diff --git a/unattended_scripts/install_functions/opendistro/common.sh b/unattended_scripts/install_functions/opendistro/common.sh index b4c707d8c6..eaead9a18b 100644 --- a/unattended_scripts/install_functions/opendistro/common.sh +++ b/unattended_scripts/install_functions/opendistro/common.sh @@ -7,10 +7,12 @@ repogpg="https://packages.wazuh.com/key/GPG-KEY-WAZUH" repobaseurl="https://packages.wazuh.com/4.x" +reporelease="stable" if [ -n "${development}" ]; then repogpg="https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH" repobaseurl="https://packages-dev.wazuh.com/pre-release" + reporelease="unstable" fi getConfig() { @@ -48,7 +50,7 @@ checkArch() { } installPrerequisites() { - logger "Installing all necessary utilities for the installation..." + logger "Installing all necessary utilities for the installation." if [ ${sys_type} == "yum" ]; then eval "yum install curl unzip wget libcap -y ${debug}" @@ -69,7 +71,7 @@ installPrerequisites() { } addWazuhrepo() { - logger "Adding the Wazuh repository..." + logger "Adding the Wazuh repository." if [ -n ${development} ]; then if [ ${sys_type} == "yum" ]; then @@ -90,7 +92,7 @@ addWazuhrepo() { eval "echo -e '[wazuh]\ngpgcheck=1\ngpgkey=${repogpg}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl='${repobaseurl}'/yum/\nprotect=1' | tee /etc/zypp/repos.d/wazuh.repo ${debug}" elif [ ${sys_type} == "apt-get" ]; then eval "curl -s ${repogpg} --max-time 300 | apt-key add - ${debug}" - eval "echo "deb '${repobaseurl}'/apt/ stable main" | tee /etc/apt/sources.list.d/wazuh.list ${debug}" + eval "echo "deb '${repobaseurl}'/apt/ '${reporelease}' main" | tee /etc/apt/sources.list.d/wazuh.list ${debug}" eval "apt-get update -q ${debug}" fi else @@ -113,6 +115,7 @@ restoreWazuhrepo() { fi eval "sed -i 's/-dev//g' ${file} ${debug}" eval "sed -i 's/pre-release/4.x/g' ${file} ${debug}" + eval "sed -i 's/unstable/stable/g' ${file} ${debug}" logger "Done" fi } @@ -273,7 +276,8 @@ healthCheck() { logger -e "Your system does not meet the recommended minimum hardware requirements of 4Gb of RAM and 2 CPU cores. If you want to proceed with the installation use the -i option to ignore these requirements." exit 1; else - logger "Starting the installation..." + logger "Check recommended minimum hardware requirements for Elasticsearch done." + logger "Starting the installation." fi ;; @@ -282,7 +286,8 @@ healthCheck() { logger -e "Your system does not meet the recommended minimum hardware requirements of 4Gb of RAM and 2 CPU cores. If you want to proceed with the installation use the -i option to ignore these requirements." exit 1; else - logger "Starting the installation..." + logger "Check recommended minimum hardware requirements for Kibana done." + logger "Starting the installation." fi ;; "wazuh") @@ -291,7 +296,8 @@ healthCheck() { logger -e "Your system does not meet the recommended minimum hardware requirements of 2Gb of RAM and 2 CPU cores . If you want to proceed with the installation use the -i option to ignore these requirements." exit 1; else - logger "Starting the installation..." + logger "Check recommended minimum hardware requirements for Wazuh Manager done." + logger "Starting the installation." fi ;; "AIO") @@ -300,7 +306,8 @@ healthCheck() { logger -e "Your system does not meet the recommended minimum