diff --git a/.github/workflows/builder_OVA.yaml b/.github/workflows/builder_OVA.yaml new file mode 100644 index 0000000..51ccd39 --- /dev/null +++ b/.github/workflows/builder_OVA.yaml @@ -0,0 +1,44 @@ +run-name: Build OVA - Wazuh ${{ inputs.PACKAGE_VERSION }} Version - Launched by @${{ github.actor }} +name: Build OVA + +on: + workflow_dispatch: + inputs: + WAZUH_VIRTUAL_MACHINES_REFERENCE: + description: 'Branch or tag of the wazuh-virtual-machines repository' + required: true + default: '4.10.0' + WAZUH_INSTALLATION_ASSISTANT_REFERENCE: + description: 'Branch or tag of the wazuh-installation-assistant repository' + required: true + default: '4.10.0' + WAZUH_AUTOMATION_REFERENCE: + description: 'Branch or tag of the wazuh-automation repository' + required: true + default: '4.10.0' + WAZUH_PACKAGE_REPOSITORY: + type: choice + description: 'Wazuh package repository from which to download the packages' + required: true + options: + - prod + - dev + - staging + S3_REPOSITORY: + type: choice + description: 'packages-dev repository to upload the OVA' + required: true + options: + - pre-release + - staging + +env: + LABEL: ubuntu-latest + +jobs: + initialize-environment: + runs-on: $LABEL + + steps: + - name: Set up Git + uses: actions/checkout@v3 \ No newline at end of file diff --git a/ova/.gitignore b/ova/.gitignore new file mode 100644 index 0000000..c3f8a3c --- /dev/null +++ b/ova/.gitignore @@ -0,0 +1,4 @@ +.vagrant +*.ova +*.ovf +*.vmdk \ No newline at end of file diff --git a/ova/Ova2Ovf.py b/ova/Ova2Ovf.py new file mode 100755 index 0000000..402b29e --- /dev/null +++ b/ova/Ova2Ovf.py @@ -0,0 +1,64 @@ +#!/usr/bin/env python +# Copyright (C) 2019, Wazuh Inc. +# +# Ova2Ovf.py Helper script to convert VBox .ova export +# for import to VMWare ESXi +# +# Original author: eshizhan https://github.com/eshizhan +# Author: Neova Health +# forked from : https://gist.github.com/eshizhan/6650285 +# Modified by Wazuh, Inc + +import sys +import tarfile +import os +import hashlib +import argparse + +parser = argparse.ArgumentParser() +parser.add_argument('-s', '--srcfile', help="Source VirtualBox Ova", type=str, dest='srcfile') +parser.add_argument('-d', '--destfile', help="Modified Ova", type=str, dest='destfile') +args = parser.parse_args() + +if not args.srcfile or not args.destfile: + print("Source Ova and Destination Ova are needed") + exit + +srcfile = args.srcfile +fileName, fileExtension = os.path.splitext(srcfile) +destfile = args.destfile + +with tarfile.open(srcfile) as t: + ovaFiles = t.getnames() + t.extractall() + + +ovaF = ovaFiles[0] +ovaV = ovaFiles[1] + + +with open(ovaF) as fn: + fp=fn.read() + if hasattr(fp, 'decode'): + fp = fp.decode('utf-8') + + fp = fp.replace('','') + fp = fp.replace('virtualbox-2.2','vmx-7') + fp = fp.replace('sataController', 'scsiController') + fp = fp.replace('SATA Controller','SCSI Controller') + fp = fp.replace('sataController','scsiController') + fp = fp.replace('AHCI', 'lsilogic') + fp = fp.replace('20', '6') + + end = fp.find('sound') + start = fp.rfind('', 0, end) + fp = fp[:start] + '' + fp[start+len(''):] + + +with open(ovaF, 'wb') as nfp: + nfp.write(fp.encode('utf8')) + +# Create new .ova +with tarfile.open(destfile, "w") as