wazuh · AlexRuiz7 · Apr 26, 2023 · Feb 27, 2023 · Mar 1, 2023 · Mar 3, 2023
diff --git a/docker/README.md b/docker/README.md
@@ -0,0 +1,75 @@
+# Frontend development environments
+
+Install [Docker Desktop][docker-desktop] as per its instructions, available for Windows, Mac
+and Linux (Ubuntu, Debian & Fedora).
+This ensures that the development experience between Linux, Mac and Windows is as
+similar as possible.
+
+> IMPORTANT: be methodic during the installation of Docker Desktop, and proceed
+> step by step as described in their documentation. Make sure that your system
+> meets the system requirements before installing Docker Desktop, and read any
+> post-installation note, specially on Linux: [Differences between
+> Docker Desktop for Linux and Docker Engine][docker-variant].
+
+## Pre-requisites
+
+1. Assign resources to [Docker Desktop][docker-desktop]. The requirements for the
+   environments are:
+
+   - 8 GB of RAM (minimum)
+   - 4 cores
+
+   The more resources the better ☺
+
+2. Clone the [wazuh-dashboard][app-repo] and the [wazuh-security-dashboards-plugin][security-repo]
+   repositories at the same level.
+
+3. Set up user permissions
+
+   The Docker volumes will be created by the internal Docker user, making them
+   read-only. To prevent this, a new group named `docker-desktop` and GUID 100999
+   needs to be created, then added to your user and the source code folder:
+
+   ```bash
+   sudo groupadd -g 100999 docker-desktop
+   sudo useradd -u 100999 -g 100999 -M docker-desktop
+   sudo chown -R docker-desktop:docker-desktop $WZD_HOME
+   sudo usermod -aG docker-desktop $USER
+   ```
+
+## Understanding Docker contexts
+
+Before we begin starting Docker containers, we need to understand the
+differences between Docker Engine and Docker Desktop, more precisely, that the
+use different contexts.
+
+Carefully read these two sections of the Docker documentation:
+
+- [Differences between Docker Desktop for Linux and Docker Engine][docker-variant].
+- [Switch between Docker Desktop and Docker Engine][docker-context].
+
+Docker Desktop will change to its context automatically at start, so be sure
+that any existing Docker container using the default context is **stopped**
+before starting Docker Desktop and any of the environments in this folder.
+
+## Starting up the environments
+
+Use the sh script to up the environment.
+
+Example:
+
+```bash
+Usage: ./dev.sh {up|down|stop} [security]
+```
+
+Once the `wazuh-dashboard` container is up, attach a shell to it and run `yarn start --no-base-path`
+to start the application.
+
+The dependencies of the project will be installed automatically by the `installed` container,
+even for the security plugin, if the security flag is provided.
+
+[docker-desktop]: https://docs.docker.com/get-docker
+[docker-variant]: https://docs.docker.com/desktop/install/linux-install/#differences-between-docker-desktop-for-linux-and-docker-engine
+[docker-context]: https://docs.docker.com/desktop/install/linux-install/#context
+[app-repo]: https://github.com/wazuh/wazuh-dashboard
+[security-repo]: https://github.com/wazuh/wazuh-security-dashboards-plugin
diff --git a/docker/config/opensearch_dashboards.dev.security.yml b/docker/config/opensearch_dashboards.dev.security.yml
@@ -0,0 +1,9 @@
+server.host: "0.0.0.0"
+
+opensearchDashboards.branding:
+  useExpandedHeader: false
+
+opensearch.hosts: ["https://indexer:9200"]
+opensearch.username: "admin" # Default username on the docker image
+opensearch.password: "admin" # Default password on the docker image
+opensearch.ssl.verificationMode: none
diff --git a/docker/config/opensearch_dashboards.dev.yml b/docker/config/opensearch_dashboards.dev.yml
@@ -0,0 +1,4 @@
+server.host: "0.0.0.0"
+
+opensearchDashboards.branding:
+  useExpandedHeader: false
diff --git a/docker/dev.sh b/docker/dev.sh
@@ -0,0 +1,44 @@
+#!/bin/bash
+
+# Change working directory to the root of the repository
+cd "${0%/*}/.."
+
+COMPOSE_FILE=docker/dev.yml
+
+# Check if 2nd argument is security
+if [ "$2" = "security" ]; then
+    export SECURITY_PLUGIN_REPO_PATH="../../wazuh-security-dashboards-plugin"
+    COMPOSE_FILE=docker/dev_security.yml
+
+fi
+
+# Common variables
+export REPO_PATH=$(pwd)
+export NODE_VERSION=$(cat $REPO_PATH/.nvmrc)
+export OPENSEARCH_VERSION=$(bash $REPO_PATH/docker/get_version.sh)
+
+COMPOSE_CMD="docker compose -f $COMPOSE_FILE"
+
+print_variables() {
+    echo "NODE_VERSION: $NODE_VERSION"
+    echo "OPENSEARCH_VERSION: $OPENSEARCH_VERSION"
+}
+
+case $1 in
+up)
+    print_variables
+    $COMPOSE_CMD up -d
+    ;;
+down)
+    echo "Cleaning up..."
