Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix wazuh install in unify-unattended script #1072

Merged
merged 17 commits into from
Dec 21, 2021
Merged
Show file tree
Hide file tree
Changes from 14 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions unattended_scripts/config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

## Elasticsearch configuration

network.host: 192.168.56.16
network.host: <elastic_ip_addr_node1>


# Clients certificates
Expand All @@ -15,7 +15,7 @@ clients:


# Kibana-instance
- 192.168.56.17
- <kibana_ip_addr>

# Wazuh-master-configuration
- 192.168.56.17
- <wazuh_master_ip_addr>
31 changes: 19 additions & 12 deletions unattended_scripts/install_functions/opendistro/common.sh
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,12 @@

repogpg="https://packages.wazuh.com/key/GPG-KEY-WAZUH"
repobaseurl="https://packages.wazuh.com/4.x"
reporelease="stable"

if [ -n "${development}" ]; then
repogpg="https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH"
repobaseurl="https://packages-dev.wazuh.com/pre-release"
reporelease="unstable"
fi

getConfig() {
Expand Down Expand Up @@ -48,7 +50,7 @@ checkArch() {
}

installPrerequisites() {
logger "Installing all necessary utilities for the installation..."
logger "Installing all necessary utilities for the installation."

if [ ${sys_type} == "yum" ]; then
eval "yum install curl unzip wget libcap -y ${debug}"
Expand All @@ -69,7 +71,7 @@ installPrerequisites() {
}

addWazuhrepo() {
logger "Adding the Wazuh repository..."
logger "Adding the Wazuh repository."

if [ -n ${development} ]; then
if [ ${sys_type} == "yum" ]; then
Expand All @@ -90,7 +92,7 @@ addWazuhrepo() {
eval "echo -e '[wazuh]\ngpgcheck=1\ngpgkey=${repogpg}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl='${repobaseurl}'/yum/\nprotect=1' | tee /etc/zypp/repos.d/wazuh.repo ${debug}"
elif [ ${sys_type} == "apt-get" ]; then
eval "curl -s ${repogpg} --max-time 300 | apt-key add - ${debug}"
eval "echo "deb '${repobaseurl}'/apt/ stable main" | tee /etc/apt/sources.list.d/wazuh.list ${debug}"
eval "echo "deb '${repobaseurl}'/apt/ '${reporelease}' main" | tee /etc/apt/sources.list.d/wazuh.list ${debug}"
eval "apt-get update -q ${debug}"
fi
else
Expand All @@ -113,6 +115,7 @@ restoreWazuhrepo() {
fi
eval "sed -i 's/-dev//g' ${file} ${debug}"
eval "sed -i 's/pre-release/4.x/g' ${file} ${debug}"
eval "sed -i 's/unstable/stable/g' ${file} ${debug}"
logger "Done"
fi
}
Expand Down Expand Up @@ -260,7 +263,7 @@ createCertificates() {

checkNodes() {

head=$(head -n1 ./config.yml)
head=$(head -n1 ${base_path}/config.yml)
if [ "${head}" == "## Multi-node configuration" ]
then
master=1
Expand All @@ -285,7 +288,8 @@ healthCheck() {
logger -e "Your system does not meet the recommended minimum hardware requirements of 4Gb of RAM and 2 CPU cores. If you want to proceed with the installation use the -i option to ignore these requirements."
exit 1;
else
logger "Starting the installation..."
logger "Check recommended minimum hardware requirements for Elasticsearch done."
logger "Starting the installation."
fi
;;

Expand All @@ -294,7 +298,8 @@ healthCheck() {
logger -e "Your system does not meet the recommended minimum hardware requirements of 4Gb of RAM and 2 CPU cores. If you want to proceed with the installation use the -i option to ignore these requirements."
exit 1;
else
logger "Starting the installation..."
logger "Check recommended minimum hardware requirements for Kibana done."
logger "Starting the installation."
fi
;;
"wazuh")
Expand All @@ -303,7 +308,8 @@ healthCheck() {
logger -e "Your system does not meet the recommended minimum hardware requirements of 2Gb of RAM and 2 CPU cores . If you want to proceed with the installation use the -i option to ignore these requirements."
exit 1;
else
logger "Starting the installation..."
logger "Check recommended minimum hardware requirements for Wazuh Manager done."
logger "Starting the installation."
fi
;;
"AIO")
Expand All @@ -312,7 +318,8 @@ healthCheck() {
logger -e "Your system does not meet the recommended minimum hardware requirements of 4Gb of RAM and 2 CPU cores. If you want to proceed with the installation use the -i option to ignore these requirements."
exit 1;
else
logger "Starting the installation..."
logger "Check recommended minimum hardware requirements for AIO done."
logger "Starting the installation."
fi
;;
esac
Expand All @@ -333,7 +340,7 @@ rollBack() {
fi

