From 698bccf49d1ff441efd33361428661f99b6ef11b Mon Sep 17 00:00:00 2001 From: Gui-Gos <97973228+Gui-Gos@users.noreply.github.com> Date: Thu, 29 Jan 2026 11:33:31 +0100 Subject: [PATCH] refactor(wazuh): use official templates for shared directory Extract agent-template.conf and default/agent.conf from official wazuh/wazuh-manager:4.14.1 image and store them in scripts/templates/. The init-manager.sh script now copies these files instead of creating them inline, ensuring consistency with official Wazuh configuration. Co-Authored-By: Claude Opus 4.5 --- .../data/scripts/init-manager.sh | 38 ++++--------------- .../scripts/templates/agent-template.conf | 5 +++ .../data/scripts/templates/default/agent.conf | 5 +++ 3 files changed, 18 insertions(+), 30 deletions(-) create mode 100644 apps/wazuh-runtipi/data/scripts/templates/agent-template.conf create mode 100644 apps/wazuh-runtipi/data/scripts/templates/default/agent.conf diff --git a/apps/wazuh-runtipi/data/scripts/init-manager.sh b/apps/wazuh-runtipi/data/scripts/init-manager.sh index 412030d..1688e2c 100644 --- a/apps/wazuh-runtipi/data/scripts/init-manager.sh +++ b/apps/wazuh-runtipi/data/scripts/init-manager.sh @@ -7,43 +7,21 @@ echo "MANAGER_INIT: Starting manager initialization..." # AGENT GROUPS (SHARED) INITIALIZATION # ============================================================================ # When /var/ossec/etc/shared is mounted as an empty volume, the default files -# are missing. We need to create them for group management to work. +# are missing. We copy them from /scripts/templates/ (extracted from official image). SHARED_DIR="/var/ossec/etc/shared" -TEMPLATE_FILE="$SHARED_DIR/agent-template.conf" -DEFAULT_DIR="$SHARED_DIR/default" -DEFAULT_AGENT_CONF="$DEFAULT_DIR/agent.conf" +TEMPLATES_DIR="/scripts/templates" echo "MANAGER_INIT: Checking agent groups shared directory..." -# Create default group directory if it doesn't exist -if [ ! -d "$DEFAULT_DIR" ]; then - echo "MANAGER_INIT: Creating default group directory..." - mkdir -p "$DEFAULT_DIR" +# Copy templates if shared directory is empty or missing required files +if [ ! -f "$SHARED_DIR/agent-template.conf" ] || [ ! -d "$SHARED_DIR/default" ]; then + echo "MANAGER_INIT: Initializing shared directory from official Wazuh templates..." + cp -rn "$TEMPLATES_DIR/"* "$SHARED_DIR/" 2>/dev/null || cp -r "$TEMPLATES_DIR/"* "$SHARED_DIR/" + echo "MANAGER_INIT: Templates copied successfully" fi -# Create agent-template.conf if it doesn't exist (required for creating new groups) -if [ ! -f "$TEMPLATE_FILE" ]; then - echo "MANAGER_INIT: Creating agent-template.conf..." - cat > "$TEMPLATE_FILE" << 'TEMPLATE_EOF' - - - - -TEMPLATE_EOF -fi - -# Create default/agent.conf if it doesn't exist -if [ ! -f "$DEFAULT_AGENT_CONF" ]; then - echo "MANAGER_INIT: Creating default/agent.conf..." - cat > "$DEFAULT_AGENT_CONF" << 'AGENT_EOF' - - - -AGENT_EOF -fi - -# Set correct ownership (ossec:ossec = 1000:1000 in container) +# Set correct ownership chown -R wazuh:wazuh "$SHARED_DIR" 2>/dev/null || chown -R 1000:1000 "$SHARED_DIR" 2>/dev/null || true echo "MANAGER_INIT: Agent groups directory ready" diff --git a/apps/wazuh-runtipi/data/scripts/templates/agent-template.conf b/apps/wazuh-runtipi/data/scripts/templates/agent-template.conf new file mode 100644 index 0000000..8d27082 --- /dev/null +++ b/apps/wazuh-runtipi/data/scripts/templates/agent-template.conf @@ -0,0 +1,5 @@ + + + + + diff --git a/apps/wazuh-runtipi/data/scripts/templates/default/agent.conf b/apps/wazuh-runtipi/data/scripts/templates/default/agent.conf new file mode 100644 index 0000000..8d27082 --- /dev/null +++ b/apps/wazuh-runtipi/data/scripts/templates/default/agent.conf @@ -0,0 +1,5 @@ + + + + +