From 295eb9894e8e10d1b4ed2839295b99e46c107334 Mon Sep 17 00:00:00 2001 From: Federico Gustavo Galland <99492720+f-galland@users.noreply.github.com> Date: Fri, 19 Jan 2024 11:22:42 -0300 Subject: [PATCH] Adding Debian packaging config files from Opensearch (#118) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Adding debian packaging config files from Opensearch * Copy debian/ folder to the build dir for debmake to parse * Remove redundant steps from debian/postinst --------- Co-authored-by: Álex Ruiz --- distribution/packages/src/deb/debian/control | 22 ++++++++ .../packages/src/deb/debian/copyright | 38 +++++++++++++ distribution/packages/src/deb/debian/postinst | 53 +++++++++++++++++++ distribution/packages/src/deb/debian/preinst | 31 +++++++++++ distribution/packages/src/deb/debian/prerm | 26 +++++++++ distribution/packages/src/deb/debian/rules | 29 ++++++++++ scripts/README.md | 9 +++- scripts/assemble.sh | 1 + 8 files changed, 208 insertions(+), 1 deletion(-) create mode 100644 distribution/packages/src/deb/debian/control create mode 100644 distribution/packages/src/deb/debian/copyright create mode 100644 distribution/packages/src/deb/debian/postinst create mode 100644 distribution/packages/src/deb/debian/preinst create mode 100644 distribution/packages/src/deb/debian/prerm create mode 100644 distribution/packages/src/deb/debian/rules diff --git a/distribution/packages/src/deb/debian/control b/distribution/packages/src/deb/debian/control new file mode 100644 index 0000000000000..2b93b0c3f8f92 --- /dev/null +++ b/distribution/packages/src/deb/debian/control @@ -0,0 +1,22 @@ +# Copyright OpenSearch Contributors +# SPDX-License-Identifier: Apache-2.0 +# +# The OpenSearch Contributors require contributions made to +# this file be licensed under the Apache-2.0 license or a +# compatible open source license. + +Source: wazuh-indexer +Section: web +Priority: optional +Maintainer: Wazuh Indexer Team +Build-Depends: debhelper-compat (= 12) +Standards-Version: 4.5.0 +Homepage: https://www.wazuh.com/ + +Package: wazuh-indexer +Architecture: any +Description: Wazuh indexer is a near real-time full-text search and analytics engine that gathers security-related data into one platform. + This Wazuh central component indexes and stores alerts generated by the Wazuh server. + Wazuh indexer can be configured as a single-node or multi-node cluster, providing scalability and high availability. + Documentation can be found at https://documentation.wazuh.com/current/getting-started/components/wazuh-indexer.html + diff --git a/distribution/packages/src/deb/debian/copyright b/distribution/packages/src/deb/debian/copyright new file mode 100644 index 0000000000000..e7cb0fc0d0109 --- /dev/null +++ b/distribution/packages/src/deb/debian/copyright @@ -0,0 +1,38 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: wazuh-indexer +Upstream-Contact: info@wazuh.com +Source: https://www.wazuh.com +Files: * +Copyright: OpenSearch Contributors +License: Apache-2.0 + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + . + http://www.apache.org/licenses/LICENSE-2.0 + . + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + . + On Debian systems, the complete text of the Apache License, Version 2 + can be found in "/usr/share/common-licenses/Apache-2.0". + +Files: debian/* +License: Apache-2.0 + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + . + http://www.apache.org/licenses/LICENSE-2.0 + . + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + . + On Debian systems, the complete text of the Apache License, Version 2 + can be found in "/usr/share/common-licenses/Apache-2.0". diff --git a/distribution/packages/src/deb/debian/postinst b/distribution/packages/src/deb/debian/postinst new file mode 100644 index 0000000000000..da4cbf62be703 --- /dev/null +++ b/distribution/packages/src/deb/debian/postinst @@ -0,0 +1,53 @@ +#!/bin/bash + +# Copyright Wazuh Indexer Contributors +# SPDX-License-Identifier: Apache-2.0 +# +# The Wazuh Indexer Contributors require contributions made to +# this file be licensed under the Apache-2.0 license or a +# compatible open source license. + +# deb wazuh-indexer postinst script + +set -e + +echo "Running Wazuh Indexer Post-Installation Script" + +product_dir=/usr/share/wazuh-indexer +config_dir=/etc/wazuh-indexer +data_dir=/var/lib/wazuh-indexer +log_dir=/var/log/wazuh-indexer +pid_dir=/var/run/wazuh-indexer + + +# Set owner +chown -R wazuh-indexer.wazuh-indexer ${product_dir} +chown -R wazuh-indexer.wazuh-indexer ${config_dir} +chown -R wazuh-indexer.wazuh-indexer ${log_dir} +chown -R wazuh-indexer.wazuh-indexer ${data_dir} +chown -R wazuh-indexer.wazuh-indexer ${pid_dir} + +# Reload systemctl daemon +if command -v systemctl > /dev/null; then + systemctl daemon-reload +fi + +# Reload other configs +if command -v systemctl > /dev/null; then + systemctl restart systemd-sysctl.service || true +fi + +if command -v systemd-tmpfiles > /dev/null; then + systemd-tmpfiles --create wazuh-indexer.conf +fi + +# Messages +echo "### NOT starting on installation, please execute the following statements to configure wazuh-indexer service to start automatically using systemd" +echo " sudo systemctl daemon-reload" +echo " sudo systemctl enable wazuh-indexer.service" +echo "### You can start wazuh-indexer service by executing" +echo " sudo systemctl start wazuh-indexer.service" + +exit 0 + + diff --git a/distribution/packages/src/deb/debian/preinst b/distribution/packages/src/deb/debian/preinst new file mode 100644 index 0000000000000..2cf7ea70a7466 --- /dev/null +++ b/distribution/packages/src/deb/debian/preinst @@ -0,0 +1,31 @@ +#!/bin/bash + +# Copyright OpenSearch Contributors +# SPDX-License-Identifier: Apache-2.0 +# +# The OpenSearch Contributors require contributions made to +# this file be licensed under the Apache-2.0 license or a +# compatible open source license. + +# deb wazuh-indexer preinst script + +set -e + +echo "Running Wazuh Indexer Pre-Installation Script" + +# Stop existing service +if command -v systemctl >/dev/null && systemctl is-active wazuh-indexer.service >/dev/null; then + echo "Stop existing wazuh-indexer.service" + systemctl --no-reload stop wazuh-indexer.service +fi +if command -v systemctl >/dev/null && systemctl is-active wazuh-indexer-performance-analyzer.service >/dev/null; then + echo "Stop existing wazuh-indexer-performance-analyzer.service" + systemctl --no-reload stop wazuh-indexer-performance-analyzer.service +fi + +# Create user and group if they do not already exist. +getent group wazuh-indexer > /dev/null 2>&1 || groupadd -r wazuh-indexer +getent passwd wazuh-indexer > /dev/null 2>&1 || \ + useradd -r -g wazuh-indexer -M -s /sbin/nologin \ + -c "wazuh-indexer user/group" wazuh-indexer +exit 0 diff --git a/distribution/packages/src/deb/debian/prerm b/distribution/packages/src/deb/debian/prerm new file mode 100644 index 0000000000000..a5222b2caae40 --- /dev/null +++ b/distribution/packages/src/deb/debian/prerm @@ -0,0 +1,26 @@ +#!/bin/bash + +# Copyright OpenSearch Contributors +# SPDX-License-Identifier: Apache-2.0 +# +# The OpenSearch Contributors require contributions made to +# this file be licensed under the Apache-2.0 license or a +# compatible open source license. + +# deb wazuh-indexer prerm script + +set -e + +echo "Running Wazuh Indexer Pre-Removal Script" + +# Stop existing service +if command -v systemctl >/dev/null && systemctl is-active wazuh-indexer.service >/dev/null; then + echo "Stop existing wazuh-indexer.service" + systemctl --no-reload stop wazuh-indexer.service +fi +if command -v systemctl >/dev/null && systemctl is-active wazuh-indexer-performance-analyzer.service >/dev/null; then + echo "Stop existing wazuh-indexer-performance-analyzer.service" + systemctl --no-reload stop wazuh-indexer-performance-analyzer.service +fi + +exit 0 diff --git a/distribution/packages/src/deb/debian/rules b/distribution/packages/src/deb/debian/rules new file mode 100644 index 0000000000000..1e13c8d707b1d --- /dev/null +++ b/distribution/packages/src/deb/debian/rules @@ -0,0 +1,29 @@ +#!/usr/bin/make -f + +# Copyright OpenSearch Contributors +# SPDX-License-Identifier: Apache-2.0 +# +# The OpenSearch Contributors require contributions made to +# this file be licensed under the Apache-2.0 license or a +# compatible open source license. + +# You must remove unused comment lines for the released package. +#export DH_VERBOSE = 1 +#export DEB_BUILD_MAINT_OPTIONS = hardening=+all +#export DEB_CFLAGS_MAINT_APPEND = -Wall -pedantic +#export DEB_LDFLAGS_MAINT_APPEND = -Wl,--as-needed + +%: + dh $@ + +override_dh_builddeb: + dh_builddeb -- -Zgzip + +override_dh_gencontrol: + dh_gencontrol -- -DLicense=Apache-2.0 + +#override_dh_auto_install: +# dh_auto_install -- prefix=/usr + +#override_dh_install: +# dh_install --list-missing -X.pyc -X.pyo diff --git a/scripts/README.md b/scripts/README.md index c83f20f3a3aac..22d3648b38af6 100644 --- a/scripts/README.md +++ b/scripts/README.md @@ -101,7 +101,14 @@ The script will: |-- etc |-- usr |-- var - `-- wazuh-indexer-min_4.9.0_amd64.deb + |-- wazuh-indexer-min_4.9.0_amd64.deb + `-- debian/ + | -- control + | -- copyright + | -- rules + | -- preinst + | -- prerm + | -- postinst ``` ### Running in Act diff --git a/scripts/assemble.sh b/scripts/assemble.sh index 90972bfc7a892..c2d419f299ff8 100755 --- a/scripts/assemble.sh +++ b/scripts/assemble.sh @@ -322,6 +322,7 @@ function assemble_deb() { # Copy spec cp "distribution/packages/src/deb/Makefile" "${TMP_DIR}" cp "distribution/packages/src/deb/debmake_install.sh" "${TMP_DIR}" + cp -r "distribution/packages/src/deb/debian" "${TMP_DIR}" chmod a+x "${TMP_DIR}/debmake_install.sh" # Copy performance analyzer service file enable_performance_analyzer