From f0681c030e1c801e8ffaf901ab0eaaaaa6996bc0 Mon Sep 17 00:00:00 2001 From: jaydee Date: Fri, 9 Jan 2026 14:06:28 +0100 Subject: [PATCH] build --- kolia/docker-compose.yml | 33 ++++++ wazuh/docker-compose.yml | 214 +++++++++++++++++++-------------------- 2 files changed, 136 insertions(+), 111 deletions(-) create mode 100644 kolia/docker-compose.yml diff --git a/kolia/docker-compose.yml b/kolia/docker-compose.yml new file mode 100644 index 0000000..b3542ba --- /dev/null +++ b/kolia/docker-compose.yml @@ -0,0 +1,33 @@ +version: '3.7' +services: + kopia: + image: kopia/kopia:latest + hostname: Hostname + container_name: Kopia + restart: unless-stopped + ports: + - 51515:51515 + # Setup the server that provides the web gui + command: + - server + - start + - --disable-csrf-token-checks + - --insecure + - --address=0.0.0.0:51515 + - --server-username=jaydee + - --server-password=l4c1j4yd33Du5lo + environment: + # Set repository password + KOPIA_PASSWORD: "l4c1j4yd33Du5lo" + USER: "jaydee" + volumes: + # Mount local folders needed by kopia + - /share/docker_data/kopia/config/dir:/app/config + - /share/docker_data/kopia/cache/dir:/app/cache + - /share/docker_data/kopia/logs/dir:/app/logs + # Mount local folders to snapshot + - /var/lib/docker/volumes:/data:ro + # Mount repository location + - /media/nas/data/docker_data/kopia/repository:/repository + # Mount path for browsing mounted snapshots + - /share/docker_data/kopia/tmp/dir:/tmp:shared \ No newline at end of file diff --git a/wazuh/docker-compose.yml b/wazuh/docker-compose.yml index 6061c87..aa33a75 100755 --- a/wazuh/docker-compose.yml +++ b/wazuh/docker-compose.yml @@ -1,122 +1,114 @@ +# Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2) services: - wazuh.dashboard: - depends_on: - - wazuh.indexer - - environment: - - INDEXER_USERNAME=admin - - INDEXER_PASSWORD=SecretPassword - - WAZUH_API_URL=https://wazuh.manager - - DASHBOARD_USERNAME=kibanaserver - - DASHBOARD_PASSWORD=kibanaserver - - API_USERNAME=wazuh-wui - - API_PASSWORD=MyS3cr37P450r.*- - hostname: wazuh.dashboard - image: ${DOCKER_REGISTRY:-}wazuh/wazuh-dashboard:${VERSION:-4.11.0} - links: - - wazuh.indexer:wazuh.indexer - - wazuh.manager:wazuh.manager - ports: - - 5601:5601 - restart: always - volumes: - - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem - - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem - - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem - - /share/docker_data/wazuh/config/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml - - /share/docker_data/wazuh/config/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml - - wazuh-dashboard-config:/usr/share/wazuh-dashboard/data/wazuh/config - - wazuh-dashboard-custom:/usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom - wazuh.indexer: - environment: - - OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g - hostname: wazuh.indexer - image: ${DOCKER_REGISTRY:-}wazuh/wazuh-indexer:${VERSION:-4.11.0} - ports: - - 9200:9200 - restart: always - ulimits: - memlock: - hard: -1 - soft: -1 - nofile: - hard: 65536 - soft: 65536 - volumes: - - wazuh-indexer-data:/var/lib/wazuh-indexer - - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem - - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.key - - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.pem - - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/certs/admin.pem - - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/certs/admin-key.pem - - /share/docker_data/wazuh/config/wazuh_indexer/wazuh.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml - - /share/docker_data/wazuh/config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml - - /share/docker_data/wazuh/config/wazuh_indexer/roles_mapping.yml:/usr/share/wazuh-indexer/opensearch-security/roles_mapping.yml - - /share/docker_data/wazuh/config/wazuh_indexer/config.yml:/usr/share/wazuh-indexer/opensearch-security/config.yml - - /share/docker_data/wazuh/config/wazuh_indexer/idp-metadata.xml:/usr/share/wazuh-indexer/opensearch-security/idp-metadata.xml wazuh.manager: - environment: - - INDEXER_URL=https://wazuh.indexer:9200 - - INDEXER_USERNAME=admin - - INDEXER_PASSWORD=SecretPassword - - FILEBEAT_SSL_VERIFICATION_MODE=full - - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem - - SSL_CERTIFICATE=/etc/ssl/filebeat.pem - - SSL_KEY=/etc/ssl/filebeat.key - - API_USERNAME=wazuh-wui - - API_PASSWORD=MyS3cr37P450r.