mirror of
https://github.com/wazuh/wazuh-docker.git
synced 2025-12-10 00:38:27 -06:00
Merge pull request #2058 from wazuh/change/2695-package-install-option
Modify Wazuh components install method
This commit is contained in:
Gonzalo Acuña
GitHub
commit
4710105faa
8
.env
8
.env
@ -1,6 +1,6 @@
|
||||
WAZUH_VERSION=5.0.0
|
||||
WAZUH_IMAGE_VERSION=5.0.0
|
||||
WAZUH_VERSION=main
|
||||
WAZUH_IMAGE_VERSION=main
|
||||
WAZUH_TAG_REVISION=1
|
||||
FILEBEAT_TEMPLATE_BRANCH=5.0.0
|
||||
WAZUH_FILEBEAT_MODULE=wazuh-filebeat-0.4.tar.gz
|
||||
WAZUH_UI_REVISION=1
|
||||
WAZUH_REGISTRY=docker.io
|
||||
IMAGE_TAG=main
|
||||
|
||||
@ -11,10 +11,6 @@ on:
|
||||
docker_reference:
|
||||
description: 'wazuh-docker reference'
|
||||
required: true
|
||||
filebeat_module_version:
|
||||
description: 'Filebeat module version'
|
||||
default: '0.4'
|
||||
required: true
|
||||
revision:
|
||||
description: 'Package revision'
|
||||
default: '1'
|
||||
@ -43,11 +39,6 @@ on:
|
||||
description: 'wazuh-docker reference'
|
||||
required: false
|
||||
type: string
|
||||
filebeat_module_version:
|
||||
description: 'Filebeat module version'
|
||||
default: '0.4'
|
||||
required: true
|
||||
type: string
|
||||
revision:
|
||||
description: 'Package revision'
|
||||
default: '1'
|
||||
@ -78,7 +69,6 @@ jobs:
|
||||
env:
|
||||
IMAGE_REGISTRY: ${{ inputs.dev && vars.IMAGE_REGISTRY_DEV || vars.IMAGE_REGISTRY_PROD }}
|
||||
IMAGE_TAG: ${{ inputs.image_tag }}
|
||||
FILEBEAT_MODULE_VERSION: ${{ inputs.filebeat_module_version }}
|
||||
REVISION: ${{ inputs.revision }}
|
||||
|
||||
steps:
|
||||
@ -105,6 +95,9 @@ jobs:
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
ref: ${{ inputs.docker_reference }}
|
||||
|
||||
- name: free disk space
|
||||
uses: ./.github/free-disk-space
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v3
|
||||
@ -130,29 +123,29 @@ jobs:
|
||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_PASSWORD }}
|
||||
|
||||
- name: Create packages-url.txt file
|
||||
- name: Create packages_url.txt file
|
||||
if : ${{ inputs.dev == true }}
|
||||
run: |
|
||||
cat << EOF > packages-url.txt
|
||||
wazuh_manager_url_amd64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 3600 --region us-west-1)
|
||||
wazuh_manager_url_arm64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 3600 --region us-west-1)
|
||||
wazuh_manager_url_x86_64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 3600 --region us-west-1)
|
||||
wazuh_manager_url_aarch64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 3600 --region us-west-1)
|
||||
wazuh_indexer_url_amd64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 3600 --region us-west-1)
|
||||
wazuh_indexer_url_arm64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 3600 --region us-west-1)
|
||||
wazuh_indexer_url_x86_64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 3600 --region us-west-1)
|
||||
wazuh_indexer_url_aarch64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 3600 --region us-west-1)
|
||||
wazuh_dashboard_url_amd64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 3600 --region us-west-1)
|
||||
wazuh_dashboard_url_arm64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 3600 --region us-west-1)
|
||||
wazuh_dashboard_url_x86_64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 3600 --region us-west-1)
|
||||
wazuh_dashboard_url_aarch64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 3600 --region us-west-1)
|
||||
wazuh_agent_url_amd64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 3600 --region us-west-1)
|
||||
wazuh_agent_url_arm64_deb: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 3600 --region us-west-1)
|
||||
wazuh_agent_url_x86_64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 3600 --region us-west-1)
|
||||
wazuh_agent_url_aarch64_rpm: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 3600 --region us-west-1)
|
||||
wazuh_agent_url_i386_msi: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.i386.msi --expires-in 3600 --region us-west-1)
|
||||
wazuh_agent_url_intel64_pkg: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.intel64.pkg --expires-in 3600 --region us-west-1)
|
||||
wazuh_agent_url_arm64_pkg: $(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.arm64.pkg --expires-in 3600 --region us-west-1)
|
||||
cat << EOF > packages_url.txt
|
||||
wazuh_manager_url_amd64_deb: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 3600 --region us-west-1)"
|
||||
wazuh_manager_url_arm64_deb: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 3600 --region us-west-1)"
|
||||
wazuh_manager_url_x86_64_rpm: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 3600 --region us-west-1)"
|
||||
wazuh_manager_url_aarch64_rpm: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-manager-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 3600 --region us-west-1)"
|
||||
wazuh_indexer_url_amd64_deb: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 3600 --region us-west-1)"
|
||||
wazuh_indexer_url_arm64_deb: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 3600 --region us-west-1)"
|
||||
wazuh_indexer_url_x86_64_rpm: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 3600 --region us-west-1)"
|
||||
wazuh_indexer_url_aarch64_rpm: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-indexer-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 3600 --region us-west-1)"
|
||||
wazuh_dashboard_url_amd64_deb: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 3600 --region us-west-1)"
|
||||
wazuh_dashboard_url_arm64_deb: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 3600 --region us-west-1)"
|
||||
wazuh_dashboard_url_x86_64_rpm: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 3600 --region us-west-1)"
|
||||
wazuh_dashboard_url_aarch64_rpm: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-dashboard-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 3600 --region us-west-1)"
|
||||
wazuh_agent_url_amd64_deb: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent_5.0.0-${{ inputs.reference }}_amd64.deb --expires-in 3600 --region us-west-1)"
|
||||
wazuh_agent_url_arm64_deb: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent_5.0.0-${{ inputs.reference }}_arm64.deb --expires-in 3600 --region us-west-1)"
|
||||
wazuh_agent_url_x86_64_rpm: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.x86_64.rpm --expires-in 3600 --region us-west-1)"
|
||||
wazuh_agent_url_aarch64_rpm: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.aarch64.rpm --expires-in 3600 --region us-west-1)"
|
||||
wazuh_agent_url_i386_msi: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.i386.msi --expires-in 3600 --region us-west-1)"
|
||||
wazuh_agent_url_intel64_pkg: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.intel64.pkg --expires-in 3600 --region us-west-1)"
|
||||
wazuh_agent_url_arm64_pkg: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.arm64.pkg --expires-in 3600 --region us-west-1)"
|
||||
EOF
|
||||
working-directory: ./build-docker-images
|
||||
|
||||
@ -160,7 +153,7 @@ jobs:
|
||||
run: |
|
||||
if [ "${{ inputs.dev }}" = true ]; then
|
||||
IMAGE_TAG="${{ inputs.image_tag }}-${{ inputs.reference }}"
|
||||
./build-images.sh -v ${{ inputs.image_tag }} -r $REVISION -d "dev" -f $FILEBEAT_MODULE_VERSION -rg $IMAGE_REGISTRY -m -ref ${{ inputs.reference }}
|
||||
./build-images.sh -v ${{ inputs.image_tag }} -r $REVISION -d "dev" -rg $IMAGE_REGISTRY -m -ref ${{ inputs.reference }}
|
||||
else
|
||||
if [[ "$IMAGE_TAG" == *"-"* ]]; then
|
||||
IFS='-' read -r -a tokens <<< "$IMAGE_TAG"
|
||||
@ -170,9 +163,9 @@ jobs:
|
||||
fi
|
||||
DEV_STAGE=${tokens[1]}
|
||||
WAZUH_VER=${tokens[0]}
|
||||
./build-images.sh -v $WAZUH_VER -r $REVISION -d $DEV_STAGE -f $FILEBEAT_MODULE_VERSION -rg $IMAGE_REGISTRY -m
|
||||
./build-images.sh -v $WAZUH_VER -r $REVISION -d $DEV_STAGE -rg $IMAGE_REGISTRY -m
|
||||
else
|
||||
./build-images.sh -v $IMAGE_TAG -r $REVISION -f $FILEBEAT_MODULE_VERSION -rg $IMAGE_REGISTRY -m
|
||||
./build-images.sh -v $IMAGE_TAG -r $REVISION -rg $IMAGE_REGISTRY -m
|
||||
fi
|
||||
fi
|
||||
# Save .env file (generated by build-images.sh) contents to $GITHUB_ENV
|
||||
|
||||
4
.gitignore
vendored
4
.gitignore
vendored
@ -2,4 +2,6 @@ single-node/config/wazuh_indexer_ssl_certs/*.pem
|
||||
single-node/config/wazuh_indexer_ssl_certs/*.key
|
||||
multi-node/config/wazuh_indexer_ssl_certs/*.pem
|
||||
multi-node/config/wazuh_indexer_ssl_certs/*.key
|
||||
*.log
|
||||
*.log
|
||||
build-docker-images/packages_env.txt
|
||||
build-docker-images/packages_url.txt
|
||||
@ -9,6 +9,8 @@ All notable changes to this project will be documented in this file.
|
||||
|
||||
### Changed
|
||||
|
||||
- Modify Wazuh components install method ([#2058](https://github.com/wazuh/wazuh-puppet/issues/2058))
|
||||
- Image builder Workflow Rebuild ([#2054](https://github.com/wazuh/wazuh-puppet/issues/2054))
|
||||
- Wazuh server clean-up ([#2030](https://github.com/wazuh/wazuh-puppet/issues/2030))
|
||||
- Fix OpenSearch deprecated settings ([#1366](https://github.com/wazuh/wazuh-puppet/issues/1366))
|
||||
|
||||
|
||||
@ -1,8 +1,10 @@
|
||||
WAZUH_IMAGE_VERSION=5.0.0
|
||||
WAZUH_IMAGE_VERSION=main
|
||||
IMAGE_TAG=main
|
||||
WAZUH_VERSION=$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g')
|
||||
WAZUH_TAG_REVISION=1
|
||||
WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '["]tag_name["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g')
|
||||
IMAGE_VERSION=${WAZUH_IMAGE_VERSION}
|
||||
WAZUH_REGISTRY=docker.io
|
||||
|
||||
# Wazuh package generator
|
||||
# Copyright (C) 2023, Wazuh Inc.
|
||||
@ -12,11 +14,10 @@ IMAGE_VERSION=${WAZUH_IMAGE_VERSION}
|
||||
# License (version 2) as published by the FSF - Free Software
|
||||
# Foundation.
|
||||
|
||||
WAZUH_IMAGE_VERSION="5.0.0"
|
||||
WAZUH_IMAGE_VERSION="main"
|
||||
WAZUH_TAG_REVISION="1"
|
||||
WAZUH_DEV_STAGE=""
|
||||
WAZUH_TAG_REFERENCE=""
|
||||
FILEBEAT_MODULE_VERSION="0.4"
|
||||
|
||||
# -----------------------------------------------------------------------------
|
||||
|
||||
@ -38,29 +39,9 @@ ctrl_c() {
|
||||
build() {
|
||||
|
||||
WAZUH_VERSION="$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g')"
|
||||
FILEBEAT_TEMPLATE_BRANCH="${WAZUH_IMAGE_VERSION}"
|
||||
WAZUH_MINOR_VERSION="${WAZUH_IMAGE_VERSION%.*}"
|
||||
WAZUH_FILEBEAT_MODULE="wazuh-filebeat-${FILEBEAT_MODULE_VERSION}.tar.gz"
|
||||
WAZUH_UI_REVISION="${WAZUH_TAG_REVISION}"
|
||||
|
||||
if [ -z "${WAZUH_TAG_REFERENCE}" ]; then
|
||||
if [ "${WAZUH_DEV_STAGE}" ];then
|
||||
FILEBEAT_TEMPLATE_BRANCH="v${FILEBEAT_TEMPLATE_BRANCH}-${WAZUH_DEV_STAGE,,}"
|
||||
if ! curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/${FILEBEAT_TEMPLATE_BRANCH}"; then
|
||||
echo "The indicated branch does not exist in the wazuh/wazuh repository: ${FILEBEAT_TEMPLATE_BRANCH}"
|
||||
clean 1
|
||||
fi
|
||||
else
|
||||
if curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/v${FILEBEAT_TEMPLATE_BRANCH}"; then
|
||||
FILEBEAT_TEMPLATE_BRANCH="v${FILEBEAT_TEMPLATE_BRANCH}"
|
||||
elif curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/${FILEBEAT_TEMPLATE_BRANCH}"; then
|
||||
FILEBEAT_TEMPLATE_BRANCH="${FILEBEAT_TEMPLATE_BRANCH}"
|
||||
else
|
||||
echo "The indicated branch does not exist in the wazuh/wazuh repository: ${FILEBEAT_TEMPLATE_BRANCH}"
|
||||
clean 1
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
# Variables
|
||||
FILE="packages_url.txt"
|
||||
|
||||
@ -77,20 +58,18 @@ build() {
|
||||
curl -fsSL -o "$FILE" "https://packages-dev.wazuh.com/${WAZUH_MINOR_VERSION}/packages_url.txt"
|
||||
fi
|
||||
fi
|
||||
sed -Ei 's/^([^:]+):[[:space:]]+(https?:\/\/.*)$/\1=\2/' $FILE
|
||||
sed 's/[-.]/_/g' $FILE > packages_env.txt
|
||||
awk -F':' '{name=$1; val=substr($0,length(name)+3); gsub(/[-.]/,"_",name); print name "=" val}' $FILE > packages_env.txt
|
||||
|
||||
echo WAZUH_VERSION=$WAZUH_IMAGE_VERSION > ../.env
|
||||
echo WAZUH_IMAGE_VERSION=$WAZUH_IMAGE_VERSION >> ../.env
|
||||
echo WAZUH_TAG_REVISION=$WAZUH_TAG_REVISION >> ../.env
|
||||
echo FILEBEAT_TEMPLATE_BRANCH=$FILEBEAT_TEMPLATE_BRANCH >> ../.env
|
||||
echo WAZUH_FILEBEAT_MODULE=$WAZUH_FILEBEAT_MODULE >> ../.env
|
||||
echo WAZUH_UI_REVISION=$WAZUH_UI_REVISION >> ../.env
|
||||
echo WAZUH_REGISTRY=$WAZUH_REGISTRY >> ../.env
|
||||
echo IMAGE_TAG=$IMAGE_TAG >> ../.env
|
||||
|
||||
set -a
|
||||
source ../.env
|
||||
source packages_env.txt
|
||||
source ./packages_env.txt
|
||||
set +a
|
||||
|
||||
if [ "${MULTIARCH}" ];then
|
||||
@ -108,7 +87,6 @@ help() {
|
||||
echo "Usage: $0 [OPTIONS]"
|
||||
echo
|
||||
echo " -d, --dev <ref> [Optional] Set the development stage you want to build, example rc2 or beta1, not used by default."
|
||||
echo " -f, --filebeat-module <ref> [Optional] Set Filebeat module version. By default ${FILEBEAT_MODULE_VERSION}."
|
||||
echo " -r, --revision <rev> [Optional] Package revision. By default ${WAZUH_TAG_REVISION}"
|
||||
echo " -ref, --reference <ref> [Optional] Set the Wazuh reference to build development images. By default, the latest stable release."
|
||||
echo " -rg, --registry <reg> [Optional] Set the Docker registry to push the images."
|
||||
@ -136,14 +114,6 @@ main() {
|
||||
help 1
|
||||
fi
|
||||
;;
|
||||
"-f"|"--filebeat-module")
|
||||
if [ -n "${2}" ]; then
|
||||
FILEBEAT_MODULE_VERSION="${2}"
|
||||
shift 2
|
||||
else
|
||||
help 1
|
||||
fi
|
||||
;;
|
||||
"-m"|"--multiarch")
|
||||
MULTIARCH="true"
|
||||
shift
|
||||
|
||||
@ -6,8 +6,8 @@ services:
|
||||
args:
|
||||
WAZUH_VERSION: ${WAZUH_VERSION}
|
||||
WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION}
|
||||
FILEBEAT_TEMPLATE_BRANCH: ${FILEBEAT_TEMPLATE_BRANCH}
|
||||
WAZUH_FILEBEAT_MODULE: ${WAZUH_FILEBEAT_MODULE}
|
||||
wazuh_manager_url_amd64_rpm: ${wazuh_manager_url_x86_64_rpm}
|
||||
wazuh_manager_url_arm64_rpm: ${wazuh_manager_url_aarch64_rpm}
|
||||
image: ${WAZUH_REGISTRY}/wazuh/wazuh-manager:${IMAGE_TAG}
|
||||
hostname: wazuh.manager
|
||||
restart: always
|
||||
@ -20,7 +20,6 @@ services:
|
||||
- INDEXER_URL=https://wazuh.indexer:9200
|
||||
- INDEXER_USERNAME=admin
|
||||
- INDEXER_PASSWORD=admin
|
||||
- FILEBEAT_SSL_VERIFICATION_MODE=none
|
||||
volumes:
|
||||
- wazuh_api_configuration:/var/ossec/api/configuration
|
||||
- wazuh_etc:/var/ossec/etc
|
||||
@ -29,8 +28,6 @@ services:
|
||||
- wazuh_var_multigroups:/var/ossec/var/multigroups
|
||||
- wazuh_active_response:/var/ossec/active-response/bin
|
||||
- wazuh_wodles:/var/ossec/wodles
|
||||
- filebeat_etc:/etc/filebeat
|
||||
- filebeat_var:/var/lib/filebeat
|
||||
|
||||
wazuh.agent:
|
||||
build:
|
||||
@ -38,6 +35,8 @@ services:
|
||||
args:
|
||||
WAZUH_VERSION: ${WAZUH_VERSION}
|
||||
WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION}
|
||||
wazuh_agent_url_amd64_rpm: ${wazuh_agent_url_x86_64_rpm}
|
||||
wazuh_agent_url_arm64_rpm: ${wazuh_agent_url_aarch64_rpm}
|
||||
image: ${WAZUH_REGISTRY}/wazuh/wazuh-agent:${IMAGE_TAG}
|
||||
hostname: wazuh.agent
|
||||
restart: always
|
||||
@ -48,6 +47,8 @@ services:
|
||||
args:
|
||||
WAZUH_VERSION: ${WAZUH_VERSION}
|
||||
WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION}
|
||||
wazuh_indexer_url_amd64_rpm: ${wazuh_indexer_url_x86_64_rpm}
|
||||
wazuh_indexer_url_arm64_rpm: ${wazuh_indexer_url_aarch64_rpm}
|
||||
image: ${WAZUH_REGISTRY}/wazuh/wazuh-indexer:${IMAGE_TAG}
|
||||
hostname: wazuh.indexer
|
||||
restart: always
|
||||
@ -70,6 +71,8 @@ services:
|
||||
WAZUH_VERSION: ${WAZUH_VERSION}
|
||||
WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION}
|
||||
WAZUH_UI_REVISION: ${WAZUH_UI_REVISION}
|
||||
wazuh_dashboard_url_amd64_rpm: ${wazuh_dashboard_url_x86_64_rpm}
|
||||
wazuh_dashboard_url_arm64_rpm: ${wazuh_dashboard_url_aarch64_rpm}
|
||||
image: ${WAZUH_REGISTRY}/wazuh/wazuh-dashboard:${IMAGE_TAG}
|
||||
hostname: wazuh.dashboard
|
||||
restart: always
|
||||
@ -94,5 +97,4 @@ volumes:
|
||||
wazuh_var_multigroups:
|
||||
wazuh_active_response:
|
||||
wazuh_wodles:
|
||||
filebeat_etc:
|
||||
filebeat_var:
|
||||
|
||||
|
||||
@ -10,18 +10,17 @@ ARG WAZUH_MANAGER='CHANGE_MANAGER_IP'
|
||||
ARG WAZUH_MANAGER_PORT='CHANGE_MANAGER_PORT'
|
||||
ARG WAZUH_REGISTRATION_SERVER='CHANGE_ENROLL_IP'
|
||||
ARG WAZUH_REGISTRATION_PORT='CHANGE_ENROLL_PORT'
|
||||
ARG WAZUH_AGENT_NAME='CHANGEE_AGENT_NAME'
|
||||
ARG WAZUH_AGENT_NAME='CHANGE_AGENT_NAME'
|
||||
ARG TARGETARCH
|
||||
ARG wazuh_agent_url_amd64_rpm
|
||||
ARG wazuh_agent_url_arm64_rpm
|
||||
|
||||
COPY config/check_repository.sh /
|
||||
|
||||
RUN yum install curl-minimal tar gzip procps -y &&\
|
||||
yum clean all
|
||||
|
||||
RUN chmod 775 /check_repository.sh
|
||||
RUN source /check_repository.sh
|
||||
|
||||
RUN yum install wazuh-agent-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && \
|
||||
yum clean all && \
|
||||
RUN URL_VAR="wazuh_agent_url_${TARGETARCH}_rpm" && \
|
||||
agent_url="${!URL_VAR}" && \
|
||||
dnf install curl-minimal tar gzip procps -y &&\
|
||||
curl -o /wazuh-agent.rpm "${agent_url}" && \
|
||||
dnf install /wazuh-agent.rpm -y && \
|
||||
dnf clean all && \
|
||||
sed -i '/<authorization_pass_path>/d' /var/ossec/etc/ossec.conf && \
|
||||
curl --fail --silent -L https://github.com/just-containers/s6-overlay/releases/download/${S6_VERSION}/s6-overlay-amd64.tar.gz \
|
||||
-o /tmp/s6-overlay-amd64.tar.gz && \
|
||||
@ -31,6 +30,4 @@ RUN yum install wazuh-agent-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && \
|
||||
|
||||
COPY config/etc/ /etc/
|
||||
|
||||
RUN rm /etc/yum.repos.d/wazuh.repo
|
||||
|
||||
ENTRYPOINT [ "/init" ]
|
||||
|
||||
@ -1,15 +0,0 @@
|
||||
## variables
|
||||
APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH
|
||||
GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]"
|
||||
REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages-dev.wazuh.com/pre-release/yum/\nprotect=1"
|
||||
WAZUH_TAG=$(curl --silent https://api.github.com/repos/wazuh/wazuh/git/refs/tags | grep '["]ref["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 11- | grep ^v${WAZUH_VERSION}$)
|
||||
|
||||
## check tag to use the correct repository
|
||||
if [[ -n "${WAZUH_TAG}" ]]; then
|
||||
APT_KEY=https://packages.wazuh.com/key/GPG-KEY-WAZUH
|
||||
GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]"
|
||||
REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/4.x/yum/\nprotect=1"
|
||||
fi
|
||||
|
||||
rpm --import "${APT_KEY}"
|
||||
echo -e "${REPOSITORY}" | tee /etc/yum.repos.d/wazuh.repo
|
||||
@ -5,16 +5,17 @@ ARG WAZUH_VERSION
|
||||
ARG WAZUH_TAG_REVISION
|
||||
ARG WAZUH_UI_REVISION
|
||||
ARG INSTALL_DIR=/usr/share/wazuh-dashboard
|
||||
ARG TARGETARCH
|
||||
ARG wazuh_dashboard_url_amd64_rpm
|
||||
ARG wazuh_dashboard_url_arm64_rpm
|
||||
|
||||
# Update and install dependencies
|
||||
RUN yum install curl-minimal libcap openssl -y
|
||||
|
||||
COPY config/check_repository.sh /
|
||||
RUN chmod 775 /check_repository.sh && \
|
||||
source /check_repository.sh
|
||||
|
||||
RUN yum install wazuh-dashboard-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && \
|
||||
yum clean all
|
||||
RUN URL_VAR="wazuh_dashboard_url_${TARGETARCH}_rpm" && \
|
||||
dashboard_url="${!URL_VAR}" && \
|
||||
dnf install curl-minimal libcap openssl -y && \
|
||||
curl -o /wazuh-dashboard.rpm "${dashboard_url}" && \
|
||||
dnf install /wazuh-dashboard.rpm -y && \
|
||||
dnf clean all
|
||||
|
||||
# Create and set permissions to data directories
|
||||
RUN mkdir -p $INSTALL_DIR/data/wazuh && chmod -R 775 $INSTALL_DIR/data/wazuh
|
||||
@ -42,10 +43,8 @@ FROM amazonlinux:2023
|
||||
ENV USER="wazuh-dashboard" \
|
||||
GROUP="wazuh-dashboard" \
|
||||
NAME="wazuh-dashboard" \
|
||||
INSTALL_DIR="/usr/share/wazuh-dashboard"
|
||||
|
||||
# Set Wazuh app variables
|
||||
ENV PATTERN="" \
|
||||
INSTALL_DIR="/usr/share/wazuh-dashboard" \
|
||||
PATTERN="" \
|
||||
CHECKS_PATTERN="" \
|
||||
CHECKS_TEMPLATE="" \
|
||||
CHECKS_API="" \
|
||||
@ -60,7 +59,7 @@ ENV PATTERN="" \
|
||||
WAZUH_MONITORING_REPLICAS=""
|
||||
|
||||
# Update and install dependencies
|
||||
RUN yum install shadow-utils -y
|
||||
RUN dnf install shadow-utils -y && dnf clean all
|
||||
|
||||
# Create wazuh-dashboard user and group
|
||||
RUN getent group $GROUP || groupadd -r -g 1000 $GROUP
|
||||
|
||||
@ -1,15 +0,0 @@
|
||||
## variables
|
||||
APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH
|
||||
GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]"
|
||||
REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages-dev.wazuh.com/pre-release/yum/\nprotect=1"
|
||||
WAZUH_TAG=$(curl --silent https://api.github.com/repos/wazuh/wazuh/git/refs/tags | grep '["]ref["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 11- | grep ^v${WAZUH_VERSION}$)
|
||||
|
||||
## check tag to use the correct repository
|
||||
if [[ -n "${WAZUH_TAG}" ]]; then
|
||||
APT_KEY=https://packages.wazuh.com/key/GPG-KEY-WAZUH
|
||||
GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]"
|
||||
REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/5.x/yum/\nprotect=1"
|
||||
fi
|
||||
|
||||
rpm --import "${APT_KEY}"
|
||||
echo -e "${REPOSITORY}" | tee /etc/yum.repos.d/wazuh.repo
|
||||
@ -3,31 +3,19 @@ FROM amazonlinux:2023 AS builder
|
||||
|
||||
ARG WAZUH_VERSION
|
||||
ARG WAZUH_TAG_REVISION
|
||||
|
||||
RUN yum install curl-minimal openssl xz tar findutils shadow-utils -y
|
||||
|
||||
COPY config/check_repository.sh /
|
||||
RUN chmod 775 /check_repository.sh && \
|
||||
source /check_repository.sh
|
||||
|
||||
RUN yum install wazuh-indexer-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && \
|
||||
yum clean all
|
||||
|
||||
COPY config/opensearch.yml /
|
||||
ARG TARGETARCH
|
||||
ARG wazuh_indexer_url_amd64_rpm
|
||||
ARG wazuh_indexer_url_arm64_rpm
|
||||
|
||||
COPY config/config.sh .
|
||||
|
||||
COPY config/config.yml /
|
||||
|
||||
COPY config/action_groups.yml /
|
||||
|
||||
COPY config/internal_users.yml /
|
||||
|
||||
COPY config/roles_mapping.yml /
|
||||
|
||||
COPY config/roles.yml /
|
||||
|
||||
RUN bash config.sh
|
||||
RUN URL_VAR="wazuh_indexer_url_${TARGETARCH}_rpm" && \
|
||||
indexer_url="${!URL_VAR}" && \
|
||||
dnf install curl-minimal openssl xz tar findutils shadow-utils -y &&\
|
||||
curl -o /wazuh-indexer.rpm "${indexer_url}" && \
|
||||
dnf install /wazuh-indexer.rpm -y && \
|
||||
dnf clean all && \
|
||||
bash config.sh
|
||||
|
||||
################################################################################
|
||||
# Build stage 1 (the actual Wazuh indexer image):
|
||||
|
||||
@ -1,15 +0,0 @@
|
||||
## variables
|
||||
APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH
|
||||
GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]"
|
||||
REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages-dev.wazuh.com/pre-release/yum/\nprotect=1"
|
||||
WAZUH_TAG=$(curl --silent https://api.github.com/repos/wazuh/wazuh/git/refs/tags | grep '["]ref["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 11- | grep ^v${WAZUH_VERSION}$)
|
||||
|
||||
## check tag to use the correct repository
|
||||
if [[ -n "${WAZUH_TAG}" ]]; then
|
||||
APT_KEY=https://packages.wazuh.com/key/GPG-KEY-WAZUH
|
||||
GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]"
|
||||
REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/5.x/yum/\nprotect=1"
|
||||
fi
|
||||
|
||||
rpm --import "${APT_KEY}"
|
||||
echo -e "${REPOSITORY}" | tee /etc/yum.repos.d/wazuh.repo
|
||||
@ -5,28 +5,18 @@ RUN rm /bin/sh && ln -s /bin/bash /bin/sh
|
||||
|
||||
ARG WAZUH_VERSION
|
||||
ARG WAZUH_TAG_REVISION
|
||||
ARG FILEBEAT_TEMPLATE_BRANCH
|
||||
ARG FILEBEAT_CHANNEL=filebeat-oss
|
||||
ARG FILEBEAT_VERSION=7.10.2
|
||||
ARG FILEBEAT_REVISION=2
|
||||
ARG WAZUH_FILEBEAT_MODULE
|
||||
ARG S6_VERSION="v2.2.0.3"
|
||||
ARG TARGETARCH
|
||||
ARG wazuh_manager_url_amd64_rpm
|
||||
ARG wazuh_manager_url_arm64_rpm
|
||||
|
||||
RUN yum install curl-minimal xz gnupg tar gzip openssl findutils procps -y &&\
|
||||
yum clean all
|
||||
|
||||
COPY config/check_repository.sh /
|
||||
COPY config/filebeat_module.sh /
|
||||
COPY config/permanent_data.env config/permanent_data.sh /
|
||||
|
||||
RUN chmod 775 /check_repository.sh
|
||||
RUN source /check_repository.sh
|
||||
|
||||
RUN yum install wazuh-manager-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && \
|
||||
yum clean all && \
|
||||
chmod 775 /filebeat_module.sh && \
|
||||
source /filebeat_module.sh && \
|
||||
rm /filebeat_module.sh && \
|
||||
RUN URL_VAR="wazuh_manager_url_${TARGETARCH}_rpm" && \
|
||||
manager_url="${!URL_VAR}" && \
|
||||
dnf install curl-minimal xz gnupg tar gzip openssl findutils procps -y &&\
|
||||
dnf clean all && \
|
||||
curl -o /wazuh-manager.rpm "${manager_url}" && \
|
||||
dnf install /wazuh-manager.rpm -y && \
|
||||
dnf clean all && \
|
||||
curl --fail --silent -L https://github.com/just-containers/s6-overlay/releases/download/${S6_VERSION}/s6-overlay-amd64.tar.gz \
|
||||
-o /tmp/s6-overlay-amd64.tar.gz && \
|
||||
tar xzf /tmp/s6-overlay-amd64.tar.gz -C / --exclude="./bin" && \
|
||||
@ -36,16 +26,11 @@ RUN yum install wazuh-manager-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && \
|
||||
COPY config/etc/ /etc/
|
||||
COPY --chown=root:wazuh config/create_user.py /var/ossec/framework/scripts/create_user.py
|
||||
|
||||
COPY config/filebeat.yml /etc/filebeat/
|
||||
|
||||
RUN chmod go-w /etc/filebeat/filebeat.yml
|
||||
|
||||
ADD https://raw.githubusercontent.com/wazuh/wazuh/$FILEBEAT_TEMPLATE_BRANCH/extensions/elasticsearch/7.x/wazuh-template.json /etc/filebeat
|
||||
RUN chmod go-w /etc/filebeat/wazuh-template.json
|
||||
|
||||
# Prepare permanent data
|
||||
# Sync calls are due to https://github.com/docker/docker/issues/9547
|
||||
|
||||
COPY config/permanent_data.env config/permanent_data.sh /
|
||||
|
||||
#Make mount directories for keep permissions
|
||||
|
||||
RUN mkdir -p /var/ossec/var/multigroups && \
|
||||
@ -58,8 +43,6 @@ RUN mkdir -p /var/ossec/var/multigroups && \
|
||||
sync && /permanent_data.sh && \
|
||||
sync && rm /permanent_data.sh
|
||||
|
||||
RUN rm /etc/yum.repos.d/wazuh.repo
|
||||
|
||||
# Services ports
|
||||
EXPOSE 55000/tcp 1514/tcp 1515/tcp 514/udp 1516/tcp
|
||||
|
||||
|
||||
@ -1,15 +0,0 @@
|
||||
## variables
|
||||
APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH
|
||||
GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]"
|
||||
REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages-dev.wazuh.com/pre-release/yum/\nprotect=1"
|
||||
WAZUH_TAG=$(curl --silent https://api.github.com/repos/wazuh/wazuh/git/refs/tags | grep '["]ref["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 11- | grep ^v${WAZUH_VERSION}$)
|
||||
|
||||
## check tag to use the correct repository
|
||||
if [[ -n "${WAZUH_TAG}" ]]; then
|
||||
APT_KEY=https://packages.wazuh.com/key/GPG-KEY-WAZUH
|
||||
GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]"
|
||||
REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/5.x/yum/\nprotect=1"
|
||||
fi
|
||||
|
||||
rpm --import "${APT_KEY}"
|
||||
echo -e "${REPOSITORY}" | tee /etc/yum.repos.d/wazuh.repo
|
||||
@ -1,51 +0,0 @@
|
||||
#!/usr/bin/with-contenv bash
|
||||
# Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2)
|
||||
|
||||
set -e
|
||||
|
||||
if [ "$INDEXER_URL" != "" ]; then
|
||||
>&2 echo "Customize Elasticsearch output IP"
|
||||
sed -i "s|hosts:.*|hosts: ['$INDEXER_URL']|g" /etc/filebeat/filebeat.yml
|
||||
fi
|
||||
|
||||
# Configure filebeat.yml security settings
|
||||
|
||||
if [ "$INDEXER_USERNAME" != "" ]; then
|
||||
>&2 echo "Configuring username."
|
||||
sed -i "s|#username:.*|username:|g" /etc/filebeat/filebeat.yml
|
||||
sed -i "s|username:.*|username: '$INDEXER_USERNAME'|g" /etc/filebeat/filebeat.yml
|
||||
fi
|
||||
|
||||
if [ "$INDEXER_PASSWORD" != "" ]; then
|
||||
>&2 echo "Configuring password."
|
||||
sed -i "s|#password:.*|password:|g" /etc/filebeat/filebeat.yml
|
||||
sed -i "s|password:.*|password: '$INDEXER_PASSWORD'|g" /etc/filebeat/filebeat.yml
|
||||
fi
|
||||
|
||||
if [ "$FILEBEAT_SSL_VERIFICATION_MODE" != "" ]; then
|
||||
>&2 echo "Configuring SSL verification mode."
