From d1b917908d61fdc531c1c661190a3035009a993f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kevin=20Mu=C3=B1oz?= <kmunoz@condorbs.net>
Date: Tue, 21 Nov 2023 11:09:57 -0500
Subject: [PATCH] Update pkgbuilds

---
 egyscan/PKGBUILD                        | 38 ++++++++++++++++++++
 wazuh-agent/.SRCINFO                    |  2 +-
 wazuh-agent/PKGBUILD                    |  4 +--
 wazuh-agent/wazuh-agent.install         |  5 +++
 wazuh-dashboard/PKGBUILD                |  2 +-
 wazuh-dashboard/wazuh-dashboard.install |  6 ++++
 wazuh-filebeat/.SRCINFO                 | 25 +++++++++++++
 wazuh-filebeat/PKGBUILD                 | 48 +++++++++++++++++++++++++
 wazuh-filebeat/wazuh-filebeat.install   |  4 +++
 wazuh-indexer/PKGBUILD                  |  4 +--
 wazuh-indexer/wazuh-indexer.install     | 10 +++++-
 wazuh-manager/.SRCINFO                  |  2 +-
 wazuh-manager/PKGBUILD                  |  4 +--
 wazuh-manager/wazuh-manager.install     |  7 ++++
 14 files changed, 151 insertions(+), 10 deletions(-)
 create mode 100644 egyscan/PKGBUILD
 create mode 100644 wazuh-filebeat/.SRCINFO
 create mode 100644 wazuh-filebeat/PKGBUILD
 create mode 100644 wazuh-filebeat/wazuh-filebeat.install

diff --git a/egyscan/PKGBUILD b/egyscan/PKGBUILD
new file mode 100644
index 0000000..91461f5
--- /dev/null
+++ b/egyscan/PKGBUILD
@@ -0,0 +1,38 @@
+# Maintainer: Kevin Muñoz (MrHacker) <david.munozm@proton.me>
+pkgname=Egyscan
+pkgver=3.1
+pkgrel=1
+pkgdesc="Egyscan the guardian angel of your digital existence"
+arch=('x86_64')
+url="https://github.com/dragonked2/Egyscan"
+license=('MIT')
+depends=(
+    'python'
+);
+optdepends=(
+);
+validpgpkeys=(
+  '2B9D22B41F2AF1042BFCE73A3CA0B9DF1BE7CE09'
+)
+
+source=("https://github.com/dragonked2/${pkgname}/archive/refs/tags/Version${pkgver}.tar.gz")
+
+sha256sums=('2c51acd60634874d35d1d9378e7411ed88785d21c611643f94cc2d54632782a2')
+
+
+build() {
+    cd "$srcdir/$pkgname-Version$pkgver"
+    python -m venv .venv
+    source .venv/bin/activate
+    pip install -r virtualrequirements.txt
+    nuitka3 --standalone egy.py
+    cd egy.dist
+    mv egy.bin ./egyscan
+    }
+
+package() {
+    cd "$srcdir/$pkgname-Version$pkgver"
+    install -Dm755 "egy.dist" "$pkgdir/etc/egyscan"
+    install -D -p -m 644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
+    install -D -p -m 644 README.md "${pkgdir}/usr/share/doc/${pkgname}/README.md"
+}
diff --git a/wazuh-agent/.SRCINFO b/wazuh-agent/.SRCINFO
index 7fedfdb..8ee79d1 100644
--- a/wazuh-agent/.SRCINFO
+++ b/wazuh-agent/.SRCINFO
@@ -1,5 +1,5 @@
 pkgbase = wazuh-agent
-	pkgdesc = Wazuh Dashboard for Arch Linux
+	pkgdesc = Wazuh Agent for Arch Linux
 	pkgver = 4.6.0
 	pkgrel = 1
 	url = https://wazuh.com/
