From f47fac9eb7a87f197b6f99c3dc6aaf13e2e9e9df Mon Sep 17 00:00:00 2001 From: c-bordon Date: Wed, 21 Aug 2024 11:12:23 -0300 Subject: [PATCH 1/5] Migrated the OVA construction files to the wazuh-virtual-machines repository --- CHANGELOG.md | 246 +++++++++++++++++ README.md | 24 +- VERSION | 1 + ova/.gitignore | 4 + ova/Ova2Ovf.py | 64 +++++ ova/Vagrantfile | 28 ++ ova/assets/custom/automatic_set_ram.sh | 20 ++ ova/assets/custom/enable_fips.sh | 9 + ova/assets/custom/functions.sh | 29 ++ ova/assets/custom/grub/grub | 8 + ova/assets/custom/grub/wazuh.png | Bin 0 -> 7033 bytes ova/assets/custom/messages.sh | 50 ++++ ova/assets/custom/removeVagrant.service | 14 + ova/assets/custom/removeVagrant.sh | 19 ++ ova/assets/custom/updateIndexerHeap.service | 8 + ova/assets/postProvision.sh | 31 +++ ova/assets/steps.sh | 71 +++++ ova/generate_ova.sh | 279 ++++++++++++++++++++ ova/provision.sh | 49 ++++ ova/setOVADefault.sh | 50 ++++ ova/wazuh_ovf_template | 109 ++++++++ 21 files changed, 1112 insertions(+), 1 deletion(-) create mode 100644 CHANGELOG.md create mode 100644 VERSION create mode 100644 ova/.gitignore create mode 100755 ova/Ova2Ovf.py create mode 100755 ova/Vagrantfile create mode 100644 ova/assets/custom/automatic_set_ram.sh create mode 100644 ova/assets/custom/enable_fips.sh create mode 100644 ova/assets/custom/functions.sh create mode 100644 ova/assets/custom/grub/grub create mode 100644 ova/assets/custom/grub/wazuh.png create mode 100644 ova/assets/custom/messages.sh create mode 100644 ova/assets/custom/removeVagrant.service create mode 100644 ova/assets/custom/removeVagrant.sh create mode 100644 ova/assets/custom/updateIndexerHeap.service create mode 100644 ova/assets/postProvision.sh create mode 100644 ova/assets/steps.sh create mode 100755 ova/generate_ova.sh create mode 100755 ova/provision.sh create mode 100755 ova/setOVADefault.sh create mode 100644 ova/wazuh_ovf_template diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..5418ed5 --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,246 @@ +# Change Log +All notable changes to this project will be documented in this file. + +## [4.10.0] + +### Added + +- None + +### Changed + +- None + +### Fixed + +- None + +### Deleted + +- None + +## [4.9.0] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.9.0 + +## [4.8.1] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.8.1 + +## [4.8.0] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.8.0 + +## [4.7.5] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.7.5 + +## [4.7.4] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.7.4 + +## [4.7.3] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.7.3 + +## [4.7.2] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.7.2 + +## [4.7.1] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.7.1 + +## [v4.7.0] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.7.0 + +## [v4.6.0] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.6.0 + +## [v4.5.4] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.5.4 + +## [v4.5.3] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.5.3 + +## [v4.5.2] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.5.2 + +## [v4.5.1] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.5.1 + +## [v4.5.0] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.5.0 + +## [v4.4.5] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.4.5 + +## [v4.4.4] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.4.4 + +## [v4.4.3] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.4.3 + +## [v4.4.2] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.4.2 + +## [v4.3.11] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.3.11 + +## [v4.4.1] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.4.1 + +## [v4.4.0] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.4.0 + +## [v4.3.10] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.3.10 + +## [v4.3.9] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.3.9 + +## [v4.3.8] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.3.8 + +## [v4.3.7] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.3.7 + +## [v4.3.6] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.3.6 + +## [v4.3.5] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.3.5 + +## [v4.3.4] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.3.4 + +## [v4.3.3] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.3.3 + +## [v4.3.2] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.3.2 + +## [v4.2.7] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.2.7 + +## [v4.3.1] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.3.1 + +## [v4.3.0] + +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.3.0 + +## [v4.2.6] + +- Update SPECS [#1392](https://github.com/wazuh/wazuh-packages/pull/1392) + +## [v4.2.5] + +- Update SPECS [#991](https://github.com/wazuh/wazuh-packages/pull/991) + +## [v4.2.4] + +- Update SPECS [#927](https://github.com/wazuh/wazuh-packages/pull/927) + +## [v4.2.3] + +- Update SPECS [#915](https://github.com/wazuh/wazuh-packages/pull/915) + +## [v4.2.2] + +- Update SPECS [#846](https://github.com/wazuh/wazuh-packages/pull/846) + +## [v4.2.1] + +- Update SPECS [#833](https://github.com/wazuh/wazuh-packages/pull/833) + +## [v4.2.0] + +- Update SPECS [#556](https://github.com/wazuh/wazuh-packages/pull/556) + +## [v4.1.5] + +- Update SPECS [#726](https://github.com/wazuh/wazuh-packages/pull/726) + +## [v4.1.4] + +- Update SPECS [#684](https://github.com/wazuh/wazuh-packages/pull/684) + +## [v4.1.3] + +- Update SPECS [#668](https://github.com/wazuh/wazuh-packages/pull/668) + +## [v4.1.2] + +- Update SPECS [#656](https://github.com/wazuh/wazuh-packages/pull/656) + +## [v4.1.1] + +- Updated Wazuh app build script [#648](https://github.com/wazuh/wazuh-packages/pull/648) + +## [v4.0.2] + +### Added + +- Added a new welcome message to Wazuh VM ([#535](https://github.com/wazuh/wazuh-packages/pull/535)). + +### Fixed + +- Fixed the group of the `ossec.conf` in IBM AIX package ([#541](https://github.com/wazuh/wazuh-packages/pull/541)). + +## [v4.0.1] + +### Fixed + +- Added new SSL certificates to secure Kibana communications and ensure HTTPS access to the UI ([#534](https://github.com/wazuh/wazuh-packages/pull/534)). + +## [v4.0.0] + +### Added + +- Added Open Distro for Elasticsearch packages to Wazuh's software repository. + +### Changed + +- Wazuh services are no longer enabled nor started in a fresh install ([#466](https://github.com/wazuh/wazuh-packages/pull/466)). +- Wazuh services will be restarted on upgrade if they were running before upgrading them ([#481](https://github.com/wazuh/wazuh-packages/pull/481)) and ([#482](https://github.com/wazuh/wazuh-packages/pull/482)). +- Wazuh API and Wazuh Manager services are unified in a single `wazuh-manager` service ([#466](https://github.com/wazuh/wazuh-packages/pull/466)). +- Wazuh app for Splunk and Wazuh plugin for Kibana have been renamed ([#479](https://github.com/wazuh/wazuh-packages/pull/479)). +- Wazuh VM now uses Wazuh and Open Distro for Elasticsearch ([#462](https://github.com/wazuh/wazuh-packages/pull/462)). + +### Fixed + +- Unit files for systemd are now installed on `/usr/lib/systemd/system` ([#466](https://github.com/wazuh/wazuh-packages/pull/466)). +- Unit files are now correctly upgraded ([#466](https://github.com/wazuh/wazuh-packages/pull/466)). +- `ossec-init.conf` file now shows the build date for any system ([#466](https://github.com/wazuh/wazuh-packages/pull/466)). +- Fixed an error setting SCA file permissions on .deb packages ([#466](https://github.com/wazuh/wazuh-packages/pull/466)). + +### Removed + +- Wazuh API package has been removed. Now, the Wazuh API is embedded into the Wazuh Manager installation ([wazuh/wazuh#5721](https://github.com/wazuh/wazuh/pull/5721)). +- Removed OpenSCAP files and integration ([#466](https://github.com/wazuh/wazuh-packages/pull/466)). diff --git a/README.md b/README.md index c82e242..ed3b973 100644 --- a/README.md +++ b/README.md @@ -1 +1,23 @@ -# wazuh-virtual-machines \ No newline at end of file +# Wazuh Virtual Machine + +[![Slack](https://img.shields.io/badge/slack-join-blue.svg)](https://wazuh.com/community/join-us-on-slack/) +[![Email](https://img.shields.io/badge/email-join-blue.svg)](https://groups.google.com/forum/#!forum/wazuh) +[![Documentation](https://img.shields.io/badge/docs-view-green.svg)](https://documentation.wazuh.com) +[![Documentation](https://img.shields.io/badge/web-view-green.svg)](https://wazuh.com) + +Wazuh is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity monitoring, policy monitoring, rootkit detection, real-time alerting, active response, vulnerability detector, etc. + +In this repository, you can find the necessary tools to build your own OVA file with all Wazuh components installed. + +## Building OVA file: + +Please, visit the following link for the full OVA building documentation: [Generate Wazuh virtual machine.](https://documentation.wazuh.com/current/development/packaging/generate-ova.html) + +## Contribute + +If you want to contribute to our project please don't hesitate to send a pull request. You can also join our users [mailing list](https://groups.google.com/d/forum/wazuh) by sending an email to [wazuh+subscribe@googlegroups.com](mailto:wazuh+subscribe@googlegroups.com) or join to our Slack channel by filling this [form](https://wazuh.com/community/join-us-on-slack/) to ask questions and participate in discussions. + +## License and copyright + +WAZUH +Copyright (C) 2015 Wazuh Inc. (License GPLv2) diff --git a/VERSION b/VERSION new file mode 100644 index 0000000..2da4316 --- /dev/null +++ b/VERSION @@ -0,0 +1 @@ +4.10.0 diff --git a/ova/.gitignore b/ova/.gitignore new file mode 100644 index 0000000..c3f8a3c --- /dev/null +++ b/ova/.gitignore @@ -0,0 +1,4 @@ +.vagrant +*.ova +*.ovf +*.vmdk \ No newline at end of file diff --git a/ova/Ova2Ovf.py b/ova/Ova2Ovf.py new file mode 100755 index 0000000..402b29e --- /dev/null +++ b/ova/Ova2Ovf.py @@ -0,0 +1,64 @@ +#!/usr/bin/env python +# Copyright (C) 2019, Wazuh Inc. +# +# Ova2Ovf.py Helper script to convert VBox .ova export +# for import to VMWare ESXi +# +# Original author: eshizhan https://github.com/eshizhan +# Author: Neova Health +# forked from : https://gist.github.com/eshizhan/6650285 +# Modified by Wazuh, Inc + +import sys +import tarfile +import os +import hashlib +import argparse + +parser = argparse.ArgumentParser() +parser.add_argument('-s', '--srcfile', help="Source VirtualBox Ova", type=str, dest='srcfile') +parser.add_argument('-d', '--destfile', help="Modified Ova", type=str, dest='destfile') +args = parser.parse_args() + +if not args.srcfile or not args.destfile: + print("Source Ova and Destination Ova are needed") + exit + +srcfile = args.srcfile +fileName, fileExtension = os.path.splitext(srcfile) +destfile = args.destfile + +with tarfile.open(srcfile) as t: + ovaFiles = t.getnames() + t.extractall() + + +ovaF = ovaFiles[0] +ovaV = ovaFiles[1] + + +with open(ovaF) as fn: + fp=fn.read() + if hasattr(fp, 'decode'): + fp = fp.decode('utf-8') + + fp = fp.replace('','') + fp = fp.replace('virtualbox-2.2','vmx-7') + fp = fp.replace('sataController', 'scsiController') + fp = fp.replace('SATA Controller','SCSI Controller') + fp = fp.replace('sataController','scsiController') + fp = fp.replace('AHCI', 'lsilogic') + fp = fp.replace('20', '6') + + end = fp.find('sound') + start = fp.rfind('', 0, end) + fp = fp[:start] + '' + fp[start+len(''):] + + +with open(ovaF, 'wb') as nfp: + nfp.write(fp.encode('utf8')) + +# Create new .ova +with