From 91221c43323d7b485f60da2160b029cbcbf761ca Mon Sep 17 00:00:00 2001 From: William Wernert Date: Thu, 29 Oct 2020 10:23:12 -0400 Subject: [PATCH] [revert] Move proxy_pass back to ip --- salt/nginx/etc/nginx.conf | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/salt/nginx/etc/nginx.conf b/salt/nginx/etc/nginx.conf index facfb4c22..238536a70 100644 --- a/salt/nginx/etc/nginx.conf +++ b/salt/nginx/etc/nginx.conf @@ -4,6 +4,7 @@ {% set main_ip = salt['grains.get']('ip_interfaces:' ~ mainint)[0] %} {%- endif %} +{%- set manager_ip = salt['pillar.get']('manager:mainip', '') %} {%- set url_base = salt['pillar.get']('global:url_base') %} {%- set fleet_manager = salt['pillar.get']('global:fleet_manager') %} @@ -59,7 +60,7 @@ http { {%- if role == 'fleet' %} grpc_pass grpcs://{{ main_ip }}:8080; {%- else %} - grpc_pass grpcs://{{ url_base }}:8080; + grpc_pass grpcs://{{ manager_ip }}:8080; {%- endif %} grpc_set_header Host $host; grpc_set_header X-Forwarded-For $proxy_add_x_forwarded_for; @@ -154,7 +155,7 @@ http { location ~* (^/login/|^/js/.*|^/css/.*|^/images/.*) { - proxy_pass http://{{ url_base }}:9822; + proxy_pass http://{{ manager_ip }}:9822; proxy_read_timeout 90; proxy_connect_timeout 90; proxy_set_header Host $host; @@ -168,7 +169,7 @@ http { location / { auth_request /auth/sessions/whoami; - proxy_pass http://{{ url_base }}:9822/; + proxy_pass http://{{ manager_ip }}:9822/; proxy_read_timeout 90; proxy_connect_timeout 90; proxy_set_header Host $host; @@ -182,7 +183,7 @@ http { location ~ ^/auth/.*?(whoami|login|logout|settings) { rewrite /auth/(.*) /$1 break; - proxy_pass http://{{ url_base }}:4433; + proxy_pass http://{{ manager_ip }}:4433; proxy_read_timeout 90; proxy_connect_timeout 90; proxy_set_header Host $host; @@ -241,7 +242,7 @@ http { location /grafana/ { auth_request /auth/sessions/whoami; rewrite /grafana/(.*) /$1 break; - proxy_pass http://{{ url_base }}:3000/; + proxy_pass http://{{ manager_ip }}:3000/; proxy_read_timeout 90; proxy_connect_timeout 90; proxy_set_header Host $host; @@ -254,7 +255,7 @@ http { location /kibana/ { auth_request /auth/sessions/whoami; rewrite /kibana/(.*) /$1 break; - proxy_pass http://{{ url_base }}:5601/; + proxy_pass http://{{ manager_ip }}:5601/; proxy_read_timeout 90; proxy_connect_timeout 90; proxy_set_header Host $host; @@ -265,7 +266,7 @@ http { } location /nodered/ { - proxy_pass http://{{ url_base }}:1880/; + proxy_pass http://{{ manager_ip }}:1880/; proxy_read_timeout 90; proxy_connect_timeout 90; proxy_set_header Host $host; @@ -278,7 +279,7 @@ http { } location /playbook/ { - proxy_pass http://{{ url_base }}:3200/playbook/; + proxy_pass http://{{ manager_ip }}:3200/playbook/; proxy_read_timeout 90; proxy_connect_timeout 90; proxy_set_header Host $host; @@ -297,7 +298,7 @@ http { {%- else %} location /fleet/ { - proxy_pass https://{{ url_base }}:8080; + proxy_pass https://{{ manager_ip }}:8080; proxy_read_timeout 90; proxy_connect_timeout 90; proxy_set_header Host $host; @@ -310,7 +311,7 @@ http { {%- endif %} location /thehive/ { - proxy_pass http://{{ url_base }}:9000/thehive/; + proxy_pass http://{{ manager_ip }}:9000/thehive/; proxy_read_timeout 90; proxy_connect_timeout 90; proxy_http_version 1.1; # this is essential for chunked responses to work @@ -322,7 +323,7 @@ http { } location /cortex/ { - proxy_pass http://{{ url_base }}:9001/cortex/; + proxy_pass http://{{ manager_ip }}:9001/cortex/; proxy_read_timeout 90; proxy_connect_timeout 90; proxy_http_version 1.1; # this is essential for chunked responses to work @@ -334,7 +335,7 @@ http { } location /soctopus/ { - proxy_pass http://{{ url_base }}:7000/; + proxy_pass http://{{ manager_ip }}:7000/; proxy_read_timeout 90; proxy_connect_timeout 90; proxy_set_header Host $host; @@ -360,7 +361,7 @@ http { if ($http_authorization = "") { return 403; } - proxy_pass http://{{ url_base }}:9822/; + proxy_pass http://{{ manager_ip }}:9822/; proxy_read_timeout 90; proxy_connect_timeout 90; proxy_set_header Host $host;