Merge branch 'dev' into feature/nginx-update

# Conflicts: # salt/nginx/etc/nginx.conf # salt/nginx/etc/nginx.conf.so-eval # salt/nginx/etc/nginx.conf.so-manager # salt/nginx/etc/nginx.conf.so-managersearch # salt/nginx/etc/nginx.conf.so-mastersearch # salt/nginx/etc/nginx.conf.so-standalone
2025-12-19 23:43:07 +01:00 · 2020-07-10 17:49:34 -04:00
parent 81006ebbd0 ef64048fc6
commit 8b146aac32
166 changed files with 1347 additions and 1028 deletions
--- a/salt/nginx/etc/nginx.conf
+++ b/salt/nginx/etc/nginx.conf
@@ -1,8 +1,8 @@
-{%- set masterip = salt['pillar.get']('master:mainip', '') %}
+{%- set managerip = salt['pillar.get']('manager:mainip', '') %}
 {%- set role = grains.id.split('_') | last %}
-{%- set url_base = salt['pillar.get']('master:url_base') %}
+{%- set url_base = salt['pillar.get']('manager:url_base') %}

-{%- set fleet_master = salt['pillar.get']('static:fleet_master') %}
+{%- set fleet_managerr = salt['pillar.get']('static:fleet_manager') %}
 {%- set fleet_node = salt['pillar.get']('static:fleet_node') %}
 {%- set fleet_ip = salt['pillar.get']('static:fleet_ip', None) %}

@@ -35,7 +35,7 @@ http {

 	include /etc/nginx/conf.d/*.conf;

-	{%- if fleet_master %}
+	{%- if fleet_manager %}
 	server {
 		listen       8090 ssl http2 default_server;
 		server_name  {{ url_base }};
@@ -50,7 +50,7 @@ http {
 		ssl_prefer_server_ciphers on;

 		location ~ ^/kolide.agent.Api/(RequestEnrollment|RequestConfig|RequestQueries|PublishLogs|PublishResults|CheckHealth)$ {
-			grpc_pass  grpcs://{{ masterip }}:8080;
+			grpc_pass  grpcs://{{ managerip }}:8080;
 			grpc_set_header Host $host;
 			grpc_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 			proxy_buffering off;
@@ -94,7 +94,7 @@ http {


 		location ~* (^/login/|^/js/.*|^/css/.*|^/images/.*) {
-			proxy_pass            http://{{ masterip }}:9822;
+			proxy_pass            http://{{ managerip }}:9822;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -108,7 +108,7 @@ http {

 		location / {
 			auth_request          /auth/sessions/whoami;
-			proxy_pass            http://{{ masterip }}:9822/;
+			proxy_pass            http://{{ managerip }}:9822/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -122,7 +122,7 @@ http {

 		location ~ ^/auth/.*?(whoami|login|logout|settings) {
 			rewrite               /auth/(.*) /$1 break;
-			proxy_pass            http://{{ masterip }}:4433;
+			proxy_pass            http://{{ managerip }}:4433;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -169,7 +169,7 @@ http {
 		location /grafana/ {
 			auth_request          /auth/sessions/whoami;
 			rewrite               /grafana/(.*) /$1 break;
-			proxy_pass            http://{{ masterip }}:3000/;
+			proxy_pass            http://{{ managerip }}:3000/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -182,7 +182,7 @@ http {
 		location /kibana/ {
 			auth_request          /auth/sessions/whoami;
 			rewrite               /kibana/(.*) /$1 break;
-			proxy_pass            http://{{ masterip }}:5601/;
+			proxy_pass            http://{{ managerip }}:5601/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -193,7 +193,7 @@ http {
 		}

 		location /nodered/ {
-			proxy_pass http://{{ masterip }}:1880/;
+			proxy_pass http://{{ managerip }}:1880/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -206,7 +206,7 @@ http {
 		}
 		
 		location /playbook/ {
-			proxy_pass            http://{{ masterip }}:3200/playbook/;
+			proxy_pass            http://{{ managerip }}:3200/playbook/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -222,7 +222,7 @@ http {
 		}
 		{%- else %}
 		location /fleet/ {
-			proxy_pass https://{{ masterip }}:8080;
+			proxy_pass https://{{ managerip }}:8080;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -234,7 +234,7 @@ http {
 		{%- endif %}

 		location /thehive/ {
-			proxy_pass            http://{{ masterip }}:9000/thehive/;
+			proxy_pass            http://{{ managerip }}:9000/thehive/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_http_version    1.1; # this is essential for chunked responses to work
@@ -246,7 +246,7 @@ http {
 		}

 		location /cortex/ {
-			proxy_pass            http://{{ masterip }}:9001/cortex/;
+			proxy_pass            http://{{ managerip }}:9001/cortex/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_http_version    1.1; # this is essential for chunked responses to work
@@ -258,7 +258,7 @@ http {
 		}
 		
 		location /soctopus/ {
-			proxy_pass            http://{{ masterip }}:7000/;
+			proxy_pass            http://{{ managerip }}:7000/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -281,7 +281,7 @@ http {
 		}

 		location /sensoroniagents/ {
-			proxy_pass            http://{{ masterip }}:9822/;
+			proxy_pass            http://{{ managerip }}:9822/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;