tarfile.open(destfile, "w") as t: + for name in ovaFiles: + t.add(name) diff --git a/ova/Vagrantfile b/ova/Vagrantfile new file mode 100755 index 0000000..c26db20 --- /dev/null +++ b/ova/Vagrantfile @@ -0,0 +1,28 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : + +Vagrant.configure("2") do |config| + + config.vm.box_url = "https://packages-dev.wazuh.com/vms/ova/amznlinux-2.box" + config.vm.box = "amznlinux-2" + config.vm.hostname = "wazuh-server" + config.vm.provider "virtualbox" do |vb| + vb.name = "vm_wazuh" + vb.memory = "8192" + vb.cpus = "4" + end + + config.ssh.username = "wazuh-user" + config.ssh.password = "wazuh" + config.ssh.insert_key = true + + # Synced folder configuration + config.vm.synced_folder ".", "/vagrant", disabled: true + config.vm.synced_folder ".", "/tmp", type: "rsync", :rsync__exclude => ['output'] + + # Provision stage + config.vm.provision :shell, path: "provision.sh", :args => "#{ENV['PACKAGES_REPOSITORY']} #{ENV['DEBUG']}" + + # Provision cleanup stage + config.vm.provision :shell, path: "assets/postProvision.sh", :args => "#{ENV['DEBUG']}" +end diff --git a/ova/assets/custom/automatic_set_ram.sh b/ova/assets/custom/automatic_set_ram.sh new file mode 100644 index 0000000..afbac10 --- /dev/null +++ b/ova/assets/custom/automatic_set_ram.sh @@ -0,0 +1,20 @@ +#!/bin/sh + +# Configure JVM options for Wazuh indexer +ram_mb=$(free -m | awk '/^Mem:/{print $2}') +ram="$(( ram_mb / 2 ))" + +if [ "${ram}" -eq "0" ]; then + ram=1024; +fi + +regex="^\-Xmx\K[0-9]+" +file="/etc/wazuh-indexer/jvm.options" +value=$(grep -oP ${regex} ${file}) + +if [[ "${value}" != "${ram}" ]]; then + eval "sed -i "s/^-Xms.*$/-Xms${ram}m/" ${file} ${debug}" + eval "sed -i "s/^-Xmx.*$/-Xmx${ram}m/" ${file} ${debug}" +fi + +systemctl stop updateIndexerHeap.service \ No newline at end of file diff --git a/ova/assets/custom/enable_fips.sh b/ova/assets/custom/enable_fips.sh new file mode 100644 index 0000000..dca9e59 --- /dev/null +++ b/ova/assets/custom/enable_fips.sh @@ -0,0 +1,9 @@ +# Update the Operating System (OS) packages to ensure the OS is up to date +sudo yum update -y + +# Install and enable the FIPS module +sudo yum install -y dracut-fips +sudo dracut -f + +# Enable FIPS mode by adding kernel argument: +sudo /sbin/grubby --update-kernel=ALL --args="fips=1" diff --git a/ova/assets/custom/functions.sh b/ova/assets/custom/functions.sh new file mode 100644 index 0000000..c149e08 --- /dev/null +++ b/ova/assets/custom/functions.sh @@ -0,0 +1,29 @@ +function installCommon_changePasswords() { + + common_logger -d "Setting Wazuh indexer cluster passwords." + if [ -f "${tar_file}" ]; then + eval "tar -xf ${tar_file} -C /tmp wazuh-install-files/wazuh-passwords.txt ${debug}" + p_file="/tmp/wazuh-install-files/wazuh-passwords.txt" + common_checkInstalled + if [ -n "${start_indexer_cluster}" ] || [ -n "${AIO}" ]; then + changeall=1 + passwords_readUsers + fi + installCommon_readPasswordFileUsers + else + common_logger -e "Cannot find passwords file. Exiting" + exit 1 + fi + if [ -n "${start_indexer_cluster}" ] || [ -n "${AIO}" ]; then + passwords_getNetworkHost + passwords_createBackUp + passwords_generateHash + fi + + passwords_changePassword + + if [ -n "${start_indexer_cluster}" ] || [ -n "${AIO}" ]; then + passwords_runSecurityAdmin + fi + +} \ No newline at end of file diff --git a/ova/assets/custom/grub/grub b/ova/assets/custom/grub/grub new file mode 100644 index 0000000..6cc85d8 --- /dev/null +++ b/ova/assets/custom/grub/grub @@ -0,0 +1,8 @@ +GRUB_CMDLINE_LINUX_DEFAULT="console=tty0 console=ttyS0,115200n8 net.ifnames=0 biosdevname=0 nvme_core.io_timeout=4294967295 rd.emergency=poweroff quiet splash rd.plymouth=0 plymouth.enable=0 loglevel=0 systemd.show_status=0 systemd.log_level=0 vt.cur_default=0 rd.shell=0 root=/dev/sda1" +GRUB_DEFAULT=0 +GRUB_TIMEOUT=0 +GRUB_HIDDEN_TIMEOUT=2 +GRUB_DISABLE_RECOVERY="true" +GRUB_DISABLE_SUBMENU=y +GRUB_DISABLE_LINUX_UUID=true +GRUB_BACKGROUND="/boot/grub2/wazuh.png" \ No newline at end of file diff --git a/ova/assets/custom/grub/wazuh.png b/ova/assets/custom/grub/wazuh.png new file mode 100644 index 0000000000000000000000000000000000000000..7df4d7807abf220bb9482e8a165ee56d0d4d6927 GIT binary patch literal 7033 zcmeHs`BxHJ*T0QsX8G8?*;5)>*UZX!AQSbbO=@XZ98y&3nwlvNp`rqsIX&Gn%dym; z!69)fO%N3*y=ggN4xoS_sgNRqqM)Mq<^J~loiRsPy_OXcLT^ewOc zqq+0`vHueO>yQ8MIsh6bwPoRCSVKfqC7;pY61DNbp2nGB5&R){2lTS&vi;(-G~OCXgpQId_LxKkB85%0sincU83vMX!_^3^7Xy(T za(MB}PWco{-mXoK&NcECBuul$f$>YV5CUFd1pJRXXyNaX7W7;YKoA(YzEtTzI(NB| z?3$c;)*W%J%YC2y%Eb7QDDo=rjl4CKs5ISo{a`3Y-ll}~=!{^d5=$(O zio+(NRX$ea=Me}DwY@h-9Vf$*=00?}^h*N3(+dpgi(X<=K7yUdze{O#gHpd)a5Ku5 z#A$%_o1)%(p`_bkClL%eYNZ1(f2v&8-DXZj-!n*=!v|ByOM|YeMJU3zHHYP4u#Y~T zk4;Jbo(OFy4-bpXMb&{_#cu%{KWABfE-v4r+7>!T_%p0ocZdVGp~-S4ClG|{((0tz$yix$`YD#hw zX|c*3J$v`xzzq;7GF|+@O}AaG8fEHE>}4l5h5Es#x8@Dr5XBqmmuLG=6tdile(MVV zcDSjeY=@Y|CuiN^R~;qWE9E?j*A{Y8+7Owfaypu~{gO+5*vWe}y>BaHldh;3Y-cCS zg>|@jtJ_3FH0ST5{np_&_E7Z+Fs9MB5H}-m+GSE>fLhe^`{C#S>@B(xA_DQeFB;sJ z%*k|0-&}yZkrm7J;i<@1VAbfn!?$ww)~V{Xy=Olf(<EE(FF}kZP zKx>NR`OW#nnK8w*R{QB0jYm!xp?5}f4ko(Kni}?WaBD&~zlfL+kfg~Ed4u?QZTuN6 zFVn}h$-6&s%wkVu%J)VR6^WpOhh&tQKHS$G@ zd*2u0ER0oQJJ`|?RRnV9>r~SQ@_LS^`wYr6_EtHTS}b03zdx^@PlWz_N|!#)9Ras@ zt4A><=1Kz!4iA*8Qor)U`ukpMlCL@@TnyjC`XFi|X)|rK zr}R~SJ_qln?zmGG`bl249UfNxcd0rFdhnIOM1EKbl;h1XpP6~H%7q?&;bw3IF zUFvy}pc#nsY`N{VRBF47`#j_BwSnF<{;a=;QQL(U*Tv5y?j#ZE z%jK0HM{G@W0DV3!SW%!fJHe;r*Ah8;x@`?Njw#I^-_h;Bo>c^H$fH z#+h+4yLD++{O*n>o?1G81-kx2JMQuWb-i@=iBW#LU0QGiq>~&h!bQ%jajpC^y;Z*w zGsH^9s&2ZjnsJs=WBy#yB`QPuINpt3_Q9#T47@m-C~dy9?bOISfMuoaphu84JkYp& z^PEJDyWb{c;t5)t27_-A=Ln#cB4(8qf>fdtz@{iT?l_E&acugu>@;_^GU#9sA^ZLII)j8;)9PM5gJeoI6knL!%!~HzbGY(YDz5io0cU$b9<-+3XR^KIQXkgy_m1qm4 zJBuOuc!as3hd)jQ*d-kj|}pIGK>In{jIaV1^L&yMq-LB~4}aX;Dg zrq7P|&I=4vm-9b$B{?DIWx6J{4H+@gl&ByAeEvynH)H!Y&**PTK+EYNTg|i!