hardware requirements of 4Gb of RAM and 2 CPU cores. If you want to proceed with the installation use the -i option to ignore these requirements." exit 1; else - logger "Starting the installation..." + logger "Check recommended minimum hardware requirements for AIO done." + logger "Starting the installation." fi ;; esac @@ -321,7 +328,7 @@ rollBack() { fi if [ -n "${wazuhinstalled}" ]; then - logger -w "Removing the Wazuh manager..." + logger -w "Removing the Wazuh manager." if [ "${sys_type}" == "yum" ]; then eval "yum remove wazuh-manager -y ${debug}" elif [ "${sys_type}" == "zypper" ]; then @@ -333,7 +340,7 @@ rollBack() { fi if [ -n "${elasticsearchinstalled}" ]; then - logger -w "Removing Elasticsearch..." + logger -w "Removing Elasticsearch." if [ "${sys_type}" == "yum" ]; then eval "yum remove opendistroforelasticsearch -y ${debug}" eval "yum remove elasticsearch* -y ${debug}" @@ -351,7 +358,7 @@ rollBack() { fi if [ -n "${filebeatinstalled}" ]; then - logger -w "Removing Filebeat..." + logger -w "Removing Filebeat." if [ "${sys_type}" == "yum" ]; then eval "yum remove filebeat -y ${debug}" elif [ "${sys_type}" == "zypper" ]; then @@ -365,7 +372,7 @@ rollBack() { fi if [ -n "${kibanainstalled}" ]; then - logger -w "Removing Kibana..." + logger -w "Removing Kibana." if [ "${sys_type}" == "yum" ]; then eval "yum remove opendistroforelasticsearch-kibana -y ${debug}" elif [ "${sys_type}" == "zypper" ]; then diff --git a/unattended_scripts/install_functions/opendistro/elasticsearch.sh b/unattended_scripts/install_functions/opendistro/elasticsearch.sh index 44f2bb2768..80c8e472a1 100644 --- a/unattended_scripts/install_functions/opendistro/elasticsearch.sh +++ b/unattended_scripts/install_functions/opendistro/elasticsearch.sh @@ -7,7 +7,7 @@ installElasticsearch() { - logger "Installing Open Distro for Elasticsearch..." + logger "Installing Open Distro for Elasticsearch." if [ ${sys_type} == "yum" ]; then eval "yum install opendistroforelasticsearch-${opendistro_version}-${opendistro_revision} -y ${debug}" @@ -46,7 +46,7 @@ copyCertificatesElasticsearch() { configureElasticsearchAIO() { - logger "Configuring Elasticsearch..." + logger "Configuring Elasticsearch." eval "getConfig elasticsearch/elasticsearch_unattended.yml /etc/elasticsearch/elasticsearch.yml ${debug}" eval "getConfig elasticsearch/roles/roles.yml /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/roles.yml ${debug}" @@ -80,7 +80,7 @@ configureElasticsearchAIO() { eval "chown root:elasticsearch /etc/elasticsearch/jvm.options.d/disabledlog4j.options ${debug}" startService "elasticsearch" - logger "Initializing Elasticsearch..." + logger "Initializing Elasticsearch." until $(curl -XGET https://localhost:9200/ -uadmin:admin -k --max-time 120 --silent --output /dev/null); do sleep 10 done @@ -91,7 +91,7 @@ configureElasticsearchAIO() { } configureElasticsearch() { - logger "Configuring Elasticsearch..." + logger "Configuring Elasticsearch." eval "getConfig elasticsearch/elasticsearch_unattended_distributed.yml /etc/elasticsearch/elasticsearch.yml ${debug}" eval "getConfig elasticsearch/roles/roles.yml /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/roles.yml ${debug}" @@ -108,7 +108,6 @@ configureElasticsearch() { echo ' - CN='${einame}',OU=Docu,O=Wazuh,L=California,C=US' >> /etc/elasticsearch/elasticsearch.yml else echo "node.name: ${einame}" >> /etc/elasticsearch/elasticsearch.yml - echo "cluster.initial_master_nodes:" >> /etc/elasticsearch/elasticsearch.yml for i in ${elasticsearch_node_names[@]}; do echo ' - "'${$i}'"' >> /etc/elasticsearch/elasticsearch.yml @@ -174,9 +173,9 @@ initializeElasticsearch() { logger "Elasticsearch installed." - logger "Starting Elasticsearch..." + logger "Starting Elasticsearch." startService "elasticsearch" - logger "Initializing Elasticsearch..." + logger "Initializing Elasticsearch." until $(curl -XGET https://${elasticsearch_node_ips[pos]}:9200/ -uadmin:admin -k --max-time 120 --silent --output /dev/null); do sleep 10 diff --git a/unattended_scripts/install_functions/opendistro/filebeat.sh b/unattended_scripts/install_functions/opendistro/filebeat.sh index c315a1d191..5a80a981f3 100644 --- a/unattended_scripts/install_functions/opendistro/filebeat.sh +++ b/unattended_scripts/install_functions/opendistro/filebeat.sh @@ -12,7 +12,7 @@ installFilebeat() { exit 1; fi - logger "Installing Filebeat..." + logger "Installing Filebeat." if [ ${sys_type} == "zypper" ]; then eval "zypper -n install filebeat-${elasticsearch_oss_version} ${debug}" @@ -51,7 +51,7 @@ configureFilebeat() { eval "cp ${base_path}/certs/root-ca.pem /etc/filebeat/certs/ ${debug}" logger "Done" - logger "Starting Filebeat..." + logger "Starting Filebeat." startService filebeat } diff --git a/unattended_scripts/install_functions/opendistro/kibana.sh b/unattended_scripts/install_functions/opendistro/kibana.sh index df4a9dc880..2ffd09e4ff 100644 --- a/unattended_scripts/install_functions/opendistro/kibana.sh +++ b/unattended_scripts/install_functions/opendistro/kibana.sh @@ -7,7 +7,7 @@ installKibana() { - logger "Installing Open Distro for Kibana..." + logger "Installing Open Distro for Kibana." if [ ${sys_type} == "zypper" ]; then eval "zypper -n install opendistroforelasticsearch-kibana=${opendistro_version} ${debug}" else diff --git a/unattended_scripts/install_functions/opendistro/wazuh-cert-tool.sh b/unattended_scripts/install_functions/opendistro/wazuh-cert-tool.sh index ee0e8ed434..13e43bbbe4 100644 --- a/unattended_scripts/install_functions/opendistro/wazuh-cert-tool.sh +++ b/unattended_scripts/install_functions/opendistro/wazuh-cert-tool.sh @@ -174,7 +174,7 @@ generateAdmincertificate() { generateElasticsearchcertificates() { - logger_cert "Creating the Elasticsearch certificates..." + logger_cert "Creating the Elasticsearch certificates." i=0 while [ ${i} -lt ${#elasticsearch_node_names[@]} ]; do @@ -189,7 +189,7 @@ generateElasticsearchcertificates() { generateFilebeatcertificates() { - logger_cert "Creating Wazuh server certificates..." + logger_cert "Creating Wazuh server certificates." i=0 while [ ${i} -lt ${#wazuh_servers_node_names[@]} ]; do @@ -203,7 +203,7 @@ generateFilebeatcertificates() { generateKibanacertificates() { - logger_cert "Creating Kibana certificate..." + logger_cert "Creating Kibana certificate." i=0 while [ ${i} -lt ${#kibana_node_names[@]} ]; do diff --git a/unattended_scripts/install_functions/opendistro/wazuh.sh b/unattended_scripts/install_functions/opendistro/wazuh.sh index 1851fb2ca2..c689adbbb1 100644 --- a/unattended_scripts/install_functions/opendistro/wazuh.sh +++ b/unattended_scripts/install_functions/opendistro/wazuh.sh @@ -7,7 +7,7 @@ installWazuh() { - logger "Installing the Wazuh manager..." + logger "Installing the Wazuh manager." if [ ${sys_type} == "zypper" ]; then eval "zypper -n install wazuh-manager=${wazuh_version}-${wazuh_revision} ${debug}" else diff --git a/unattended_scripts/wazuh_install.sh b/unattended_scripts/wazuh_install.sh index ce4425897b..827407d937 100755 --- a/unattended_scripts/wazuh_install.sh +++ b/unattended_scripts/wazuh_install.sh @@ -67,7 +67,7 @@ getHelp() { echo -e " -l, --local" echo -e " Use local files." echo -e "" - echo -e " -d, --dev" + echo -e " -d, --development" echo -e " Use development repository." echo -e "" echo -e " -h, --help" @@ -99,15 +99,15 @@ logger() { importFunction() { if [ -n "${local}" ]; then - if [ -f ./$functions_path/$1 ]; then - cat ./$functions_path/$1 |grep 'main $@' > /dev/null 2>&1 + if [ -f ${base_path}/$functions_path/$1 ]; then + cat ${base_path}/$functions_path/$1 |grep 'main $@' > /dev/null 2>&1 has_main=$? if [ $has_main = 0 ]; then - sed -i 's/main $@//' ./$functions_path/$1 + sed -i 's/main $@//' ${base_path}/$functions_path/$1 fi - . ./$functions_path/$1 + . ${base_path}/$functions_path/$1 if [ $has_main = 0 ]; then - echo 'main $@' >> ./$functions_path/$1 + echo 'main $@' >> ${base_path}/$functions_path/$1 fi else error=1 @@ -123,7 +123,7 @@ importFunction() { fi fi if [ "${error}" = "1" ]; then - logger -e "Unable to find resource $1. Exiting" + logger -e "Unable to find resource $1. Exiting." exit 1 fi } @@ -167,7 +167,7 @@ main() { debug='2>&1 | tee -a /var/log/wazuh-unattended-installation.log' shift 1 ;; - "-d"|"--dev") + "-d"|"--development") development=1 shift 1 ;; @@ -193,10 +193,6 @@ main() { importFunction "wazuh-cert-tool.sh" checkArch - - if [ -n "${certificates}" ] || [ -n "${AIO}" ]; then - createCertificates - fi if [ -z ${AIO} ]; then readConfig @@ -205,18 +201,21 @@ main() { addWazuhrepo fi + if [ -n "${certificates}" ] || [ -n "${AIO}" ]; then + createCertificates + fi + if [ -n "${elasticsearch}" ]; then importFunction "elasticsearch.sh" if [ -n "${ignore}" ]; then - logger -w "Health-check ignored." + logger -w "Health-check ignored for Elasticsearch." else healthCheck elasticsearch fi installElasticsearch configureElasticsearch - restoreWazuhrepo fi if [ -n "${kibana}" ]; then @@ -224,13 +223,12 @@ main() { importFunction "kibana.sh" if [ -n "${ignore}" ]; then - logger -w "Health-check ignored." + logger -w "Health-check ignored for Kibana." else healthCheck kibana fi installKibana configureKibana - restoreWazuhrepo fi if [ -n "${wazuh}" ]; then @@ -239,7 +237,7 @@ main() { importFunction "filebeat.sh" if [ -n "${ignore}" ]; then - logger -w "Health-check ignored." + logger -w "Health-check ignored for Wazuh manager." else healthCheck wazuh fi @@ -249,7 +247,6 @@ main() { fi installFilebeat configureFilebeat - restoreWazuhrepo fi if [ -n "${AIO}" ]; then @@ -260,10 +257,11 @@ main() { importFunction "kibana.sh" if [ -n "${ignore}" ]; then - logger -w "Health-check ignored." + logger -w "Health-check ignored for AIO." else healthCheck AIO fi + checkSystem installPrerequisites addWazuhrepo @@ -274,8 +272,10 @@ main() { configureFilebeatAIO installKibana configureKibanaAIO - restoreWazuhrepo fi + + restoreWazuhrepo + } main "$@"