Support/runtipi-appstore
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
46122d5a7f4c68d7b87feba254c99cc30657e7c5
runtipi-appstore/apps/wazuh-runtipi/data/scripts/init-certs.sh
Gui-Gos 46122d5a7f
Some checks failed
Test / test (push) Has been cancelled
Details
Initial commit - Runtipi Appstore with Wazuh 4.14.1 
- Added Wazuh 4.14.1 SIEM/XDR application for Runtipi
- Simplified init scripts following official Wazuh Docker patterns
- Complete documentation in French (description.md)
- Health check diagnostic script (wazuh-health-check.sh)
- SSL/TLS certificates auto-generation
- Whoami test application included

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-02 12:26:29 +01:00

73 lines
2.4 KiB
Bash
Raw Blame History

#!/bin/sh
set -e
echo "CERTS_INIT: Starting certificate initialization..."
# Create all required directories
echo "CERTS_INIT: Creating directories..."
mkdir -p /indexer-data \
/manager-api \
/manager-logs \
/manager-queue \
/dashboard-config \
/indexer-security
# Super-Janitor Sweep: Remove any files/directories that were incorrectly created as directories
echo "CERTS_INIT: Starting Super-Janitor Sweep..."
for path in /certificates/*.pem \
/certificates/*.key \
/dashboard-config/opensearch_dashboards.yml \
/indexer-security/config.yml \
/indexer-security/nodes_dn.yml \
/indexer-security/tenants.yml \
/indexer-security/whitelist.yml \
/indexer-security/roles.yml \
/indexer-security/roles_mapping.yml \
/indexer-security/internal_users.yml \
/indexer-security/action_groups.yml; do
if [ -d "$path" ]; then
echo "CERTS_INIT: Purging fake directory: $path"
rm -rf "$path"
fi
done
# Generate certificates if they don't exist
if [ ! -f /certificates/root-ca.pem ]; then
echo "CERTS_INIT: Generating new certificates..."
/entrypoint.sh
else
echo "CERTS_INIT: Certificates already exist, skipping generation"
fi
# Create symlinks for easier reference
echo "CERTS_INIT: Creating certificate symlinks..."
ln -sf wazuh.indexer.pem /certificates/indexer.pem
ln -sf wazuh.indexer-key.pem /certificates/indexer-key.pem
ln -sf wazuh.manager.pem /certificates/server.pem
ln -sf wazuh.manager-key.pem /certificates/server-key.pem
ln -sf wazuh.dashboard.pem /certificates/dashboard.pem
ln -sf wazuh.dashboard-key.pem /certificates/dashboard-key.pem
# Set correct ownership
# - 1000:1000 for indexer and dashboard (opensearch/kibana user)
# - 999:999 for manager directories (wazuh user in manager container)
echo "CERTS_INIT: Setting ownership and permissions..."
chown -R 1000:1000 /certificates \
/indexer-data \
/dashboard-config \
/indexer-security
chown -R 999:999 /manager-api \
/manager-logs \
/manager-queue
# Set correct permissions
chmod 700 /certificates
chmod 644 /certificates/*.pem 2>/dev/null || true
chmod 600 /certificates/*.key 2>/dev/null || true
echo "CERTS_INIT: Certificates ready"
# Keep container alive (Runtipi requirement)
tail -f /dev/null
Reference in New Issue View Git Blame Copy Permalink