Updated wazuh certs tool url

Added debug symbols for config.sh
Testing with wazuh certs tool from 4.13
2025-12-10 00:38:27 -06:00 · 2025-12-03 15:03:09 -03:00 · 2025-12-03 14:45:33 -03:00 · 2025-12-03 14:15:57 -03:00 · 2025-12-03 11:49:22 -03:00
16 changed files with 70 additions and 145 deletions
--- a/.github/.goss.yaml
+++ b/.github/.goss.yaml
@ -1,11 +1,4 @@
 file:
  /etc/filebeat/filebeat.yml:
    exists: true
    mode: "0644"
    owner: root
    group: root
    filetype: file
    contains: []
  /var/ossec/bin/wazuh-control:
    exists: true
    mode: "0750"
@ -49,10 +42,6 @@ file:
    filetype: file
    contains: []
 package:
  filebeat:
    installed: true
    versions:
    - 7.10.2
  wazuh-manager:
    installed: true
    versions:
@ -71,8 +60,6 @@ port:
    ip:
    - 0.0.0.0
 process:
  filebeat:
    running: true
  wazuh-analysisd:
    running: true
  wazuh-authd:
--- a/.github/multi-node-filebeat-check.sh
+++ b/.github/multi-node-filebeat-check.sh
@ -1,39 +0,0 @@
 COMMAND_TO_EXECUTE="filebeat test output"
 MASTER_CONTAINERS=$(docker ps --format '{{.Names}}' | grep -E 'master')
 if [ -z "$MASTER_CONTAINERS" ]; then
  echo "No containers were found with 'master' in their name."
 else
  for MASTER_CONTAINERS in $MASTER_CONTAINERS; do
    FILEBEAT_OUTPUT=$(docker exec "$MASTER_CONTAINERS" $COMMAND_TO_EXECUTE)
    FILEBEAT_STATUS=$(echo "${FILEBEAT_OUTPUT}" | grep -c OK)
    if [[ $FILEBEAT_STATUS -eq 7 ]]; then
      echo "No errors in filebeat"
      echo "${FILEBEAT_OUTPUT}"
    else
      echo "Errors in filebeat"
      echo "${FILEBEAT_OUTPUT}"
      exit 1
    fi
  done
 fi
 MASTER_CONTAINERS=$(docker ps --format '{{.Names}}' | grep -E 'worker')
 if [ -z "$MASTER_CONTAINERS" ]; then
  echo "No containers were found with 'worker' in their name."
 else
  for MASTER_CONTAINERS in $MASTER_CONTAINERS; do
    FILEBEAT_OUTPUT=$(docker exec "$MASTER_CONTAINERS" $COMMAND_TO_EXECUTE)
    FILEBEAT_STATUS=$(echo "${FILEBEAT_OUTPUT}" | grep -c OK)
    if [[ $FILEBEAT_STATUS -eq 7 ]]; then
      echo "No errors in filebeat"
      echo "${FILEBEAT_OUTPUT}"
    else
      echo "Errors in filebeat"
      echo "${FILEBEAT_OUTPUT}"
      exit 1
    fi
  done
 fi
--- a/.github/single-node-filebeat-check.sh
+++ b/.github/single-node-filebeat-check.sh
@ -1,20 +0,0 @@
 COMMAND_TO_EXECUTE="filebeat test output"
 MASTER_CONTAINERS=$(docker ps --format '{{.Names}}' | grep -E 'manager')
 if [ -z "$MASTER_CONTAINERS" ]; then
  echo "No containers were found with 'manager' in their name."
 else
  for MASTER_CONTAINERS in $MASTER_CONTAINERS; do
    FILEBEAT_OUTPUT=$(docker exec "$MASTER_CONTAINERS" $COMMAND_TO_EXECUTE)
    FILEBEAT_STATUS=$(echo "${FILEBEAT_OUTPUT}" | grep -c OK)
    if [[ $FILEBEAT_STATUS -eq 7 ]]; then
      echo "No errors in filebeat"
      echo "${FILEBEAT_OUTPUT}"
    else
      echo "Errors in filebeat"
      echo "${FILEBEAT_OUTPUT}"
      exit 1
    fi
  done
 fi
--- a/.github/workflows/Procedure_push_docker_images.yml
+++ b/.github/workflows/Procedure_push_docker_images.yml
@ -18,7 +18,7 @@ on:
      reference:
        description: 'Dev reference'
        type: string
-        default: latest 
+        default: latest
      id:
        description: "ID used to identify the workflow uniquely."