if [ -n "${wazuhinstalled}" ]; then
logger -w "Removing the Wazuh manager..."
logger -w "Removing the Wazuh manager."
if [ "${sys_type}" == "yum" ]; then
eval "yum remove wazuh-manager -y ${debug}"
elif [ "${sys_type}" == "zypper" ]; then
Expand All @@ -345,7 +352,7 @@ rollBack() {
fi

if [ -n "${elasticsearchinstalled}" ]; then
logger -w "Removing Elasticsearch..."
logger -w "Removing Elasticsearch."
if [ "${sys_type}" == "yum" ]; then
eval "yum remove opendistroforelasticsearch -y ${debug}"
eval "yum remove elasticsearch* -y ${debug}"
Expand All @@ -363,7 +370,7 @@ rollBack() {
fi

if [ -n "${filebeatinstalled}" ]; then
logger -w "Removing Filebeat..."
logger -w "Removing Filebeat."
if [ "${sys_type}" == "yum" ]; then
eval "yum remove filebeat -y ${debug}"
elif [ "${sys_type}" == "zypper" ]; then
Expand All @@ -377,7 +384,7 @@ rollBack() {
fi

if [ -n "${kibanainstalled}" ]; then
logger -w "Removing Kibana..."
logger -w "Removing Kibana."
if [ "${sys_type}" == "yum" ]; then
eval "yum remove opendistroforelasticsearch-kibana -y ${debug}"
elif [ "${sys_type}" == "zypper" ]; then
Expand Down
22 changes: 11 additions & 11 deletions unattended_scripts/install_functions/opendistro/elasticsearch.sh
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@

installElasticsearch() {

logger "Installing Open Distro for Elasticsearch..."
logger "Installing Open Distro for Elasticsearch."

if [ ${sys_type} == "yum" ]; then
eval "yum install opendistroforelasticsearch-${opendistro_version}-${opendistro_revision} -y ${debug}"
Expand Down Expand Up @@ -48,7 +48,7 @@ copyCertificatesElasticsearch() {

configureElasticsearchAIO() {

logger "Configuring Elasticsearch..."
logger "Configuring Elasticsearch."

eval "getConfig elasticsearch/elasticsearch_unattended.yml /etc/elasticsearch/elasticsearch.yml ${debug}"
eval "getConfig elasticsearch/roles/roles.yml /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/roles.yml ${debug}"
Expand Down Expand Up @@ -77,7 +77,7 @@ configureElasticsearchAIO() {
eval "/usr/share/elasticsearch/bin/elasticsearch-plugin remove opendistro-performance-analyzer ${debug}"

startService "elasticsearch"
logger "Initializing Elasticsearch..."
logger "Initializing Elasticsearch."
until $(curl -XGET https://localhost:9200/ -uadmin:admin -k --max-time 120 --silent --output /dev/null); do
sleep 10
done
Expand All @@ -88,7 +88,7 @@ configureElasticsearchAIO() {
}

configureElasticsearch() {
logger "Configuring Elasticsearch..."
logger "Configuring Elasticsearch."

eval "getConfig elasticsearch/elasticsearch_unattended_distributed.yml /etc/elasticsearch/elasticsearch.yml ${debug}"
eval "getConfig elasticsearch/roles/roles.yml /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/roles.yml ${debug}"
Expand All @@ -98,7 +98,7 @@ configureElasticsearch() {
checkNodes

