build

wazuh/docker-compose.yml

@@ -1,136 +1,114 @@
+# Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2)
 services:
-  wazuh.dashboard:
-    depends_on:
-    - wazuh.indexer
-    dns:
-    - 192.168.77.101
-    environment:
-    - INDEXER_USERNAME=admin
-    - INDEXER_PASSWORD=SecretPassword
-    - WAZUH_API_URL=https://wazuh-manager
-    - DASHBOARD_USERNAME=kibanaserver
-    - DASHBOARD_PASSWORD=kibanaserver
-    - API_USERNAME=wazuh-wui
-    - API_PASSWORD=MyS3cr37P450r.*-
-    hostname: wazuh.dashboard
-    image: ${DOCKER_REGISTRY:-}wazuh/wazuh-dashboard:${VERSION:-4.12.0}
-    # labels:
-    #   wud.watch: 'true'
-    #   wud.watch.digest: 'true'
-    links:
-    - wazuh.indexer:wazuh.indexer
-    - wazuh.manager:wazuh.manager
-    ports:
-    - 5601:5601
-    restart: always
-    volumes:
-    - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem
-    - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem
-    - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem
-    - /share/docker_data/wazuh/config/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml
-    - /share/docker_data/wazuh/config/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
-    - wazuh-dashboard-config:/usr/share/wazuh-dashboard/data/wazuh/config
-    - wazuh-dashboard-custom:/usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom
-  wazuh.indexer:
-    dns:
-    - 192.168.77.101
-    environment:
-    - OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g
-    hostname: wazuh.indexer
-    image: ${DOCKER_REGISTRY:-}wazuh/wazuh-indexer:${VERSION:-4.12.0}
-    # labels:
-    #   wud.watch: 'true'
-    #   wud.watch.digest: 'true'
-    ports:
-    - 9200:9200
-    restart: always
-    ulimits:
-      memlock:
-        hard: -1
-        soft: -1
-      nofile:
-        hard: 65536
-        soft: 65536
-    volumes:
-    - wazuh-indexer-data:/var/lib/wazuh-indexer
-    - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem
-    - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.key
-    - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.pem
-    - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/certs/admin.pem
-    - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/certs/admin-key.pem
-    - /share/docker_data/wazuh/config/wazuh_indexer/wazuh.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml
-    - /share/docker_data/wazuh/config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
-    - /share/docker_data/wazuh/config/wazuh_indexer/roles_mapping.yml:/usr/share/wazuh-indexer/opensearch-security/roles_mapping.yml
-    - /share/docker_data/wazuh/config/wazuh_indexer/config.yml:/usr/share/wazuh-indexer/opensearch-security/config.yml
-    - /share/docker_data/wazuh/config/wazuh_indexer/idp-metadata.xml:/usr/share/wazuh-indexer/opensearch-security/idp-metadata.xml
   wazuh.manager:
-    dns:
+    image: wazuh/wazuh-manager:5.0.0
-    - 192.168.77.101
-    environment:
-    - INDEXER_URL=https://wazuh.indexer:9200
-    - INDEXER_USERNAME=admin
-    - INDEXER_PASSWORD=SecretPassword
-    - FILEBEAT_SSL_VERIFICATION_MODE=full
-    - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem
-    - SSL_CERTIFICATE=/etc/ssl/filebeat.pem
-    - SSL_KEY=/etc/ssl/filebeat.key
-    - API_USERNAME=wazuh-wui
-    - API_PASSWORD=MyS3cr37P450r.*-
     hostname: wazuh.manager
-    image: ${DOCKER_REGISTRY:-}wazuh/wazuh-manager:${VERSION:-4.12.0}
+    container_name: single-node-wazuh.manager
-    labels:
-      com.centurylinklabs.watchtower.enable: 'true'
-      homepage.container: wazuh-wazuh-manager-1
-      homepage.description: Security monitoring
-      homepage.group: Utilities
-      homepage.href: https://wazuh.sectorq.eu
-      homepage.icon: wazuh.png
-      homepage.name: Wazuh
-      homepage.server: my-docker
-      homepage.weight: '1'
-      # wud.watch: 'true'
-      # wud.watch.digest: 'true'
-    ports:
-    - 1514:1514
-    - 1515:1515
-    - 514:514/udp
-    - 55000:55000
     restart: always
     ulimits:
       memlock:
-        hard: -1
         soft: -1
+        hard: -1
       nofile:
-        hard: 655360
         soft: 655360
+        hard: 655360
+    ports:
+      - "1514:1514"
+      - "1515:1515"
+      - "514:514/udp"
+      - "55000:55000"
+    environment:
+      - WAZUH_INDEXER_HOSTS=wazuh.indexer:9200
+      - WAZUH_NODE_NAME=manager
+      - WAZUH_CLUSTER_NODES=wazuh.manager
+      - WAZUH_CLUSTER_BIND_ADDR=wazuh.manager
+      - INDEXER_USERNAME=admin
+      - INDEXER_PASSWORD=admin
+      - API_USERNAME=wazuh-wui
+      - API_PASSWORD=MyS3cr37P450r.*-
     volumes:
-    - wazuh_api_configuration:/var/ossec/api/configuration
+      - wazuh_api_configuration:/var/ossec/api/configuration
-    - wazuh_etc:/var/ossec/etc
+      - wazuh_etc:/var/ossec/etc
-    - wazuh_logs:/var/ossec/logs
