Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add https related configuration for the HAProxy section #7403

Merged
merged 4 commits into from
Jun 26, 2024
Merged

Add https related configuration for the HAProxy section #7403

merged 4 commits into from
Jun 26, 2024

Conversation

fdalmaup
Copy link
Member

Description

Closes wazuh/wazuh#23997. Adds the necessary configuration for the HAProxy Dataplane API and the haproxy_helper section to use https as the communication protocol.

Checks

Docs building

  • Compiles without warnings.

Code formatting and web optimization

  • Uses three spaces indentation.
  • Adds or updates meta descriptions accordingly.
  • Updates the redirects.js script if necessary (check this guide).

Writing style

  • Uses present tense, active voice, and semi-formal registry.
  • Uses short, simple sentences.
  • Uses bold for user interface elements, italics for key terms or emphasis, and code font for Bash commands, file names, REST paths, and code.

@fdalmaup fdalmaup self-assigned this Jun 14, 2024
@fdalmaup fdalmaup linked an issue Jun 14, 2024 that may be closed by this pull request
Investigate how to configure the HAProxy helper to use HTTPS wazuh/wazuh#23997
Closed
4 tasks
GGP1
GGP1 requested changes Jun 18, 2024
View reviewed changes
source/user-manual/manager/configuring-cluster/advanced-settings.rst Outdated Show resolved Hide resolved
source/user-manual/manager/configuring-cluster/advanced-settings.rst Outdated Show resolved Hide resolved
source/user-manual/manager/configuring-cluster/advanced-settings.rst Outdated Show resolved Hide resolved
source/user-manual/manager/configuring-cluster/advanced-settings.rst Outdated
Comment on lines 587 to 588
user:
- insecure: true
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
user:
- insecure: true
user:
- insecure: true

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This modification raises the following: configuration error: configuration file /etc/haproxy/dataplaneapi.yml not valid (only yaml format is supported): yaml: line 14: did not find expected '-' indicator
The suggested configuration follows the alignment mentioned in the official Dataplane repo example.

source/user-manual/manager/configuring-cluster/advanced-settings.rst Outdated
- :ref:`haproxy_address <haproxy_address>`: IP or DNS address to connect with HAProxy.
- :ref:`haproxy_user <haproxy_user>`: Username to authenticate with HAProxy.
- :ref:`haproxy_password <haproxy_password>`: Password to authenticate with HAProxy.
- :ref:`haproxy_protocol <haproxy_protocol>`: HTTPS protocol to use for the HAProxy Dataplane API communication.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- :ref:`haproxy_protocol <haproxy_protocol>`: HTTPS protocol to use for the HAProxy Dataplane API communication.
- :ref:`haproxy_protocol <haproxy_protocol>`: Protocol to use for the HAProxy Dataplane API communication. Must be ``https``.

Copy link
Member Author

@fdalmaup fdalmaup Jun 19, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changing the last sentence to It is recommended to set it to https since http is also allowed.

Copy link
Member

@GGP1 GGP1 Jun 19, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I used must because this is the HTTPS tab, so in order to use an encrypted connection, setting HTTP doesn't work. But it's OK if you want to leave it like that

@fdalmaup fdalmaup requested a review from GGP1 June 19, 2024 10:05
GGP1
GGP1 previously approved these changes Jun 19, 2024
View reviewed changes
Selutario
Selutario previously approved these changes Jun 20, 2024
View reviewed changes
@davidjiglesias davidjiglesias added level/task Task issue type/enhancement Enhancement issue labels Jun 24, 2024
@javimed javimed dismissed stale reviews from Selutario and GGP1 via aa1b3c8 June 26, 2024 14:57
@javimed javimed merged commit 06f20d7 into 4.9.0 Jun 26, 2024
3 checks passed
@javimed javimed deleted the bug/23997-haproxyhelper-https-cert branch June 26, 2024 15:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Selutario Selutario Selutario left review comments

@GGP1 GGP1 GGP1 left review comments

Assignees

@fdalmaup fdalmaup

Labels
level/task Task issue type/enhancement Enhancement issue
Projects
No open projects
Release 4.9.0
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Investigate how to configure the HAProxy helper to use HTTPS
5 participants
@fdalmaup @Selutario @GGP1 @javimed @davidjiglesias