t: + for name in ovaFiles: + t.add(name) diff --git a/ova/README.md b/ova/README.md new file mode 100644 index 0000000..be73141 --- /dev/null +++ b/ova/README.md @@ -0,0 +1,29 @@ +# Wazuh Virtual Machine + +In this repository, you can find the necessary tools to build your own OVA file with all Wazuh components installed. + +## Building OVA file: + +Please, visit the following link for the full OVA building documentation: [Generate Wazuh virtual machine.](https://documentation.wazuh.com/current/development/packaging/generate-ova.html) + +## More Packages + +- [AIX](/aix/README.md) +- [Arch](/arch/README.md) +- [Debian](/debs/README.md) +- [HP-UX](/hp-ux/README.md) +- [KibanaApp](/wazuhapp/README.md) +- [macOS](/macos/README.md) +- [RPM](/rpms/README.md) +- [Solaris](/solaris/README.md) +- [SplunkApp](/splunkapp/README.md) +- [Windows](/windows/README.md) +- [WPK](/wpk/README.md) + +## Contribute + +If you want to contribute to our project please don't hesitate to send a pull request. You can also join our users [mailing list](https://groups.google.com/d/forum/wazuh) by sending an email to [wazuh+subscribe@googlegroups.com](mailto:wazuh+subscribe@googlegroups.com)or join to our Slack channel by filling this [form](https://wazuh.com/community/join-us-on-slack/) to ask questions and participate in discussions. + +## License and copyright + +WAZUH Copyright (C) 2015 Wazuh Inc. (License GPLv2) diff --git a/ova/Vagrantfile b/ova/Vagrantfile new file mode 100755 index 0000000..c26db20 --- /dev/null +++ b/ova/Vagrantfile @@ -0,0 +1,28 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : + +Vagrant.configure("2") do |config| + + config.vm.box_url = "https://packages-dev.wazuh.com/vms/ova/amznlinux-2.box" + config.vm.box = "amznlinux-2" + config.vm.hostname = "wazuh-server" + config.vm.provider "virtualbox" do |vb| + vb.name = "vm_wazuh" + vb.memory = "8192" + vb.cpus = "4" + end + + config.ssh.username = "wazuh-user" + config.ssh.password = "wazuh" + config.ssh.insert_key = true + + # Synced folder configuration + config.vm.synced_folder ".", "/vagrant", disabled: true + config.vm.synced_folder ".", "/tmp", type: "rsync", :rsync__exclude => ['output'] + + # Provision stage + config.vm.provision :shell, path: "provision.sh", :args => "#{ENV['PACKAGES_REPOSITORY']} #{ENV['DEBUG']}" + + # Provision cleanup stage + config.vm.provision :shell, path: "assets/postProvision.sh", :args => "#{ENV['DEBUG']}" +end diff --git a/ova/assets/custom/automatic_set_ram.sh b/ova/assets/custom/automatic_set_ram.sh new file mode 100644 index 0000000..afbac10 --- /dev/null +++ b/ova/assets/custom/automatic_set_ram.sh @@ -0,0 +1,20 @@ +#!/bin/sh + +# Configure JVM options for Wazuh indexer +ram_mb=$(free -m | awk '/^Mem:/{print $2}') +ram="$(( ram_mb / 2 ))" + +if [ "${ram}" -eq "0" ]; then + ram=1024; +fi + +regex="^\-Xmx\K[0-9]+" +file="/etc/wazuh-indexer/jvm.options" +value=$(grep -oP ${regex} ${file}) + +if [[ "${value}" != "${ram}" ]]; then + eval "sed -i "s/^-Xms.*$/-Xms${ram}m/" ${file} ${debug}" + eval "sed -i "s/^-Xmx.