*- + image: wazuh/wazuh-manager:4.14.0 hostname: wazuh.manager - image: ${DOCKER_REGISTRY:-}wazuh/wazuh-manager:${VERSION:-4.11.0} - labels: - homepage.container: wazuh-wazuh.manager-1 - homepage.description: Security monitoring - homepage.group: Utilities - homepage.href: https://wazuh.sectorq.eu - homepage.icon: wazuh.png - homepage.name: Wazuh - homepage.server: my-docker - homepage.weight: '1' - ports: - - 1514:1514 - - 1515:1515 - - 514:514/udp - - 55000:55000 restart: always ulimits: memlock: - hard: -1 soft: -1 + hard: -1 nofile: - hard: 655360 soft: 655360 + hard: 655360 + ports: + - "1514:1514" + - "1515:1515" + - "514:514/udp" + - "55000:55000" + environment: + - INDEXER_URL=https://wazuh.indexer:9200 + - INDEXER_USERNAME=admin + - INDEXER_PASSWORD=SecretPassword + - FILEBEAT_SSL_VERIFICATION_MODE=full + - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem + - SSL_CERTIFICATE=/etc/ssl/filebeat.pem + - SSL_KEY=/etc/ssl/filebeat.key + - API_USERNAME=wazuh-wui + - API_PASSWORD=MyS3cr37P450r.*- volumes: - - wazuh_api_configuration:/var/ossec/api/configuration - - wazuh_etc:/var/ossec/etc - - wazuh_logs:/var/ossec/logs - - wazuh_queue:/var/ossec/queue - - wazuh_var_multigroups:/var/ossec/var/multigroups - - wazuh_integrations:/var/ossec/integrations - - wazuh_active_response:/var/ossec/active-response/bin - - wazuh_agentless:/var/ossec/agentless - - wazuh_wodles:/var/ossec/wodles - - filebeat_etc:/etc/filebeat - - filebeat_var:/var/lib/filebeat - - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/root-ca-manager.pem:/etc/ssl/root-ca.pem - - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.manager.pem:/etc/ssl/filebeat.pem - - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.manager-key.pem:/etc/ssl/filebeat.key - - /share/docker_data/wazuh/config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf + - wazuh_api_configuration:/var/ossec/api/configuration + - wazuh_etc:/var/ossec/etc + - wazuh_logs:/var/ossec/logs + - wazuh_queue:/var/ossec/queue + - wazuh_var_multigroups:/var/ossec/var/multigroups + - wazuh_integrations:/var/ossec/integrations + - wazuh_active_response:/var/ossec/active-response/bin + - wazuh_agentless:/var/ossec/agentless + - wazuh_wodles:/var/ossec/wodles + - filebeat_etc:/etc/filebeat + - filebeat_var:/var/lib/filebeat + - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/root-ca-manager.pem:/etc/ssl/root-ca.pem + - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.manager.pem:/etc/ssl/filebeat.pem + - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.manager-key.pem:/etc/ssl/filebeat.key + - /share/docker_data/wazuh/config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf + + wazuh.indexer: + image: wazuh/wazuh-indexer:4.14.0 + hostname: wazuh.indexer + restart: always + ports: + - "9200:9200" + environment: + - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g" + ulimits: + memlock: + soft: -1 + hard: -1 + nofile: + soft: 65536 + hard: 65536 + volumes: + - wazuh-indexer-data:/var/lib/wazuh-indexer + - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem + - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh.indexer.key + - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh.indexer.pem + - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/config/certs/admin.pem + - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/config/certs/admin-key.pem + - /share/docker_data/wazuh/config/wazuh_indexer/wazuh.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml + - /share/docker_data/wazuh/config/wazuh_indexer/wazuh_authentik_meta.xml:/etc/wazuh-indexer/opensearch-security/wazuh_authentik_meta.xml + - /share/docker_data/wazuh/config/wazuh_indexer/config.yml:/usr/share/wazuh-indexer/config/opensearch-security/config.yml + + wazuh.dashboard: + image: wazuh/wazuh-dashboard:4.14.0 + hostname: wazuh.dashboard + restart: always + ports: + - 5601:5601 + environment: + - INDEXER_USERNAME=admin + - INDEXER_PASSWORD=SecretPassword + - WAZUH_API_URL=https://wazuh.manager + - DASHBOARD_USERNAME=kibanaserver + - DASHBOARD_PASSWORD=kibanaserver + - API_USERNAME=wazuh-wui + - API_PASSWORD=MyS3cr37P450r.*- + volumes: + - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem + - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem + - /share/docker_data/wazuh/config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem + - /share/docker_data/wazuh/config/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml + - /share/docker_data/wazuh/config/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml + - wazuh-dashboard-config:/usr/share/wazuh-dashboard/data/wazuh/config + - wazuh-dashboard-custom:/usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom + depends_on: + - wazuh.indexer + links: + - wazuh.indexer:wazuh.indexer + - wazuh.manager:wazuh.manager + volumes: - filebeat_etc: null - filebeat_var: null - wazuh-dashboard-config: null - wazuh-dashboard-custom: null - wazuh-indexer-data: null - wazuh_active_response: null - wazuh_agentless: null - wazuh_api_configuration: null - wazuh_etc: null - wazuh_integrations: null - wazuh_logs: null - wazuh_queue: null - wazuh_var_multigroups: null - wazuh_wodles: null + wazuh_api_configuration: + wazuh_etc: + wazuh_logs: + wazuh_queue: + wazuh_var_multigroups: + wazuh_integrations: + wazuh_active_response: + wazuh_agentless: + wazuh_wodles: + filebeat_etc: + filebeat_var: + wazuh-indexer-data: + wazuh-dashboard-config: + wazuh-dashboard-custom: