internal_users

5 years ago · 51e75ce00f
4 changed files with 46 additions and 3 deletions
--- a/extra/wazuh.yml
+++ b/extra/wazuh.yml
@ -41,6 +41,8 @@ services:
				@@ -41,6 +41,8 @@ services:
      - network.host=0.0.0.0
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
      - bootstrap.memory_lock=true
+    volumes:
+      - ../../mistborn_volumes/extra/wazuh/init/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml
    ulimits:
      memlock:
        soft: -1
@ -73,9 +75,9 @@ services:
				@@ -73,9 +75,9 @@ services:
      - ../.envs/.production/.wazuh
    depends_on:
      - wazuh-elasticsearch
-    links:
-      - wazuh-elasticsearch:elasticsearch
-      - wazuh:wazuh
+    #links:
+    #  - wazuh-elasticsearch:elasticsearch
+    #  - wazuh:wazuh

 volumes:
  ossec_api_configuration:
--- a/scripts/services/wazuh/files/internal_users.yml
+++ b/scripts/services/wazuh/files/internal_users.yml
@ -0,0 +1,17 @@
				@@ -0,0 +1,17 @@
+---
+# This is the internal user database
+# The hash value is a bcrypt hash and can be generated with plugin/tools/hash.sh
+
+_meta:
+  type: "internalusers"
+  config_version: 2
+
+# Define your internal users here
+
+mistborn:
+  hash: "__MISTBORN_HASH__"
+  reserved: true
+  backend_roles:
+  - "admin"
+  description: "Mistborn user"
+
--- a/scripts/services/wazuh/init.sh
+++ b/scripts/services/wazuh/init.sh
@ -0,0 +1,14 @@
				@@ -0,0 +1,14 @@
+#!/bin/bash
+
+if [[ -f "/opt/mistborn_volumes/extra/wazuh/init/internal_users.yml" ]]; then
+    echo "internal_users.yml exists. Proceeding."
+    exit 0
+fi
+
+mkdir -p /opt/mistborn_volumes/extra/wazuh/init/ >/dev/null 2>&1
+chmod -R +x /opt/mistborn_volumes/extra/wazuh/init/
+cp /opt/mistborn/scripts/services/wazuh/files/internal_users.yml /opt/mistborn_volumes/extra/wazuh/init/
+
+WAZUH_MISTBORN_HASHED=$(docker run --rm -ti amazon/opendistro-for-elasticsearch:1.12.0 bash /usr/share/elasticsearch/plugins/opendistro_security/tools/hash.sh -p "${MISTBORN_DEFAULT_PASSWORD}")
+
+sed -i "s/__MISTBORN_HASH__/${WAZUH_MISTBORN_HASHED}/" /opt/mistborn_volumes/extra/guacamole/init/initdb.sql
--- a/scripts/subinstallers/extra/wazuh.sh
+++ b/scripts/subinstallers/extra/wazuh.sh
@ -4,6 +4,16 @@
				@@ -4,6 +4,16 @@
 WAZUH_PROD_FILE="$1"
 echo "ELASTIC_USERNAME=mistborn" > $WAZUH_PROD_FILE
 echo "ELASTIC_PASSWORD=$MISTBORN_DEFAULT_PASSWORD" >> $WAZUH_PROD_FILE
+
 echo "ELASTICSEARCH_USERNAME=mistborn" >> $WAZUH_PROD_FILE
 echo "ELASTICSEARCH_PASSWORD=$MISTBORN_DEFAULT_PASSWORD" >> $WAZUH_PROD_FILE
+
+# kibana odfe
+# kibana-odfe/config/wazuh_app_config.sh
+#WAZUH_API_URL="https://wazuh"
+#API_PORT="55000"
+
+# kibana-odfe/config/entrypoint.sh:
+#ELASTICSEARCH_URL="https://elasticsearch:9200"
+
 chmod 600 $WAZUH_PROD_FILE