Kinesin/sovereign
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit after Claude implementation

Browse Source
This commit is contained in:
Ian Roddis
2026-03-23 14:29:32 -03:00
commit 5920d3fd7a
62 changed files with 1847 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
roles/wazuh/templates/docker-compose.yml.j2
+106
View File
@@ -0,0 +1,106 @@
services:
wazuh-manager:
image: wazuh/wazuh-manager:{{ wazuh_version }}
container_name: wazuh-manager
restart: unless-stopped
hostname: wazuh.manager
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 655360
hard: 655360
environment:
INDEXER_URL: "https://wazuh-indexer:9200"
INDEXER_USERNAME: admin
INDEXER_PASSWORD: "{{ wazuh_admin_password }}"
FILEBEAT_SSL_VERIFICATION_MODE: full
SSL_CERTIFICATE_AUTHORITIES: /etc/ssl/root-ca.pem
SSL_CERTIFICATE: /etc/ssl/filebeat.pem
SSL_KEY: /etc/ssl/filebeat.key
API_USERNAME: wazuh-wui
API_PASSWORD: "{{ wazuh_api_password }}"
ports:
- "1514:1514"
- "1515:1515"
- "514:514/udp"
- "55000:55000"
volumes:
- {{ wazuh_data_dir }}/wazuh-manager-master:/var/ossec/data
- {{ wazuh_data_dir }}/wazuh-indexer-certs/root-ca-manager.pem:/etc/ssl/root-ca.pem
- {{ wazuh_data_dir }}/wazuh-indexer-certs/wazuh.manager.pem:/etc/ssl/filebeat.pem
- {{ wazuh_data_dir }}/wazuh-indexer-certs/wazuh.manager-key.pem:/etc/ssl/filebeat.key
- {{ wazuh_data_dir }}/config:/wazuh-config-mount/etc
networks:
- internal
- {{ sovereign_network_name }}
logging:
driver: gelf
options:
gelf-address: "udp://{{ graylog_host }}:{{ graylog_gelf_port }}"
tag: "wazuh-manager"
wazuh-indexer:
image: wazuh/wazuh-indexer:{{ wazuh_version }}
container_name: wazuh-indexer
restart: unless-stopped
hostname: wazuh-indexer
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 65536
hard: 65536
environment:
OPENSEARCH_JAVA_OPTS: "-Xms{{ wazuh_indexer_memory }} -Xmx{{ wazuh_indexer_memory }}"
volumes:
- {{ wazuh_data_dir }}/wazuh-indexer-data:/var/lib/wazuh-indexer
- {{ wazuh_data_dir }}/wazuh-indexer-certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem
- {{ wazuh_data_dir }}/wazuh-indexer-certs/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.key
- {{ wazuh_data_dir }}/wazuh-indexer-certs/wazuh.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.pem
- {{ wazuh_data_dir }}/wazuh-indexer-certs/admin.pem:/usr/share/wazuh-indexer/certs/admin.pem
- {{ wazuh_data_dir }}/wazuh-indexer-certs/admin-key.pem:/usr/share/wazuh-indexer/certs/admin-key.pem
networks:
- internal
wazuh-dashboard:
image: wazuh/wazuh-dashboard:{{ wazuh_version }}
container_name: wazuh-dashboard
restart: unless-stopped
hostname: wazuh-dashboard
depends_on:
- wazuh-indexer
environment:
INDEXER_USERNAME: admin
INDEXER_PASSWORD: "{{ wazuh_admin_password }}"
WAZUH_API_URL: https://wazuh-manager
DASHBOARD_USERNAME: kibanaserver
DASHBOARD_PASSWORD: "{{ wazuh_admin_password }}"
API_USERNAME: wazuh-wui
API_PASSWORD: "{{ wazuh_api_password }}"
volumes:
- {{ wazuh_data_dir }}/wazuh-indexer-certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem
- {{ wazuh_data_dir }}/wazuh-indexer-certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem
- {{ wazuh_data_dir }}/wazuh-indexer-certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem
labels:
- "traefik.enable=true"
- "traefik.http.routers.wazuh.rule=Host(`{{ wazuh_domain }}`)"
- "traefik.http.routers.wazuh.tls=true"
- "traefik.http.routers.wazuh.tls.certresolver=letsencrypt"
- "traefik.http.services.wazuh.loadbalancer.server.port=5601"
- "traefik.http.services.wazuh.loadbalancer.server.scheme=https"
networks:
- internal
- {{ sovereign_network_name }}
logging:
driver: gelf
options:
gelf-address: "udp://{{ graylog_host }}:{{ graylog_gelf_port }}"
tag: "wazuh-dashboard"
networks:
internal:
{{ sovereign_network_name }}:
external: true