Merge branch 'dev' into feature/nginx-update

# Conflicts:
#	salt/nginx/etc/nginx.conf
#	salt/nginx/etc/nginx.conf.so-eval
#	salt/nginx/etc/nginx.conf.so-manager
#	salt/nginx/etc/nginx.conf.so-managersearch
#	salt/nginx/etc/nginx.conf.so-mastersearch
#	salt/nginx/etc/nginx.conf.so-standalone

salt/nginx/etc/nginx.conf

@@ -1,8 +1,8 @@
-{%- set masterip = salt['pillar.get']('master:mainip', '') %}
+{%- set managerip = salt['pillar.get']('manager:mainip', '') %}
 {%- set role = grains.id.split('_') | last %}
-{%- set url_base = salt['pillar.get']('master:url_base') %}
+{%- set url_base = salt['pillar.get']('manager:url_base') %}
 
-{%- set fleet_master = salt['pillar.get']('static:fleet_master') %}
+{%- set fleet_managerr = salt['pillar.get']('static:fleet_manager') %}
 {%- set fleet_node = salt['pillar.get']('static:fleet_node') %}
 {%- set fleet_ip = salt['pillar.get']('static:fleet_ip', None) %}
 
@@ -35,7 +35,7 @@ http {
 
 	include /etc/nginx/conf.d/*.conf;
 
-	{%- if fleet_master %}
+	{%- if fleet_manager %}
 	server {
 		listen       8090 ssl http2 default_server;
 		server_name  {{ url_base }};
@@ -50,7 +50,7 @@ http {
 		ssl_prefer_server_ciphers on;
 
 		location ~ ^/kolide.agent.Api/(RequestEnrollment|RequestConfig|RequestQueries|PublishLogs|PublishResults|CheckHealth)$ {
-			grpc_pass  grpcs://{{ masterip }}:8080;
+			grpc_pass  grpcs://{{ managerip }}:8080;
 			grpc_set_header Host $host;
 			grpc_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 			proxy_buffering off;
@@ -94,7 +94,7 @@ http {
 
 
 		location ~* (^/login/|^/js/.*|^/css/.*|^/images/.*) {
-			proxy_pass            http://{{ masterip }}:9822;
+			proxy_pass            http://{{ managerip }}:9822;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -108,7 +108,7 @@ http {
 
 		location / {
 			auth_request          /auth/sessions/whoami;
-			proxy_pass            http://{{ masterip }}:9822/;
+			proxy_pass            http://{{ managerip }}:9822/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -122,7 +122,7 @@ http {
 
 		location ~ ^/auth/.*?(whoami|login|logout|settings) {
 			rewrite               /auth/(.*) /$1 break;
-			proxy_pass            http://{{ masterip }}:4433;
+			proxy_pass            http://{{ managerip }}:4433;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -169,7 +169,7 @@ http {
 		location /grafana/ {
 			auth_request          /auth/sessions/whoami;
 			rewrite               /grafana/(.*) /$1 break;
-			proxy_pass            http://{{ masterip }}:3000/;
+			proxy_pass            http://{{ managerip }}:3000/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -182,7 +182,7 @@ http {
 		location /kibana/ {
 			auth_request          /auth/sessions/whoami;
 			rewrite               /kibana/(.*) /$1 break;
-			proxy_pass            http://{{ masterip }}:5601/;
+			proxy_pass            http://{{ managerip }}:5601/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -193,7 +193,7 @@ http {
 		}
 
 		location /nodered/ {
-			proxy_pass http://{{ masterip }}:1880/;
+			proxy_pass http://{{ managerip }}:1880/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -206,7 +206,7 @@ http {
 		}
 		
 		location /playbook/ {
-			proxy_pass            http://{{ masterip }}:3200/playbook/;
+			proxy_pass            http://{{ managerip }}:3200/playbook/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -222,7 +222,7 @@ http {
 		}
 		{%- else %}
 		location /fleet/ {
-			proxy_pass https://{{ masterip }}:8080;
+			proxy_pass https://{{ managerip }}:8080;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -234,7 +234,7 @@ http {
 		{%- endif %}
 
 		location /thehive/ {
-			proxy_pass            http://{{ masterip }}:9000/thehive/;
+			proxy_pass            http://{{ managerip }}:9000/thehive/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_http_version    1.1; # this is essential for chunked responses to work
@@ -246,7 +246,7 @@ http {
 		}
 
 		location /cortex/ {
-			proxy_pass            http://{{ masterip }}:9001/cortex/;
+			proxy_pass            http://{{ managerip }}:9001/cortex/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_http_version    1.1; # this is essential for chunked responses to work
@@ -258,7 +258,7 @@ http {
 		}
 		
 		location /soctopus/ {
-			proxy_pass            http://{{ masterip }}:7000/;
+			proxy_pass            http://{{ managerip }}:7000/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -281,7 +281,7 @@ http {
 		}
 
 		location /sensoroniagents/ {
-			proxy_pass            http://{{ masterip }}:9822/;
+			proxy_pass            http://{{ managerip }}:9822/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;

salt/nginx/files/navigator_config.json

@@ -1,4 +1,4 @@
-{%- set ip = salt['pillar.get']('static:masterip', '') %}
+{%- set ip = salt['pillar.get']('static:managerip', '') %}
 
 {
     "enterprise_attack_url": "https://raw.githubusercontent.com/mitre/cti/master/enterprise-attack/enterprise-attack.json",

salt/nginx/init.sls

@@ -1,6 +1,6 @@
-{% set FLEETMASTER = salt['pillar.get']('static:fleet_master', False) %}
+{% set FLEETMANAGER = salt['pillar.get']('static:fleet_manager', False) %}
 {% set FLEETNODE = salt['pillar.get']('static:fleet_node', False) %}
-{% set MASTER = salt['grains.get']('master') %}
+{% set MANAGER = salt['grains.get']('master') %}
 {% set VERSION = salt['pillar.get']('static:soversion', 'HH1.2.2') %}
 
 # Drop the correct nginx config based on role
@@ -61,15 +61,15 @@ navigatordefaultlayer:
 
 so-nginx:
   docker_container.running:
-    - image: {{ MASTER }}:5000/soshybridhunter/so-nginx:{{ VERSION }}
+    - image: {{ MANAGER }}:5000/soshybridhunter/so-nginx:{{ VERSION }}
     - hostname: so-nginx
     - binds:
       - /opt/so/conf/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
       - /opt/so/log/nginx/:/var/log/nginx:rw
       - /opt/so/tmp/nginx/:/var/lib/nginx:rw
       - /opt/so/tmp/nginx/:/run:rw
-      - /etc/pki/masterssl.crt:/etc/pki/nginx/server.crt:ro
-      - /etc/pki/masterssl.key:/etc/pki/nginx/server.key:ro
+      - /etc/pki/managerssl.crt:/etc/pki/nginx/server.crt:ro
+      - /etc/pki/managerssl.key:/etc/pki/nginx/server.key:ro
       - /opt/so/conf/fleet/packages:/opt/socore/html/packages
       # ATT&CK Navigator binds
       - /opt/so/conf/navigator/navigator_config.json:/opt/socore/html/navigator/assets/config.json:ro
@@ -78,7 +78,7 @@ so-nginx:
     - port_bindings:
       - 80:80
       - 443:443
-    {%- if FLEETMASTER or FLEETNODE %}
+    {%- if FLEETMANAGER or FLEETNODE %}
       - 8090:8090
     {%- endif %}
     - watch: