CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

use hostnames please

Browse Source
This commit is contained in:
Mike Reeves
2023-02-23 11:11:29 -05:00
parent 96b1fb4782
commit 148b0b1c4c
4 changed files with 14 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/elastalert/init.sls
View File

@@ -97,7 +97,7 @@ so-elastalert:
- /opt/so/conf/elastalert/modules/:/opt/elastalert/modules/:ro - /opt/so/conf/elastalert/modules/:/opt/elastalert/modules/:ro
- /opt/so/conf/elastalert/elastalert_config.yaml:/opt/elastalert/config.yaml:ro - /opt/so/conf/elastalert/elastalert_config.yaml:/opt/elastalert/config.yaml:ro
- extra_hosts: - extra_hosts:
- {{ GLOBALS.manager }}:{{ DOCKER.containers['so-elasticsearch'].ip }} - {{ GLOBALS.manager }}:{{ GLOBALS.manager_ip }}
- require: - require:
- cmd: wait_for_elasticsearch - cmd: wait_for_elasticsearch
- file: elastarules - file: elastarules

6
salt/elastic-fleet/init.sls
View File

@@ -52,7 +52,11 @@ so-elastic-fleet:
- sobridge: - sobridge:
- ipv4_address: {{ DOCKER.containers['so-elastic-fleet'].ip }} - ipv4_address: {{ DOCKER.containers['so-elastic-fleet'].ip }}
- extra_hosts: - extra_hosts:
{% if GLOBALS.is_manager %}
- {{ GLOBALS.manager }}:{{ GLOBALS.manager_ip }}
{% else %}
- {{ GLOBALS.hostname }}:{{ GLOBALS.node_ip }} - {{ GLOBALS.hostname }}:{{ GLOBALS.node_ip }}
{% endif %}
- port_bindings: - port_bindings:
{% for BINDING in DOCKER.containers['so-elastic-fleet'].port_bindings %} {% for BINDING in DOCKER.containers['so-elastic-fleet'].port_bindings %}
- {{ BINDING }} - {{ BINDING }}
@@ -63,7 +67,7 @@ so-elastic-fleet:
- environment: - environment:
- FLEET_SERVER_ENABLE=true - FLEET_SERVER_ENABLE=true
- FLEET_URL=https://{{ FLEETURL }}:8220 - FLEET_URL=https://{{ FLEETURL }}:8220
- FLEET_SERVER_ELASTICSEARCH_HOST=https://{{ GLOBALS.manager_ip }}:9200 - FLEET_SERVER_ELASTICSEARCH_HOST=https://{{ GLOBALS.manager }}:9200
- FLEET_SERVER_SERVICE_TOKEN={{ SERVICETOKEN }} - FLEET_SERVER_SERVICE_TOKEN={{ SERVICETOKEN }}
- FLEET_SERVER_POLICY_ID={{ FLEETSERVERPOLICY }} - FLEET_SERVER_POLICY_ID={{ FLEETSERVERPOLICY }}
- FLEET_SERVER_ELASTICSEARCH_CA=/etc/pki/intca.crt - FLEET_SERVER_ELASTICSEARCH_CA=/etc/pki/intca.crt

