Re-ordered wazuh setup to avoid agent-service failures due to missing client.keys file; Prepare for user profile settings screen support in reverse proxy

2025-12-06 17:22:49 +01:00 · 2020-06-02 17:31:43 -04:00
parent 014274930a
commit e6fcf75181
5 changed files with 9 additions and 9 deletions
--- a/salt/nginx/etc/nginx.conf.so-eval
+++ b/salt/nginx/etc/nginx.conf.so-eval
@@ -134,7 +134,7 @@ http {
          proxy_set_header      Connection "Upgrade";
        }

-        location ~ ^/auth/.*?(whoami|login|logout) {
+        location ~ ^/auth/.*?(whoami|login|logout|settings) {
          rewrite               /auth/(.*) /$1 break;
          proxy_pass            http://{{ masterip }}:4433;
          proxy_read_timeout    90;
--- a/salt/nginx/etc/nginx.conf.so-master
+++ b/salt/nginx/etc/nginx.conf.so-master
@@ -134,7 +134,7 @@ http {
          proxy_set_header      Connection "Upgrade";
        }

-        location ~ ^/auth/.*?(whoami|login|logout) {
+        location ~ ^/auth/.*?(whoami|login|logout|settings) {
          rewrite               /auth/(.*) /$1 break;
          proxy_pass            http://{{ masterip }}:4433;
          proxy_read_timeout    90;
--- a/salt/nginx/etc/nginx.conf.so-mastersearch
+++ b/salt/nginx/etc/nginx.conf.so-mastersearch
@@ -134,7 +134,7 @@ http {
          proxy_set_header      Connection "Upgrade";
        }

-        location ~ ^/auth/.*?(whoami|login|logout) {
+        location ~ ^/auth/.*?(whoami|login|logout|settings) {
          rewrite               /auth/(.*) /$1 break;
          proxy_pass            http://{{ masterip }}:4433;
          proxy_read_timeout    90;
--- a/salt/soc/files/kratos/kratos.yaml
+++ b/salt/soc/files/kratos/kratos.yaml
@@ -42,7 +42,7 @@ urls:
  login_ui: https://{{ WEBACCESS }}/login/
  registration_ui: https://{{ WEBACCESS }}/login/
  error_ui: https://{{ WEBACCESS }}/login/
-  settings_ui: https://{{ WEBACCESS }}/
+  settings_ui: https://{{ WEBACCESS }}/?r=/settings
  verify_ui: https://{{ WEBACCESS }}/
  mfa_ui: https://{{ WEBACCESS }}/

--- a/salt/wazuh/init.sls
+++ b/salt/wazuh/init.sls
@@ -80,11 +80,6 @@ wazuhmgrwhitelist:
    - mode: 755
    - template: jinja

-wazuhagentservice:
-  service.running:
-    - name: wazuh-agent
-    - enable: True
-
 so-wazuh:
  docker_container.running:
    - image: {{ MASTER }}:5000/soshybridhunter/so-wazuh:{{ VERSION }}
@@ -110,3 +105,8 @@ whitelistmanager:
  cmd.run:
    - name: /usr/sbin/wazuh-manager-whitelist
    - cwd: /
+
+wazuhagentservice:
+  service.running:
+    - name: wazuh-agent
+    - enable: True