diff --git a/wazuh-agent/PKGBUILD b/wazuh-agent/PKGBUILD
index f2faaf0..aaca38d 100644
--- a/wazuh-agent/PKGBUILD
+++ b/wazuh-agent/PKGBUILD
@@ -1,11 +1,11 @@
 # Maintainer: Jesus Martin Ortega Martinez (madara125) <martin.ortega.arashi@gmail.com><jortega@condorbs.net>
-# Contribuidor: Kevin Muñoz <kmunoz@condorbs.net>
+# Contributor: Kevin Muñoz (MrHacker) <kmunoz@condorbs.net><david.munozm@proton.me>
 pkgname=wazuh-agent
 pkgver=4.6.0
 _remRevision=1
 _prodver=${pkgver}-${_remRevision}
 pkgrel=1
-pkgdesc="Wazuh Dashboard for Arch Linux"
+pkgdesc="Wazuh Agent for Arch Linux"
 arch=('x86_64')
 url="https://wazuh.com/"
 license=('gpl2')
diff --git a/wazuh-agent/wazuh-agent.install b/wazuh-agent/wazuh-agent.install
index fdda721..66d6308 100644
--- a/wazuh-agent/wazuh-agent.install
+++ b/wazuh-agent/wazuh-agent.install
@@ -1,5 +1,10 @@
 post_install()
 {
+  echo "creating wazuh user and group"
+  groupadd -f wazuh
+  usuario="wazuh" && id "$usuario" &>/dev/null || useradd -g wazuh -d /var/ossec -s /usr/bin/nologin wazuh
+  chown -R wazuh:wazuh /var/ossec
+  echo "Done!"
   echo "Visit https://documentation.wazuh.com/current/installation-guide/wazuh-agent/wazuh-agent-package-linux.html and follow the configure instructions, also, check https://documentation.wazuh.com/current/user-manual/deployment-variables/deployment-variables-linux.html for deployment vars, and https://documentation.wazuh.com/current/user-manual/agent-enrollment/index.html if you didn't follow wazu's installation guide
   or, just run the next commands:
   /var/ossec/bin/manage_agents -i <agent_key>
diff --git a/wazuh-dashboard/PKGBUILD b/wazuh-dashboard/PKGBUILD
index 1be2650..ac35bc7 100644
--- a/wazuh-dashboard/PKGBUILD
+++ b/wazuh-dashboard/PKGBUILD
@@ -1,5 +1,5 @@
 # Maintainer: Jesus Martin Ortega Martinez (madara125) <martin.ortega.arashi@gmail.com><jortega@condorbs.net>
-# Contribuidor: Kevin Muñoz (MrHacker) <kmunoz@condorbs.net><david.munozm@proton.me>
+# Contributor: Kevin Muñoz (MrHacker) <kmunoz@condorbs.net><david.munozm@proton.me>
 pkgname=wazuh-dashboard
 pkgver=4.6.0
 _remRevision=1
diff --git a/wazuh-dashboard/wazuh-dashboard.install b/wazuh-dashboard/wazuh-dashboard.install
index e6b053d..02f61e7 100644
--- a/wazuh-dashboard/wazuh-dashboard.install
+++ b/wazuh-dashboard/wazuh-dashboard.install
@@ -1,4 +1,10 @@
 post_install()
 {
+  echo "creating wazuh-indexer user and group"
+  groupadd -f wazuh-dashboard
+  usuario="wazuh-dashboard" && id "$usuario" &>/dev/null || useradd -d /usr/share/wazuh-dashboard -g wazuh-dashboard -s /usr/bin/nologin  wazuh-dashboard
+  chown -R wazuh-dashboard:wazuh-dashboard /usr/share/wazuh-dashboard
+  chown -R wazuh-dashboard:wazuh-dashboard /etc/wazuh-dashboard
+  echo "Done!"
   echo "Visit https://documentation.wazuh.com/current/installation-guide/wazuh-dashboard/step-by-step.html and follow the configure instructions"
 }
diff --git a/wazuh-filebeat/.SRCINFO b/wazuh-filebeat/.SRCINFO
new file mode 100644
index 0000000..9c1379b
--- /dev/null
+++ b/wazuh-filebeat/.SRCINFO
@@ -0,0 +1,25 @@
+pkgbase = wazuh-filebeat
+	pkgdesc = Filebeat version for Wazuh
+	pkgver = 7.10.2
+	pkgrel = 1
+	url = https://wazuh.com/
+	install = wazuh-filebeat.install
+	arch = x86_64
+	license = gpl2
+	depends = glibc
+	depends = audit
+	depends = git
+	depends = go
+	depends = libpcap
+	depends = mage
+	depends = python-virtualenv
+	depends = rsync
+	depends = systemd
+	depends = python
+	optdepends = elasticsearch
+	conflicts = filebeat
+	source = https://packages.wazuh.com/4.x/yum/filebeat-oss-7.10.2-x86_64.rpm
+	validpgpkeys = 9E646BB0630C8FD18ACD15541B93E6A766CD229D
+	sha256sums = 56820530dd749d61ba2750ecefc390393a8a5029dd431bf2eaf6a599a847f8f2
+
+pkgname = wazuh-filebeat
diff --git a/wazuh-filebeat/PKGBUILD b/wazuh-filebeat/PKGBUILD
new file mode 100644
index 0000000..11d7eb1
--- /dev/null
+++ b/wazuh-filebeat/PKGBUILD
@@ -0,0 +1,48 @@
+# Maintainer: Jesus Martin Ortega Martinez (madara125) <martin.ortega.arashi@gmail.com><jortega@condorbs.net>
+# Contributor: Kevin Muñoz (MrHacker) <kmunoz@condorbs.net><david.munozm@proton.me>
+pkgname=wazuh-filebeat
+pkgver=7.10.2
+_remRevision=1
+_prodver=${pkgver}-${_remRevision}
+pkgrel=1
+pkgdesc="Filebeat version for Wazuh"
+arch=('x86_64')
+url="https://wazuh.com/"
+license=('gpl2')
+depends=(
+    'glibc'
+    'audit'
+    'git'
+    'go'
+    'libpcap'
+    'mage'
+    'python-virtualenv'
+    'rsync'
+    'systemd'
+    'python'
+);
+optdepends=(
+    'elasticsearch'
+);
+
+conflicts=('filebeat')
+
+validpgpkeys=('9E646BB0630C8FD18ACD15541B93E6A766CD229D')
+
+source=("https://packages.wazuh.com/4.x/yum/filebeat-oss-7.10.2-x86_64.rpm")
+
+sha256sums=('56820530dd749d61ba2750ecefc390393a8a5029dd431bf2eaf6a599a847f8f2')
+
+install=$pkgname.install
+
+package() {
+
+    #Setup
+    cd $pkgdir
+    mv $srcdir/etc .
+    mv $srcdir/lib .
+    mv $srcdir/usr .
+
+    #Set systemd service file perms
+    chmod 644 $pkgdir/lib/systemd/system/filebeat.service
+}
diff --git a/wazuh-filebeat/wazuh-filebeat.install b/wazuh-filebeat/wazuh-filebeat.install
new file mode 100644
index 0000000..4c2d6f0
--- /dev/null
+++ b/wazuh-filebeat/wazuh-filebeat.install
@@ -0,0 +1,4 @@
+post_install()
+{
+  echo "Visit https://documentation.wazuh.com/current/installation-guide/wazuh-manager/step-by-step.html and follow the configure instructions for filebeat"
+}
diff --git a/wazuh-indexer/PKGBUILD b/wazuh-indexer/PKGBUILD
index 7c0ee6f..0df332e 100644
--- a/wazuh-indexer/PKGBUILD
+++ b/wazuh-indexer/PKGBUILD
@@ -1,5 +1,5 @@
 # Maintainer: Jesus Martin Ortega Martinez (madara125) <martin.ortega.arashi@gmail.com><jortega@condorbs.net>
-# Contribuidor: Kevin Muñoz (MrHacker) <kmunoz@condorbs.net><david.munozm@proton.me>
+# Contributor: Kevin Muñoz (MrHacker) <kmunoz@condorbs.net><david.munozm@proton.me>
 pkgname=wazuh-indexer
 pkgver=4.6.0
 _remRevision=1
@@ -29,7 +29,7 @@ package() {
     mv $srcdir/etc .
     mv $srcdir/usr .
     mv $srcdir/var .
