Startseite Erkunden Hilfe
Anmelden
tum
/
soc
Beobachten 1
Favorit hinzufügen 0
Fork 0
Code Issues 0 Pull-Requests 0 Commits 35 Releases 0 Wiki

Keine Beschreibung

Branch: main
Branches Tags
soc
/
wazuh-docker
/
build-docker...
/
wazuh-manager
/
config
/
etc
/
cont-init.d
/
2-manager

2-manager 4.3KB
Permalink Verlauf Originalformat

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137 
  1. #!/usr/bin/with-contenv bash
    2. 

  2. 

  3. ##############################################################################
    4. 

  4. # Migration sequence
    5. 

  5. # Detect if there is a mounted volume on /wazuh-migration and copy the data
    6. 

  6. # to /var/ossec, finally it will create a flag ".migration-completed" inside
    7. 

  7. # the mounted volume
    8. 

  8. ##############################################################################
    9. 

  9. 

  10. function __colortext()
    11. 

  11. {
    12. 

  12.   echo -e " \e[1;$2m$1\e[0m"
    13. 

  13. }
    14. 

  14. 

  15. function echogreen()
    16. 

  16. {
    17. 

  17.   echo $(__colortext "$1" "32")
    18. 

  18. }
    19. 

  19. 

  20. function echoyellow()
    21. 

  21. {
    22. 

  22.   echo $(__colortext "$1" "33")
    23. 

  23. }
    24. 

  24. 

  25. function echored()
    26. 

  26. {
    27. 

  27.   echo $(__colortext "$1" "31")
    28. 

  28. }
    29. 

  29. 

  30. function_wazuh_migration(){
    31. 

  31.   if [ -d "/wazuh-migration" ]; then
    32. 

  32.     if [ ! -e /wazuh-migration/.migration-completed ]; then
    33. 

  33.       if [ ! -e /wazuh-migration/global.db ]; then
    34. 

  34.         echoyellow "The volume mounted on /wazuh-migration does not contain all the correct files."
    35. 

  35.         return
    36. 

  36.       fi
    37. 

  37. 

  38.       \cp -f /wazuh-migration/data/etc/ossec.conf /var/ossec/etc/ossec.conf
    39. 

  39.       chown root:wazuh /var/ossec/etc/ossec.conf
    40. 

  40.       chmod 640 /var/ossec/etc/ossec.conf
    41. 

  41. 

  42.       \cp -f /wazuh-migration/data/etc/client.keys /var/ossec/etc/client.keys
    43. 

  43.       chown wazuh:wazuh /var/ossec/etc/client.keys
    44. 

  44.       chmod 640 /var/ossec/etc/client.keys
    45. 

  45. 

  46.       \cp -f /wazuh-migration/data/etc/sslmanager.cert /var/ossec/etc/sslmanager.cert
    47. 

  47.       \cp -f /wazuh-migration/data/etc/sslmanager.key /var/ossec/etc/sslmanager.key
    48. 

  48.       chown root:root /var/ossec/etc/sslmanager.cert /var/ossec/etc/sslmanager.key
    49. 

  49.       chmod 640 /var/ossec/etc/sslmanager.cert /var/ossec/etc/sslmanager.key
    50. 

  50. 

  51.       \cp -f /wazuh-migration/data/etc/shared/default/agent.conf /var/ossec/etc/shared/default/agent.conf
    52. 

  52.       chown wazuh:wazuh /var/ossec/etc/shared/default/agent.conf
    53. 

  53.       chmod 660 /var/ossec/etc/shared/default/agent.conf
    54. 

  54. 

  55.       \cp -f /wazuh-migration/data/etc/decoders/* /var/ossec/etc/decoders/
    56. 

  56.       chown wazuh:wazuh /var/ossec/etc/decoders/*
    57. 

  57.       chmod 660 /var/ossec/etc/decoders/*
    58. 

  58. 

  59.       \cp -f /wazuh-migration/data/etc/rules/* /var/ossec/etc/rules/
    60. 