|
||||
sed -i "s|#ssl.verification_mode:.*|ssl.verification_mode:|g" /etc/filebeat/filebeat.yml
|
||||
sed -i "s|ssl.verification_mode:.*|ssl.verification_mode: '$FILEBEAT_SSL_VERIFICATION_MODE'|g" /etc/filebeat/filebeat.yml
|
||||
fi
|
||||
|
||||
if [ "$SSL_CERTIFICATE_AUTHORITIES" != "" ]; then
|
||||
>&2 echo "Configuring Certificate Authorities."
|
||||
sed -i "s|#ssl.certificate_authorities:.*|ssl.certificate_authorities:|g" /etc/filebeat/filebeat.yml
|
||||
sed -i "s|ssl.certificate_authorities:.*|ssl.certificate_authorities: ['$SSL_CERTIFICATE_AUTHORITIES']|g" /etc/filebeat/filebeat.yml
|
||||
fi
|
||||
|
||||
if [ "$SSL_CERTIFICATE" != "" ]; then
|
||||
>&2 echo "Configuring SSL Certificate."
|
||||
sed -i "s|#ssl.certificate:.*|ssl.certificate:|g" /etc/filebeat/filebeat.yml
|
||||
sed -i "s|ssl.certificate:.*|ssl.certificate: '$SSL_CERTIFICATE'|g" /etc/filebeat/filebeat.yml
|
||||
fi
|
||||
|
||||
if [ "$SSL_KEY" != "" ]; then
|
||||
>&2 echo "Configuring SSL Key."
|
||||
sed -i "s|#ssl.key:.*|ssl.key:|g" /etc/filebeat/filebeat.yml
|
||||
sed -i "s|ssl.key:.*|ssl.key: '$SSL_KEY'|g" /etc/filebeat/filebeat.yml
|
||||
fi
|
||||
|
||||
|
||||
chmod go-w /etc/filebeat/filebeat.yml || true
|
||||
chown root: /etc/filebeat/filebeat.yml || true
|
||||
@ -1,6 +0,0 @@
|
||||
#!/usr/bin/env sh
|
||||
echo >&2 "Filebeat exited. code=${1}"
|
||||
|
||||
# terminate other services to exit from the container
|
||||
exec s6-svscanctl -t /var/run/s6/services
|
||||
|
||||
@ -1,4 +0,0 @@
|
||||
#!/usr/bin/with-contenv sh
|
||||
echo >&2 "starting Filebeat"
|
||||
|
||||
exec /usr/share/filebeat/bin/filebeat -e -c /etc/filebeat/filebeat.yml -path.home /usr/share/filebeat -path.config /etc/filebeat -path.data /var/lib/filebeat -path.logs /var/log/filebeat
|
||||
@ -1,11 +0,0 @@
|
||||
## variables
|
||||
REPOSITORY="packages-dev.wazuh.com/pre-release"
|
||||
WAZUH_TAG=$(curl --silent https://api.github.com/repos/wazuh/wazuh/git/refs/tags | grep '["]ref["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 11- | grep ^v${WAZUH_VERSION}$)
|
||||
|
||||
## check tag to use the correct repository
|
||||
if [[ -n "${WAZUH_TAG}" ]]; then
|
||||
REPOSITORY="packages.wazuh.com/5.x"
|
||||
fi
|
||||
|
||||
yum install filebeat-${FILEBEAT_VERSION}-${FILEBEAT_REVISION} -y && \
|
||||
curl -s https://${REPOSITORY}/filebeat/${WAZUH_FILEBEAT_MODULE} | tar -xvz -C /usr/share/filebeat/module
|
||||
@ -7,7 +7,6 @@ PERMANENT_DATA[((i++))]="/var/ossec/queue"
|
||||
PERMANENT_DATA[((i++))]="/var/ossec/var/multigroups"
|
||||
PERMANENT_DATA[((i++))]="/var/ossec/active-response/bin"
|
||||
PERMANENT_DATA[((i++))]="/var/ossec/wodles"
|
||||
PERMANENT_DATA[((i++))]="/etc/filebeat"
|
||||
|
||||
export PERMANENT_DATA
|
||||
|
||||
@ -73,11 +72,6 @@ PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/exceptions.py"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/buckets/bucket.py"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/buckets/access_logs.py"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/pubsub/subscriber.py"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/etc/lists/malicious-ioc/malicious-ip"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/etc/lists/malicious-ioc/malicious-domains"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/etc/lists/malicious-ioc/malware-hashes"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/etc/filebeat/wazuh-template.json"
|
||||
PERMANENT_DATA_EXCP[((i++))]="/etc/filebeat/filebeat.yml"
|
||||
export PERMANENT_DATA_EXCP
|
||||
|
||||
# Files mounted in a volume that should be deleted
|
||||
|
||||
@ -24,7 +24,6 @@ $ build-docker-images/build-images.sh -h
|
||||
Usage: build-docker-images/build-images.sh [OPTIONS]
|
||||
|
||||
-d, --dev <ref> [Optional] Set the development stage you want to build, example rc2 or beta1, not used by default.
|
||||
-f, --filebeat-module <ref> [Optional] Set Filebeat module version. By default 0.4.
|
||||
-r, --revision <rev> [Optional] Package revision. By default 1
|
||||
-v, --version <ver> [Optional] Set the Wazuh version should be builded. By default, 5.0.0.
|
||||
-h, --help Show this help.
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user