+      - wazuh_logs:/var/ossec/logs
-    - wazuh_queue:/var/ossec/queue
+      - wazuh_queue:/var/ossec/queue
-    - wazuh_var_multigroups:/var/ossec/var/multigroups
+      - wazuh_var_multigroups:/var/ossec/var/multigroups
-    - wazuh_integrations:/var/ossec/integrations
+      - wazuh_active_response:/var/ossec/active-response/bin
-    - wazuh_active_response:/var/ossec/active-response/bin
+      - wazuh_wodles:/var/ossec/wodles
-    - wazuh_agentless:/var/ossec/agentless
+      - /share/docker_data/wazuh/wazuh-certificates/root-ca.pem:/var/ossec/etc/certs/root-ca.pem
-    - wazuh_wodles:/var/ossec/wodles
+      - /share/docker_data/wazuh/wazuh-certificates/wazuh.manager.pem:/var/ossec/etc/certs/server.pem
-    - filebeat_etc:/etc/filebeat
+      - /share/docker_data/wazuh/wazuh-certificates/wazuh.manager-key.pem:/var/ossec/etc/certs/server-key.pem
-    - filebeat_var:/var/lib/filebeat
+
-    - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/root-ca-manager.pem:/etc/ssl/root-ca.pem
+  wazuh.indexer:
-    - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.manager.pem:/etc/ssl/filebeat.pem
+    image: wazuh/wazuh-indexer:5.0.0
-    - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.manager-key.pem:/etc/ssl/filebeat.key
+    hostname: wazuh.indexer
-    - /share/docker_data/wazuh/config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
+    container_name: single-node-wazuh.indexer
+    restart: always
+    ports:
+      - "9200:9200"
+    environment:
+      - OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g
+      - bootstrap.memory_lock=true
+      - network.host=wazuh.indexer
+      - node.name=wazuh.indexer
+      - cluster.initial_cluster_manager_nodes=wazuh.indexer
+      - node.max_local_storage_nodes=1
+      - plugins.security.allow_default_init_securityindex=true
+      - NODES_DN=CN=wazuh.indexer,OU=Wazuh,O=Wazuh,L=California,C=US
+    ulimits:
+      memlock:
+        soft: -1
+        hard: -1
+      nofile:
+        soft: 65536
+        hard: 65536
+    volumes:
+      - wazuh-indexer-data:/var/lib/wazuh-indexer
+      - /share/docker_data/wazuh/wazuh-certificates/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem
+      - /share/docker_data/wazuh/wazuh-certificates/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/indexer-key.pem
+      - /share/docker_data/wazuh/wazuh-certificates/wazuh.indexer.pem:/usr/share/wazuh-indexer/config/certs/indexer.pem
+      - /share/docker_data/wazuh/wazuh-certificates/admin.pem:/usr/share/wazuh-indexer/config/certs/admin.pem
+      - /share/docker_data/wazuh/wazuh-certificates/admin-key.pem:/usr/share/wazuh-indexer/config/certs/admin-key.pem
+  wazuh.dashboard:
+    image: wazuh/wazuh-dashboard:5.0.0
+    hostname: wazuh.dashboard
+    container_name: single-node-wazuh.dashboard
+    restart: always
+    ports:
+      - 443:5601
+    environment:
+      - SERVER_PORT=5601
+      - SERVER_HOST=0.0.0.0
+      - OPENSEARCH_HOSTS=https://wazuh.indexer:9200
+      - INDEXER_USERNAME=admin
+      - INDEXER_PASSWORD=admin
+      - WAZUH_API_URL=https://wazuh.manager
+      - DASHBOARD_USERNAME=kibanaserver
+      - DASHBOARD_PASSWORD=kibanaserver
+      - API_USERNAME=wazuh-wui
+      - API_PASSWORD=MyS3cr37P450r.*-
+      - SERVER_SSL_CERTIFICATE=/usr/share/wazuh-dashboard/config/certs/dashboard.pem
+      - SERVER_SSL_KEY=/usr/share/wazuh-dashboard/config/certs/dashboard-key.pem
+      - OPENSEARCH_SSL_CERTIFICATE_AUTHORITIES=/usr/share/wazuh-dashboard/config/certs/root-ca.pem
+    volumes:
+      - /share/docker_data/wazuh/wazuh-certificates/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/config/certs/dashboard.pem
+      - /share/docker_data/wazuh/wazuh-certificates/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/config/certs/dashboard-key.pem
+      - /share/docker_data/wazuh/wazuh-certificates/root-ca.pem:/usr/share/wazuh-dashboard/config/certs/root-ca.pem
+      - wazuh-dashboard-config:/usr/share/wazuh-dashboard/config
+      - wazuh-dashboard-custom:/usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom
+    depends_on:
+      - wazuh.indexer
+    links:
+      - wazuh.indexer:wazuh.indexer
+      - wazuh.manager:wazuh.manager
+
 volumes:
-  filebeat_etc: null
+  wazuh_api_configuration:
-  filebeat_var: null
+  wazuh_etc:
-  wazuh-dashboard-config: null
+  wazuh_logs:
-  wazuh-dashboard-custom: null
+  wazuh_queue:
-  wazuh-indexer-data: null
+  wazuh_var_multigroups:
-  wazuh_active_response: null
+  wazuh_active_response:
-  wazuh_agentless: null
+  wazuh_wodles:
-  wazuh_api_configuration: null
+  wazuh-indexer-data:
-  wazuh_etc: null
+  wazuh-dashboard-config:
-  wazuh_integrations: null
+  wazuh-dashboard-custom:
-  wazuh_logs: null
-  wazuh_queue: null
-  wazuh_var_multigroups: null
-  wazuh_wodles: null