if [ -n "${single}" ]; then
nh=$(awk -v RS='' '/network.host:/' ./config.yml)
nh=$(awk -v RS='' '/network.host:/' ${base_path}/config.yml)
nhr="network.host: "
nip="${nh//$nhr}"
echo "node.name: ${einame}" >> /etc/elasticsearch/elasticsearch.yml
Expand All @@ -110,9 +110,9 @@ configureElasticsearch() {
echo ' - CN='${einame}',OU=Docu,O=Wazuh,L=California,C=US' >> /etc/elasticsearch/elasticsearch.yml
else
echo "node.name: ${einame}" >> /etc/elasticsearch/elasticsearch.yml
mn=$(awk -v RS='' '/cluster.initial_master_nodes:/' ./config.yml)
sh=$(awk -v RS='' '/discovery.seed_hosts:/' ./config.yml)
cn=$(awk -v RS='' '/cluster.name:/' ./config.yml)
mn=$(awk -v RS='' '/cluster.initial_master_nodes:/' ${base_path}/config.yml)
sh=$(awk -v RS='' '/discovery.seed_hosts:/' ${base_path}/config.yml)
cn=$(awk -v RS='' '/cluster.name:/' ${base_path}/config.yml)
echo "${cn}" >> /etc/elasticsearch/elasticsearch.yml
mnr="cluster.initial_master_nodes:"
rm="- "
Expand Down Expand Up @@ -153,7 +153,7 @@ configureElasticsearch() {
done

fi
#awk -v RS='' '/## Elasticsearch/' ./config.yml >> /etc/elasticsearch/elasticsearch.yml
#awk -v RS='' '/## Elasticsearch/' ${base_path}/config.yml >> /etc/elasticsearch/elasticsearch.yml

eval "rm /etc/elasticsearch/esnode-key.pem /etc/elasticsearch/esnode.pem /etc/elasticsearch/kirk-key.pem /etc/elasticsearch/kirk.pem /etc/elasticsearch/root-ca.pem -f ${debug}"
eval "mkdir /etc/elasticsearch/certs ${debug}"
Expand Down Expand Up @@ -190,9 +190,9 @@ initializeElasticsearch() {

logger "Elasticsearch installed."

logger "Starting Elasticsearch..."
logger "Starting Elasticsearch."
startService "elasticsearch"
logger "Initializing Elasticsearch..."
logger "Initializing Elasticsearch."


until $(curl -XGET https://${nip}:9200/ -uadmin:admin -k --max-time 120 --silent --output /dev/null); do
Expand Down
8 changes: 4 additions & 4 deletions unattended_scripts/install_functions/opendistro/filebeat.sh
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ installFilebeat() {
exit 1;
fi

logger "Installing Filebeat..."
logger "Installing Filebeat."

if [ ${sys_type} == "zypper" ]; then
eval "zypper -n install filebeat-${elasticsearch_oss_version} ${debug}"
Expand All @@ -35,7 +35,7 @@ configureFilebeat() {
eval "chmod go+r /etc/filebeat/wazuh-template.json ${debug}"
eval "curl -s https://packages.wazuh.com/4.x/filebeat/wazuh-filebeat-0.1.tar.gz --max-time 300 | tar -xvz -C /usr/share/filebeat/module ${debug}"

nh=$(awk -v RS='' '/network.host:/' ./config.yml)
nh=$(awk -v RS='' '/network.host:/' ${base_path}/config.yml)

if [ -n "$nh" ]
then
Expand All @@ -45,7 +45,7 @@ configureFilebeat() {
echo " - ${nip}" >> /etc/filebeat/filebeat.yml
else
echo "output.elasticsearch.hosts:" >> /etc/filebeat/filebeat.yml
sh=$(awk -v RS='' '/discovery.seed_hosts:/' ./config.yml)
sh=$(awk -v RS='' '/discovery.seed_hosts:/' ${base_path}/config.yml)
rauldpm marked this conversation as resolved.
Show resolved Hide resolved
shr="discovery.seed_hosts:"
rm="- "
sh="${sh//$shr}"
Expand All @@ -61,7 +61,7 @@ configureFilebeat() {
eval "cp ${base_path}/certs/root-ca.pem /etc/filebeat/certs/ ${debug}"

logger "Done"
logger "Starting Filebeat..."
logger "Starting Filebeat."
startService filebeat
}

Expand Down
10 changes: 5 additions & 5 deletions unattended_scripts/install_functions/opendistro/kibana.sh
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@

installKibana() {

logger "Installing Open Distro for Kibana..."
logger "Installing Open Distro for Kibana."
if [ ${sys_type} == "zypper" ]; then
eval "zypper -n install opendistroforelasticsearch-kibana=${opendistro_version} ${debug}"
else
Expand Down Expand Up @@ -59,19 +59,19 @@ configureKibana() {
eval "setcap 'cap_net_bind_service=+ep' /usr/share/kibana/node/bin/node ${debug}"
eval "mkdir /etc/kibana/certs ${debug}"

kip=$(grep -A 1 "Kibana-instance" ./config.yml | tail -1)
kip=$(grep -A 1 "Kibana-instance" ${base_path}/config.yml | tail -1)
rm="- "
kip="${kip//$rm}"
echo 'server.host: "'${kip}'"' >> /etc/kibana/kibana.yml
nh=$(awk -v RS='' '/network.host:/' ./config.yml)
nh=$(awk -v RS='' '/network.host:/' ${base_path}/config.yml)

if [ -n "${nh}" ]; then
nhr="network.host: "
eip="${nh//$nhr}"
echo "elasticsearch.hosts: https://"${eip}":9200" >> /etc/kibana/kibana.yml
else
echo "elasticsearch.hosts:" >> /etc/kibana/kibana.yml
sh=$(awk -v RS='' '/discovery.seed_hosts:/' ./config.yml)
sh=$(awk -v RS='' '/discovery.seed_hosts:/' ${base_path}/config.yml)
shr="discovery.seed_hosts:"
rm="- "
sh="${sh//$shr}"
Expand Down Expand Up @@ -112,7 +112,7 @@ initializeKibana() {
until [[ "$(curl -XGET https://${kip}/status -I -uadmin:admin -k -s --max-time 300 | grep "200 OK")" ]]; do
sleep 10
done
wip=$(grep -A 1 "Wazuh-master-configuration" ./config.yml | tail -1)
wip=$(grep -A 1 "Wazuh-master-configuration" ${base_path}/config.yml | tail -1)
rm="- "
wip="${wip//$rm}"
conf="$(awk '{sub("url: https://localhost", "url: https://'"${wip}"'")}1' /usr/share/kibana/data/wazuh/config/wazuh.yml)"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ logger_cert() {
readInstances() {

if [ -f ${base_path}/instances.yml ]; then
logger_cert "Configuration file found. Creating certificates..."
logger_cert "Configuration file found. Creating certificates."
eval "mkdir ${base_path}/certs $debug"
else
logger_cert -e "No configuration file found."
Expand Down Expand Up @@ -210,7 +210,7 @@ generateAdmincertificate() {

generateElasticsearchcertificates() {

logger_cert "Creating the Elasticsearch certificates..."
logger_cert "Creating the Elasticsearch certificates."

i=0
while [ ${i} -lt ${#elasticsearchnodes[@]} ]; do
Expand All @@ -234,7 +234,7 @@ generateElasticsearchcertificates() {

generateFilebeatcertificates() {

logger_cert "Creating Wazuh server certificates..."
logger_cert "Creating Wazuh server certificates."

i=0
while [ ${i} -lt ${#filebeatnodes[@]} ]; do
Expand All @@ -257,7 +257,7 @@ generateFilebeatcertificates() {

generateKibanacertificates() {

logger_cert "Creating Kibana certificate..."
logger_cert "Creating Kibana certificate."

i=0
while [ ${i} -lt ${#kibananodes[@]} ]; do
Expand Down
2 changes: 1 addition & 1 deletion unattended_scripts/install_functions/opendistro/wazuh.sh
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@

installWazuh() {

logger "Installing the Wazuh manager..."
logger "Installing the Wazuh manager."
if [ ${sys_type} == "zypper" ]; then
eval "zypper -n install wazuh-manager=${wazuh_version}-${wazuh_revision} ${debug}"
else
Expand Down
6 changes: 3 additions & 3 deletions unattended_scripts/instances.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,16 +2,16 @@
elasticsearch-nodes:
- name: node1
ip:
- 192.168.56.16
- <elastic_ip_addr_node1>

# Wazuh server nodes
wazuh-servers:
- name: wazuh1
ip:
- 192.168.56.17
- <kibana_ip_addr>

# Kibana node
kibana:
- name: kibana
ip:
- 192.168.56.17
- <wazuh_master_ip_addr>
Loading