diff --git a/elasticsearch/Dockerfile b/elasticsearch/Dockerfile index 1a41604b..30a2cd0a 100644 --- a/elasticsearch/Dockerfile +++ b/elasticsearch/Dockerfile @@ -9,6 +9,8 @@ ENV API_USER="foo" \ ENV XPACK_ML="true" +ENV ENABLE_CONFIGURE_S3="false" + ENV TEMPLATE_VERSION=v3.8.2 ADD https://raw.githubusercontent.com/wazuh/wazuh/$TEMPLATE_VERSION/extensions/elasticsearch/wazuh-elastic6-template-alerts.json /usr/share/elasticsearch/config @@ -21,5 +23,10 @@ COPY --chown=elasticsearch:elasticsearch ./config/load_settings.sh ./ RUN chmod +x ./load_settings.sh +RUN elasticsearch-plugin install --batch repository-s3 + +COPY config/configure_s3.sh ./config/configure_s3.sh +RUN chmod 755 ./config/configure_s3.sh + ENTRYPOINT ["/entrypoint.sh"] CMD ["elasticsearch"] diff --git a/elasticsearch/config/configure_s3.sh b/elasticsearch/config/configure_s3.sh new file mode 100644 index 00000000..49c88a25 --- /dev/null +++ b/elasticsearch/config/configure_s3.sh @@ -0,0 +1,76 @@ +#!/bin/bash + +set -e + +# Check number of arguments passed to configure_s3.sh. If it is different from 4 or 5, the process will finish with error. +# param 1: number of arguments passed to configure_s3.sh + +function CheckArgs() +{ + if [ $1 != 4 ] && [ $1 != 5 ];then + echo "Use: configure_s3.sh (By default is added to the path and the repository name)" + echo "or use: configure_s3.sh " + exit 1 + + fi +} + +# Create S3 repository from base_path / (if there is no argument, current version is added) +# Repository name would be - (if there is no argument, current version is added) +# param 1: +# param 2: +# param 3: +# param 4: +# param 5: Optional +# output: It will show "acknowledged" if the repository has been successfully created + +function CreateRepo() +{ + + elastic_ip_port="$2" + bucket_name="$3" + path="$4" + repository_name="$5" + + if [ $1 == 5 ];then + version="$6" + else + version=`curl -s $elastic_ip_port | grep number | cut -d"\"" -f4 | cut -c1` + fi + + if ! [[ "$version" =~ ^[0-9]+$ ]];then + echo "Elasticsearch major version must be an integer" + exit 1 + fi + + repository="$repository_name-$version" + s3_path="$path/$version" + + curl -X PUT "$elastic_ip_port/_snapshot/$repository" -H 'Content-Type: application/json' -d' + { + "type": "s3", + "settings": { + "bucket": "'$bucket_name'", + "base_path": "'$s3_path'" + } + } + ' + +} + +# Run functions CheckArgs and CreateRepo +# param 1: number of arguments passed to configure_s3.sh +# param 2: +# param 3: +# param 4: +# param 5: +# param 6: Optional + +function Main() +{ + CheckArgs $1 + + CreateRepo $1 $2 $3 $4 $5 $6 +} + +Main $# $1 $2 $3 $4 $5 \ No newline at end of file diff --git a/elasticsearch/config/load_settings.sh b/elasticsearch/config/load_settings.sh index bac61378..17154c29 100644 --- a/elasticsearch/config/load_settings.sh +++ b/elasticsearch/config/load_settings.sh @@ -23,6 +23,25 @@ done >&2 echo "Elastic is up - executing command" +if [ $ENABLE_CONFIGURE_S3 ]; then + #Wait for Elasticsearch to be ready to create the repository + sleep 10 + IP_PORT="${ELASTICSEARCH_IP}:${ELASTICSEARCH_PORT}" + + if [ "x$S3_PATH" != "x" ]; then + + if [ "x$S3_ELASTIC_MAJOR" != "x" ]; then + ./config/configure_s3.sh $IP_PORT $S3_BUCKET_NAME $S3_PATH $S3_REPOSITORY_NAME $S3_ELASTIC_MAJOR + + else + ./config/configure_s3.sh $IP_PORT $S3_BUCKET_NAME $S3_PATH $S3_REPOSITORY_NAME + + fi + + fi + +fi + #Insert default templates sed -i 's| "index.refresh_interval": "5s"| "index.refresh_interval": "5s", "number_of_shards" : '"${ALERTS_SHARDS}"', "number_of_replicas" : '"${ALERTS_REPLICAS}"'|' /usr/share/elasticsearch/config/wazuh-elastic6-template-alerts.json