        type: string
@ -47,7 +47,7 @@ on:
      reference:
        description: 'Dev reference'
        type: string
-        default: latest 
+        default: latest
      id:
        description: "ID used to identify the workflow uniquely."
        type: string
@ -97,7 +97,7 @@ jobs:
    - name: free disk space
      uses: ./.github/free-disk-space
-    
+
    - name: Set up QEMU
      uses: docker/setup-qemu-action@v3
@ -145,8 +145,8 @@ jobs:
          wazuh_agent_url_i386_msi: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.i386.msi --expires-in 3600 --region us-west-1)"
          wazuh_agent_url_intel64_pkg: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.intel64.pkg --expires-in 3600 --region us-west-1)"
          wazuh_agent_url_arm64_pkg: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/main/packages/wazuh-agent-5.0.0-${{ inputs.reference }}.arm64.pkg --expires-in 3600 --region us-west-1)"
-          wazuh_certs_tool: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/secondary/installation-assistant/5.0.0/wazuh-certs-tool.sh --expires-in 3600 --region us-west-1)"
+          wazuh_certs_tool: "https://packages-dev.wazuh.com/4.13/wazuh-certs-tool.sh"
-          wazuh_config_yml: "$(aws s3 presign s3://${{ vars.AWS_S3_BUCKET_DEV }}/development/wazuh/5.x/secondary/installation-assistant/5.0.0/config.yml --expires-in 3600 --region us-west-1)"
+          wazuh_config_yml: "https://packages-dev.wazuh.com/4.13/config.yml"
          EOF
      working-directory: ./build-docker-images
@ -155,7 +155,7 @@ jobs:
        if [ "${{ inputs.dev }}" = true ]; then
          IMAGE_TAG="${{ inputs.image_tag }}-${{ inputs.reference }}"
          ./build-images.sh -v ${{ inputs.image_tag }} -r $REVISION -d "dev" -rg $IMAGE_REGISTRY -m -ref ${{ inputs.reference }}
-        else  
+        else
          if [[ "$IMAGE_TAG" == *"-"* ]]; then
            IFS='-' read -r -a tokens <<< "$IMAGE_TAG"
            if [ -z "${tokens[1]}" ]; then
--- a/.github/workflows/push.yml
+++ b/.github/workflows/push.yml
@ -175,9 +175,6 @@ jobs:
      env:
        TOKEN: $(curl -s -u wazuh-wui:MyS3cr37P450r.*- -k -X GET "https://0.0.0.0:55000/security/user/authenticate?raw=true")
    - name: Check filebeat output
      run: ./.github/single-node-filebeat-check.sh
    - name: Check Wazuh dashboard service URL
      run: |
       status=$(curl -XGET --silent  https://0.0.0.0:443/app/status -k -u admin:SecretPassword -I -s | grep -E "^HTTP" | awk  '{print $2}')
@ -338,9 +335,6 @@ jobs:
      env:
        TOKEN: $(curl -s -u wazuh-wui:MyS3cr37P450r.*- -k -X GET "https://0.0.0.0:55000/security/user/authenticate?raw=true")
    - name: Check filebeat output
      run: ./.github/multi-node-filebeat-check.sh
    - name: Check Wazuh dashboard service URL
      run: |
       status=$(curl -XGET --silent  https://0.0.0.0:443/app/status -k -u admin:SecretPassword -I | grep -E "^HTTP" | awk  '{print $2}')
--- a/build-docker-images/README.md
+++ b/build-docker-images/README.md
@ -24,7 +24,6 @@ $ build-docker-images/build-images.sh -h
 Usage: build-docker-images/build-images.sh [OPTIONS]
    -d, --dev <ref>              [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default.