(faLd z?lIs?uR%3zx$4h@#o#}y*LYYqpBwJ1B0EFD*?NdpgQGPaK1e zzNeDu{6A?*R9R9;DOevp`}@^jXTk1vaf88oi^d^M{^Pn;h>8Dz^N0CoCMz6l`5w%wF<#HpqAT^|9LeWdM5Vx1K|;?*cs#W$Z~T zzdhWZN!9R+S|)jjBh^^Y4WE>T)ocd^rvxeo)^o7Q8#xL-54-s}g$)u@lVznon{U*( zTU{+RZ7jd$khWZT_+wO^QF?%+*4dPHHv0p4ZKS@g=CRKeZmissESja8Mc@~5qlQ3WEZn+`KaK;d3uZ?OE z`C&KtIT#*u1uHE%>NP;x!Ycc??n+tB0;1_gE=olw(sMN0or+$X-e`!Svl#dNd%?SH z@d8(jeu!;g(oA`S3WljW!y;caC}(0)LyL7<=OjUqZx-2SfL*Y?oO+NDut5W0m(W+` zPd7Z?dd>9d4&Qtj+F*2lZz3mG%Q%X%A+50qNg*wC9+p*y@@v323^?0&M5F4(kZzU6 z*L#226X22a4Q^wZZ2s7@k|(UIQ)r@^fb`+YO2x0Scinl(f%h;6%O*q1N8m2)St~^B zrr67=R<_B+Vn(b3PU-od+%jl;DZ253CjQh6JNHK8(w8&9{b3QYSKht@?d#1Syg@rH zDfXjm4{Qf&FLXb9pPAHp95%l^-hZvjkkt|wPV>;JAU-Q@gf@<=&0jS-3ZJXMJ%Ud@ z3j)eOx;P!wbm_(hvkQG7nOo#=B3=7fy8851OJI6Y6235)N@}kC-mI^^=znLQ(M#SN zjPR>vrKfkWG6e9ViL1K+NqGa2Wwga?;>L<$N%9al$-qETaKQ08B2_Wpv|a@7S@tMCF%ei>%vPX zP5vcgtGzA138mU8inKlsYqc?rBT5wCOOO7*j)pWSlYW5IEG@0K;L&QRgM7?)WXaWe zrOxck)IX=zERMqFbt$Z`Y7_RGe9F3f8%GAPPLcaa7d(^-{7na4VzE{(Z%AH)mGeKI zc?2B_U!E({pW4aak6roul-F~3%kco!O8fYdf*ekql%g1-jIV#eZqj`rD}DHD>GCdY|2ag~l$SNA=o7r^jeXCrTdC>z=wglNw4c z(@eCNu2#+a|M@CAUjYw#7AC~?u#2AvPVyrv;^*!?F^O@?<&$5C7{DwNf5Q+*q5BnW zzx%-I?M>mKc5|-*!!7C))8z=oxB&l$KQt_uXFG_ zJ}Wa1gi!mTLx^8ba7)HG1jUm1!uMNSGuXT z$>&n_wHtAU7<*>s6w5mIfWN^%9|w1y@A$tIf&Y7%m~Lty8F1PMJCZPw+Q{Pi5(LNO zE9YQTvqF20IR$Q)Mf68pqa%|xmgyq0e7+S@xxVqu0Nb{Pm_aWn1;^0~U$pBB_dBe9 zbFV9ud_A61`o$hl2T}AjF2sIvU+a;ocEJO<}OA3-Mg{#o1lMTnum+_jQ$Z`CnRTDMHzgrhTsmc}OgKTP=!UV%SoAr$qyH@ECe&eZO z51_6?+(w$AR~@z$dhs zI;N*ZVBq$S!-bf{y*UdBfW3t9v-)M`O`D+@U$>7O!tcG7j=-Ao0Z(#*$t$HpVpJ((A1t{8-dr0*jj;~s`Ibs@9;zF-qc>puK<({;{0{XE z(`H7-9p-wx9aOh4oskivb3pi`1ly%eJkSl>VC<-=h2q}^Y_BZjM4oNf%XI0h-9GF{ z?6aWsY$BbSh0NYcBLjgIi?a%08h}%xIhg>HN^2DMs zOqK91nARGwy(_!3!tvI++(r-NpM{4_F5fM0h~H*OHXHR8vYx<{Va*J&lSJs*VGy>~ zBt6h_aZFWgLWfx#2vG}XifodNOyQH?kH9~|j;L-%rw}G|>IC>Wz-BVDZ$K;qONv`; zUM7tXlg$FC&K+m$Z?X;=I#j-P3E!31X=p-T`9W<9!TsSQ=>Jfg3g#_uh*CBc)Q-)4 zDgBEUUlPWA=cC8K0*9uW6BV zr|fLv!P%9It#fqRjap$BQKObYE@rsd~vP5g?WRp z>X=b04!&RhaXwUdNpMj4m|2W}nf`fT{NCqp88tiZ2(pTECp~}lcQH(a8NV|+>(>;O z44j)J5`A_s1B+55#r{tv#b<0OJ&S%-^AE}!f#Zs%@Lz~I0 zJGY^P#|!zL<{g=iU{RRBQs>z_tK8z*H?R|PChNe= zmW{`UL$YN;ma&WSd4|WZ58cQngpPW&gkoA-PG;vgAp>}3gj?R>J6L<@dK$g)R_~Z` z{sbd9?h&*3wQqPS?W4>MHbmYiyH!{f+7c(a$U0j4$H3^YsEc|Cn1&;HdyRs1OFf*b z7j-BG6e_$2RCLw3%u5)FEMy(}tNd@v!1{%j$oPn;yy>R96ENmbU?YrVEpz$Qv3$sT zY~C*mA60>=m93-i-1sY8gHnMH<$z?mlM9@ZTVe27J1`}@9*|Qpa_Jo-gcI}9k2f5D zt=8xCj(wLW8Te~VDOj}HEVQs*4y-dkoURzGB6tS1*bEV~kudXGtHcv~N(;Q-PK=!b zrfOFB%O7N+y=qx|)Fvz~!N2xgn|Pu89sWb>zdeTkwpjl67R#v!>yk~?j@hq0b{3yg Rl)W?+=ZkI^>Kt!A_ /etc/issue < /etc/update-motd.d/30-banner < {}' \; +find /var/ossec/logs -type f -execdir sh -c 'cat /dev/null > "$1"' _ {} \; +find /var/log/wazuh-indexer -type f -execdir sh -c 'cat /dev/null > "$1"' _ {} \; +find /var/log/filebeat -type f -execdir sh -c 'cat /dev/null > "$1"' _ {} \; +find /usr/share/wazuh-dashboard/data/wazuh/logs -type f -execdir sh -c 'cat /dev/null > "$1"' _ {} \; + +history -c +shutdown -r now > /dev/null 2>&1 \ No newline at end of file diff --git a/ova/assets/steps.sh b/ova/assets/steps.sh new file mode 100644 index 0000000..2c5e470 --- /dev/null +++ b/ova/assets/steps.sh @@ -0,0 +1,71 @@ +#!/bin/bash + +[[ ${DEBUG} = "yes" ]] && set -ex || set -e + +# Edit system configuration +systemConfig() { + + echo "Upgrading the system. This may take a while ..." + yum upgrade -y > /dev/null 2>&1 + + # Disable kernel messages and edit background + mv ${CUSTOM_PATH}/grub/wazuh.png /boot/grub2/ + mv ${CUSTOM_PATH}/grub/grub /etc/default/ + grub2-mkconfig -o /boot/grub2/grub.cfg > /dev/null 2>&1 + + # Enable fips + mv ${CUSTOM_PATH}/enable_fips.sh /tmp/ + chmod 755 /tmp/enable_fips.sh + bash /tmp/enable_fips.sh + + # Update Wazuh indexer jvm heap + mv ${CUSTOM_PATH}/automatic_set_ram.sh /etc/ + chmod 755 /etc/automatic_set_ram.sh + mv ${CUSTOM_PATH}/updateIndexerHeap.service /etc/systemd/system/ + systemctl daemon-reload + systemctl enable updateIndexerHeap.service + + + # Change root password (root:wazuh) + sed -i "s/root:.*:/root:\$1\$pNjjEA7K\$USjdNwjfh7A\.vHCf8suK41::0:99999:7:::/g" /etc/shadow + + hostname ${HOSTNAME} + + # AWS instance has this enabled + sed -i "s/PermitRootLogin yes/#PermitRootLogin yes/g" /etc/ssh/sshd_config + + # SSH configuration + sed -i "s/PasswordAuthentication no/PasswordAuthentication yes/" /etc/ssh/sshd_config + echo "PermitRootLogin no" >> /etc/ssh/sshd_config + + # Edit system custom welcome messages + bash ${CUSTOM_PATH}/messages.sh ${DEBUG} ${WAZUH_VERSION} ${SYSTEM_USER} + +} + +# Edit unattended installer +preInstall() { + + # Avoid random passwords + sed -i "s/passwords+=\(.*\)/passwords+=\(\"\${users[i]}\"\)/g" ${RESOURCES_PATH}/${INSTALLER} + sed -i "s/api_passwords+=\(.*\)//g" ${RESOURCES_PATH}/${INSTALLER} + sed -i "s/passwords_checkPassword .*//g" ${RESOURCES_PATH}/${INSTALLER} + sed -i "s/filecorrect=.*/filecorrect=1/g" ${RESOURCES_PATH}/${INSTALLER} + sed -i "s/main \"\$@\"//g" ${RESOURCES_PATH}/${INSTALLER} + cat ${CUSTOM_PATH}/functions.sh >> ${RESOURCES_PATH}/${INSTALLER} + echo "" >> ${RESOURCES_PATH}/${INSTALLER} + echo "main \"\$@\"" >> ${RESOURCES_PATH}/${INSTALLER} + +} + +clean() { + + rm -f /securityadmin_demo.sh + yum clean all + systemctl daemon-reload + + # Clear synced files + rm -rf ${CURRENT_PATH}/* ${CURRENT_PATH}/.gitignore + cat /dev/null > ~/.bash_history && history -c + +} diff --git a/ova/generate_ova.sh b/ova/generate_ova.sh new file mode 100755 index 0000000..ceab975 --- /dev/null +++ b/ova/generate_ova.sh @@ -0,0 +1,279 @@ +#!/bin/bash + +# Program to build the Wazuh Virtual Machine +# Wazuh package generator +# Copyright (C) 2015, Wazuh Inc. +# +# This program is a free software; you can redistribute it +# and/or modify it under the terms of the GNU General Public +# License (version 2) as published by the FSF - Free Software +# Foundation. + +set -e +# Dependencies: vagrant, virtualbox + +# CONFIGURATION VARIABLES + +scriptpath=$( + cd "$(dirname "$0")" + pwd -P +) + +OUTPUT_DIR="${scriptpath}/output" +CHECKSUM_DIR="${scriptpath}/checksum" + +VERSION_FILE="../VERSION" + +PACKAGES_REPOSITORY="prod" +CHECKSUM="no" +DEBUG="no" + +help () { + echo -e "" + echo -e "NAME" + echo -e "$(basename "$0") - Build Wazuh OVA." + echo -e "" + echo -e "SYNOPSIS" + echo -e " $(basename "$0") -r | -s | -c | -f | -h" + echo -e "" + echo -e "DESCRIPTION" + echo -e " -a, --installation-assistant" + echo -e " Set the installation assistant branch for building the OVA." + echo -e " By default the same branch name as wazuh-virtual-machines will be used." + echo -e "" + echo -e " -r, --repository" + echo -e " Use development or production repository." + echo -e " Values: [prod|dev|staging]. By default: ${PACKAGES_REPOSITORY}." + echo -e "" + echo -e " -s, --store" + echo -e " Set the destination absolute path where the OVA file will be stored." + echo -e " By default, a output folder will be created in ${OUTPUT_DIR}." + echo -e "" + echo -e " -c, --checksum" + echo -e " Generate OVA checksum." + echo -e " Values: [yes|no]. By default: ${CHECKSUM}." + echo -e "" + echo -e " -g, --debug" + echo -e " Set debug mode." + echo -e " Values: [yes|no]. By default: ${DEBUG}." + echo -e "" + echo -e " -h, --help" + echo -e " Show this help." + echo "" + exit "$1" +} + +clean() { + exit_code=$1 + + cd "${scriptpath}" + vagrant destroy -f + OVA_VMDK="wazuh-${OVA_VERSION}-disk001.vmdk" + rm -f "${OVA_VM}" "${OVF_VM}" "${OVA_VMDK}" "${OVA_FIXED}" "${INSTALLER}" + rm -rf "${WAZUH_INSTALLATION_ASSISTANT}" + + exit "${exit_code}" +} + +build_ova() { + + OVA_VM="wazuh-${OVA_VERSION}.ova" + OVF_VM="wazuh-${OVA_VERSION}.ovf" + OVA_FIXED="wazuh-${OVA_VERSION}-fixed.ova" + + export PACKAGES_REPOSITORY + export DEBUG + + if [ -e "${OUTPUT_DIR}/${OVA_VM}" ] || [ -e "${OUTPUT_DIR}/${OVF_VM}" ]; then + rm -f "${OUTPUT_DIR}"/"${OVA_VM}" "${OUTPUT_DIR}"/"${OVF_VM}" + fi + + if [ -e "${CHECKSUM_DIR}/${OVA_VM}.sha512" ]; then + rm -f "${CHECKSUM_DIR}/${OVA_VM}.sha512" + fi + + # Vagrant will provision the VM with all the software. (See vagrantfile) + vagrant destroy -f + vagrant up || clean 1 + vagrant suspend + echo "Exporting ova" + + # Get machine name + VM_EXPORT=$(vboxmanage list vms | grep -i vm_wazuh | cut -d "\"" -f2) + + # Create OVA with machine + vboxmanage export "${VM_EXPORT}" -o "${OVA_VM}" \ + --vsys 0 \ + --product "Wazuh v${OVA_VERSION} OVA" \ + --producturl "https://packages.wazuh.com/vm/wazuh-${OVA_VERSION}.ova" \ + --vendor "Wazuh, inc " --vendorurl "https://wazuh.com" \ + --version "$OVA_VERSION" --description "Wazuh enhances security visibility in your infrastructure by monitoring endpoints at the operating system and application levels. Its capabilities include log analysis, file integrity monitoring, intrusion detection, and compliance monitoring." \ + || clean 1 + + vagrant destroy -f + + tar -xvf "${OVA_VM}" + + echo "Setting up ova for VMware ESXi" + + # Configure OVA for import to VMWare ESXi + if [ -n "$(command -v python)" ]; then + python Ova2Ovf.py -s "${OVA_VM}" -d "${OVA_FIXED}" + elif [ -n "$(command -v python3)" ]; then + python3 Ova2Ovf.py -s "${OVA_VM}" -d "${OVA_FIXED}" + else + echo "Cannot find python" + clean 1 + fi + + + # Make output dir of OVA file + mkdir -p "${OUTPUT_DIR}" + mv "${OVA_FIXED}" "${OUTPUT_DIR}"/"${OVA_VM}" + +} + +main() { + + while [ -n "$1" ]; do + + case $1 in + "-h" | "--help") + help 0 + ;; + + "-a" | "--installation-assistant") + if [ -n "$2" ]; then + INSTALLATION_ASSISTANT_BRANCH="$2" + shift 2 + else + echo "ERROR: Need installation assistant branch" + help 1 + fi + ;; + + "-r" | "--repository") + if [ -n "$2" ]; then + if [ "$2" != "prod" ] && [ "$2" != "dev" ] && [ "$2" != "staging" ]; then + echo "ERROR: Repository must be: [prod/dev/staging]" + help 1 + fi + PACKAGES_REPOSITORY="$2" + shift 2 + else + echo "ERROR: Value must be: [prod/dev/staging]" + help 1 + fi + ;; + + "-s" | "--store-path") + if [ -n "$2" ]; then + OUTPUT_DIR="$2" + shift 2 + else + echo "ERROR: Need store path" + help 1 + fi + ;; + + "-g" | "--debug") + if [ -n "$2" ]; then + if [ "$2" != "no" ] && [ "$2" != "yes" ]; then + echo "ERROR: Debug must be [yes/no]" + help 1 + fi + DEBUG="$2" + shift 2 + else + echo "ERROR: Need a value [yes/no]" + help 1 + fi + ;; + + "-c"|"--checksum") + if [ -n "$2" ]; then + if [ "$2" != "no" ] && [ "$2" != "yes" ]; then + echo "ERROR: Checksum must be [yes/no]" + help 1 + fi + CHECKSUM="$2" + shift 2 + else + echo "ERROR: Checksum needs a value [yes/no]" + help 1 + fi + ;; + *) + help 1 + ;; + esac + done + + if [ -z "${CHECKSUM_DIR}" ]; then + CHECKSUM_DIR="${OUTPUT_DIR}" + fi + + OVA_VERSION=$(cat ${VERSION_FILE}) + if [ "${OVA_VERSION:0:1}" == "v" ]; then + OVA_VERSION=${OVA_VERSION:1} + fi + + if [ -z "${INSTALLATION_ASSISTANT_BRANCH}" ]; then + INSTALLATION_ASSISTANT_BRANCH=$(git rev-parse --abbrev-ref HEAD) + fi + if [ "${INSTALLATION_ASSISTANT_BRANCH:0:1}" == "v" ]; then + REMOTE_TYPE="--tags" + else + REMOTE_TYPE="--heads" + fi + + INSTALLER="wazuh-install.sh" + WAZUH_INSTALLATION_ASSISTANT="wazuh-installation-assistant" + BUILDER_ARGS="-i" + if [[ "${PACKAGES_REPOSITORY}" == "dev" ]]; then + BUILDER_ARGS+=" -d" + elif [[ "${PACKAGES_REPOSITORY}" == "staging" ]]; then + BUILDER_ARGS+=" -d staging" + fi + + echo "Cloning Wazuh installation assistant repository" + git clone https://github.com/wazuh/${WAZUH_INSTALLATION_ASSISTANT}.git >> /dev/null 2>&1 + cd ${WAZUH_INSTALLATION_ASSISTANT} + if git ls-remote ${REMOTE_TYPE} origin ${INSTALLATION_ASSISTANT_BRANCH} | grep -q "${INSTALLATION_ASSISTANT_BRANCH}"; then + git checkout ${INSTALLATION_ASSISTANT_BRANCH} >> /dev/null 2>&1 + WIA_VERSION=$(cat VERSION) + if [ "${OVA_VERSION}" != "${WIA_VERSION}" ]; then + echo "Wazuh installation assistant version ${WIA_VERSION} does not match with OVA version ${OVA_VERSION}" + clean 1 + fi + echo "Building Wazuh installation assistant from ${INSTALLATION_ASSISTANT_BRANCH} branch" + else + echo "Branch ${INSTALLATION_ASSISTANT_BRANCH} not found in wazuh-installation-assistant repository" + clean 1 + fi + bash builder.sh ${BUILDER_ARGS} + + cp ${INSTALLER} ../ + cd .. + rm -rf ${WAZUH_INSTALLATION_ASSISTANT} + + # Build OVA file (no standard) + [[ ${PACKAGES_REPOSITORY} = "prod" ]] && REPO="production" || REPO="development" + echo "Version to build: ${OVA_VERSION} with ${REPO} repository" + build_ova + + # Standarize OVA + bash setOVADefault.sh "${scriptpath}" "${OUTPUT_DIR}/${OVA_VM}" "${OUTPUT_DIR}/${OVA_VM}" "${scriptpath}/wazuh_ovf_template" "${OVA_VERSION}" || clean 1 + + if [ "${CHECKSUM}" = "yes" ]; then + mkdir -p "${CHECKSUM_DIR}" + cd "${OUTPUT_DIR}" && sha512sum "${OVA_VM}" > "${CHECKSUM_DIR}/${OVA_VM}.sha512" + echo "Checksum created in ${CHECKSUM_DIR}/${OVA_VM}.sha512" + fi + + echo "Process finished" + clean 0 + +} + +main "$@" diff --git a/ova/provision.sh b/ova/provision.sh new file mode 100755 index 0000000..5cce591 --- /dev/null +++ b/ova/provision.sh @@ -0,0 +1,49 @@ +#!/bin/bash + +PACKAGES_REPOSITORY=$1 +DEBUG=$2 + +INSTALLER="/tmp/wazuh-install.sh" +SYSTEM_USER="wazuh-user" +HOSTNAME="wazuh-server" +INDEXES=("wazuh-alerts-*" "wazuh-archives-*" "wazuh-states-vulnerabilities-*" "wazuh-statistics-*" "wazuh-monitoring-*") + +CURRENT_PATH="$( cd $(dirname $0) ; pwd -P )" +ASSETS_PATH="${CURRENT_PATH}/assets" +CUSTOM_PATH="${ASSETS_PATH}/custom" +INSTALL_ARGS="-a" + +if [[ "${DEBUG}" = "yes" ]]; then + INSTALL_ARGS+=" -v" +fi + +echo "Using ${PACKAGES_REPOSITORY} packages" + +. ${ASSETS_PATH}/steps.sh + +WAZUH_VERSION=$(cat ${INSTALLER} | grep "wazuh_version=" | cut -d "\"" -f 2) + +# System configuration +systemConfig + +# Edit installation script +preInstall + +# Install +bash ${INSTALLER} ${INSTALL_ARGS} + +systemctl stop filebeat wazuh-manager + +# Delete indexes +for index in "${INDEXES[@]}"; do + curl -u admin:admin -XDELETE "https://127.0.0.1:9200/$index" -k +done + +# Recreate empty indexes (wazuh-alerts and wazuh-archives) +bash /usr/share/wazuh-indexer/bin/indexer-security-init.sh -ho 127.0.0.1 + +systemctl stop wazuh-indexer wazuh-dashboard +systemctl enable wazuh-manager + + +clean diff --git a/ova/setOVADefault.sh b/ova/setOVADefault.sh new file mode 100755 index 0000000..4a32c58 --- /dev/null +++ b/ova/setOVADefault.sh @@ -0,0 +1,50 @@ + +[[ ${DEBUG} = "yes" ]] && set -x + +echo "Standarizing OVA" + +workspace=$1 +path_ova=$2 +dest_ova=$3 +ovf_path=$4 +wazuh_version=$5 +file="wazuh-${wazuh_version}" +mkdir -p ${workspace}/new-ova/ + +echo "Setting OVA to default" + +tar -xvf ${path_ova} --directory ${workspace}/new-ova/ +echo "OVF extracted" + +mv "${workspace}"/new-ova/*.ovf ${workspace}/new-ova/${file}.ovf +mv "${workspace}"/new-ova/*.vmdk ${workspace}/new-ova/${file}-disk-1.vmdk +echo "Files renamed" + +cp ${ovf_path} ${workspace}/new-ova/${file}.ovf + +sed -i "s/{WAZUH_VERSION}/${wazuh_version}/" ${workspace}/new-ova/${file}.ovf +echo "OVF Version changed" + +ovf_size=$(stat --printf=%s ${workspace}/new-ova/${file}-disk-1.vmdk) +sed -i "s/{SIZE}/${ovf_size}/" "${workspace}/new-ova/${file}.ovf" +echo "OVF Size changed" + +export workspace +export file +sha_ovf=$(sha1sum ${workspace}/new-ova/${file}.ovf) +sha_vmdk=$(sha1sum ${workspace}/new-ova/${file}-disk-1.vmdk) +read -a sha_ovf_array <<< "${sha_ovf}" +read -a sha_vmdk_array <<< "${sha_vmdk}" + +sha_ovf=${sha_ovf_array[0]} +sha_vmdk=${sha_vmdk_array[0]} + +echo "SHA1(${file}-disk-1.vmdk) = ${sha_vmdk}" > ${workspace}/new-ova/${file}.mf +echo "SHA1(${file}.ovf) = ${sha_ovf}" >> ${workspace}/new-ova/${file}.mf +echo "Manifest changed" + +tar -cvf "${dest_ova}" -C "${workspace}/new-ova/" ${file}.ovf ${file}-disk-1.vmdk ${file}.mf +echo "New OVA created" + +rm -rf ${workspace}/new-ova/ +echo "Cleaned temporary directory" \ No newline at end of file diff --git a/ova/wazuh_ovf_template b/ova/wazuh_ovf_template new file mode 100644 index 0000000..e65d539 --- /dev/null +++ b/ova/wazuh_ovf_template @@ -0,0 +1,109 @@ + + + + + + + + Virtual disk information + + + + The list of logical networks + + The VM Network network + + + + A virtual machine + + Meta-information about the installed software + Wazuh v{WAZUH_VERSION} OVA + Wazuh, inc <info@wazuh.com> + {WAZUH_VERSION} + https://packages.wazuh.com/vm/wazuh-{WAZUH_VERSION}.ova + https://wazuh.com + + + A human-readable annotation + Wazuh enhances security visibility in your infrastructure by monitoring endpoints at the operating system and application levels. Its capabilities include log analysis, file integrity monitoring, intrusion detection, and compliance monitoring. + + + The kind of installed guest operating system + Linux - Amazon Linux 2 + + + Virtual hardware requirements + + Virtual Hardware Family + 0 + wazuh-{WAZUH_VERSION} + vmx-07 + + + hertz * 10^6 + Number of Virtual CPUs + 4 virtual CPU(s) + 1 + 3 + 4 + + + byte * 2^20 + Memory Size + 8192MB of memory + 2 + 4 + 8192 + + + 1 + IDE Controller + VirtualIDEController 1 + 3 + 5 + + + 0 + IDE Controller + VirtualIDEController 0 + 4 + 5 + + + 0 + Hard Disk 1 + ovf:/disk/vmdisk1 + 5 + 4 + 17 + + + 0 + false + CD-ROM 1 + 6 + 3 + 15 + + + 7 + true + VM Network + E1000 ethernet adapter on "VM Network" + Ethernet 1 + 7 + E1000 + 10 + + + 0 + false + Floppy Drive + Floppy 1 + 8 + 14 + + + + \ No newline at end of file From 3ed7a8ba4f8bd7ffafe9453b227772eb889aad65 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Wed, 21 Aug 2024 12:44:56 -0300 Subject: [PATCH 2/5] Updated changelog and added end of file --- CHANGELOG.md | 64 ++++++------------------- ova/.gitignore | 2 +- ova/assets/custom/automatic_set_ram.sh | 2 +- ova/assets/custom/functions.sh | 2 +- ova/assets/custom/grub/grub | 2 +- ova/assets/custom/removeVagrant.service | 2 +- ova/assets/postProvision.sh | 2 +- ova/generate_ova.sh | 2 + ova/setOVADefault.sh | 2 +- ova/wazuh_ovf_template | 2 +- 10 files changed, 25 insertions(+), 57 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5418ed5..4890ca9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,7 +9,7 @@ All notable changes to this project will be documented in this file. ### Changed -- None +- Migrated the OVA construction files to the wazuh-virtual-machines repository ([#5524](https://github.com/wazuh/wazuh-virtual-machines/pull/29)) - (OVA) ### Fixed @@ -157,90 +157,56 @@ All notable changes to this project will be documented in this file. ## [v4.2.6] -- Update SPECS [#1392](https://github.com/wazuh/wazuh-packages/pull/1392) +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.2.6 ## [v4.2.5] -- Update SPECS [#991](https://github.com/wazuh/wazuh-packages/pull/991) +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.2.5 ## [v4.2.4] -- Update SPECS [#927](https://github.com/wazuh/wazuh-packages/pull/927) +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.2.4 ## [v4.2.3] -- Update SPECS [#915](https://github.com/wazuh/wazuh-packages/pull/915) +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.2.3 ## [v4.2.2] -- Update SPECS [#846](https://github.com/wazuh/wazuh-packages/pull/846) +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.2.2 ## [v4.2.1] -- Update SPECS [#833](https://github.com/wazuh/wazuh-packages/pull/833) +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.2.1 ## [v4.2.0] -- Update SPECS [#556](https://github.com/wazuh/wazuh-packages/pull/556) +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.2.0 ## [v4.1.5] -- Update SPECS [#726](https://github.com/wazuh/wazuh-packages/pull/726) +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.1.5 ## [v4.1.4] -- Update SPECS [#684](https://github.com/wazuh/wazuh-packages/pull/684) +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.1.4 ## [v4.1.3] -- Update SPECS [#668](https://github.com/wazuh/wazuh-packages/pull/668) +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.1.3 ## [v4.1.2] -- Update SPECS [#656](https://github.com/wazuh/wazuh-packages/pull/656) +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.1.2 ## [v4.1.1] -- Updated Wazuh app build script [#648](https://github.com/wazuh/wazuh-packages/pull/648) +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.1.1 ## [v4.0.2] -### Added - -- Added a new welcome message to Wazuh VM ([#535](https://github.com/wazuh/wazuh-packages/pull/535)). - -### Fixed - -- Fixed the group of the `ossec.conf` in IBM AIX package ([#541](https://github.com/wazuh/wazuh-packages/pull/541)). - -## [v4.0.1] - -### Fixed - -- Added new SSL certificates to secure Kibana communications and ensure HTTPS access to the UI ([#534](https://github.com/wazuh/wazuh-packages/pull/534)). +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.0.2 ## [v4.0.0] -### Added - -- Added Open Distro for Elasticsearch packages to Wazuh's software repository. - -### Changed - -- Wazuh services are no longer enabled nor started in a fresh install ([#466](https://github.com/wazuh/wazuh-packages/pull/466)). -- Wazuh services will be restarted on upgrade if they were running before upgrading them ([#481](https://github.com/wazuh/wazuh-packages/pull/481)) and ([#482](https://github.com/wazuh/wazuh-packages/pull/482)). -- Wazuh API and Wazuh Manager services are unified in a single `wazuh-manager` service ([#466](https://github.com/wazuh/wazuh-packages/pull/466)). -- Wazuh app for Splunk and Wazuh plugin for Kibana have been renamed ([#479](https://github.com/wazuh/wazuh-packages/pull/479)). -- Wazuh VM now uses Wazuh and Open Distro for Elasticsearch ([#462](https://github.com/wazuh/wazuh-packages/pull/462)). - -### Fixed - -- Unit files for systemd are now installed on `/usr/lib/systemd/system` ([#466](https://github.com/wazuh/wazuh-packages/pull/466)). -- Unit files are now correctly upgraded ([#466](https://github.com/wazuh/wazuh-packages/pull/466)). -- `ossec-init.conf` file now shows the build date for any system ([#466](https://github.com/wazuh/wazuh-packages/pull/466)). -- Fixed an error setting SCA file permissions on .deb packages ([#466](https://github.com/wazuh/wazuh-packages/pull/466)). - -### Removed - -- Wazuh API package has been removed. Now, the Wazuh API is embedded into the Wazuh Manager installation ([wazuh/wazuh#5721](https://github.com/wazuh/wazuh/pull/5721)). -- Removed OpenSCAP files and integration ([#466](https://github.com/wazuh/wazuh-packages/pull/466)). +- https://github.com/wazuh/wazuh-packages/releases/tag/v4.0.0 diff --git a/ova/.gitignore b/ova/.gitignore index c3f8a3c..566b940 100644 --- a/ova/.gitignore +++ b/ova/.gitignore @@ -1,4 +1,4 @@ .vagrant *.ova *.ovf -*.vmdk \ No newline at end of file +*.vmdk diff --git a/ova/assets/custom/automatic_set_ram.sh b/ova/assets/custom/automatic_set_ram.sh index afbac10..8f918ed 100644 --- a/ova/assets/custom/automatic_set_ram.sh +++ b/ova/assets/custom/automatic_set_ram.sh @@ -17,4 +17,4 @@ if [[ "${value}" != "${ram}" ]]; then eval "sed -i "s/^-Xmx.*$/-Xmx${ram}m/" ${file} ${debug}" fi -systemctl stop updateIndexerHeap.service \ No newline at end of file +systemctl stop updateIndexerHeap.service diff --git a/ova/assets/custom/functions.sh b/ova/assets/custom/functions.sh index c149e08..31ac9d7 100644 --- a/ova/assets/custom/functions.sh +++ b/ova/assets/custom/functions.sh @@ -26,4 +26,4 @@ function installCommon_changePasswords() { passwords_runSecurityAdmin fi -} \ No newline at end of file +} diff --git a/ova/assets/custom/grub/grub b/ova/assets/custom/grub/grub index 6cc85d8..7054bdd 100644 --- a/ova/assets/custom/grub/grub +++ b/ova/assets/custom/grub/grub @@ -5,4 +5,4 @@ GRUB_HIDDEN_TIMEOUT=2 GRUB_DISABLE_RECOVERY="true" GRUB_DISABLE_SUBMENU=y GRUB_DISABLE_LINUX_UUID=true -GRUB_BACKGROUND="/boot/grub2/wazuh.png" \ No newline at end of file +GRUB_BACKGROUND="/boot/grub2/wazuh.png" diff --git a/ova/assets/custom/removeVagrant.service b/ova/assets/custom/removeVagrant.service index 759a238..f817836 100644 --- a/ova/assets/custom/removeVagrant.service +++ b/ova/assets/custom/removeVagrant.service @@ -11,4 +11,4 @@ User=root Group=root WorkingDirectory=/home/USER Restart=always -RestartSec=3 \ No newline at end of file +RestartSec=3 diff --git a/ova/assets/postProvision.sh b/ova/assets/postProvision.sh index a44275c..1340a19 100644 --- a/ova/assets/postProvision.sh +++ b/ova/assets/postProvision.sh @@ -28,4 +28,4 @@ find /var/log/filebeat -type f -execdir sh -c 'cat /dev/null > "$1"' _ {} \; find /usr/share/wazuh-dashboard/data/wazuh/logs -type f -execdir sh -c 'cat /dev/null > "$1"' _ {} \; history -c -shutdown -r now > /dev/null 2>&1 \ No newline at end of file +shutdown -r now > /dev/null 2>&1 diff --git a/ova/generate_ova.sh b/ova/generate_ova.sh index ceab975..16e5935 100755 --- a/ova/generate_ova.sh +++ b/ova/generate_ova.sh @@ -236,10 +236,12 @@ main() { BUILDER_ARGS+=" -d staging" fi + echo "Building Wazuh OVA version ${OVA_VERSION}" echo "Cloning Wazuh installation assistant repository" git clone https://github.com/wazuh/${WAZUH_INSTALLATION_ASSISTANT}.git >> /dev/null 2>&1 cd ${WAZUH_INSTALLATION_ASSISTANT} if git ls-remote ${REMOTE_TYPE} origin ${INSTALLATION_ASSISTANT_BRANCH} | grep -q "${INSTALLATION_ASSISTANT_BRANCH}"; then + echo "Using ${INSTALLATION_ASSISTANT_BRANCH} branch of ${WAZUH_INSTALLATION_ASSISTANT} repository" git checkout ${INSTALLATION_ASSISTANT_BRANCH} >> /dev/null 2>&1 WIA_VERSION=$(cat VERSION) if [ "${OVA_VERSION}" != "${WIA_VERSION}" ]; then diff --git a/ova/setOVADefault.sh b/ova/setOVADefault.sh index 4a32c58..8743860 100755 --- a/ova/setOVADefault.sh +++ b/ova/setOVADefault.sh @@ -47,4 +47,4 @@ tar -cvf "${dest_ova}" -C "${workspace}/new-ova/" ${file}.ovf ${file}-disk-1.vmd echo "New OVA created" rm -rf ${workspace}/new-ova/ -echo "Cleaned temporary directory" \ No newline at end of file +echo "Cleaned temporary directory" diff --git a/ova/wazuh_ovf_template b/ova/wazuh_ovf_template index e65d539..3598867 100644 --- a/ova/wazuh_ovf_template +++ b/ova/wazuh_ovf_template @@ -106,4 +106,4 @@ - \ No newline at end of file + From f08d52f04e35c15999dbf947938a578e9b69648e Mon Sep 17 00:00:00 2001 From: c-bordon Date: Mon, 26 Aug 2024 10:06:50 -0300 Subject: [PATCH 3/5] Fixed PR number --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4890ca9..c183558 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,7 +9,7 @@ All notable changes to this project will be documented in this file. ### Changed -- Migrated the OVA construction files to the wazuh-virtual-machines repository ([#5524](https://github.com/wazuh/wazuh-virtual-machines/pull/29)) - (OVA) +- Migrated the OVA construction files to the wazuh-virtual-machines repository ([#29](https://github.com/wazuh/wazuh-virtual-machines/pull/29)) - (OVA) ### Fixed From d6a395e25dadb4be6ff173031743085952fb150a Mon Sep 17 00:00:00 2001 From: c-bordon Date: Mon, 26 Aug 2024 10:11:44 -0300 Subject: [PATCH 4/5] Fixed typo in readme file --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index ed3b973..18d5dfe 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# Wazuh Virtual Machine +# Wazuh Virtual Machines [![Slack](https://img.shields.io/badge/slack-join-blue.svg)](https://wazuh.com/community/join-us-on-slack/) [![Email](https://img.shields.io/badge/email-join-blue.svg)](https://groups.google.com/forum/#!forum/wazuh) From 5833557081f8763dbcae02d560ba5165ea7a5317 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Mon, 26 Aug 2024 10:56:20 -0300 Subject: [PATCH 5/5] Improved validation of wazuh-installation-assistant repository --- ova/generate_ova.sh | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/ova/generate_ova.sh b/ova/generate_ova.sh index 757a859..49c5463 100755 --- a/ova/generate_ova.sh +++ b/ova/generate_ova.sh @@ -228,7 +228,9 @@ main() { INSTALLER="wazuh-install.sh" WAZUH_INSTALLATION_ASSISTANT="wazuh-installation-assistant" + WAZUH_INSTALLATION_ASSISTANT_URL="https://github.com/wazuh/${WAZUH_INSTALLATION_ASSISTANT}.git" BUILDER_ARGS="-i" + if [[ "${PACKAGES_REPOSITORY}" == "dev" ]]; then BUILDER_ARGS+=" -d" elif [[ "${PACKAGES_REPOSITORY}" == "staging" ]]; then @@ -236,12 +238,11 @@ main() { fi echo "Building Wazuh OVA version ${OVA_VERSION}" - echo "Cloning Wazuh installation assistant repository" - git clone https://github.com/wazuh/${WAZUH_INSTALLATION_ASSISTANT}.git >> /dev/null 2>&1 - cd ${WAZUH_INSTALLATION_ASSISTANT} - if git ls-remote ${REMOTE_TYPE} origin ${INSTALLATION_ASSISTANT_BRANCH} | grep -q "${INSTALLATION_ASSISTANT_BRANCH}"; then + if git ls-remote ${REMOTE_TYPE} ${WAZUH_INSTALLATION_ASSISTANT_URL} ${INSTALLATION_ASSISTANT_BRANCH} | grep -q "${INSTALLATION_ASSISTANT_BRANCH}"; then + echo "Cloning Wazuh installation assistant repository" + git clone ${WAZUH_INSTALLATION_ASSISTANT_URL} -b ${INSTALLATION_ASSISTANT_BRANCH} >> /dev/null 2>&1 echo "Using ${INSTALLATION_ASSISTANT_BRANCH} branch of ${WAZUH_INSTALLATION_ASSISTANT} repository" - git checkout ${INSTALLATION_ASSISTANT_BRANCH} >> /dev/null 2>&1 + cd ${WAZUH_INSTALLATION_ASSISTANT} WIA_VERSION=$(cat VERSION) if [ "${OVA_VERSION}" != "${WIA_VERSION}" ]; then echo "Wazuh installation assistant version ${WIA_VERSION} does not match with OVA version ${OVA_VERSION}"