16
salt/nginx/etc/nginx.conf
View File

@@ -98,7 +98,7 @@ http {
ssl_protocols TLSv1.2; ssl_protocols TLSv1.2;
location ~* (^/login/.*|^/js/.*|^/css/.*|^/images/.*) { location ~* (^/login/.*|^/js/.*|^/css/.*|^/images/.*) {
proxy_pass http://{{ DOCKER.containers['so-soc'].ip }}:9822; proxy_pass http://{{ GLOBALS.manager }}:9822;
proxy_read_timeout 90; proxy_read_timeout 90;
proxy_connect_timeout 90; proxy_connect_timeout 90;
proxy_set_header x-user-id ""; proxy_set_header x-user-id "";
@@ -115,7 +115,7 @@ http {
auth_request /auth/sessions/whoami; auth_request /auth/sessions/whoami;
auth_request_set $userid $upstream_http_x_kratos_authenticated_identity_id; auth_request_set $userid $upstream_http_x_kratos_authenticated_identity_id;
proxy_set_header x-user-id $userid; proxy_set_header x-user-id $userid;
proxy_pass http://{{ DOCKER.containers['so-soc'].ip }}:9822/; proxy_pass http://{{ GLOBALS.manager }}:9822/;
proxy_read_timeout 300; proxy_read_timeout 300;
proxy_connect_timeout 300; proxy_connect_timeout 300;
proxy_set_header Host $host; proxy_set_header Host $host;
@@ -129,7 +129,7 @@ http {
location ~ ^/auth/.*?(whoami|login|logout|settings) { location ~ ^/auth/.*?(whoami|login|logout|settings) {
rewrite /auth/(.*) /$1 break; rewrite /auth/(.*) /$1 break;
proxy_pass http://{{ DOCKER.containers['so-kratos'].ip }}:4433; proxy_pass http://{{ GLOBALS.manager }}:4433;
proxy_read_timeout 90; proxy_read_timeout 90;
proxy_connect_timeout 90; proxy_connect_timeout 90;
proxy_set_header Host $host; proxy_set_header Host $host;
@@ -186,7 +186,7 @@ http {
location /influxdb/ { location /influxdb/ {
auth_request /auth/sessions/whoami; auth_request /auth/sessions/whoami;
rewrite /influxdb/api/(.*) /api/$1 break; rewrite /influxdb/api/(.*) /api/$1 break;
proxy_pass https://{{ DOCKER.containers['so-influxdb'].ip }}:8086/; proxy_pass https://{{ GLOBALS.manager }}:8086/;
proxy_read_timeout 300; proxy_read_timeout 300;
proxy_connect_timeout 90; proxy_connect_timeout 90;
proxy_set_header Host $host; proxy_set_header Host $host;
@@ -200,7 +200,7 @@ http {
location /kibana/ { location /kibana/ {
auth_request /auth/sessions/whoami; auth_request /auth/sessions/whoami;
rewrite /kibana/(.*) /$1 break; rewrite /kibana/(.*) /$1 break;
proxy_pass http://{{ DOCKER.containers['so-kibana'].ip }}:5601/; proxy_pass http://{{ GLOBALS.manager }}:5601/;
proxy_read_timeout 300; proxy_read_timeout 300;
proxy_connect_timeout 300; proxy_connect_timeout 300;
proxy_set_header Host $host; proxy_set_header Host $host;
@@ -212,7 +212,7 @@ http {
location /playbook/ { location /playbook/ {
auth_request /auth/sessions/whoami; auth_request /auth/sessions/whoami;
proxy_pass http://{{ DOCKER.containers['so-playbook'].ip }}:3000/playbook/; proxy_pass http://{{ GLOBALS.manager }}:3000/playbook/;
proxy_read_timeout 90; proxy_read_timeout 90;
proxy_connect_timeout 90; proxy_connect_timeout 90;
proxy_set_header Host $host; proxy_set_header Host $host;
@@ -225,7 +225,7 @@ http {
location /soctopus/ { location /soctopus/ {
auth_request /auth/sessions/whoami; auth_request /auth/sessions/whoami;
proxy_pass http://{{ DOCKER.containers['so-soctopus'].ip }}:7000/; proxy_pass http://{{ GLOBALS.manager }}:7000/;
proxy_read_timeout 300; proxy_read_timeout 300;
proxy_connect_timeout 300; proxy_connect_timeout 300;
proxy_set_header Host $host; proxy_set_header Host $host;
@@ -247,7 +247,7 @@ http {
if ($http_authorization = "") { if ($http_authorization = "") {
return 403; return 403;
} }
proxy_pass http://{{ DOCKER.containers['so-soc'].ip }}:9822/; proxy_pass http://{{ GLOBALS.manager }}:9822/;
proxy_read_timeout 90; proxy_read_timeout 90;
proxy_connect_timeout 90; proxy_connect_timeout 90;
proxy_set_header x-user-id ""; proxy_set_header x-user-id "";

1
salt/soc/init.sls
View File

@@ -111,7 +111,6 @@ so-soc:
- /opt/so/conf/soc/salt:/opt/sensoroni/salt:rw - /opt/so/conf/soc/salt:/opt/sensoroni/salt:rw
- /opt/so/saltstack:/opt/so/saltstack:rw - /opt/so/saltstack:/opt/so/saltstack:rw
- extra_hosts: - extra_hosts:
- {{GLOBALS.influxdb_host}}:{{pillar.node_data[GLOBALS.influxdb_host].ip}}
{%- if salt['pillar.get']('nodestab', {}) %} {%- if salt['pillar.get']('nodestab', {}) %}
{%- for SN, SNDATA in salt['pillar.get']('nodestab', {}).items() %} {%- for SN, SNDATA in salt['pillar.get']('nodestab', {}).items() %}
- {{ SN.split('_')|first }}:{{ SNDATA.ip }} - {{ SN.split('_')|first }}:{{ SNDATA.ip }}