generated from canonical/is-charms-template-repo
-
Notifications
You must be signed in to change notification settings - Fork 1
/
rockcraft.yaml
67 lines (65 loc) · 2.93 KB
/
rockcraft.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
# Copyright 2024 Canonical Ltd.
# See LICENSE file for licensing details.
# TODO: build from sources
package-repositories:
- components: [main]
key-id: 0DCFCA5547B19D2A6099506096B3EE5F29111145
key-server: https://packages.wazuh.com/key/GPG-KEY-WAZUH
suites: [stable]
type: apt
url: https://packages.wazuh.com/4.x/apt/
name: wazuh-server
summary: Wazuh server
description: Wazuh server OCI image
version: "1.0"
base: [email protected]
build-base: [email protected]
license: Apache-2.0
platforms:
amd64:
parts:
utils:
plugin: nil
stage-packages:
- git-core
- rsync
- ssh
filebeat:
plugin: nil
build-packages:
- yq
stage-packages:
- filebeat
- net-tools
override-stage: |
mkdir -p $CRAFT_PART_INSTALL/etc/filebeat/certs
chmod 500 $CRAFT_PART_INSTALL/etc/filebeat/certs
curl --max-time 60 -o $CRAFT_PART_INSTALL/etc/filebeat/filebeat.yml https://packages.wazuh.com/4.8/tpl/wazuh/filebeat/filebeat.yml
yq -iy '."output.elasticsearch"."ssl.verification_mode"="none"' $CRAFT_PART_INSTALL/etc/filebeat/filebeat.yml
mkdir -p $CRAFT_PART_INSTALL/usr/share/filebeat/module
curl --max-time 60 https://packages.wazuh.com/4.x/filebeat/wazuh-filebeat-0.4.tar.gz | tar -xvz -C $CRAFT_PART_INSTALL/usr/share/filebeat/module
curl --max-time 60 -o $CRAFT_PART_INSTALL/etc/filebeat/wazuh-template.json https://raw.githubusercontent.com/wazuh/wazuh/v4.8.1/extensions/elasticsearch/7.x/wazuh-template.json
chmod go+r $CRAFT_PART_INSTALL/etc/filebeat/wazuh-template.json
craftctl default
wazuh:
plugin: nil
build-packages:
- apt-transport-https
- gnupg
- filebeat
overlay-script: |
mount /etc/resolv.conf $CRAFT_OVERLAY/etc/resolv.conf --bind
mount proc $CRAFT_OVERLAY/proc -t proc
mount /dev $CRAFT_OVERLAY/dev --rbind --make-private
chroot $CRAFT_OVERLAY apt-get update
chroot $CRAFT_OVERLAY bash -c "DEBIAN_FRONTEND=noninteractive apt-get install ca-certificates --yes"
curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | gpg --no-default-keyring --keyring gnupg-ring:${CRAFT_OVERLAY}/usr/share/keyrings/wazuh.gpg --import && chmod 644 ${CRAFT_OVERLAY}/usr/share/keyrings/wazuh.gpg
chroot $CRAFT_OVERLAY bash -c 'echo "deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages.wazuh.com/4.x/apt/ stable main" | tee -a /etc/apt/sources.list.d/wazuh.list'
chroot $CRAFT_OVERLAY apt-get update
chroot $CRAFT_OVERLAY bash -c "DEBIAN_FRONTEND=noninteractive apt-get install wazuh-manager filebeat --yes"
chroot $CRAFT_OVERLAY bash -c "cat /var/ossec/etc/ossec.conf"
chroot $CRAFT_OVERLAY bash -c "/var/ossec/bin/wazuh-keystore -f indexer -k username -v admin"
chroot $CRAFT_OVERLAY bash -c "/var/ossec/bin/wazuh-keystore -f indexer -k password -v admin"
umount --recursive $CRAFT_OVERLAY/dev
umount $CRAFT_OVERLAY/proc
umount $CRAFT_OVERLAY/etc/resolv.conf