From c1100b08caf9b5465fd579d4e3d2af666a583a75 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sat, 20 Dec 2025 00:27:22 +0000
Subject: [PATCH] Fix HTTP protocol consistency and add security documentation

- Changed WAZUH_API_URL from https to http for consistency
- Added README.md documenting security considerations
- Clarified this is a simplified deployment for testing/development

Co-authored-by: Siumauricio <47042324+Siumauricio@users.noreply.github.com>
---
 blueprints/wazuh/README.md          | 41 +++++++++++++++++++++++++++++
 blueprints/wazuh/docker-compose.yml |  2 +-
 2 files changed, 42 insertions(+), 1 deletion(-)
 create mode 100644 blueprints/wazuh/README.md

diff --git a/blueprints/wazuh/README.md b/blueprints/wazuh/README.md
new file mode 100644
index 00000000..5d796032
--- /dev/null
+++ b/blueprints/wazuh/README.md
@@ -0,0 +1,41 @@
+# Wazuh Template for Dokploy
+
+This template deploys Wazuh, a free and open source security platform that unifies XDR and SIEM capabilities for endpoint and cloud workload protection.
+
+## Components
+
+This single-node deployment includes:
+- **Wazuh Manager**: Processes security events from agents and external sources
+- **Wazuh Indexer**: Stores and indexes security data (based on OpenSearch)
+- **Wazuh Dashboard**: Web interface for visualization and management
+
+## Configuration
+
+The template uses environment variables for all credentials, which are auto-generated securely using Dokploy's password helpers.
+
+## Important Security Notes
+
+⚠️ **This is a simplified deployment for testing and development purposes.**
+
+- This configuration disables SSL/TLS on internal service communication to work within Dokploy's isolated deployment model
+- Dokploy handles external SSL/TLS termination at the reverse proxy level
+- For production use with sensitive data, consider:
+  - Deploying Wazuh using their official installation method with full SSL/TLS
+  - Using a dedicated server or VM with proper certificate management
+  - Following Wazuh's security hardening guide
+
+## Access
+
+After deployment, access the Wazuh dashboard through the domain configured in Dokploy. The initial setup wizard will guide you through configuring your first security monitoring setup.
+
+## Resources
+
+- [Wazuh Documentation](https://documentation.wazuh.com/)
+- [Wazuh GitHub](https://github.com/wazuh/wazuh)
+- [Wazuh Docker](https://github.com/wazuh/wazuh-docker)
+
+## Version
+
+- Wazuh Manager: 4.14.1
+- Wazuh Indexer: 4.14.1
+- Wazuh Dashboard: 4.14.1
diff --git a/blueprints/wazuh/docker-compose.yml b/blueprints/wazuh/docker-compose.yml
index a7fb0e9f..b0cb3c8b 100644
--- a/blueprints/wazuh/docker-compose.yml
+++ b/blueprints/wazuh/docker-compose.yml
@@ -61,7 +61,7 @@ services:
       - OPENSEARCH_HOSTS=http://wazuh.indexer:9200
       - INDEXER_USERNAME=${INDEXER_USERNAME}
       - INDEXER_PASSWORD=${INDEXER_PASSWORD}
-      - WAZUH_API_URL=https://wazuh.manager
+      - WAZUH_API_URL=http://wazuh.manager
       - DASHBOARD_USERNAME=${DASHBOARD_USERNAME}
       - DASHBOARD_PASSWORD=${DASHBOARD_PASSWORD}
       - API_USERNAME=${API_USERNAME}