diff --git a/wazuh/docker-compose.yml b/wazuh/docker-compose.yml index 0dba64b..3ab4fcd 100755 --- a/wazuh/docker-compose.yml +++ b/wazuh/docker-compose.yml @@ -1,113 +1,136 @@ -# Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2) services: - wazuh.manager: - image: wazuh/wazuh-manager:4.14.2-rc4 - hostname: wazuh.manager - container_name: single-node-wazuh.manager - restart: always - ulimits: - memlock: - soft: -1 - hard: -1 - nofile: - soft: 655360 - hard: 655360 - ports: - - "1514:1514" - - "1515:1515" - - "514:514/udp" - - "55000:55000" - environment: - - WAZUH_INDEXER_HOSTS=wazuh.indexer:9200 - - WAZUH_NODE_NAME=manager - - WAZUH_CLUSTER_NODES=wazuh.manager - - WAZUH_CLUSTER_BIND_ADDR=wazuh.manager - - INDEXER_USERNAME=admin - - INDEXER_PASSWORD=admin - - API_USERNAME=wazuh-wui - - API_PASSWORD=MyS3cr37P450r.*- - volumes: - - wazuh_api_configuration:/var/ossec/api/configuration - - wazuh_etc:/var/ossec/etc - - wazuh_logs:/var/ossec/logs - - wazuh_queue:/var/ossec/queue - - wazuh_var_multigroups:/var/ossec/var/multigroups - - wazuh_active_response:/var/ossec/active-response/bin - - wazuh_wodles:/var/ossec/wodles - - /share/docker_data/wazuh/wazuh-certificates/root-ca.pem:/var/ossec/etc/certs/root-ca.pem - - /share/docker_data/wazuh/wazuh-certificates/wazuh.manager.pem:/var/ossec/etc/certs/server.pem - - /share/docker_data/wazuh/wazuh-certificates/wazuh.manager-key.pem:/var/ossec/etc/certs/server-key.pem - - wazuh.indexer: - image: wazuh/wazuh-indexer:4.14.2-rc4 - hostname: wazuh.indexer - container_name: single-node-wazuh.indexer - restart: always - ports: - - "9200:9200" - environment: - - OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g - - bootstrap.memory_lock=true - - network.host=wazuh.indexer - - node.name=wazuh.indexer - - cluster.initial_cluster_manager_nodes=wazuh.indexer - - node.max_local_storage_nodes=1 - - plugins.security.allow_default_init_securityindex=true - - NODES_DN=CN=wazuh.indexer,OU=Wazuh,O=Wazuh,L=California,C=US - ulimits: - memlock: - soft: -1 - hard: -1 - nofile: - soft: 65536 - hard: 65536 - volumes: - - wazuh-indexer-data:/var/lib/wazuh-indexer - - /share/docker_data/wazuh/wazuh-certificates/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem - - /share/docker_data/wazuh/wazuh-certificates/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/indexer-key.pem - - /share/docker_data/wazuh/wazuh-certificates/wazuh.indexer.pem:/usr/share/wazuh-indexer/config/certs/indexer.pem - - /share/docker_data/wazuh/wazuh-certificates/admin.pem:/usr/share/wazuh-indexer/config/certs/admin.pem - - /share/docker_data/wazuh/wazuh-certificates/admin-key.pem:/usr/share/wazuh-indexer/config/certs/admin-key.pem wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.14.2-rc4 - hostname: wazuh.dashboard - container_name: single-node-wazuh.dashboard - restart: always - ports: - - 5601:5601 - environment: - - SERVER_PORT=5601 - - SERVER_HOST=0.0.0.0 - - OPENSEARCH_HOSTS=https://wazuh.indexer:9200 - - INDEXER_USERNAME=admin - - INDEXER_PASSWORD=admin - - WAZUH_API_URL=https://wazuh.manager - - DASHBOARD_USERNAME=kibanaserver - - DASHBOARD_PASSWORD=kibanaserver - - API_USERNAME=wazuh-wui - - API_PASSWORD=MyS3cr37P450r.*- - - SERVER_SSL_CERTIFICATE=/usr/share/wazuh-dashboard/config/certs/dashboard.pem - - SERVER_SSL_KEY=/usr/share/wazuh-dashboard/config/certs/dashboard-key.pem - - OPENSEARCH_SSL_CERTIFICATE_AUTHORITIES=/usr/share/wazuh-dashboard/config/certs/root-ca.pem - volumes: - - /share/docker_data/wazuh/wazuh-certificates/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/config/certs/dashboard.pem - - /share/docker_data/wazuh/wazuh-certificates/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/config/certs/dashboard-key.pem - - /share/docker_data/wazuh/wazuh-certificates/root-ca.pem:/usr/share/wazuh-dashboard/config/certs/root-ca.pem - - wazuh-dashboard-custom:/usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom depends_on: - - wazuh.indexer + - wazuh.indexer + dns: + - 192.168.77.101 + environment: + - INDEXER_USERNAME=admin + - INDEXER_PASSWORD=SecretPassword + - WAZUH_API_URL=https://wazuh.manager + - DASHBOARD_USERNAME=kibanaserver + - DASHBOARD_PASSWORD=kibanaserver + - API_USERNAME=wazuh-wui + - API_PASSWORD=MyS3cr37P450r.*- + hostname: wazuh.dashboard + image: ${DOCKER_REGISTRY:-}wazuh/wazuh-dashboard:${VERSION:-4.10.1} + labels: + wud.watch: 'true' + wud.watch.digest: 'true' links: - - wazuh.indexer:wazuh.indexer - - wazuh.manager:wazuh.manager - + - wazuh.indexer:wazuh.indexer + - wazuh.manager:wazuh.manager + ports: + - 5601:5601 + restart: always + volumes: + - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem + - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem + - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem + - /share/docker_data/wazuh/config/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml + - /share/docker_data/wazuh/config/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml + - wazuh-dashboard-config:/usr/share/wazuh-dashboard/data/wazuh/config + - wazuh-dashboard-custom:/usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom + wazuh.indexer: + dns: + - 192.168.77.101 + environment: + - OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g + hostname: wazuh.indexer + image: ${DOCKER_REGISTRY:-}wazuh/wazuh-indexer:${VERSION:-4.10.1} + labels: + wud.watch: 'true' + wud.watch.digest: 'true' + ports: + - 9200:9200 + restart: always + ulimits: + memlock: + hard: -1 + soft: -1 + nofile: + hard: 65536 + soft: 65536 + volumes: + - wazuh-indexer-data:/var/lib/wazuh-indexer + - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem + - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.key + - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.pem + - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/certs/admin.pem + - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/certs/admin-key.pem + - /share/docker_data/wazuh/config/wazuh_indexer/wazuh.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml + - /share/docker_data/wazuh/config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml + - /share/docker_data/wazuh/config/wazuh_indexer/roles_mapping.yml:/usr/share/wazuh-indexer/opensearch-security/roles_mapping.yml + - /share/docker_data/wazuh/config/wazuh_indexer/config.yml:/usr/share/wazuh-indexer/opensearch-security/config.yml + - /share/docker_data/wazuh/config/wazuh_indexer/idp-metadata.xml:/usr/share/wazuh-indexer/opensearch-security/idp-metadata.xml + wazuh.manager: + dns: + - 192.168.77.101 + environment: + - INDEXER_URL=https://wazuh.indexer:9200 + - INDEXER_USERNAME=admin + - INDEXER_PASSWORD=SecretPassword + - FILEBEAT_SSL_VERIFICATION_MODE=full + - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem + - SSL_CERTIFICATE=/etc/ssl/filebeat.pem + - SSL_KEY=/etc/ssl/filebeat.key + - API_USERNAME=wazuh-wui + - API_PASSWORD=MyS3cr37P450r.*- + hostname: wazuh.manager + image: ${DOCKER_REGISTRY:-}wazuh/wazuh-manager:${VERSION:-4.10.1} + labels: + com.centurylinklabs.watchtower.enable: 'true' + homepage.container: wazuh-wazuh.manager-1 + homepage.description: Security monitoring + homepage.group: Utilities + homepage.href: https://wazuh.sectorq.eu + homepage.icon: wazuh.png + homepage.name: Wazuh + homepage.server: my-docker + homepage.weight: '1' + wud.watch: 'true' + wud.watch.digest: 'true' + ports: + - 1514:1514 + - 1515:1515 + - 514:514/udp + - 55000:55000 + restart: always + ulimits: + memlock: + hard: -1 + soft: -1 + nofile: + hard: 655360 + soft: 655360 + volumes: + - wazuh_api_configuration:/var/ossec/api/configuration + - wazuh_etc:/var/ossec/etc + - wazuh_logs:/var/ossec/logs + - wazuh_queue:/var/ossec/queue + - wazuh_var_multigroups:/var/ossec/var/multigroups + - wazuh_integrations:/var/ossec/integrations + - wazuh_active_response:/var/ossec/active-response/bin + - wazuh_agentless:/var/ossec/agentless + - wazuh_wodles:/var/ossec/wodles + - filebeat_etc:/etc/filebeat + - filebeat_var:/var/lib/filebeat + - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/root-ca-manager.pem:/etc/ssl/root-ca.pem + - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.manager.pem:/etc/ssl/filebeat.pem + - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.manager-key.pem:/etc/ssl/filebeat.key + - /share/docker_data/wazuh/config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf volumes: - wazuh_api_configuration: - wazuh_etc: - wazuh_logs: - wazuh_queue: - wazuh_var_multigroups: - wazuh_active_response: - wazuh_wodles: - wazuh-indexer-data: - wazuh-dashboard-config: - wazuh-dashboard-custom: \ No newline at end of file + filebeat_etc: null + filebeat_var: null + wazuh-dashboard-config: null + wazuh-dashboard-custom: null + wazuh-indexer-data: null + wazuh_active_response: null + wazuh_agentless: null + wazuh_api_configuration: null + wazuh_etc: null + wazuh_integrations: null + wazuh_logs: null + wazuh_queue: null + wazuh_var_multigroups: null + wazuh_wodles: null