:
-  worker-ossec-integrations:
-  worker-ossec-active-response:
-  worker-ossec-agentless:
-  worker-ossec-wodles:
-  worker-filebeat-etc:
-  worker-filebeat-var:
-  elastic-data-1:
-  elastic-data-2:
-  elastic-data-3:

xpack-compose.yml

@@ -1,186 +0,0 @@
-# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2)
-version: '3.7'
-
-services:
-  wazuh:
-    image: wazuh/wazuh:4.4.0
-    hostname: wazuh-manager
-    restart: always
-    ports:
-      - "1514:1514"
-      - "1515:1515"
-      - "514:514/udp"
-      - "55000:55000"
-    environment:
-      - ELASTICSEARCH_URL=https://elasticsearch:9200
-      - ELASTIC_USERNAME=elastic
-      - ELASTIC_PASSWORD=SecretPassword
-      - FILEBEAT_SSL_VERIFICATION_MODE=none
-      - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/ca.crt
-      - SSL_CERTIFICATE=/etc/ssl/wazuh.crt
-      - SSL_KEY=/etc/ssl/wazuh.key
-    volumes:
-      - ossec_api_configuration:/var/ossec/api/configuration
-      - ossec_etc:/var/ossec/etc
-      - ossec_logs:/var/ossec/logs
-      - ossec_queue:/var/ossec/queue
-      - ossec_var_multigroups:/var/ossec/var/multigroups
-      - ossec_integrations:/var/ossec/integrations
-      - ossec_active_response:/var/ossec/active-response/bin
-      - ossec_agentless:/var/ossec/agentless
-      - ossec_wodles:/var/ossec/wodles
-      - filebeat_etc:/etc/filebeat
-      - filebeat_var:/var/lib/filebeat
-      - ./xpack/ca/ca.crt:/etc/ssl/ca.crt
-      - ./xpack/wazuh/wazuh.crt:/etc/ssl/wazuh.crt
-      - ./xpack/wazuh/wazuh.key:/etc/ssl/wazuh.key
-
-
-  elasticsearch:
-    image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2
-    hostname: elasticsearch
-    restart: always
-    ports:
-      - "9200:9200"
-    environment:
-      - cluster.name=wazuh-cluster
-      - node.name=elasticsearch
-      - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3
-      - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3
-      - ELASTIC_PASSWORD=SecretPassword
-      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
-      - bootstrap.memory_lock=true
-      - xpack.license.self_generated.type=basic
-      - xpack.security.enabled=true
-      - xpack.security.http.ssl.enabled=true
-      - xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
-      - xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
-      - xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
-      - xpack.security.transport.ssl.enabled=true
-      - xpack.security.transport.ssl.verification_mode=certificate
-      - xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
-      - xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
-      - xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
-    ulimits:
-      memlock:
-        soft: -1
-        hard: -1
-      nofile:
-        soft: 65536
-        hard: 65536
-    volumes:
-      - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt
-      - ./xpack/elasticsearch/elasticsearch.key:/usr/share/elasticsearch/config/elasticsearch.key
-      - ./xpack/elasticsearch/elasticsearch.crt:/usr/share/elasticsearch/config/elasticsearch.crt
-
-  elasticsearch2:
-    image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2
-    hostname: elasticsearch2
-    restart: always
-    environment:
-      - cluster.name=wazuh-cluster
-      - node.name=elasticsearch2
-      - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3
-      - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3
-      - ELASTIC_PASSWORD=SecretPassword
-      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
-      - bootstrap.memory_lock=true
-      - xpack.license.self_generated.type=basic
-      - xpack.security.enabled=true
-      - xpack.security.http.ssl.enabled=true
-      - xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
-      - xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
-      - xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
-      - xpack.security.transport.ssl.enabled=true
-      - xpack.security.transport.ssl.verification_mode=certificate
-      - xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
-      - xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
-      - xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
-    ulimits:
-      memlock:
-        soft: -1
-        hard: -1
-      nofile:
-        soft: 65536
-        hard: 65536
-    volumes:
-      - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt
-      - ./xpack/elasticsearch2/elasticsearch2.key:/usr/share/elasticsearch/config/elasticsearch.key
-      - ./xpack/elasticsearch2/elasticsearch2.crt:/usr/share/elasticsearch/config/elasticsearch.crt
-
-  elasticsearch3:
-    image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2
-    hostname: elasticsearch3
-    restart: always
-    environment:
-      - cluster.name=wazuh-cluster
-      - node.name=elasticsearch3
-      - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3