    -f, --filebeat-module <ref>  [Optional] Set Filebeat module version. By default 0.4.
    -r, --revision <rev>         [Optional] Package revision. By default 1
    -v, --version <ver>          [Optional] Set the Wazuh version should be builded. By default, 5.0.0.
    -h, --help                   Show this help.
--- a/build-docker-images/build-images.sh
+++ b/build-docker-images/build-images.sh
@ -59,7 +59,7 @@ build() {
        fi
    fi
    awk -F':' '{name=$1; val=substr($0,length(name)+3); gsub(/[-.]/,"_",name); print name "=" val}' $ARTIFACT_URLS_FILE > artifacts_env.txt
-    
+
    echo WAZUH_VERSION=$WAZUH_IMAGE_VERSION > ../.env
    echo WAZUH_IMAGE_VERSION=$WAZUH_IMAGE_VERSION >> ../.env
    echo WAZUH_TAG_REVISION=$WAZUH_TAG_REVISION >> ../.env
--- a/build-docker-images/wazuh-dashboard/config/config.sh
+++ b/build-docker-images/wazuh-dashboard/config/config.sh
@ -1,5 +1,6 @@
 # Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)
 # This has to be exported to make some magic below work.
 set -x
 export DH_OPTIONS
 export NAME=wazuh-dashboard
@ -54,4 +55,6 @@ cp -pr /wazuh-certificates/admin-key.pem ${CONFIG_DIR}/certs/admin-key.pem
 sed -i "s|/etc/wazuh-dashboard|${CONFIG_DIR}|g" ${CONFIG_DIR}/opensearch_dashboards.yml
 chmod -R 500 ${CONFIG_DIR}/certs
-chmod -R 400 ${CONFIG_DIR}/certs/*
+chmod -R 400 ${CONFIG_DIR}/certs/*
 set +x
--- a/build-docker-images/wazuh-dashboard/config/wazuh_app_config.sh
+++ b/build-docker-images/wazuh-dashboard/config/wazuh_app_config.sh
@ -7,7 +7,7 @@ api_username="${API_USERNAME:-wazuh-wui}"
 api_password="${API_PASSWORD:-wazuh-wui}"
 api_run_as="${RUN_AS:-false}"
-dashboard_config_file="/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml"
+dashboard_config_file="/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml"
 declare -A CONFIG_MAP=(
  [pattern]=$PATTERN
@ -32,18 +32,18 @@ do
    fi
 done
-grep -q 1513629884013 $dashboard_config_file
+grep -q default $dashboard_config_file
 _config_exists=$?
 if [[ $_config_exists -ne 0 ]]; then
  cat << EOF >> $dashboard_config_file
-  hosts:
+  wazuh_core.hosts:
-    - 1513629884013:
+    default:
-        url: $wazuh_url
+      url: $wazuh_url
-        port: $wazuh_port
+      port: $wazuh_port
-        username: $api_username
+      username: $api_username
-        password: $api_password
+      password: $api_password
-        run_as: $api_run_as
+      run_as: $api_run_as
  EOF
 else
  echo "Wazuh APP already configured"
--- a/build-docker-images/wazuh-indexer/config/config.sh
+++ b/build-docker-images/wazuh-indexer/config/config.sh
@ -1,5 +1,6 @@
 # Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)
 # This has to be exported to make some magic below work.
 set -x
 export DH_OPTIONS
 export NAME=wazuh-indexer
@ -63,4 +64,6 @@ sed -i 's/-Djava.security.policy=file:\/\/\/etc\/wazuh-indexer\/opensearch-perfo
 chown -R ${USER}:${GROUP} ${CONFIG_DIR}
 chmod -R 500 ${CONFIG_DIR}/certs
-chmod -R 400 ${CONFIG_DIR}/certs/*
+chmod -R 400 ${CONFIG_DIR}/certs/*
 set +x
--- a/build-docker-images/wazuh-manager/config/config.sh
+++ b/build-docker-images/wazuh-manager/config/config.sh
@ -4,7 +4,7 @@
 # Variables for certificate generation
 CERT_TOOL="wazuh-certs-tool.sh"
 CERT_CONFIG_FILE="config.yml"
-CERT_DIR=/etc/filebeat/certs
+CERT_DIR=/etc/wazuh/certs
 download_package() {
    local url=$1
    local package=$2
--- a/docs/README.md
+++ b/docs/README.md
@ -7,7 +7,7 @@
 In this repository you will find the containers to run:
-* Wazuh manager: it runs the Wazuh manager, Wazuh API and Filebeat OSS
+* Wazuh manager: it runs the Wazuh manager, and Wazuh API
 * Wazuh dashboard: provides a web user interface to browse through alert data and allows you to visualize the agents configuration and status.
 * Wazuh indexer: Wazuh indexer container (working as a single-node cluster or as a multi-node cluster). **Be aware to increase the `vm.max_map_count` setting, as it's detailed in the [Wazuh documentation](https://documentation.wazuh.com/current/docker/wazuh-container.html#increase-max-map-count-on-your-host-linux).**
 * Wazuh agent: This container contains the Wazuh agent services. Current functionality is limited.
@ -70,16 +70,14 @@ The folder `wazuh-agent` contains a README explaining how to run a container wit
 	│       │   ├── etc
 	│       │   │   ├── cont-init.d
 	│       │   │   │   ├── 0-wazuh-init
-	│       │   │   │   ├── 1-config-filebeat
+	│       │   │   │   ├── 1-config-
 	│       │   │   │   └── 2-manager
 	│       │   │   └── services.d
-	│       │   │       ├── filebeat
+	│       │   │       ├──
 	│       │   │       │   ├── finish
 	│       │   │       │   └── run
 	│       │   │       └── ossec-logs
 	│       │   │           └── run
 	│       │   ├── filebeat_module.sh
 	│       │   ├── filebeat.yml
 	│       │   ├── permanent_data.env
 	│       │   └── permanent_data.sh
 	│       └── Dockerfile
--- a/multi-node/Migration-to-Wazuh-4.4.md
+++ b/multi-node/Migration-to-Wazuh-4.4.md
@ -97,15 +97,15 @@ docker volume create \
 docker volume create \
           --label com.docker.compose.project=multi-node \
           --label com.docker.compose.version=1.25.0 \
-           --label com.docker.compose.volume=master-filebeat-etc \
+           --label com.docker.compose.volume=master-wazuh-etc \
-           multi-node_master-filebeat-etc
+           multi-node_master-wazuh-etc
 ```
 ```
 docker volume create \
           --label com.docker.compose.project=multi-node \
           --label com.docker.compose.version=1.25.0 \
-           --label com.docker.compose.volume=master-filebeat-var \
+           --label com.docker.compose.volume=master-wazuh-var \
-           multi-node_master-filebeat-var
+           multi-node_master-wazuh-var
 ```
 ```
 docker volume create \
@ -160,15 +160,15 @@ docker volume create \
 docker volume create \
           --label com.docker.compose.project=multi-node \
           --label com.docker.compose.version=1.25.0 \
-           --label com.docker.compose.volume=worker-filebeat-etc \
+           --label com.docker.compose.volume=worker-wazuh-etc \
-           multi-node_worker-filebeat-etc
+           multi-node_worker-wazuh-etc
 ```
 ```
 docker volume create \
           --label com.docker.compose.project=multi-node \
           --label com.docker.compose.version=1.25.0 \
-           --label com.docker.compose.volume=worker-filebeat-var \
+           --label com.docker.compose.volume=worker-wazuh-var \
-           multi-node_worker-filebeat-var
+           multi-node_worker-wazuh-var
 ```
 **6. Copy the volume content from elasticsearch to Wazuh indexer volumes and old Wazuh manager content to new volumes.**
 ```
@ -233,14 +233,14 @@ docker container run --rm -it \
 ```
 ```
 docker container run --rm -it \
-           -v wazuh-docker_filebeat-etc:/from \
+           -v wazuh-docker-etc:/from \
-           -v multi-node_master-filebeat-etc:/to \
+           -v multi-node_master-etc:/to \
           alpine ash -c "cd /from ; cp -avp . /to"
 ```
 ```
 docker container run --rm -it \
-           -v wazuh-docker_filebeat-var:/from \
