mirror of
https://github.com/wazuh/wazuh-docker.git
synced 2025-11-02 21:13:14 +00:00
205 lines
7.2 KiB
YAML
205 lines
7.2 KiB
YAML
# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2)
|
|
version: '3.7'
|
|
|
|
services:
|
|
wazuh-master:
|
|
image: wazuh/wazuh-odfe:4.0.4_1.11.0
|
|
hostname: wazuh-master
|
|
restart: always
|
|
ports:
|
|
- "1515:1515"
|
|
- "514:514/udp"
|
|
- "55000:55000"
|
|
environment:
|
|
- ELASTICSEARCH_URL=https://elasticsearch:9200
|
|
- ELASTIC_USERNAME=admin
|
|
- ELASTIC_PASSWORD=SecretPassword
|
|
- FILEBEAT_SSL_VERIFICATION_MODE=full
|
|
- SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem
|
|
- SSL_CERTIFICATE=/etc/ssl/filebeat.pem
|
|
- SSL_KEY=/etc/ssl/filebeat.key
|
|
- API_USERNAME=acme-user
|
|
- API_PASSWORD=MyS3cr37P450r.*-
|
|
volumes:
|
|
- ossec-api-configuration:/var/ossec/api/configuration
|
|
- ossec-etc:/var/ossec/etc
|
|
- ossec-logs:/var/ossec/logs
|
|
- ossec-queue:/var/ossec/queue
|
|
- ossec-var-multigroups:/var/ossec/var/multigroups
|
|
- ossec-integrations:/var/ossec/integrations
|
|
- ossec-active-response:/var/ossec/active-response/bin
|
|
- ossec-agentless:/var/ossec/agentless
|
|
- ossec-wodles:/var/ossec/wodles
|
|
- filebeat-etc:/etc/filebeat
|
|
- filebeat-var:/var/lib/filebeat
|
|
- ./production_cluster/ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem
|
|
- ./production_cluster/ssl_certs/filebeat.pem:/etc/ssl/filebeat.pem
|
|
- ./production_cluster/ssl_certs/filebeat.key:/etc/ssl/filebeat.key
|
|
- ./production_cluster/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
|
|
|
|
wazuh-worker:
|
|
image: wazuh/wazuh-odfe:4.0.4_1.11.0
|
|
hostname: wazuh-worker
|
|
restart: always
|
|
environment:
|
|
- ELASTICSEARCH_URL=https://elasticsearch:9200
|
|
- ELASTIC_USERNAME=admin
|
|
- ELASTIC_PASSWORD=SecretPassword
|
|
- FILEBEAT_SSL_VERIFICATION_MODE=full
|
|
- SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem
|
|
- SSL_CERTIFICATE=/etc/ssl/filebeat.pem
|
|
- SSL_KEY=/etc/ssl/filebeat.key
|
|
volumes:
|
|
- worker-ossec-api-configuration:/var/ossec/api/configuration
|
|
- worker-ossec-etc:/var/ossec/etc
|
|
- worker-ossec-logs:/var/ossec/logs
|
|
- worker-ossec-queue:/var/ossec/queue
|
|
- worker-ossec-var-multigroups:/var/ossec/var/multigroups
|
|
- worker-ossec-integrations:/var/ossec/integrations
|
|
- worker-ossec-active-response:/var/ossec/active-response/bin
|
|
- worker-ossec-agentless:/var/ossec/agentless
|
|
- worker-ossec-wodles:/var/ossec/wodles
|
|
- worker-filebeat-etc:/etc/filebeat
|
|
- worker-filebeat-var:/var/lib/filebeat
|
|
- ./production_cluster/ssl_certs/root-ca.pem:/etc/ssl/root-ca.pem
|
|
- ./production_cluster/ssl_certs/filebeat.pem:/etc/ssl/filebeat.pem
|
|
- ./production_cluster/ssl_certs/filebeat.key:/etc/ssl/filebeat.key
|
|
- ./production_cluster/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf
|
|
|
|
elasticsearch:
|
|
image: amazon/opendistro-for-elasticsearch:1.11.0
|
|
hostname: elasticsearch
|
|
restart: always
|
|
ports:
|
|
- "9200:9200"
|
|
environment:
|
|
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
|
|
ulimits:
|
|
memlock:
|
|
soft: -1
|
|
hard: -1
|
|
nofile:
|
|
soft: 65536
|
|
hard: 65536
|
|
volumes:
|
|
- elastic-data-1:/usr/share/elasticsearch/data
|
|
- ./production_cluster/ssl_certs/root-ca.pem:/usr/share/elasticsearch/config/root-ca.pem
|
|
- ./production_cluster/ssl_certs/node1.key:/usr/share/elasticsearch/config/node1.key
|
|
- ./production_cluster/ssl_certs/node1.pem:/usr/share/elasticsearch/config/node1.pem
|
|
- ./production_cluster/elastic_opendistro/elasticsearch-node1.yml:/usr/share/elasticsearch/config/elasticsearch.yml
|
|
- ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml
|
|
|
|
elasticsearch-2:
|
|
image: amazon/opendistro-for-elasticsearch:1.11.0
|
|
hostname: elasticsearch-2
|
|
restart: always
|
|
environment:
|
|
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
|
|
ulimits:
|
|
memlock:
|
|
soft: -1
|
|
hard: -1
|
|
nofile:
|
|
soft: 65536
|
|
hard: 65536
|
|
volumes:
|
|
- elastic-data-2:/usr/share/elasticsearch/data
|
|
- ./production_cluster/ssl_certs/root-ca.pem:/usr/share/elasticsearch/config/root-ca.pem
|
|
- ./production_cluster/ssl_certs/node2.key:/usr/share/elasticsearch/config/node2.key
|
|
- ./production_cluster/ssl_certs/node2.pem:/usr/share/elasticsearch/config/node2.pem
|
|
- ./production_cluster/elastic_opendistro/elasticsearch-node2.yml:/usr/share/elasticsearch/config/elasticsearch.yml
|
|
- ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml
|
|
|
|
elasticsearch-3:
|
|
image: amazon/opendistro-for-elasticsearch:1.11.0
|
|
hostname: elasticsearch-3
|
|
restart: always
|
|
environment:
|
|
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
|
|
ulimits:
|
|
memlock:
|
|
soft: -1
|
|
hard: -1
|
|
nofile:
|
|
soft: 65536
|
|
hard: 65536
|
|
volumes:
|
|
- elastic-data-3:/usr/share/elasticsearch/data
|
|
- ./production_cluster/ssl_certs/root-ca.pem:/usr/share/elasticsearch/config/root-ca.pem
|
|
- ./production_cluster/ssl_certs/node3.key:/usr/share/elasticsearch/config/node3.key
|
|
- ./production_cluster/ssl_certs/node3.pem:/usr/share/elasticsearch/config/node3.pem
|
|
- ./production_cluster/elastic_opendistro/elasticsearch-node3.yml:/usr/share/elasticsearch/config/elasticsearch.yml
|
|
- ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml
|
|
|
|
kibana:
|
|
image: wazuh/wazuh-kibana-odfe:4.0.4_1.11.0
|
|
hostname: kibana
|
|
restart: always
|
|
ports:
|
|
- 5601:5601
|
|
environment:
|
|
- ELASTICSEARCH_USERNAME=admin
|
|
- ELASTICSEARCH_PASSWORD=SecretPassword
|
|
- SERVER_SSL_ENABLED=true
|
|
- SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/cert.pem
|
|
- SERVER_SSL_KEY=/usr/share/kibana/config/key.pem
|
|
- WAZUH_API_URL="https://wazuh-master"
|
|
- API_USERNAME=acme-user
|
|
- API_PASSWORD=MyS3cr37P450r.*-
|
|
volumes:
|
|
- ./production_cluster/kibana_ssl/cert.pem:/usr/share/kibana/config/cert.pem
|
|
- ./production_cluster/kibana_ssl/key.pem:/usr/share/kibana/config/key.pem
|
|
|
|
depends_on:
|
|
- elasticsearch
|
|
links:
|
|
- elasticsearch:elasticsearch
|
|
- wazuh-master:wazuh-master
|
|
|
|
nginx:
|
|
image: nginx:stable
|
|
hostname: nginx
|
|
restart: always
|
|
ports:
|
|
- "80:80"
|
|
- "443:443"
|
|
- "1514:1514"
|
|
depends_on:
|
|
- wazuh-master
|
|
- wazuh-worker
|
|
- kibana
|
|
links:
|
|
- wazuh-master:wazuh-master
|
|
- wazuh-worker:wazuh-worker
|
|
- kibana:kibana
|
|
volumes:
|
|
- ./production_cluster/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
|
|
- ./production_cluster/nginx/ssl:/etc/nginx/ssl:ro
|
|
|
|
volumes:
|
|
ossec-api-configuration:
|
|
ossec-etc:
|
|
ossec-logs:
|
|
ossec-queue:
|
|
ossec-var-multigroups:
|
|
ossec-integrations:
|
|
ossec-active-response:
|
|
ossec-agentless:
|
|
ossec-wodles:
|
|
filebeat-etc:
|
|
filebeat-var:
|
|
worker-ossec-api-configuration:
|
|
worker-ossec-etc:
|
|
worker-ossec-logs:
|
|
worker-ossec-queue:
|
|
worker-ossec-var-multigroups:
|
|
worker-ossec-integrations:
|
|
worker-ossec-active-response:
|
|
worker-ossec-agentless:
|
|
worker-ossec-wodles:
|
|
worker-filebeat-etc:
|
|
worker-filebeat-var:
|
|
elastic-data-1:
|
|
elastic-data-2:
|
|
elastic-data-3:
|