-
+    
     #Set systemd service file perms
     chmod 644 $pkgdir/usr/lib/systemd/system/wazuh-indexer-performance-analyzer.service
     chmod 644 $pkgdir/usr/lib/systemd/system/wazuh-indexer.service
diff --git a/wazuh-indexer/wazuh-indexer.install b/wazuh-indexer/wazuh-indexer.install
index c491a2d..89244f3 100644
--- a/wazuh-indexer/wazuh-indexer.install
+++ b/wazuh-indexer/wazuh-indexer.install
@@ -1,4 +1,12 @@
 post_install()
 {
-  echo "Visit https://documentation.wazuh.com/current/installation-guide/wazuh-indexer/step-by-step.html and follow the configure instructions"
+  echo "creating wazuh-indexer user and group"
+  groupadd -f wazuh-indexer
+  usuario="wazuh-indexer" && id "$usuario" &>/dev/null || useradd -d /usr/share/wazuh-indexer -g wazuh-indexer -s /usr/bin/nologin wazuh-indexer
+  chown -R wazuh-indexer:wazuh-indexer /usr/share/wazuh-indexer
+  chown -R wazuh-indexer:wazuh-indexer /etc/wazuh-indexer
+  chown -R wazuh-indexer:wazuh-indexer /var/log/wazuh-indexer
+  chown -R wazuh-indexer:wazuh-indexer /var/lib/wazuh-indexer
+  echo "Done!"
+  echo "Visit https://documentation.wazuh.com/current/installation-guide/wazuh-indexer/step-by-step.html and follow the configure instructions and Cluster initialization instructions"
 }
diff --git a/wazuh-manager/.SRCINFO b/wazuh-manager/.SRCINFO
index bc188cc..fc6bca4 100644
--- a/wazuh-manager/.SRCINFO
+++ b/wazuh-manager/.SRCINFO
@@ -6,7 +6,7 @@ pkgbase = wazuh-manager
 	install = wazuh-manager.install
 	arch = x86_64
 	license = gpl2
-	depends = filebeat
+	depends = wazuh-filebeat
 	source = https://packages.wazuh.com/4.x/yum/wazuh-manager-4.6.0-1.x86_64.rpm
 	validpgpkeys = 9E646BB0630C8FD18ACD15541B93E6A766CD229D
 	sha256sums = 335b8970652a03d393866f2105e82c2713673e1f7542dccf25a83a4e3e2233ac
diff --git a/wazuh-manager/PKGBUILD b/wazuh-manager/PKGBUILD
index defb7c6..2ad74f6 100644
--- a/wazuh-manager/PKGBUILD
+++ b/wazuh-manager/PKGBUILD
@@ -1,5 +1,5 @@
 # Maintainer: Jesus Martin Ortega Martinez (madara125) <martin.ortega.arashi@gmail.com><jortega@condorbs.net>
-# Contribuidor: Kevin Muñoz (MrHacker) <kmunoz@condorbs.net><david.munozm@proton.me>
+# Contributor: Kevin Muñoz (MrHacker) <kmunoz@condorbs.net><david.munozm@proton.me>
 pkgname=wazuh-manager
 pkgver=4.6.0
 _remRevision=1
@@ -10,7 +10,7 @@ arch=('x86_64')
 url="https://wazuh.com/"
 license=('gpl2')
 depends=(
-    'filebeat'
+    'wazuh-filebeat'
 );
 optdepends=(
 );
diff --git a/wazuh-manager/wazuh-manager.install b/wazuh-manager/wazuh-manager.install
index e6b053d..4385f64 100644
--- a/wazuh-manager/wazuh-manager.install
+++ b/wazuh-manager/wazuh-manager.install
@@ -1,4 +1,11 @@
 post_install()
 {
+  echo "creating wazuh user and group"
+  groupadd -f wazuh
+  usuario="wazuh" && id "$usuario" &>/dev/null || useradd -g wazuh -d /var/ossec -s /usr/bin/nologin wazuh
+  chown -R wazuh:wazuh /var/ossec
+  echo "generating cert files for wazuh-authd to run properly"
+  ./var/ossec/bin/wazuh-authd -C 265 -B 2048 -K /var/ossec/etc/sslmanager.key -X /var/ossec/etc/sslmanager.cert -S "/C=US/ST=California/CN=wazuh/"
+  echo "Done!"
   echo "Visit https://documentation.wazuh.com/current/installation-guide/wazuh-dashboard/step-by-step.html and follow the configure instructions"
 }