+           -v wazuh-docker-var:/from \
-           -v multi-node_master-filebeat-var:/to \
+           -v multi-node_master-wazuh-var:/to \
           alpine ash -c "cd /from ; cp -avp . /to"
 ```
 ```
@ -287,14 +287,14 @@ docker container run --rm -it \
 ```
 ```
 docker container run --rm -it \
-           -v wazuh-docker_worker-filebeat-etc:/from \
+           -v wazuh-docker_worker-etc:/from \
-           -v multi-node_worker-filebeat-etc:/to \
+           -v multi-node_worker-wazuh-etc:/to \
           alpine ash -c "cd /from ; cp -avp . /to"
 ```
 ```
 docker container run --rm -it \
-           -v wazuh-docker_worker-filebeat-var:/from \
+           -v wazuh-docker_worker-var:/from \
-           -v multi-node_worker-filebeat-var:/to \
+           -v multi-node_worker-wazuh-var:/to \
           alpine ash -c "cd /from ; cp -avp . /to"
 ```
--- a/multi-node/docker-compose.yml
+++ b/multi-node/docker-compose.yml
@ -34,8 +34,8 @@ services:
      - master-wazuh-active-response:/var/ossec/active-response/bin
      - master-wazuh-wodles:/var/ossec/wodles
      - ./wazuh-certificates/root-ca.pem:/etc/ssl/root-ca.pem
-      - ./wazuh-certificates/wazuh.master.pem:/etc/ssl/filebeat.pem
+      - ./wazuh-certificates/wazuh.master.pem:/etc/ssl/wazuh.master.pem
-      - ./wazuh-certificates/wazuh.master-key.pem:/etc/ssl/filebeat.key
+      - ./wazuh-certificates/wazuh.master-key.pem:/etc/ssl/wazuh.master.key
  wazuh.worker:
    image: wazuh/wazuh-manager:5.0.0
    hostname: wazuh.worker
@ -65,9 +65,9 @@ services:
      - worker-wazuh-var-multigroups:/var/ossec/var/multigroups
      - worker-wazuh-active-response:/var/ossec/active-response/bin
      - worker-wazuh-wodles:/var/ossec/wodles
-      - ./wazuh-certificates/root-ca.pem:/etc/filebeat/certs/root-ca.pem
+      - ./wazuh-certificates/root-ca.pem:/etc/wazuh/certs/root-ca.pem
-      - ./wazuh-certificates/wazuh.worker.pem:/etc/filebeat/certs/filebeat.pem
+      - ./wazuh-certificates/wazuh.worker.pem:/etc/wazuh/certs/wazuh.worker.pem
-      - ./wazuh-certificates/wazuh.worker-key.pem:/etc/filebeat/certs/filebeat-key.pem
+      - ./wazuh-certificates/wazuh.worker-key.pem:/etc/wazuh/certs/wazuh.worker.key
  wazuh1.indexer:
    image: wazuh/wazuh-indexer:5.0.0
--- a/multi-node/volume-migrator.sh
+++ b/multi-node/volume-migrator.sh
@ -61,14 +61,14 @@ docker volume create \
 docker volume create \
           --label com.docker.compose.project=$2 \
           --label com.docker.compose.version=$1 \
-           --label com.docker.compose.volume=master-filebeat-etc \
+           --label com.docker.compose.volume=master-wazuh-etc \
-           $2_master-filebeat-etc
+           $2_master-wazuh-etc
 docker volume create \
           --label com.docker.compose.project=$2 \
           --label com.docker.compose.version=$1 \
-           --label com.docker.compose.volume=master-filebeat-var \
+           --label com.docker.compose.volume=master-wazuh-var \
-           $2_master-filebeat-var
+           $2_master-wazuh-var
 docker volume create \
           --label com.docker.compose.project=$2 \
@ -115,18 +115,18 @@ docker volume create \
 docker volume create \
           --label com.docker.compose.project=$2 \
           --label com.docker.compose.version=$1 \
