Add documentation for post-installation health verification via
the Wazuh web interface at /app/logs#/health-check endpoint.
This provides users with a visual alternative to the CLI script.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
CRITICAL CORRECTION: Removed the "Méthode 1: Avant l'Installation" which
was not based on official Wazuh documentation and is non-functional.
The ONLY supported method for changing passwords in Wazuh Docker is the
post-installation procedure using hash.sh and securityadmin.sh tools.
Changes:
- Removed misleading "Méthode 1" that suggested pre-install env vars work
- Added clear security warning that default passwords are public
- Emphasized that post-installation procedure is MANDATORY
- Clarified that Runtipi env vars alone are NOT sufficient for security
- Updated title to "OBLIGATOIRE pour Production" (mandatory)
This aligns documentation with official Wazuh security procedures:
https://documentation.wazuh.com/current/deployment-options/docker/changing-default-password.html🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Replaced the simplified password change instructions with the official
Wazuh Docker deployment procedure from:
https://documentation.wazuh.com/current/deployment-options/docker/changing-default-password.html
Changes:
- Added reference link to official Wazuh documentation
- Updated Méthode 2 with official hash generation procedure using hash.sh
- Added complete securityadmin.sh command with correct paths
- Specified password requirements (8-64 chars with symbols for API)
- Added warning about complexity of post-install password changes
- Emphasized pre-installation password configuration as best practice
This ensures users follow the correct and secure procedure for changing
passwords in Wazuh Docker deployments.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Based on Kubernetes configuration analysis from wazuh-kubernetes-main repository.
Changes to docker-compose.json:
- Add resource limits (CPU/RAM) to all services based on K8s recommendations
* Indexer: 0.5-1.0 CPU, 1-2GB RAM
* Manager: 1.0-2.0 CPU, 1-2GB RAM
* Dashboard: 0.2-0.4 CPU, 512MB-2GB RAM
- Add Log4j security flag: -Dlog4j2.formatMsgNoLookups=true (CVE-2021-44228)
- Add DISABLE_INSTALL_DEMO_CONFIG=true for indexer security
- Add WAZUH_NODE_TYPE=master for explicit node configuration
- Add SERVER_SSL_ENABLED=true for dashboard
Changes to metadata/description.md:
- Update prerequisites with CPU/RAM/Disk requirements
- Add "Variables d'Environnement Techniques" section
- Rewrite "Limites de Ressources" with K8s-based recommendations
- Update "Espace Disque" with production storage requirements
- Add new section "Considérations de Production et Scaling"
* Single-node deployment limitations
* HA configuration with Kubernetes
* Scaling recommendations
* Production security checklist
* Backup script for critical volumes
All improvements follow official Wazuh Kubernetes production configurations
for optimal stability and security.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Changed all disk size references from ~7-8GB, 7,4G, and ~5GB to consistent 7 GB format for professional appearance.
Updated files:
- description.md (2 occurrences)
- wazuh-health-check.sh (4 occurrences)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Corrected resource limits section to reflect actual docker-compose.json configuration.
Uses Java heap and ulimits, not deploy.resources.limits.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Update health check SSL verification message to be informative instead of warning
- Health check now accepts both 'full' and 'certificate' SSL modes
- Fix description.md to match actual implementation (no dashboard watchdog)
- Correct init-manager.sh and init-dashboard.sh documentation examples
- Replace obsolete dashboard migration section with actual manager persistence logic
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Added Wazuh 4.14.1 SIEM/XDR application for Runtipi
- Simplified init scripts following official Wazuh Docker patterns
- Complete documentation in French (description.md)
- Health check diagnostic script (wazuh-health-check.sh)
- SSL/TLS certificates auto-generation
- Whoami test application included
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