+    $COMPOSE_CMD exec wazuh-dashboard yarn osd clean
+    $COMPOSE_CMD down
+    ;;
+stop)
+    $COMPOSE_CMD stop
+    ;;
+*)
+    echo "Usage: $0 {up|down|stop} [security]"
+    exit 1
+    ;;
+esac
diff --git a/docker/dev.yml b/docker/dev.yml
@@ -0,0 +1,35 @@
+version: "3.9"
+
+services:
+  # Runs the bootstrap and exits
+  installer:
+    image: node:${NODE_VERSION}
+    container_name: installer-${OPENSEARCH_VERSION}
+    volumes:
+      - ${REPO_PATH}:/home/node/app
+    user: "1000:1000"
+    working_dir: /home/node/app
+    command: >
+      /bin/bash -c "
+        yarn osd bootstrap
+      "
+
+  wazuh-dashboard:
+    image: node:${NODE_VERSION}
+    container_name: wazuh-dashboard-${OPENSEARCH_VERSION}
+    depends_on:
+      installer:
+        condition: service_completed_successfully
+    ports:
+      - 5601:5601 # Map host port 5601 to container port 5601
+    expose:
+      - "5601" # Expose port 5601 for web access to Wazuh Dashboard
+    volumes:
+      - ${REPO_PATH}:/home/node/app
+      - ${REPO_PATH}/docker/config/opensearch_dashboards.dev.yml:/home/node/app/config/opensearch_dashboards.dev.yml
+    user: "1000:1000"
+    working_dir: /home/node/app
+    command: >
+      /bin/bash -c "
+        yarn opensearch snapshot
+      "
diff --git a/docker/dev_security.yml b/docker/dev_security.yml
@@ -0,0 +1,85 @@
+version: "3.9"
+
+services:
+  indexer:
+    # Specifying the latest available image - modify if you want a specific version
+    image: opensearchproject/opensearch:${OPENSEARCH_VERSION}
+    container_name: indexer-${OPENSEARCH_VERSION}
+    environment:
+      # Name the cluster
+      - cluster.name=opensearch-cluster
+      # Name the node that will run in this container
+      - node.name=indexer
+      # Nodes to look for when discovering the cluster
+      - discovery.seed_hosts=indexer
+      # Nodes eligible to serve as cluster manager
+      - cluster.initial_cluster_manager_nodes=indexer
+      #  Disable JVM heap memory swapping
+      - bootstrap.memory_lock=true
+      # Set min and max JVM heap sizes to at least 50% of system RAM
+      - "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m"
+    ulimits:
+      # Set memlock to unlimited (no soft or hard limit)
+      memlock:
+        soft: -1
+        hard: -1
+      # Maximum number of open files for the opensearch user - set to at least 65536
+      nofile:
+        soft: 65536
+        hard: 65536
+    volumes:
+      # Creates volume called opensearch-data and mounts it to the container
+      - opensearch-data:/usr/share/opensearch/data
+    ports:
+      - 9200:9200 # REST API
+      - 9600:9600 # Performance Analyzer
+    networks:
+      # All of the containers will join the same Docker bridge network
+      - opensearch-net
+
+  # Runs the bootstrap and exits
+  installer:
+    image: node:${NODE_VERSION}
+    container_name: installer-security-${OPENSEARCH_VERSION}
+    volumes:
+      - ${REPO_PATH}:/home/node/app
+      - ${SECURITY_PLUGIN_REPO_PATH}:/home/node/app/plugins/security
+    user: "1000:1000"
+    working_dir: /home/node/app
+    command: >
+      /bin/bash -c "
+        yarn osd bootstrap
+        cd plugins/security
+        yarn
+      "
+
+  wazuh-dashboard:
+    image: node:${NODE_VERSION}
+    container_name: wazuh-dashboard-security-${OPENSEARCH_VERSION}
+    depends_on:
+      installer:
+        condition: service_completed_successfully
+      # indexer:
+      #   condition: service_healthy
+    ports:
+      - 5601:5601 # Map host port 5601 to container port 5601
+    expose:
+      - "5601" # Expose port 5601 for web access to Wazuh Dashboard
+    volumes:
+      - ${REPO_PATH}:/home/node/app
+      - ${SECURITY_PLUGIN_REPO_PATH}:/home/node/app/plugins/security
+      - ${REPO_PATH}/docker/config/opensearch_dashboards.dev.security.yml:/home/node/app/config/opensearch_dashboards.dev.yml
+    user: "1000"
+    working_dir: /home/node/app
+    networks:
+      - opensearch-net
+    command: >
+      /bin/bash -c "
+        tail -f /dev/null
+      "
+
+volumes:
+  opensearch-data:
+
+networks:
+  opensearch-net:
diff --git a/docker/get_version.sh b/docker/get_version.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+
+# Copyright OpenSearch Contributors
+# SPDX-License-Identifier: Apache-2.0
+
+set -e
+
+PACKAGE_VERSION=$(cat package.json \
+| grep version \
+| head -1 \
+| awk -F: '{ print $2 }' \
+| sed 's/[",]//g' \
+| tr -d [:space:])
+
+echo "$PACKAGE_VERSION"