-           --label com.docker.compose.volume=worker-filebeat-etc \
+           --label com.docker.compose.volume=worker-wazuh-etc \
-           $2_worker-filebeat-etc
+           $2_worker-wazuh-etc
 docker volume create \
           --label com.docker.compose.project=$2 \
           --label com.docker.compose.version=$1 \
-           --label com.docker.compose.volume=worker-filebeat-var \
+           --label com.docker.compose.volume=worker-wazuh-var \
-           $2_worker-filebeat-var
+           $2_worker-wazuh-var
 docker container run --rm -it \
-           -v wazuh-docker_worker-filebeat-var:/from \
+           -v wazuh-docker_worker-var:/from \
-           -v $2_worker-filebeat-var:/to \
+           -v $2_worker-wazuh-var:/to \
           alpine ash -c "cd /from ; cp -avp . /to"
 docker container run --rm -it \
@ -180,13 +180,13 @@ docker container run --rm -it \
           alpine ash -c "cd /from ; cp -avp . /to"
 docker container run --rm -it \
-           -v wazuh-docker_filebeat-etc:/from \
+           -v wazuh-docker-etc:/from \
-           -v $2_master-filebeat-etc:/to \
+           -v $2_master-wazuh-etc:/to \
           alpine ash -c "cd /from ; cp -avp . /to"
 docker container run --rm -it \
-           -v wazuh-docker_filebeat-var:/from \
+           -v wazuh-docker-var:/from \
-           -v $2_master-filebeat-var:/to \
+           -v $2_master-wazuh-var:/to \
           alpine ash -c "cd /from ; cp -avp . /to"
 docker container run --rm -it \
@ -225,11 +225,11 @@ docker container run --rm -it \
           alpine ash -c "cd /from ; cp -avp . /to"
 docker container run --rm -it \
-           -v wazuh-docker_worker-filebeat-etc:/from \
+           -v wazuh-docker_worker-etc:/from \
-           -v $2_worker-filebeat-etc:/to \
+           -v $2_worker-wazuh-etc:/to \
           alpine ash -c "cd /from ; cp -avp . /to"
 docker container run --rm -it \
-           -v wazuh-docker_worker-filebeat-var:/from \
+           -v wazuh-docker_worker-var:/from \
-           -v $2_worker-filebeat-var:/to \
+           -v $2_worker-wazuh-var:/to \
           alpine ash -c "cd /from ; cp -avp . /to"
--- a/single-node/docker-compose.yml
+++ b/single-node/docker-compose.yml
@ -32,9 +32,9 @@ services:
      - wazuh_var_multigroups:/var/ossec/var/multigroups
      - wazuh_active_response:/var/ossec/active-response/bin
      - wazuh_wodles:/var/ossec/wodles
-      - ./wazuh-certificates/root-ca.pem:/etc/filebeat/certs/root-ca.pem
+      - ./wazuh-certificates/root-ca.pem:/etc/wazuh/certs/root-ca.pem
-      - ./wazuh-certificates/wazuh.manager.pem:/etc/filebeat/certs/filebeat.pem
+      - ./wazuh-certificates/wazuh.manager.pem:/etc/wazuh/certs/wazuh.manager.pem
-      - ./wazuh-certificates/wazuh.manager-key.pem:/etc/filebeat/certs/filebeat-key.pem
+      - ./wazuh-certificates/wazuh.manager-key.pem:/etc/wazuh/certs/wazuh.manager-key.pem
  wazuh.indexer:
    image: wazuh/wazuh-indexer:5.0.0
Author	SHA1	Message	Date
Carlos Bordon	19dda0c176	Updated wazuh certs tool url	2025-12-03 15:03:09 -03:00
Carlos Bordon	05aece7433	Added debug symbols for config.sh	2025-12-03 14:45:33 -03:00
Carlos Bordon	fc8262b791	Testing with wazuh certs tool from 4.13	2025-12-03 14:15:57 -03:00
Carlos Bordon	9ebecf410e	Testing the docker images build with filebeat reference removed	2025-12-03 11:49:22 -03:00