From 9b2f6392ecd296bc0a6b20ea84865f94c497f99c Mon Sep 17 00:00:00 2001 From: vcerenu Date: Thu, 9 Nov 2023 09:25:00 -0300 Subject: [PATCH] add ism policies --- .env | 5 ++++- build-docker-images/wazuh-indexer/Dockerfile | 6 +++++- build-docker-images/wazuh-indexer/config/entrypoint.sh | 2 ++ build-docker-images/wazuh-indexer/config/ism-check.sh | 10 ++++++++++ multi-node/docker-compose.yml | 1 + single-node/docker-compose.yml | 3 ++- 6 files changed, 24 insertions(+), 3 deletions(-) create mode 100644 build-docker-images/wazuh-indexer/config/ism-check.sh diff --git a/.env b/.env index 08a3c7ed..9471b392 100755 --- a/.env +++ b/.env @@ -1,3 +1,6 @@ WAZUH_VERSION=4.8.0 WAZUH_IMAGE_VERSION=4.8.0 -WAZUH_TAG_REVISION=1 +WAZUH_TAG_REVISION=40800 +FILEBEAT_TEMPLATE_BRANCH=4.8.0 +WAZUH_FILEBEAT_MODULE=wazuh-filebeat-0.2.tar.gz +WAZUH_UI_REVISION=40800 diff --git a/build-docker-images/wazuh-indexer/Dockerfile b/build-docker-images/wazuh-indexer/Dockerfile index f2b809c3..7e03fb6b 100644 --- a/build-docker-images/wazuh-indexer/Dockerfile +++ b/build-docker-images/wazuh-indexer/Dockerfile @@ -33,6 +33,8 @@ ENV USER="wazuh-indexer" \ NAME="wazuh-indexer" \ INSTALL_DIR="/usr/share/wazuh-indexer" +RUN apt-get update -y && apt-get install curl -y + RUN getent group $GROUP || groupadd -r -g 1000 $GROUP RUN useradd --system \ @@ -50,7 +52,9 @@ COPY config/entrypoint.sh / COPY config/securityadmin.sh / -RUN chmod 700 /entrypoint.sh && chmod 700 /securityadmin.sh +COPY config/ism-check.sh / + +RUN chmod 700 /entrypoint.sh && chmod 700 /securityadmin.sh && chmod 700 /ism-check.sh RUN chown 1000:1000 /*.sh diff --git a/build-docker-images/wazuh-indexer/config/entrypoint.sh b/build-docker-images/wazuh-indexer/config/entrypoint.sh index 2acb4aa0..2d3396d6 100644 --- a/build-docker-images/wazuh-indexer/config/entrypoint.sh +++ b/build-docker-images/wazuh-indexer/config/entrypoint.sh @@ -90,4 +90,6 @@ fi # touch "/var/lib/wazuh-indexer/.flag" #fi +nohup /ism-check.sh & + run_as_other_user_if_needed /usr/share/wazuh-indexer/bin/opensearch <<<"$KEYSTORE_PASSWORD" \ No newline at end of file diff --git a/build-docker-images/wazuh-indexer/config/ism-check.sh b/build-docker-images/wazuh-indexer/config/ism-check.sh new file mode 100644 index 00000000..fcfeeaa0 --- /dev/null +++ b/build-docker-images/wazuh-indexer/config/ism-check.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +if [[ -n "$INDEXER_PASSWORD" ]]; then + until [[ `curl -XGET https://0.0.0.0:9200/_cat/indices -u admin:SecretPassword -k -s | grep .opendistro_security | wc -l` -eq 1 ]] + do + echo "Wazuh indexer Security is not initiaized"; + sleep 30 + done + bash /usr/share/wazuh-indexer/bin/indexer-ism-init.sh -i 127.0.0.1 -p $INDEXER_PASSWORD +fi \ No newline at end of file diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index a72fd4f5..684d9813 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -89,6 +89,7 @@ services: environment: - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g" - "bootstrap.memory_lock=true" + - 'INDEXER_PASSWORD=SecretPassword' ulimits: memlock: soft: -1 diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index 45a8feb7..8627df27 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -52,7 +52,8 @@ services: ports: - "9200:9200" environment: - - "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m" + - "OPENSEARCH_JAVA_OPTS=-Xms1024m -Xmx1024m" + - 'INDEXER_PASSWORD=SecretPassword' ulimits: memlock: soft: -1