*$/-Xmx${ram}m/" ${file} ${debug}" +fi + +systemctl stop updateIndexerHeap.service \ No newline at end of file diff --git a/ova/assets/custom/enable_fips.sh b/ova/assets/custom/enable_fips.sh new file mode 100644 index 0000000..dca9e59 --- /dev/null +++ b/ova/assets/custom/enable_fips.sh @@ -0,0 +1,9 @@ +# Update the Operating System (OS) packages to ensure the OS is up to date +sudo yum update -y + +# Install and enable the FIPS module +sudo yum install -y dracut-fips +sudo dracut -f + +# Enable FIPS mode by adding kernel argument: +sudo /sbin/grubby --update-kernel=ALL --args="fips=1" diff --git a/ova/assets/custom/functions.sh b/ova/assets/custom/functions.sh new file mode 100644 index 0000000..c149e08 --- /dev/null +++ b/ova/assets/custom/functions.sh @@ -0,0 +1,29 @@ +function installCommon_changePasswords() { + + common_logger -d "Setting Wazuh indexer cluster passwords." + if [ -f "${tar_file}" ]; then + eval "tar -xf ${tar_file} -C /tmp wazuh-install-files/wazuh-passwords.txt ${debug}" + p_file="/tmp/wazuh-install-files/wazuh-passwords.txt" + common_checkInstalled + if [ -n "${start_indexer_cluster}" ] || [ -n "${AIO}" ]; then + changeall=1 + passwords_readUsers + fi + installCommon_readPasswordFileUsers + else + common_logger -e "Cannot find passwords file. Exiting" + exit 1 + fi + if [ -n "${start_indexer_cluster}" ] || [ -n "${AIO}" ]; then + passwords_getNetworkHost + passwords_createBackUp + passwords_generateHash + fi + + passwords_changePassword + + if [ -n "${start_indexer_cluster}" ] || [ -n "${AIO}" ]; then + passwords_runSecurityAdmin + fi + +} \ No newline at end of file diff --git a/ova/assets/custom/grub/grub b/ova/assets/custom/grub/grub new file mode 100644 index 0000000..6cc85d8 --- /dev/null +++ b/ova/assets/custom/grub/grub @@ -0,0 +1,8 @@ +GRUB_CMDLINE_LINUX_DEFAULT="console=tty0 console=ttyS0,115200n8 net.ifnames=0 biosdevname=0 nvme_core.io_timeout=4294967295 rd.emergency=poweroff quiet splash rd.plymouth=0 plymouth.enable=0 loglevel=0 systemd.show_status=0 systemd.log_level=0 vt.cur_default=0 rd.shell=0 root=/dev/sda1" +GRUB_DEFAULT=0 +GRUB_TIMEOUT=0 +GRUB_HIDDEN_TIMEOUT=2 +GRUB_DISABLE_RECOVERY="true" +GRUB_DISABLE_SUBMENU=y +GRUB_DISABLE_LINUX_UUID=true +GRUB_BACKGROUND="/boot/grub2/wazuh.png" \ No newline at end of file diff --git a/ova/assets/custom/grub/wazuh.png b/ova/assets/custom/grub/wazuh.png new file mode 100644 index 0000000..7df4d78 Binary files /dev/null and b/ova/assets/custom/grub/wazuh.png differ diff --git a/ova/assets/custom/messages.sh b/ova/assets/custom/messages.sh new file mode 100644 index 0000000..5f9b3cc --- /dev/null +++ b/ova/assets/custom/messages.sh @@ -0,0 +1,50 @@ +#!/bin/sh + +DEBUG=$1 +WAZUH_VERSION=$2 +SYSTEM_USER=$3 + +[[ ${DEBUG} = "yes" ]] && set -ex || set -e + +# OVA Welcome message +cat > /etc/issue < /etc/update-motd.d/30-banner < {}' \; +find /var/ossec/logs -type f -execdir sh -c 'cat /dev/null > "$1"' _ {} \; +find /var/log/wazuh-indexer -type f -execdir sh -c 'cat /dev/null > "$1"' _ {} \; +find /var/log/filebeat -type f -execdir sh -c 'cat /dev/null > "$1"' _ {} \; +find /usr/share/wazuh-dashboard/data/wazuh/logs -type f -execdir sh -c 'cat /dev/null > "$1"' _ {} \; + +history -c +shutdown -r now > /dev/null 2>&1 \ No newline at end of file diff --git a/ova/assets/steps.sh b/ova/assets/steps.sh new file mode 100644 index 0000000..2c5e470 --- /dev/null +++ b/ova/assets/steps.sh @@ -0,0 +1,71 @@ +#!/bin/bash + +[[ ${DEBUG} = "yes" ]] && set -ex || set -e + +# Edit system configuration +systemConfig() { + + echo "Upgrading the system. This may take a while ..." + yum upgrade -y > /dev/null 2>&1 + + # Disable kernel messages and edit background + mv ${CUSTOM_PATH}/grub/wazuh.png /boot/grub2/ + mv ${CUSTOM_PATH}/grub/grub /etc/default/ + grub2-mkconfig -o /boot/grub2/grub.cfg > /dev/null 2>&1 + + # Enable fips + mv ${CUSTOM_PATH}/enable_fips.sh /tmp/ + chmod 755 /tmp/enable_fips.sh + bash /tmp/enable_fips.sh + + # Update Wazuh indexer jvm heap + mv ${CUSTOM_PATH}/automatic_set_ram.sh /etc/ + chmod 755 /etc/automatic_set_ram.sh + mv ${CUSTOM_PATH}/updateIndexerHeap.service /etc/systemd/system/ + systemctl daemon-reload + systemctl enable updateIndexerHeap.service + + + # Change root password (root:wazuh) + sed -i "s/root:.*:/root:\$1\$pNjjEA7K\$USjdNwjfh7A\.vHCf8suK41::0:99999:7:::/g" /etc/shadow + + hostname ${HOSTNAME} + + # AWS instance has this enabled + sed -i "s/PermitRootLogin yes/#PermitRootLogin yes/g" /etc/ssh/sshd_config + + # SSH configuration + sed -i "s/PasswordAuthentication no/PasswordAuthentication yes/" /etc/ssh/sshd_config + echo "PermitRootLogin no" >> /etc/ssh/sshd_config + + # Edit system custom welcome messages + bash ${CUSTOM_PATH}/messages.sh ${DEBUG} ${WAZUH_VERSION} ${SYSTEM_USER} + +} + +# Edit unattended installer +preInstall() { + + # Avoid random passwords + sed -i "s/passwords+=\(.*\)/passwords+=\(\"\${users[i]}\"\)/g" ${RESOURCES_PATH}/${INSTALLER} + sed -i "s/api_passwords+=\(.*\)//g" ${RESOURCES_PATH}/${INSTALLER} + sed -i "s/passwords_checkPassword .*//g" ${RESOURCES_PATH}/${INSTALLER} + sed -i "s/filecorrect=.*/filecorrect=1/g" ${RESOURCES_PATH}/${INSTALLER} + sed -i "s/main \"\$@\"//g" ${RESOURCES_PATH}/${INSTALLER} + cat ${CUSTOM_PATH}/functions.sh >> ${RESOURCES_PATH}/${INSTALLER} + echo "" >> ${RESOURCES_PATH}/${INSTALLER} + echo "main \"\$@\"" >> ${RESOURCES_PATH}/${INSTALLER} + +} + +clean() { + + rm -f /securityadmin_demo.sh + yum clean all + systemctl daemon-reload + + # Clear synced files + rm -rf ${CURRENT_PATH}/* ${CURRENT_PATH}/.gitignore + cat /dev/null > ~/.bash_history && history -c + +} diff --git a/ova/generate_ova.sh b/ova/generate_ova.sh new file mode 100755 index 0000000..329917a --- /dev/null +++ b/ova/generate_ova.sh @@ -0,0 +1,233 @@ +#!/bin/bash + +# Program to build the Wazuh Virtual Machine +# Wazuh package generator +# Copyright (C) 2015, Wazuh Inc. +# +# This program is a free software; you can redistribute it +# and/or modify it under the terms of the GNU General Public +# License (version 2) as published by the FSF - Free Software +# Foundation. + +set -e +# Dependencies: vagrant, virtualbox + +# CONFIGURATION VARIABLES + +scriptpath=$( + cd "$(dirname "$0")" + pwd -P +) + +OUTPUT_DIR="${scriptpath}/output" +CHECKSUM_DIR="${scriptpath}/checksum" + +UNATTENDED_RESOURCES_FOLDER="unattended_installer" +UNATTENDED_PATH="../${UNATTENDED_RESOURCES_FOLDER}" +VERSION_FILE="../VERSION" + +PACKAGES_REPOSITORY="prod" +CHECKSUM="no" +DEBUG="no" + +help () { + echo -e "" + echo -e "NAME" + echo -e "$(basename "$0") - Build Wazuh