Skip to content

Commit

Permalink
Change cert-tool to use only one wazuh-certificates file
Browse files Browse the repository at this point in the history 
Before when we want to create diferentents certificates we create one folder per wazuh component. Now only use one and improve the scalability
  • Loading branch information
@Enaraque
Enaraque committed Jun 12, 2024
1 parent 3b248ba commit ff49149
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 20 deletions.
17 changes: 16 additions & 1 deletion unattended_installer/cert_tool/certFunctions.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -456,7 +456,22 @@ function cert_readConfig() {
}

function cert_setpermisions() {
eval "chmod -R 744 ${cert_tmp_path} ${debug}"
eval "chmod -R 744 ${1} ${debug}"
}

function set_certs_directory() {

if [ -d "${base_path}/wazuh-certificates" ]; then
eval "cp -f ${cert_tmp_path}/* ${base_path}/wazuh-certificates ${debug}"
eval "rm -R ${cert_tmp_path}"
cert_setpermisions "${base_path}/wazuh-certificates"
common_logger -d "Wazuh-certificates directory exists. Copied files from '${cert_tmp_path}' to '${base_path}/wazuh-certificates' and removed '${cert_tmp_path}'."
else
cert_setpermisions "${cert_tmp_path}"
eval "mv ${cert_tmp_path} ${base_path}/wazuh-certificates ${debug}"
common_logger -d "Moved '${cert_tmp_path}' to '${base_path}/wazuh-certificates'."
fi

}

function cert_convertCRLFtoLF() {
Expand Down
25 changes: 6 additions & 19 deletions unattended_installer/cert_tool/certMain.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -159,13 +159,6 @@ function main() {
done

common_logger "Verbose logging redirected to ${logfile}"

if [[ -d "${base_path}"/wazuh-certificates ]]; then
if [ -n "$(ls -A "${base_path}"/wazuh-certificates)" ]; then
common_logger -e "Directory wazuh-certificates already exists in the same path as the script. Please, remove the certs directory to create new certificates."
exit 1
fi
fi

if [[ ! -d "${cert_tmp_path}" ]]; then
mkdir -p "${cert_tmp_path}"
Expand All @@ -183,8 +176,7 @@ function main() {
cert_generateAdmincertificate
common_logger "Admin certificates created."
cert_cleanFiles
cert_setpermisions
eval "mv ${cert_tmp_path} ${base_path}/wazuh-certificates ${debug}"
set_certs_directory
fi

if [[ -n "${all}" ]]; then
Expand All @@ -201,15 +193,13 @@ function main() {
common_logger "Wazuh dashboard certificates created."
fi
cert_cleanFiles
cert_setpermisions
eval "mv ${cert_tmp_path} ${base_path}/wazuh-certificates ${debug}"
set_certs_directory
fi

if [[ -n "${ca}" ]]; then
cert_generateRootCAcertificate
common_logger "Authority certificates created."
cert_cleanFiles
eval "mv ${cert_tmp_path} ${base_path}/wazuh-certificates ${debug}"
set_certs_directory
fi

if [[ -n "${cindexer}" ]]; then
Expand All @@ -218,8 +208,7 @@ function main() {
cert_generateIndexercertificates
common_logger "Wazuh indexer certificates created."
cert_cleanFiles
cert_setpermisions
eval "mv ${cert_tmp_path} ${base_path}/wazuh-certificates ${debug}"
set_certs_directory
else
common_logger -e "Indexer node not present in config.yml."
exit 1
Expand All @@ -232,8 +221,7 @@ function main() {
cert_generateFilebeatcertificates
common_logger "Wazuh Filebeat certificates created."
cert_cleanFiles
cert_setpermisions
eval "mv ${cert_tmp_path} ${base_path}/wazuh-certificates ${debug}"
set_certs_directory
else
common_logger -e "Server node not present in config.yml."
exit 1
Expand All @@ -246,8 +234,7 @@ function main() {
cert_generateDashboardcertificates
common_logger "Wazuh dashboard certificates created."
cert_cleanFiles
cert_setpermisions
eval "mv ${cert_tmp_path} ${base_path}/wazuh-certificates ${debug}"
set_certs_directory
else
common_logger -e "Dashboard node not present in config.yml."
exit 1
Expand Down

0 comments on commit ff49149

Please sign in to comment.