  60.       chown wazuh:wazuh /var/ossec/etc/rules/*
    61. 

  61.       chmod 660 /var/ossec/etc/rules/*
    62. 

  62. 

  63.       if [ -e /wazuh-migration/data/agentless/.passlist ]; then
    64. 

  64.         \cp -f /wazuh-migration/data/agentless/.passlist /var/ossec/agentless/.passlist
    65. 

  65.         chown root:wazuh /var/ossec/agentless/.passlist
    66. 

  66.         chmod 640 /var/ossec/agentless/.passlist
    67. 

  67.       fi
    68. 

  68. 

  69.       \cp -f /wazuh-migration/global.db /var/ossec/queue/db/global.db
    70. 

  70.       chown wazuh:wazuh /var/ossec/queue/db/global.db
    71. 

  71.       chmod 640 /var/ossec/queue/db/global.db
    72. 

  72. 

  73.       # mark volume as migrated
    74. 

  74.       touch /wazuh-migration/.migration-completed
    75. 

  75. 

  76.       echogreen "Migration completed succesfully"
    77. 

  77.     else
    78. 

  78.       echoyellow "This volume has already been migrated. You may proceed and remove it from the mount point (/wazuh-migration)"
    79. 

  79.     fi
    80. 

  80.   fi
    81. 

  81. }
    82. 

  82. 

  83. function_create_custom_user() {
    84. 

  84.   if [[ ! -z $API_USERNAME ]] && [[ ! -z $API_PASSWORD ]]; then
    85. 

  85.   cat << EOF > /var/ossec/api/configuration/admin.json
    86. 

  86. {
    87. 

  87.   "username": "$API_USERNAME",
    88. 

  88.   "password": "$API_PASSWORD"
    89. 

  89. }
    90. 

  90. EOF
    91. 

  91. 

  92.     # create or customize API user
    93. 

  93.     if /var/ossec/framework/python/bin/python3  /var/ossec/framework/scripts/create_user.py; then
    94. 

  94.       # remove json if exit code is 0
    95. 

  95.       rm /var/ossec/api/configuration/admin.json
    96. 

  96.     else
    97. 

  97.       echored "There was an error configuring the API user"
    98. 

  98.       # terminate container to avoid unpredictable behavior
    99. 

  99.       exec s6-svscanctl -t /var/run/s6/services
    100. 

  100.       exit 1
    101. 

  101.     fi
    102. 

  102.   fi
    103. 

  103. }
    104. 

  104. 

  105. function_entrypoint_scripts() {
    106. 

  106.   # It will run every .sh script located in entrypoint-scripts folder in lexicographical order
    107. 

  107.   if [ -d "/entrypoint-scripts/" ]
    108. 

  108.   then
    109. 

  109.     for script in `ls /entrypoint-scripts/*.sh | sort -n`; do
    110. 

  110.       bash "$script"
    111. 

  111.     done
    112. 

  112.   fi
    113. 

  113. }
    114. 

  114. 

  115. function_configure_vulnerability_detection() {
    116. 

  116. if [ "$INDEXER_PASSWORD" != "" ]; then
    117. 

  117.   >&2 echo "Configuring password."
    118. 

  118.     echo "$INDEXER_USERNAME" | /var/ossec/bin/wazuh-keystore -f indexer -k username
    119. 

  119.     echo "$INDEXER_PASSWORD" | /var/ossec/bin/wazuh-keystore -f indexer -k password
    120. 

  120. fi
    121. 

  121. }
    122. 

  122. 

  123. # Migrate data from /wazuh-migration volume
    124. 

  124. function_wazuh_migration
    125. 

  125. 

  126. # create API custom user
    127. 

  127. function_create_custom_user
    128. 

  128. 

  129. # configure Vulnerabilty detection
    130. 

  130. function_configure_vulnerability_detection
    131. 

  131. 

  132. # run entrypoint scripts
    133. 

  133. function_entrypoint_scripts
    134. 

  134. 

  135. # Start Wazuh
    136. 

  136. /var/ossec/bin/wazuh-control start
    137. 

  137.