OVA." + echo -e "" + echo -e "SYNOPSIS" + echo -e " $(basename "$0") -r | -s | -c | -f | -h" + echo -e "" + echo -e "DESCRIPTION" + echo -e " -r, --repository" + echo -e " Use development or production repository." + echo -e " Values: [prod|dev|staging]. By default: ${PACKAGES_REPOSITORY}." + echo -e "" + echo -e " -s, --store" + echo -e " Set the destination absolute path where the OVA file will be stored." + echo -e " By default, a output folder will be created in ${OUTPUT_DIR}." + echo -e "" + echo -e " -c, --checksum" + echo -e " Generate OVA checksum." + echo -e " Values: [yes|no]. By default: ${CHECKSUM}." + echo -e "" + echo -e " -g, --debug" + echo -e " Set debug mode." + echo -e " Values: [yes|no]. By default: ${DEBUG}." + echo -e "" + echo -e " -h, --help" + echo -e " Show this help." + echo "" + exit "$1" +} + +clean() { + exit_code=$1 + + cd "${scriptpath}" + vagrant destroy -f + OVA_VMDK="wazuh-${OVA_VERSION}-disk001.vmdk" + rm -f "${OVA_VM}" "${OVF_VM}" "${OVA_VMDK}" "${OVA_FIXED}" + + exit "${exit_code}" +} + +build_ova() { + + OVA_VM="wazuh-${OVA_VERSION}.ova" + OVF_VM="wazuh-${OVA_VERSION}.ovf" + OVA_FIXED="wazuh-${OVA_VERSION}-fixed.ova" + + export PACKAGES_REPOSITORY + export DEBUG + + if [ -e "${OUTPUT_DIR}/${OVA_VM}" ] || [ -e "${OUTPUT_DIR}/${OVF_VM}" ]; then + rm -f "${OUTPUT_DIR}"/"${OVA_VM}" "${OUTPUT_DIR}"/"${OVF_VM}" + fi + + if [ -e "${CHECKSUM_DIR}/${OVA_VM}.sha512" ]; then + rm -f "${CHECKSUM_DIR}/${OVA_VM}.sha512" + fi + + # Vagrant will provision the VM with all the software. (See vagrantfile) + vagrant destroy -f + vagrant up || clean 1 + vagrant suspend + echo "Exporting ova" + + # Get machine name + VM_EXPORT=$(vboxmanage list vms | grep -i vm_wazuh | cut -d "\"" -f2) + + # Create OVA with machine + vboxmanage export "${VM_EXPORT}" -o "${OVA_VM}" \ + --vsys 0 \ + --product "Wazuh v${OVA_VERSION} OVA" \ + --producturl "https://packages.wazuh.com/vm/wazuh-${OVA_VERSION}.ova" \ + --vendor "Wazuh, inc " --vendorurl "https://wazuh.com" \ + --version "$OVA_VERSION" --description "Wazuh enhances security visibility in your infrastructure by monitoring endpoints at the operating system and application levels. Its capabilities include log analysis, file integrity monitoring, intrusion detection, and compliance monitoring." \ + || clean 1 + + vagrant destroy -f + + tar -xvf "${OVA_VM}" + + echo "Setting up ova for VMware ESXi" + + # Configure OVA for import to VMWare ESXi + if [ -n "$(command -v python)" ]; then + python Ova2Ovf.py -s "${OVA_VM}" -d "${OVA_FIXED}" + elif [ -n "$(command -v python3)" ]; then + python3 Ova2Ovf.py -s "${OVA_VM}" -d "${OVA_FIXED}" + else + echo "Cannot find python" + clean 1 + fi + + + # Make output dir of OVA file + mkdir -p "${OUTPUT_DIR}" + mv "${OVA_FIXED}" "${OUTPUT_DIR}"/"${OVA_VM}" + +} + +main() { + + while [ -n "$1" ]; do + + case $1 in + "-h" | "--help") + help 0 + ;; + + "-r" | "--repository") + if [ -n "$2" ]; then + if [ "$2" != "prod" ] && [ "$2" != "dev" ] && [ "$2" != "staging" ]; then + echo "ERROR: Repository must be: [prod/dev/staging]" + help 1 + fi + PACKAGES_REPOSITORY="$2" + shift 2 + else + echo "ERROR: Value must be: [prod/dev/staging]" + help 1 + fi + ;; + + "-s" | "--store-path") + if [ -n "$2" ]; then + OUTPUT_DIR="$2" + shift 2 + else + echo "ERROR: Need store path" + help 1 + fi + ;; + + "-g" | "--debug") + if [ -n "$2" ]; then + if [ "$2" != "no" ] && [ "$2" != "yes" ]; then + echo "ERROR: Debug must be [yes/no]" + help 1 + fi + DEBUG="$2" + shift 2 + else + echo "ERROR: Need a value [yes/no]" + help 1 + fi + ;; + + "-c"|"--checksum") + if [ -n "$2" ]; then + if [ "$2" != "no" ] && [ "$2" != "yes" ]; then + echo "ERROR: Checksum must be [yes/no]" + help 1 + fi + CHECKSUM="$2" + shift 2 + else + echo "ERROR: Checksum needs a value [yes/no]" + help 1 + fi + ;; + *) + help 1 + ;; + esac + done + + if [ -z "${CHECKSUM_DIR}" ]; then + CHECKSUM_DIR="${OUTPUT_DIR}" + fi + + [[ ${PACKAGES_REPOSITORY} = "prod" ]] && REPO="production" || REPO="development" + + cp -r ../${UNATTENDED_RESOURCES_FOLDER} . + + OVA_VERSION=$(cat ${VERSION_FILE}) + if [ "${OVA_VERSION:0:1}" == "v" ]; then + OVA_VERSION=${OVA_VERSION:1} + fi + + + # Build OVA file (no standard) + echo "Version to build: ${OVA_VERSION} with ${REPO} repository" + build_ova + + rm -rf ${UNATTENDED_RESOURCES_FOLDER} + + # Standarize OVA + bash setOVADefault.sh "${scriptpath}" "${OUTPUT_DIR}/${OVA_VM}" "${OUTPUT_DIR}/${OVA_VM}" "${scriptpath}/wazuh_ovf_template" "${OVA_VERSION}" || clean 1 + + if [ "${CHECKSUM}" = "yes" ]; then + mkdir -p "${CHECKSUM_DIR}" + cd "${OUTPUT_DIR}" && sha512sum "${OVA_VM}" > "${CHECKSUM_DIR}/${OVA_VM}.sha512" + echo "Checksum created in ${CHECKSUM_DIR}/${OVA_VM}.sha512" + fi + + echo "Process finished" + clean 0 + +} + +main "$@" diff --git a/ova/provision.sh b/ova/provision.sh new file mode 100755 index 0000000..d6b94b1 --- /dev/null +++ b/ova/provision.sh @@ -0,0 +1,60 @@ +#!/bin/bash + +PACKAGES_REPOSITORY=$1 +DEBUG=$2 + +RESOURCES_PATH="/tmp/unattended_installer" +BUILDER="builder.sh" +INSTALLER="wazuh-install.sh" +SYSTEM_USER="wazuh-user" +HOSTNAME="wazuh-server" +INDEXES=("wazuh-alerts-*" "wazuh-archives-*" "wazuh-states-vulnerabilities-*" "wazuh-statistics-*" "wazuh-monitoring-*") + +CURRENT_PATH="$( cd $(dirname $0) ; pwd -P )" +ASSETS_PATH="${CURRENT_PATH}/assets" +CUSTOM_PATH="${ASSETS_PATH}/custom" +BUILDER_ARGS="-i" +INSTALL_ARGS="-a" + +if [[ "${PACKAGES_REPOSITORY}" == "dev" ]]; then + BUILDER_ARGS+=" -d" +elif [[ "${PACKAGES_REPOSITORY}" == "staging" ]]; then + BUILDER_ARGS+=" -d staging" +fi + +if [[ "${DEBUG}" = "yes" ]]; then + INSTALL_ARGS+=" -v" +fi + +echo "Using ${PACKAGES_REPOSITORY} packages" + +. ${ASSETS_PATH}/steps.sh + +# Build install script +bash ${RESOURCES_PATH}/${BUILDER} ${BUILDER_ARGS} +WAZUH_VERSION=$(cat ${RESOURCES_PATH}/${INSTALLER} | grep "wazuh_version=" | cut -d "\"" -f 2) + +# System configuration +systemConfig + +# Edit installation script +preInstall + +# Install +bash ${RESOURCES_PATH}/${INSTALLER} ${INSTALL_ARGS} + +systemctl stop filebeat wazuh-manager + +# Delete indexes +for index in "${INDEXES[@]}"; do + curl -u admin:admin -XDELETE "https://127.0.0.1:9200/$index" -k +done + +# Recreate empty indexes (wazuh-alerts and wazuh-archives) +bash /usr/share/wazuh-indexer/bin/indexer-security-init.sh -ho 127.0.0.1 + +systemctl stop wazuh-indexer wazuh-dashboard +systemctl enable wazuh-manager + + +clean