Kinesin/sovereign
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Adding option to brand across services where possible

Browse Source
This commit is contained in:
Ian Roddis
2026-03-23 14:54:16 -03:00
parent 6c914d5b82
commit 72f171e88f
20 changed files with 191 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
roles/wazuh/tasks/main.yml
+16
View File
@@ -7,6 +7,22 @@
loop:
- "{{ wazuh_data_dir }}"
- "{{ wazuh_data_dir }}/config"
- "{{ wazuh_data_dir }}/dashboard-config"
- name: Deploy Wazuh dashboard branding config
ansible.builtin.template:
src: opensearch_dashboards.yml.j2
dest: "{{ wazuh_data_dir }}/dashboard-config/opensearch_dashboards.yml"
mode: '0644'
notify: restart wazuh
- name: Copy tenant logo to Wazuh dashboard assets
ansible.builtin.copy:
src: "{{ tenant_logo_local_path }}"
dest: "{{ wazuh_data_dir }}/dashboard-config/branding-logo.png"
mode: '0644'
when: tenant_logo_local_path | default('') != ''
notify: restart wazuh
- name: Set vm.max_map_count for Wazuh indexer (OpenSearch)
ansible.posix.sysctl:
roles/wazuh/templates/docker-compose.yml.j2
+4
View File
@@ -84,6 +84,10 @@ services:
- {{ wazuh_data_dir }}/wazuh-indexer-certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem
- {{ wazuh_data_dir }}/wazuh-indexer-certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem
- {{ wazuh_data_dir }}/wazuh-indexer-certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem
- {{ wazuh_data_dir }}/dashboard-config/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml:ro
{% if tenant_logo_local_path | default('') != '' %}
- {{ wazuh_data_dir }}/dashboard-config/branding-logo.png:/usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom/logos/branding-logo.png:ro
{% endif %}
labels:
- "traefik.enable=true"
- "traefik.http.routers.wazuh.rule=Host(`{{ wazuh_domain }}`)"
roles/wazuh/templates/opensearch_dashboards.yml.j2
+28
View File
@@ -0,0 +1,28 @@
# Sovereign tenant branding for Wazuh Dashboard (OpenSearch Dashboards).
# Mounted over the default config — all required fields must be present.
server.host: "0.0.0.0"
server.port: 5601
opensearch.hosts: ["https://wazuh-indexer:9200"]
opensearch.ssl.verificationMode: certificate
opensearch.username: kibanaserver
opensearch.password: "{{ wazuh_admin_password }}"
opensearch.requestHeadersAllowlist: ["securitytenant","Authorization"]
opensearch_security.multitenancy.enabled: false
opensearch_security.readonly_mode.roles: ["kibana_read_only"]
server.ssl.enabled: true
server.ssl.key: /usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem
server.ssl.certificate: /usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem
opensearch.ssl.certificateAuthorities: ["/usr/share/wazuh-dashboard/certs/root-ca.pem"]
uiSettings.overrides.defaultRoute: /app/wazuh
opensearchDashboards.branding:
applicationTitle: "{{ tenant_name }} Security"
{% if tenant_logo_local_path | default('') != '' %}
logo:
defaultUrl: "/ui/logos/branding-logo.png"
darkModeUrl: "/ui/logos/branding-logo.png"
mark:
defaultUrl: "/ui/logos/branding-logo.png"
darkModeUrl: "/ui/logos/branding-logo.png"
{% endif %}