clean up

wazuh · Apr 2, 2024 · baec504 · baec504
1 parent 28d14ee
commit baec504
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 98 deletions.
diff --git a/docker/prod/Dockerfile b/docker/prod/Dockerfile
@@ -2,23 +2,12 @@
 FROM amazonlinux:2023.3.20240219.0 AS builder
 
 ARG WAZUH_VERSION
-# ARG WAZUH_TAG_REVISION
 ARG WAZUH_INDEXER_TAR_NAME
 
 RUN yum install curl-minimal openssl xz tar findutils shadow-utils -y
 
 COPY ${WAZUH_INDEXER_TAR_NAME} /
 
-# COPY ../../distribution/src/config/opensearch.prod.yml /
-
-# COPY ../../distribution/src/config/security/action_groups.yml /
-
-# COPY ../../distribution/src/config/security/internal_users.yml /
-
-# COPY ../../distribution/src/config/security/roles_mapping.yml /
-
-# COPY ../../distribution/src/config/security/roles.yml /
-
 COPY config/opensearch.yml /
 
 COPY config/config.yml /

diff --git a/docker/prod/config/config.sh b/docker/prod/config/config.sh
@@ -8,89 +8,21 @@ export NAME=wazuh-indexer
 export TARGET_DIR=${CURDIR}/debian/${NAME}
 
 # Package build options
-# export USER=${NAME}
-# export GROUP=${NAME}
-# export VERSION=${WAZUH_VERSION}-${WAZUH_TAG_REVISION}
 export LOG_DIR=/var/log/${NAME}
 export LIB_DIR=/var/lib/${NAME}
 export PID_DIR=/run/${NAME}
 export INSTALLATION_DIR=/usr/share/${NAME}
 export CONFIG_DIR=${INSTALLATION_DIR}/config
 export BASE_DIR=${NAME}-*
-# export INDEXER_FILE=${WAZUH_INDEXER_TAR_NAME}
-# export BASE_FILE=wazuh-indexer-base-${VERSION}-linux-x64.tar.xz
 
 rm -rf ${INSTALLATION_DIR:?}/
-
-## variables
-# REPOSITORY="packages.wazuh.com/4.x"
-# WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '["]tag_name["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-)
-# MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1)
-# MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2)
-# MINOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f3)
-# MAJOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f1)
-# MID_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f2)
-# MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3)
-
-# ## check version to use the correct repository
-# if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then
-#   REPOSITORY="packages-dev.wazuh.com/pre-release"
-# elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then
-#   if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then
-#     REPOSITORY="packages-dev.wazuh.com/pre-release"
-#   elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then
-#     if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then
-#       REPOSITORY="packages-dev.wazuh.com/pre-release"
-#     fi
-#   fi
-# fi
-
-
-# curl -o ${INDEXER_FILE} https://${REPOSITORY}/stack/indexer/${BASE_FILE}
 tar -xf "${WAZUH_INDEXER_TAR_NAME}"
 
 ## TOOLS
 
 ## Variables
 TOOLS_PATH=${NAME}-${WAZUH_VERSION}/plugins/opensearch-security/tools
 CERT_TOOL=${TOOLS_PATH}/wazuh-certs-tool.sh
-# PASSWORD_TOOL=${TOOLS_PATH}/wazuh-passwords-tool.sh
-
-# PACKAGES_URL=https://packages.wazuh.com/5.0/
-# PACKAGES_DEV_URL=https://packages-dev.wazuh.com/5.0/
-
-# ## Check if the cert tool exists in S3 buckets
-# CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk  '{print $2}')
-# CERT_TOOL_PACKAGES_DEV=$(curl --silent -I $PACKAGES_DEV_URL$CERT_TOOL | grep -E "^HTTP" | awk  '{print $2}')
-
-# ## If cert tool exists in some bucket, download it, if not exit 1
-# if [ "$CERT_TOOL_PACKAGES" = "200" ]; then
-#   curl -o $CERT_TOOL $PACKAGES_URL$CERT_TOOL
-#   echo "Cert tool exists in Packages bucket"
-# elif [ "$CERT_TOOL_PACKAGES_DEV" = "200" ]; then
-#   curl -o $CERT_TOOL $PACKAGES_DEV_URL$CERT_TOOL
-#   echo "Cert tool exists in Packages-dev bucket"
-# else
-#   echo "Cert tool does not exist in any bucket"
-#   exit 1
-# fi
-
-
-# ## Check if the password tool exists in S3 buckets
-# PASSWORD_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$PASSWORD_TOOL | grep -E "^HTTP" | awk  '{print $2}')
-# PASSWORD_TOOL_PACKAGES_DEV=$(curl --silent -I $PACKAGES_DEV_URL$PASSWORD_TOOL | grep -E "^HTTP" | awk  '{print $2}')
-
-# ## If password tool exists in some bucket, download it, if not exit 1
-# if [ "$PASSWORD_TOOL_PACKAGES" = "200" ]; then
-#   curl -o $PASSWORD_TOOL $PACKAGES_URL$PASSWORD_TOOL
-#   echo "Password tool exists in Packages bucket"
-# elif [ "$PASSWORD_TOOL_PACKAGES_DEV" = "200" ]; then
-#   curl -o $PASSWORD_TOOL $PACKAGES_DEV_URL$PASSWORD_TOOL
-#   echo "Password tool exists in Packages-dev bucket"
-# else
-#   echo "Password tool does not exist in any bucket"
-#   exit 1
-# fi
 
