From 0110e696d05e3ec45d0ca4d92edf17265257bcad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Fri, 19 Jul 2024 09:27:32 +0200 Subject: [PATCH 1/2] Revert "Merge branch '4.9.0' into merge-4.9.0-into-master" This reverts commit 622c67d2cc1349e44c60d29483d47fe10283fade, reversing changes made to 55f209e57fffdab957719ab3cf1f475d58d6300f. --- README.md | 54 +++++++++++++++++++++++++++++------------------------- 1 file changed, 29 insertions(+), 25 deletions(-) diff --git a/README.md b/README.md index d7a34090..34290fc2 100644 --- a/README.md +++ b/README.md @@ -89,23 +89,19 @@ WAZUH_MONITORING_REPLICAS=0 ## ## Directory structure ├── build-docker-images - │   ├── build-images.sh - │   ├── build-images.yml - │   ├── README.md + │   ├── docker-compose.yml │   ├── wazuh-dashboard │   │   ├── config │   │   │   ├── config.sh │   │   │   ├── config.yml - │   │   │   ├── dl_base.sh │   │   │   ├── entrypoint.sh - │   │   │   ├── install_wazuh_app.sh │   │   │   ├── opensearch_dashboards.yml │   │   │   ├── wazuh_app_config.sh │   │   │   └── wazuh.yml │   │   └── Dockerfile │   ├── wazuh-indexer │   │   ├── config - │   │   │   ├── action_groups.yml + │ │ │ ├── action_groups.yml │   │   │   ├── config.sh │   │   │   ├── config.yml │   │   │   ├── entrypoint.sh @@ -117,7 +113,6 @@ WAZUH_MONITORING_REPLICAS=0 ## │   │   └── Dockerfile │   └── wazuh-manager │   ├── config - │   │   ├── check_repository.sh │   │   ├── create_user.py │   │   ├── etc │   │   │   ├── cont-init.d @@ -130,21 +125,19 @@ WAZUH_MONITORING_REPLICAS=0 ## │   │   │   │   └── run │   │   │   └── ossec-logs │   │   │   └── run - │   │   ├── filebeat_module.sh │   │   ├── filebeat.yml │   │   ├── permanent_data.env - │   │   └── permanent_data.sh + │   │   ├── permanent_data.sh + │   │   └── wazuh.repo │   └── Dockerfile ├── CHANGELOG.md ├── indexer-certs-creator │   ├── config │   │   └── entrypoint.sh - │   ├── Dockerfile - │   └── README.md + │   └── Dockerfile ├── LICENSE ├── multi-node │   ├── config - │   │   ├── certs.yml │   │   ├── nginx │   │   │   └── nginx.conf │   │   ├── wazuh_cluster @@ -153,29 +146,40 @@ WAZUH_MONITORING_REPLICAS=0 ## │   │   ├── wazuh_dashboard │   │   │   ├── opensearch_dashboards.yml │   │   │   └── wazuh.yml - │   │   └── wazuh_indexer - │   │   ├── internal_users.yml - │   │   ├── wazuh1.indexer.yml - │   │   ├── wazuh2.indexer.yml - │   │   └── wazuh3.indexer.yml + │   │   ├── wazuh_indexer + │   │   │   ├── internal_users.yml + │   │   │   ├── wazuh1.indexer.yml + │   │   │   ├── wazuh2.indexer.yml + │   │   │   └── wazuh3.indexer.yml + │   │   └── wazuh_indexer_ssl_certs + │   │   └── certs.yml │   ├── docker-compose.yml - │   ├── generate-indexer-certs.yml - │   ├── Migration-to-Wazuh-4.4.md - │   ├── README.md + │   ├── generate-certs.yml + │   ├── Migration-to-Wazuh-4.3.md │   └── volume-migrator.sh ├── README.md - ├── SECURITY.md ├── single-node │   ├── config - │   │   ├── certs.yml │   │   ├── wazuh_cluster │   │   │   └── wazuh_manager.conf │   │   ├── wazuh_dashboard │   │   │   ├── opensearch_dashboards.yml │   │   │   └── wazuh.yml - │   │   └── wazuh_indexer - │   │   ├── internal_users.yml - │   │   └── wazuh.indexer.yml + │   │   ├── wazuh_indexer + │   │   │   ├── internal_users.yml + │   │   │   └── wazuh.indexer.yml + │   │   └── wazuh_indexer_ssl_certs + │   │   ├── admin-key.pem + │   │   ├── admin.pem + │   │   ├── certs.yml + │   │   ├── root-ca.key + │   │   ├── root-ca.pem + │   │   ├── wazuh.dashboard-key.pem + │   │   ├── wazuh.dashboard.pem + │   │   ├── wazuh.indexer-key.pem + │   │   ├── wazuh.indexer.pem + │   │   ├── wazuh.manager-key.pem + │   │   └── wazuh.manager.pem │   ├── docker-compose.yml │   ├── generate-certs.yml │   └── README.md From eded59bc254920571a2763c48d84cbf7e320f306 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Fri, 19 Jul 2024 09:27:46 +0200 Subject: [PATCH 2/2] Revert "Merge branch '4.9.0' into merge-4.9.0-into-master" This reverts commit 4923750ea4e43a4cc6831b31161e1046a88113fd, reversing changes made to e1d70c35fe78f0278c1b55a49f9bd657195c9f30. --- .github/workflows/push.yml | 2 +- .../wazuh-dashboard/Dockerfile | 28 +++- .../config/check_repository.sh | 30 ---- .../wazuh-dashboard/config/dl_base.sh | 25 +++ .../config/install_wazuh_app.sh | 35 ++++ .../wazuh-dashboard/config/wazuh.yml | 155 ++++++++++++++++++ build-docker-images/wazuh-indexer/Dockerfile | 12 +- .../wazuh-indexer/config/check_repository.sh | 30 ---- .../wazuh-indexer/config/config.sh | 31 ++++ .../config/etc/cont-init.d/0-wazuh-init | 2 +- 10 files changed, 271 insertions(+), 79 deletions(-) delete mode 100644 build-docker-images/wazuh-dashboard/config/check_repository.sh create mode 100644 build-docker-images/wazuh-dashboard/config/dl_base.sh create mode 100644 build-docker-images/wazuh-dashboard/config/install_wazuh_app.sh create mode 100644 build-docker-images/wazuh-dashboard/config/wazuh.yml delete mode 100644 build-docker-images/wazuh-indexer/config/check_repository.sh diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 2c952ef6..18a71dd2 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -291,7 +291,7 @@ jobs: sleep 10 done docs="`curl -XGET "https://0.0.0.0:9200/wazuh-alerts*/_count" -u admin:SecretPassword -k -s | jq -r ".count"`" - if [[ $docs -gt 0 ]]; then + if [[ $docs -gt 1 ]]; then echo "wazuh-alerts index documents: ${docs}" else echo "wazuh-alerts index documents: ${docs}" diff --git a/build-docker-images/wazuh-dashboard/Dockerfile b/build-docker-images/wazuh-dashboard/Dockerfile index 50adbb96..172c9861 100644 --- a/build-docker-images/wazuh-dashboard/Dockerfile +++ b/build-docker-images/wazuh-dashboard/Dockerfile @@ -3,23 +3,39 @@ FROM amazonlinux:2023 AS builder ARG WAZUH_VERSION ARG WAZUH_TAG_REVISION +ARG INSTALL_DIR=/usr/share/wazuh-dashboard ARG WAZUH_UI_REVISION # Update and install dependencies -RUN yum install curl-minimal libcap openssl -y +RUN yum install curl-minimal libcap xz tar openssl -y -COPY config/check_repository.sh / -RUN chmod 775 /check_repository.sh && \ - source /check_repository.sh +# Create Install dir +RUN mkdir -p $INSTALL_DIR -RUN yum install wazuh-dashboard-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && \ - yum clean all +# Download and extract Wazuh dashboard base +COPY config/dl_base.sh . +RUN bash dl_base.sh # Generate certificates COPY config/config.sh . COPY config/config.yml / RUN bash config.sh +COPY config/install_wazuh_app.sh / +RUN chmod 775 /install_wazuh_app.sh +RUN bash /install_wazuh_app.sh + +# Copy and set permissions to config files +RUN cp $INSTALL_DIR/etc/opensearch_dashboards.yml $INSTALL_DIR/config/opensearch_dashboards.yml +COPY config/wazuh.yml $INSTALL_DIR/data/wazuh/config/ +RUN chmod 664 $INSTALL_DIR/config/opensearch_dashboards.yml + +# Create and set permissions to data directories +RUN mkdir -p $INSTALL_DIR/data/wazuh && chmod -R 775 $INSTALL_DIR/data/wazuh +RUN mkdir -p $INSTALL_DIR/data/wazuh/config && chmod -R 775 $INSTALL_DIR/data/wazuh/config +RUN mkdir -p $INSTALL_DIR/data/wazuh/logs && chmod -R 775 $INSTALL_DIR/data/wazuh/logs +RUN mkdir /wazuh-config-mount && chmod -R 775 /wazuh-config-mount + ################################################################################ # Build stage 1 (the current Wazuh dashboard image): # diff --git a/build-docker-images/wazuh-dashboard/config/check_repository.sh b/build-docker-images/wazuh-dashboard/config/check_repository.sh deleted file mode 100644 index 5323ec81..00000000 --- a/build-docker-images/wazuh-dashboard/config/check_repository.sh +++ /dev/null @@ -1,30 +0,0 @@ -## variables -APT_KEY=https://packages.wazuh.com/key/GPG-KEY-WAZUH -GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]" -REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/4.x/yum/\nprotect=1" -WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '["]tag_name["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-) -MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1) -MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2) -MINOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f3) -MAJOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f1) -MID_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f2) -MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3) - -## check version to use the correct repository -if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then - APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH - REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages-dev.wazuh.com/pre-release/yum/\nprotect=1" -elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then - if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then - APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH - REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages-dev.wazuh.com/pre-release/yum/\nprotect=1" - elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then - if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then - APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH - REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages-dev.wazuh.com/pre-release/yum/\nprotect=1" - fi - fi -fi - -rpm --import "${APT_KEY}" -echo -e "${REPOSITORY}" | tee /etc/yum.repos.d/wazuh.repo \ No newline at end of file diff --git a/build-docker-images/wazuh-dashboard/config/dl_base.sh b/build-docker-images/wazuh-dashboard/config/dl_base.sh new file mode 100644 index 00000000..21b23421 --- /dev/null +++ b/build-docker-images/wazuh-dashboard/config/dl_base.sh @@ -0,0 +1,25 @@ +REPOSITORY="packages.wazuh.com/4.x" +WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '["]tag_name["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-) +MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1) +MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2) +MINOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f3) +MAJOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f1) +MID_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f2) +MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3) + +## check version to use the correct repository +if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then + REPOSITORY="packages-dev.wazuh.com/pre-release" +elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then + if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then + REPOSITORY="packages-dev.wazuh.com/pre-release" + elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then + if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then + REPOSITORY="packages-dev.wazuh.com/pre-release" + fi + fi +fi + + +curl -o wazuh-dashboard-base.tar.xz https://${REPOSITORY}/stack/dashboard/wazuh-dashboard-base-${WAZUH_VERSION}-${WAZUH_TAG_REVISION}-linux-x64.tar.xz +tar -xf wazuh-dashboard-base.tar.xz --directory $INSTALL_DIR --strip-components=1 diff --git a/build-docker-images/wazuh-dashboard/config/install_wazuh_app.sh b/build-docker-images/wazuh-dashboard/config/install_wazuh_app.sh new file mode 100644 index 00000000..4e8cb199 --- /dev/null +++ b/build-docker-images/wazuh-dashboard/config/install_wazuh_app.sh @@ -0,0 +1,35 @@ +## variables +WAZUH_APP=https://packages.wazuh.com/4.x/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip +WAZUH_CHECK_UPDATES=https://packages.wazuh.com/4.x/ui/dashboard/wazuhCheckUpdates-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip +WAZUH_CORE=https://packages.wazuh.com/4.x/ui/dashboard/wazuhCore-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip +WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '["]tag_name["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-) +MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1) +MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2) +MINOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f3) +MAJOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f1) +MID_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f2) +MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3) + +## check version to use the correct repository +if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then + WAZUH_APP=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip + WAZUH_CHECK_UPDATES=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuhCheckUpdates-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip + WAZUH_CORE=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuhCore-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip +elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then + if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then + WAZUH_APP=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip + WAZUH_CHECK_UPDATES=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuhCheckUpdates-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip + WAZUH_CORE=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuhCore-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip + elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then + if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then + WAZUH_APP=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip + WAZUH_CHECK_UPDATES=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuhCheckUpdates-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip + WAZUH_CORE=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuhCore-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip + fi + fi +fi + +# Install Wazuh App +$INSTALL_DIR/bin/opensearch-dashboards-plugin install $WAZUH_APP --allow-root +$INSTALL_DIR/bin/opensearch-dashboards-plugin install $WAZUH_CHECK_UPDATES --allow-root +$INSTALL_DIR/bin/opensearch-dashboards-plugin install $WAZUH_CORE --allow-root \ No newline at end of file diff --git a/build-docker-images/wazuh-dashboard/config/wazuh.yml b/build-docker-images/wazuh-dashboard/config/wazuh.yml new file mode 100644 index 00000000..8e5f9447 --- /dev/null +++ b/build-docker-images/wazuh-dashboard/config/wazuh.yml @@ -0,0 +1,155 @@ +--- +# +# Wazuh app - App configuration file +# Copyright (C) 2017, Wazuh Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# Find more information about this on the LICENSE file. +# +# ======================== Wazuh app configuration file ======================== +# +# Please check the documentation for more information on configuration options: +# https://documentation.wazuh.com/current/installation-guide/index.html +# +# Also, you can check our repository: +# https://github.com/wazuh/wazuh-dashboard-plugins +# +# ------------------------------- Index patterns ------------------------------- +# +# Default index pattern to use. +#pattern: wazuh-alerts-* +# +# ----------------------------------- Checks ----------------------------------- +# +# Defines which checks must to be consider by the healthcheck +# step once the Wazuh app starts. Values must to be true or false. +#checks.pattern : true +#checks.template: true +#checks.api : true +#checks.setup : true +#checks.metaFields: true +# +# --------------------------------- Extensions --------------------------------- +# +# Defines which extensions should be activated when you add a new API entry. +# You can change them after Wazuh app starts. +# Values must to be true or false. +#extensions.pci : true +#extensions.gdpr : true +#extensions.hipaa : true +#extensions.nist : true +#extensions.tsc : true +#extensions.audit : true +#extensions.oscap : false +#extensions.ciscat : false +#extensions.aws : false +#extensions.gcp : false +#extensions.virustotal: false +#extensions.osquery : false +#extensions.docker : false +# +# ---------------------------------- Time out ---------------------------------- +# +# Defines maximum timeout to be used on the Wazuh app requests. +# It will be ignored if it is bellow 1500. +# It means milliseconds before we consider a request as failed. +# Default: 20000 +#timeout: 20000 +# +# -------------------------------- API selector -------------------------------- +# +# Defines if the user is allowed to change the selected +# API directly from the Wazuh app top menu. +# Default: true +#api.selector: true +# +# --------------------------- Index pattern selector --------------------------- +# +# Defines if the user is allowed to change the selected +# index pattern directly from the Wazuh app top menu. +# Default: true +#ip.selector: true +# +# List of index patterns to be ignored +#ip.ignore: [] +# +# ------------------------------ wazuh-monitoring ------------------------------ +# +# Custom setting to enable/disable wazuh-monitoring indices. +# Values: true, false, worker +# If worker is given as value, the app will show the Agents status +# visualization but won't insert data on wazuh-monitoring indices. +# Default: true +#wazuh.monitoring.enabled: true +# +# Custom setting to set the frequency for wazuh-monitoring indices cron task. +# Default: 900 (s) +#wazuh.monitoring.frequency: 900 +# +# Configure wazuh-monitoring-* indices shards and replicas. +#wazuh.monitoring.shards: 2 +#wazuh.monitoring.replicas: 0 +# +# Configure wazuh-monitoring-* indices custom creation interval. +# Values: h (hourly), d (daily), w (weekly), m (monthly) +# Default: d +#wazuh.monitoring.creation: d +# +# Default index pattern to use for Wazuh monitoring +#wazuh.monitoring.pattern: wazuh-monitoring-* +# +# --------------------------------- wazuh-cron ---------------------------------- +# +# Customize the index prefix of predefined jobs +# This change is not retroactive, if you change it new indexes will be created +# cron.prefix: test +# +# ------------------------------ wazuh-statistics ------------------------------- +# +# Custom setting to enable/disable statistics tasks. +#cron.statistics.status: true +# +# Enter the ID of the APIs you want to save data from, leave this empty to run +# the task on all configured APIs +#cron.statistics.apis: [] +# +# Define the frequency of task execution using cron schedule expressions +#cron.statistics.interval: 0 0 * * * * +# +# Define the name of the index in which the documents are to be saved. +#cron.statistics.index.name: statistics +# +# Define the interval in which the index will be created +#cron.statistics.index.creation: w +# +# ------------------------------- App privileges -------------------------------- +#admin: true +# +# ---------------------------- Hide manager alerts ------------------------------ +# Hide the alerts of the manager in all dashboards and discover +#hideManagerAlerts: false +# +# ------------------------------- App logging level ----------------------------- +# Set the logging level for the Wazuh App log files. +# Default value: info +# Allowed values: info, debug +#logs.level: info +# +# -------------------------------- Enrollment DNS ------------------------------- +# Set the variable WAZUH_REGISTRATION_SERVER in agents deployment. +# Default value: '' +#enrollment.dns: '' +# +#-------------------------------- API entries ----------------------------------- +#The following configuration is the default structure to define an API entry. +# +#hosts: +# - : +# url: http(s):// +# port: +# username: +# password: diff --git a/build-docker-images/wazuh-indexer/Dockerfile b/build-docker-images/wazuh-indexer/Dockerfile index 0087b14a..e9e75972 100644 --- a/build-docker-images/wazuh-indexer/Dockerfile +++ b/build-docker-images/wazuh-indexer/Dockerfile @@ -6,15 +6,6 @@ ARG WAZUH_TAG_REVISION RUN yum install curl-minimal openssl xz tar findutils shadow-utils -y -COPY config/check_repository.sh / -RUN chmod 775 /check_repository.sh && \ - source /check_repository.sh - -RUN yum install wazuh-indexer-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && \ - yum clean all - -COPY config/opensearch.yml / - COPY config/config.sh . COPY config/config.yml / @@ -67,8 +58,7 @@ RUN chmod 700 /entrypoint.sh && chmod 700 /securityadmin.sh RUN chown 1000:1000 /*.sh -COPY --from=builder --chown=1000:1000 /usr/share/wazuh-indexer /usr/share/wazuh-indexer -COPY --from=builder --chown=1000:1000 /etc/wazuh-indexer /usr/share/wazuh-indexer +COPY --from=builder --chown=1000:1000 /debian/wazuh-indexer/usr/share/wazuh-indexer /usr/share/wazuh-indexer COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/systemd /usr/lib/systemd COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/sysctl.d /usr/lib/sysctl.d COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/tmpfiles.d /usr/lib/tmpfiles.d diff --git a/build-docker-images/wazuh-indexer/config/check_repository.sh b/build-docker-images/wazuh-indexer/config/check_repository.sh deleted file mode 100644 index 5323ec81..00000000 --- a/build-docker-images/wazuh-indexer/config/check_repository.sh +++ /dev/null @@ -1,30 +0,0 @@ -## variables -APT_KEY=https://packages.wazuh.com/key/GPG-KEY-WAZUH -GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]" -REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/4.x/yum/\nprotect=1" -WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '["]tag_name["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-) -MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1) -MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2) -MINOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f3) -MAJOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f1) -MID_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f2) -MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3) - -## check version to use the correct repository -if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then - APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH - REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages-dev.wazuh.com/pre-release/yum/\nprotect=1" -elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then - if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then - APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH - REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages-dev.wazuh.com/pre-release/yum/\nprotect=1" - elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then - if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then - APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH - REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages-dev.wazuh.com/pre-release/yum/\nprotect=1" - fi - fi -fi - -rpm --import "${APT_KEY}" -echo -e "${REPOSITORY}" | tee /etc/yum.repos.d/wazuh.repo \ No newline at end of file diff --git a/build-docker-images/wazuh-indexer/config/config.sh b/build-docker-images/wazuh-indexer/config/config.sh index 8283adfa..299251f2 100644 --- a/build-docker-images/wazuh-indexer/config/config.sh +++ b/build-docker-images/wazuh-indexer/config/config.sh @@ -19,6 +19,37 @@ export INDEXER_FILE=wazuh-indexer-base.tar.xz export BASE_FILE=wazuh-indexer-base-${VERSION}-linux-x64.tar.xz export REPO_DIR=/unattended_installer +rm -rf ${INSTALLATION_DIR}/ + +## variables +REPOSITORY="packages.wazuh.com/4.x" +WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '["]tag_name["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-) +MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1) +MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2) +MINOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f3) +MAJOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f1) +MID_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f2) +MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3) + +## check version to use the correct repository +if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then + REPOSITORY="packages-dev.wazuh.com/pre-release" +elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then + if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then + REPOSITORY="packages-dev.wazuh.com/pre-release" + elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then + if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then + REPOSITORY="packages-dev.wazuh.com/pre-release" + fi + fi +fi + + +curl -o ${INDEXER_FILE} https://${REPOSITORY}/stack/indexer/${BASE_FILE} +tar -xf ${INDEXER_FILE} + +## TOOLS + ## Variables CERT_TOOL=wazuh-certs-tool.sh PASSWORD_TOOL=wazuh-passwords-tool.sh diff --git a/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init b/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init index 326c46de..dae0e1f0 100644 --- a/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init +++ b/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init @@ -199,7 +199,7 @@ main() { # Restore files stored in permanent data that are not permanent (i.e. internal_options.conf) apply_exclusion_data - + # Apply correct permission and ownership set_correct_permOwner