From 5f2cf7511b69e229da4d15aa9be6f4aa4419ad2b Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Thu, 6 Nov 2025 17:13:36 +0100 Subject: [PATCH] Change server certs path and config parameters --- configurer/core/models/certificates_manager.py | 18 ++++++++++++++---- configurer/core/utils/enums.py | 13 ++++++++----- 2 files changed, 22 insertions(+), 9 deletions(-) diff --git a/configurer/core/models/certificates_manager.py b/configurer/core/models/certificates_manager.py index ef449ab..7c29a26 100644 --- a/configurer/core/models/certificates_manager.py +++ b/configurer/core/models/certificates_manager.py @@ -109,7 +109,8 @@ class CertsManager: Args: key (str): The key to search for in the YAML file. file (str): The path to the YAML file. - flattened_key (bool, optional): Whether the key is flattened (default is True). + flattened_key (bool, optional): Whether the key uses dot notation (e.g., "a.b.c") instead of + hierarchical/nested YAML structure (e.g., a: b: c:). Default is True. client (paramiko.SSHClient, optional): An SSH client to execute the command remotely (default is None). Returns: @@ -120,7 +121,15 @@ class CertsManager: >>> return: "wazuh-server.pem" """ - yq_query = f"sudo yq '.[\"{key}\"]' {file}" if flattened_key else f"sudo yq '.{key}' {file}" + yq_xml_suffix = "" + if Path(file).suffix == ".conf": # This file is XML, not YAML + yq_xml_suffix = "-p xml -o xml" + + yq_query = ( + f"sudo yq {yq_xml_suffix} '.[\"{key}\"]' {file}" + if flattened_key + else f"sudo yq {yq_xml_suffix} '.{key}' {file}" + ) output, error_output = exec_command(command=yq_query, client=client) if error_output: @@ -145,7 +154,8 @@ class CertsManager: Args: component (Component): The component for which to retrieve certificate names. component_config_file (str): The path to the component's configuration file. - flattened_key (bool, optional): Whether to flatten the key. Defaults to True. + flattened_key (bool, optional): Whether the key uses dot notation (e.g., "a.b.c") instead of + hierarchical/nested YAML structure (e.g., a: b: c:). Default is True. client (paramiko.SSHClient | None, optional): An SSH client for remote operations. Defaults to None. Returns: @@ -221,7 +231,7 @@ class CertsManager: else ComponentConfigFile.WAZUH_SERVER if component == Component.WAZUH_SERVER else ComponentConfigFile.WAZUH_DASHBOARD, - flattened_key=component != Component.WAZUH_SERVER, # Flatten key only for server + flattened_key=component != Component.WAZUH_SERVER, # Flatten key only for indexer and dashboard client=client, ) diff --git a/configurer/core/utils/enums.py b/configurer/core/utils/enums.py index 284160e..624baa3 100644 --- a/configurer/core/utils/enums.py +++ b/configurer/core/utils/enums.py @@ -2,22 +2,25 @@ from enum import StrEnum class ComponentConfigFile(StrEnum): - WAZUH_SERVER = "/etc/wazuh-server/wazuh-server.yml" + WAZUH_SERVER = "/var/ossec/etc/ossec.conf" WAZUH_INDEXER = "/etc/wazuh-indexer/opensearch.yml" WAZUH_DASHBOARD = "/etc/wazuh-dashboard/opensearch_dashboards.yml" class ComponentCertsDirectory(StrEnum): - WAZUH_SERVER = "/etc/wazuh-server/certs" + WAZUH_SERVER = "/var/ossec/etc/certs" WAZUH_INDEXER = "/etc/wazuh-indexer/certs" WAZUH_DASHBOARD = "/etc/wazuh-dashboard/certs" class ComponentCertsConfigParameter(StrEnum): # Wazuh Server - WAZUH_SERVER_KEY = "communications_api.ssl.key" - WAZUH_SERVER_CERT = "communications_api.ssl.cert" - WAZUH_SERVER_CA = "communications_api.ssl.ca" + # We use ossec_config[0] because there is more than one ossec_config entry in the ossec.conf file and need to + # identify the correct one. + # This siyntax is needed for yq to correctly identify the path to modify. + WAZUH_SERVER_KEY = "ossec_config[0].indexer.ssl.key" + WAZUH_SERVER_CERT = "ossec_config[0].indexer.ssl.certificate" + WAZUH_SERVER_CA = "ossec_config[0].indexer.ssl.certificate_authorities.ca" # Wazuh Indexer WAZUH_INDEXER_KEY = "plugins.security.ssl.http.pemkey_filepath" WAZUH_INDEXER_CERT = "plugins.security.ssl.http.pemcert_filepath"