 # generate certificates
 cp $CERT_TOOL .
@@ -108,25 +40,8 @@ mkdir -p ${TARGET_DIR}/usr/lib/tmpfiles.d
 mkdir -p ${TARGET_DIR}/usr/lib/sysctl.d
 mkdir -p ${TARGET_DIR}/usr/lib/systemd/system
 mkdir -p ${TARGET_DIR}${CONFIG_DIR}/certs
-# Move configuration files for wazuh-indexer
-# mv -f ${BASE_DIR}/etc/init.d/${NAME} ${TARGET_DIR}/etc/init.d/${NAME}
-# mv -f ${BASE_DIR}/etc/wazuh-indexer/* ${TARGET_DIR}${CONFIG_DIR}
-# mv -f ${BASE_DIR}/etc/sysconfig/${NAME} ${TARGET_DIR}/etc/default/
-# mv -f ${BASE_DIR}/usr/lib/tmpfiles.d/* ${TARGET_DIR}/usr/lib/tmpfiles.d/
-# mv -f ${BASE_DIR}/usr/lib/sysctl.d/* ${TARGET_DIR}/usr/lib/sysctl.d/
-# mv -f ${BASE_DIR}/usr/lib/systemd/system/* ${TARGET_DIR}/usr/lib/systemd/system/
-# rm -rf ${BASE_DIR}/etc
-# rm -rf ${BASE_DIR}/usr
 # Copy installation files to final location
 cp -pr ${BASE_DIR}/* ${TARGET_DIR}${INSTALLATION_DIR}
-# Copy the security tools
-# cp /$CERT_TOOL ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/
-# cp /$PASSWORD_TOOL ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/
-# # Copy Wazuh's config files for the security plugin
-# cp -pr /roles_mapping.yml ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/
-# cp -pr /roles.yml ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/
-# cp -pr /action_groups.yml ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/
-# cp -pr /internal_users.yml ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/
 cp -pr /opensearch.yml ${TARGET_DIR}${CONFIG_DIR}
 # Copy Wazuh indexer's certificates
 cp -pr /wazuh-certificates/demo.indexer.pem ${TARGET_DIR}${CONFIG_DIR}/certs/indexer.pem
@@ -141,12 +56,11 @@ sed '/-Xms/d' -i ${TARGET_DIR}${CONFIG_DIR}/jvm.options
 sed '/-Xmx/d' -i ${TARGET_DIR}${CONFIG_DIR}/jvm.options
 sed -i 's/-Djava.security.policy=file:\/\/\/etc\/wazuh-indexer\/opensearch-performance-analyzer\/opensearch_security.policy/-Djava.security.policy=file:\/\/\/usr\/share\/wazuh-indexer\/opensearch-performance-analyzer\/opensearch_security.policy/g' ${TARGET_DIR}${CONFIG_DIR}/jvm.options
 
-
 chmod -R 500 ${TARGET_DIR}${CONFIG_DIR}/certs
 chmod -R 400 ${TARGET_DIR}${CONFIG_DIR}/certs/*
 
 find ${TARGET_DIR} -type d -exec chmod 750 {} \;
 find ${TARGET_DIR} -type f -perm 644 -exec chmod 640 {} \;
 find ${TARGET_DIR} -type f -perm 664 -exec chmod 660 {} \;
 find ${TARGET_DIR} -type f -perm 755 -exec chmod 750 {} \;
-find ${TARGET_DIR} -type f -perm 744 -exec chmod 740 {} \;
+find ${TARGET_DIR} -type f -perm 744 -exec chmod 740 {} \;