-      - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3
-      - ELASTIC_PASSWORD=SecretPassword
-      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
-      - bootstrap.memory_lock=true
-      - xpack.license.self_generated.type=basic
-      - xpack.security.enabled=true
-      - xpack.security.http.ssl.enabled=true
-      - xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
-      - xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
-      - xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
-      - xpack.security.transport.ssl.enabled=true
-      - xpack.security.transport.ssl.verification_mode=certificate
-      - xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
-      - xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
-      - xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
-    ulimits:
-      memlock:
-        soft: -1
-        hard: -1
-      nofile:
-        soft: 65536
-        hard: 65536
-    volumes:
-      - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt
-      - ./xpack/elasticsearch3/elasticsearch3.key:/usr/share/elasticsearch/config/elasticsearch.key
-      - ./xpack/elasticsearch3/elasticsearch3.crt:/usr/share/elasticsearch/config/elasticsearch.crt
-
-
-
-  kibana:
-    image: wazuh/wazuh-kibana:4.4.0
-    hostname: kibana
-    restart: always
-    ports:
-      - 443:5601
-    environment:
-      - SERVERNAME=localhost
-      - ELASTICSEARCH_USERNAME=elastic
-      - ELASTICSEARCH_PASSWORD=SecretPassword
-      - ELASTICSEARCH_URL=https://elasticsearch:9200
-      - ELASTICSEARCH_HOSTS=https://elasticsearch:9200
-      - ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=/usr/share/kibana/config/ca.crt
-      - SERVER_SSL_ENABLED=true
-      - XPACK_SECURITY_ENABLED=true
-      - SERVER_SSL_KEY=/usr/share/kibana/config/kibana.key
-      - SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/kibana.crt
-    volumes:
-      - ./xpack/ca/ca.crt:/usr/share/kibana/config/ca.crt
-      - ./xpack/kibana/kibana.key:/usr/share/kibana/config/kibana.key
-      - ./xpack/kibana/kibana.crt:/usr/share/kibana/config/kibana.crt
-    depends_on:
-      - elasticsearch
-    links:
-      - elasticsearch:elasticsearch
-      - wazuh:wazuh
-
-volumes:
-  ossec_api_configuration:
-  ossec_etc:
-  ossec_logs:
-  ossec_queue:
-  ossec_var_multigroups:
-  ossec_integrations:
-  ossec_active_response:
-  ossec_agentless:
-  ossec_wodles:
-  filebeat_etc:
-  filebeat_var:

xpack-from-sources.yml

@@ -1,192 +0,0 @@
-# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2)
-version: '3.7'
-
-services:
-  wazuh:
-    build:
-      context: wazuh-odfe/
-      args:
-        - FILEBEAT_CHANNEL=filebeat
-        - FILEBEAT_VERSION=7.11.2
-    image: wazuh/wazuh:4.4.0
-    hostname: wazuh-manager
-    restart: always
-    ports:
-      - "1514:1514"
-      - "1515:1515"
-      - "514:514/udp"
-      - "55000:55000"
-    environment:
-      - ELASTICSEARCH_URL=https://elasticsearch:9200
-      - ELASTIC_USERNAME=elastic
-      - ELASTIC_PASSWORD=SecretPassword
-      - FILEBEAT_SSL_VERIFICATION_MODE=none
-      - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/ca.crt
-      - SSL_CERTIFICATE=/etc/ssl/wazuh.crt
-      - SSL_KEY=/etc/ssl/wazuh.key
-    volumes:
-      - ossec_api_configuration:/var/ossec/api/configuration
-      - ossec_etc:/var/ossec/etc
-      - ossec_logs:/var/ossec/logs
-      - ossec_queue:/var/ossec/queue
-      - ossec_var_multigroups:/var/ossec/var/multigroups
-      - ossec_integrations:/var/ossec/integrations
-      - ossec_active_response:/var/ossec/active-response/bin
-      - ossec_agentless:/var/ossec/agentless
-      - ossec_wodles:/var/ossec/wodles
-      - filebeat_etc:/etc/filebeat
-      - filebeat_var:/var/lib/filebeat
-      - ./xpack/ca/ca.crt:/etc/ssl/ca.crt
-      - ./xpack/wazuh/wazuh.crt:/etc/ssl/wazuh.crt
-      - ./xpack/wazuh/wazuh.key:/etc/ssl/wazuh.key
-
-
-  elasticsearch:
-    image: docker.elastic.co/elasticsearch/elasticsearch:7.11.2
-    hostname: elasticsearch
-    restart: always
-    ports:
-      - "9200:9200"
-    environment:
-      - cluster.name=wazuh-cluster
-      - node.name=elasticsearch
-      - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3
-      - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3
-      - ELASTIC_PASSWORD=SecretPassword
-      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
-      - bootstrap.memory_lock=true
-      - xpack.license.self_generated.type=basic
-      - xpack.security.enabled=true
-      - xpack.security.http.ssl.enabled=true
-      - xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
-      - xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
-      - xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
-      - xpack.security.transport.ssl.enabled=true
-      - xpack.security.transport.ssl.verification_mode=certificate
-      - xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
-      - xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
-      - xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
-    ulimits:
-      memlock:
-        soft: -1
-        hard: -1
-      nofile:
-        soft: 65536
-        hard: 65536
-    volumes:
-      - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt
-      - ./xpack/elasticsearch/elasticsearch.key:/usr/share/elasticsearch/config/elasticsearch.key
-      - ./xpack/elasticsearch/elasticsearch.crt:/usr/share/elasticsearch/config/elasticsearch.crt
-
-  elasticsearch2:
-    image: docker.elastic.co/elasticsearch/elasticsearch:7.11.2
-    hostname: elasticsearch2
-    restart: always
-    environment:
-      - cluster.name=wazuh-cluster
-      - node.name=elasticsearch2
-      - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3
-      - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3
-      - ELASTIC_PASSWORD=SecretPassword
-      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
-      - bootstrap.memory_lock=true
-      - xpack.license.self_generated.type=basic
-      - xpack.security.enabled=true
-      - xpack.security.http.ssl.enabled=true
-      - xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
-      - xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
-      - xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
-      - xpack.security.transport.ssl.enabled=true
-      - xpack.security.transport.ssl.verification_mode=certificate
-      - xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
-      - xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
-      - xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
-    ulimits:
-      memlock:
-        soft: -1
-        hard: -1
-      nofile:
-        soft: 65536
-        hard: 65536
-    volumes:
-      - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt
-      - ./xpack/elasticsearch2/elasticsearch2.key:/usr/share/elasticsearch/config/elasticsearch.key
-      - ./xpack/elasticsearch2/elasticsearch2.crt:/usr/share/elasticsearch/config/elasticsearch.crt
-
-  elasticsearch3:
-    image: docker.elastic.co/elasticsearch/elasticsearch:7.11.2
-    hostname: elasticsearch3
-    restart: always
-    environment:
-      - cluster.name=wazuh-cluster
-      - node.name=elasticsearch3
-      - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3
-      - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3
-      - ELASTIC_PASSWORD=SecretPassword
-      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
-      - bootstrap.memory_lock=true
-      - xpack.license.self_generated.type=basic
-      - xpack.security.enabled=true
-      - xpack.security.http.ssl.enabled=true
-      - xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
-      - xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
-      - xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
-      - xpack.security.transport.ssl.enabled=true
-      - xpack.security.transport.ssl.verification_mode=certificate
-      - xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
-      - xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
-      - xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
-    ulimits:
-      memlock:
-        soft: -1
-        hard: -1
-      nofile:
-        soft: 65536
-        hard: 65536
-    volumes:
-      - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt
-      - ./xpack/elasticsearch3/elasticsearch3.key:/usr/share/elasticsearch/config/elasticsearch.key
-      - ./xpack/elasticsearch3/elasticsearch3.crt:/usr/share/elasticsearch/config/elasticsearch.crt
-
-
-
-  kibana:
-    build: kibana/
-    image: wazuh/wazuh-kibana:4.4.0
-    hostname: kibana
-    restart: always
-    ports:
-      - 443:5601
-    environment:
-      - SERVERNAME=localhost
-      - ELASTICSEARCH_USERNAME=elastic
-      - ELASTICSEARCH_PASSWORD=SecretPassword
-      - ELASTICSEARCH_URL=https://elasticsearch:9200
-      - ELASTICSEARCH_HOSTS=https://elasticsearch:9200
-      - ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=/usr/share/kibana/config/ca.crt
-      - SERVER_SSL_ENABLED=true
-      - XPACK_SECURITY_ENABLED=true
-      - SERVER_SSL_KEY=/usr/share/kibana/config/kibana.key
-      - SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/kibana.crt
-    volumes:
-      - ./xpack/ca/ca.crt:/usr/share/kibana/config/ca.crt
-      - ./xpack/kibana/kibana.key:/usr/share/kibana/config/kibana.key
-      - ./xpack/kibana/kibana.crt:/usr/share/kibana/config/kibana.crt
-    depends_on:
-      - elasticsearch
-    links:
-      - elasticsearch:elasticsearch
-      - wazuh:wazuh
-
-volumes:
-  ossec_api_configuration:
-  ossec_etc:
-  ossec_logs:
-  ossec_queue:
-  ossec_var_multigroups:
-  ossec_integrations:
-  ossec_active_response:
-  ossec_agentless:
-  ossec_wodles:
-  filebeat_etc:
-  filebeat_var: