paulmataruso/wazuh-docker-orginal
1
0
Fork 0
mirror of https://github.com/wazuh/wazuh-docker.git synced 2025-11-02 04:53:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Change certs copy

Browse Source
This commit is contained in:
Raul Del Pozo Moreno
2022-03-24 20:00:39 +01:00
parent 8765678aaa
commit d5191b8f4b
4 changed files with 14 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docker-compose.yml
View File

@@ -30,7 +30,7 @@ services:
- filebeat_var:/var/lib/filebeat
wazuh1.indexer:
image: wazuh/wazuh-indexer:4.3.0-dev-testing
image: wazuh/wazuh-indexer:4.3.0-dev-test
hostname: wazuh1.indexer
restart: always
ports:
@@ -46,7 +46,7 @@ services:
hard: 65536
wazuh.dashboard:
image: wazuh/wazuh-dashboard:4.3.0-dev-testing
image: wazuh/wazuh-dashboard:4.3.0-dev-test
hostname: wazuh.dashboard
restart: always
ports:

2
wazuh-dashboard/config/config.sh
View File

@@ -30,7 +30,7 @@ fi
chmod 755 $CERT_TOOL && bash /$CERT_TOOL -A
# Copy Wazuh dashboard's certificates
# Create certs directory
mkdir -p ${CONFIG_DIR}/certs
# Copy Wazuh dashboard certs to install config dir

7
wazuh-indexer/config/config.sh
View File

@@ -98,4 +98,9 @@ cp -pr /roles.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/s
cp -pr /internal_users.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/
cp -pr /opensearch.yml ${TARGET_DIR}${CONFIG_DIR}
# Copy Wazuh indexer's certificates
cp -pr /wazuh-certificates/* ${TARGET_DIR}${CONFIG_DIR}
cp -pr /wazuh-certificates/demo.indexer.pem ${TARGET_DIR}${CONFIG_DIR}/indexer.pem
cp -pr /wazuh-certificates/demo.indexer-key.pem ${TARGET_DIR}${CONFIG_DIR}/indexer-key.pem
cp -pr /wazuh-certificates/root-ca.key ${TARGET_DIR}${CONFIG_DIR}/root-ca.key
cp -pr /wazuh-certificates/root-ca.pem ${TARGET_DIR}${CONFIG_DIR}/root-ca.pem
cp -pr /wazuh-certificates/admin.pem ${TARGET_DIR}${CONFIG_DIR}/admin.pem
cp -pr /wazuh-certificates/admin-key.pem ${TARGET_DIR}${CONFIG_DIR}/admin-key.pem

10
wazuh-indexer/config/opensearch.yml
View File

@@ -4,11 +4,11 @@ path.data: /var/lib/wazuh-indexer
path.logs: /var/log/wazuh-indexer
discovery.type: single-node
compatibility.override_main_response_version: true
plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/demo.indexer.pem
plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/demo.indexer-key.pem
plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/indexer.pem
plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/indexer-key.pem
plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/root-ca.pem
plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/demo.indexer.pem
plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/demo.indexer-key.pem
plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/indexer.pem
plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/indexer-key.pem
plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/root-ca.pem
plugins.security.ssl.http.enabled: true
plugins.security.ssl.transport.enforce_hostname_verification: false
@@ -19,7 +19,7 @@ plugins.security.authcz.admin_dn:
plugins.security.check_snapshot_restore_write_privileges: true
plugins.security.enable_snapshot_restore_privilege: true
plugins.security.nodes_dn:
- "CN=demo.indexer,OU=Wazuh,O=Wazuh,L=California,C=US"
- "CN=indexer,OU=Wazuh,O=Wazuh,L=California,C=US"
plugins.security.restapi.roles_enabled:
- "all_access"
- "security_rest_api_access"