diff --git a/ova/setOVADefault.sh b/ova/setOVADefault.sh new file mode 100755 index 0000000..6126eaf --- /dev/null +++ b/ova/setOVADefault.sh @@ -0,0 +1,51 @@ + +[[ ${DEBUG} = "yes" ]] && set -x + +echo "Standarizing OVA" + +workspace=$1 +path_ova=$2 +dest_ova=$3 +ovf_path=$4 +wazuh_version=$5 +file="wazuh-${wazuh_version}" +mkdir -p ${workspace}/new-ova/ + +echo "Setting OVA to default" + +tar -xvf ${path_ova} --directory ${workspace}/new-ova/ +echo "OVF extracted" + +mv "${workspace}"/new-ova/*.ovf ${workspace}/new-ova/${file}.ovf +mv "${workspace}"/new-ova/*.mf ${workspace}/new-ova/${file}.mf +mv "${workspace}"/new-ova/*.vmdk ${workspace}/new-ova/${file}-disk-1.vmdk +echo "Files renamed" + +cp ${ovf_path} ${workspace}/new-ova/${file}.ovf + +sed -i "s/{WAZUH_VERSION}/${wazuh_version}/" ${workspace}/new-ova/${file}.ovf +echo "OVF Version changed" + +ovf_size=$(stat --printf=%s ${workspace}/new-ova/${file}-disk-1.vmdk) +sed -i "s/{SIZE}/${ovf_size}/" "${workspace}/new-ova/${file}.ovf" +echo "OVF Size changed" + +export workspace +export file +sha_ovf=$(sha1sum ${workspace}/new-ova/${file}.ovf) +sha_vmdk=$(sha1sum ${workspace}/new-ova/${file}-disk-1.vmdk) +read -a sha_ovf_array <<< "${sha_ovf}" +read -a sha_vmdk_array <<< "${sha_vmdk}" + +sha_ovf=${sha_ovf_array[0]} +sha_vmdk=${sha_vmdk_array[0]} + +echo "SHA1(${file}-disk-1.vmdk) = ${sha_vmdk}" > ${workspace}/new-ova/${file}.mf +echo "SHA1(${file}.ovf) = ${sha_ovf}" >> ${workspace}/new-ova/${file}.mf +echo "Manifest changed" + +tar -cvf "${dest_ova}" -C "${workspace}/new-ova/" ${file}.ovf ${file}-disk-1.vmdk ${file}.mf +echo "New OVA created" + +rm -rf ${workspace}/new-ova/ +echo "Cleaned temporary directory" \ No newline at end of file diff --git a/ova/wazuh_ovf_template b/ova/wazuh_ovf_template new file mode 100644 index 0000000..e65d539 --- /dev/null +++ b/ova/wazuh_ovf_template @@ -0,0 +1,109 @@ + + + + + + + + Virtual disk information + + + + The list of logical networks + + The VM Network network + + + + A virtual machine + + Meta-information about the installed software + Wazuh v{WAZUH_VERSION} OVA + Wazuh, inc <info@wazuh.com> + {WAZUH_VERSION} + https://packages.wazuh.com/vm/wazuh-{WAZUH_VERSION}.ova + https://wazuh.com + + + A human-readable annotation + Wazuh enhances security visibility in your infrastructure by monitoring endpoints at the operating system and application levels. Its capabilities include log analysis, file integrity monitoring, intrusion detection, and compliance monitoring. + + + The kind of installed guest operating system + Linux - Amazon Linux 2 + + + Virtual hardware requirements + + Virtual Hardware Family + 0 + wazuh-{WAZUH_VERSION} + vmx-07 + + + hertz * 10^6 + Number of Virtual CPUs + 4 virtual CPU(s) + 1 + 3 + 4 + + + byte * 2^20 + Memory Size + 8192MB of memory + 2 + 4 + 8192 + + + 1 + IDE Controller + VirtualIDEController 1 + 3 + 5 + + + 0 + IDE Controller + VirtualIDEController 0 + 4 + 5 + + + 0 + Hard Disk 1 + ovf:/disk/vmdisk1 + 5 + 4 + 17 + + + 0 + false + CD-ROM 1 + 6 + 3 + 15 + + + 7 + true + VM Network + E1000 ethernet adapter on "VM Network" + Ethernet 1 + 7 + E1000 + 10 + + + 0 + false + Floppy Drive + Floppy 1 + 8 + 14 + + + + \ No newline at end of file