diff --git a/salt/nginx/etc/nginx.conf b/salt/nginx/etc/nginx.conf index 05e935caa..7774f9f8d 100644 --- a/salt/nginx/etc/nginx.conf +++ b/salt/nginx/etc/nginx.conf @@ -4,7 +4,6 @@ {% set main_ip = salt['grains.get']('ip_interfaces:' ~ mainint)[0] %} {%- endif %} -{%- set manager_ip = salt['pillar.get']('manager:main_ip', '') %} {%- set url_base = salt['pillar.get']('global:url_base') %} {%- set fleet_manager = salt['pillar.get']('global:fleet_manager') %} @@ -60,7 +59,7 @@ http { {%- if role == 'fleet' %} grpc_pass grpcs://{{ main_ip }}:8080; {%- else %} - grpc_pass grpcs://{{ manager_ip }}:8080; + grpc_pass grpcs://{{ url_base }}:8080; {%- endif %} grpc_set_header Host $host; grpc_set_header X-Forwarded-For $proxy_add_x_forwarded_for; @@ -155,7 +154,7 @@ http { location ~* (^/login/|^/js/.*|^/css/.*|^/images/.*) { - proxy_pass http://{{ manager_ip }}:9822; + proxy_pass http://{{ url_base }}:9822; proxy_read_timeout 90; proxy_connect_timeout 90; proxy_set_header Host $host; @@ -169,7 +168,7 @@ http { location / { auth_request /auth/sessions/whoami; - proxy_pass http://{{ manager_ip }}:9822/; + proxy_pass http://{{ url_base }}:9822/; proxy_read_timeout 90; proxy_connect_timeout 90; proxy_set_header Host $host; @@ -183,7 +182,7 @@ http { location ~ ^/auth/.*?(whoami|login|logout|settings) { rewrite /auth/(.*) /$1 break; - proxy_pass http://{{ manager_ip }}:4433; + proxy_pass http://{{ url_base }}:4433; proxy_read_timeout 90; proxy_connect_timeout 90; proxy_set_header Host $host; @@ -242,7 +241,7 @@ http { location /grafana/ { auth_request /auth/sessions/whoami; rewrite /grafana/(.*) /$1 break; - proxy_pass http://{{ manager_ip }}:3000/; + proxy_pass http://{{ url_base }}:3000/; proxy_read_timeout 90; proxy_connect_timeout 90; proxy_set_header Host $host; @@ -255,7 +254,7 @@ http { location /kibana/ { auth_request /auth/sessions/whoami; rewrite /kibana/(.*) /$1 break; - proxy_pass http://{{ manager_ip }}:5601/; + proxy_pass http://{{ url_base }}:5601/; proxy_read_timeout 90; proxy_connect_timeout 90; proxy_set_header Host $host; @@ -266,7 +265,7 @@ http { } location /nodered/ { - proxy_pass http://{{ manager_ip }}:1880/; + proxy_pass http://{{ url_base }}:1880/; proxy_read_timeout 90; proxy_connect_timeout 90; proxy_set_header Host $host; @@ -279,7 +278,7 @@ http { } location /playbook/ { - proxy_pass http://{{ manager_ip }}:3200/playbook/; + proxy_pass http://{{ url_base }}:3200/playbook/; proxy_read_timeout 90; proxy_connect_timeout 90; proxy_set_header Host $host; @@ -298,7 +297,7 @@ http { {%- else %} location /fleet/ { - proxy_pass https://{{ manager_ip }}:8080; + proxy_pass https://{{ url_base }}:8080; proxy_read_timeout 90; proxy_connect_timeout 90; proxy_set_header Host $host; @@ -311,7 +310,7 @@ http { {%- endif %} location /thehive/ { - proxy_pass http://{{ manager_ip }}:9000/thehive/; + proxy_pass http://{{ url_base }}:9000/thehive/; proxy_read_timeout 90; proxy_connect_timeout 90; proxy_http_version 1.1; # this is essential for chunked responses to work @@ -323,7 +322,7 @@ http { } location /cortex/ { - proxy_pass http://{{ manager_ip }}:9001/cortex/; + proxy_pass http://{{ url_base }}:9001/cortex/; proxy_read_timeout 90; proxy_connect_timeout 90; proxy_http_version 1.1; # this is essential for chunked responses to work @@ -335,7 +334,7 @@ http { } location /soctopus/ { - proxy_pass http://{{ manager_ip }}:7000/; + proxy_pass http://{{ url_base }}:7000/; proxy_read_timeout 90; proxy_connect_timeout 90; proxy_set_header Host $host; @@ -361,7 +360,7 @@ http { if ($http_authorization = "") { return 403; } - proxy_pass http://{{ manager_ip }}:9822/; + proxy_pass http://{{ url_base }}:9822/; proxy_read_timeout 90; proxy_connect_timeout 90; proxy_set_header Host $host;