From e364638a62977aa8b3cbbd56312fa064c244dde8 Mon Sep 17 00:00:00 2001
From: Wes Lambert <wlambertts@gmail.com>
Date: Tue, 12 Nov 2019 22:50:00 +0000
Subject: [PATCH] add Cyberchef

---
 salt/common/nginx/nginx.conf.so-eval   | 12 ++++++++++++
 salt/common/nginx/nginx.conf.so-master | 12 ++++++++++++
 salt/firewall/init.sls                 | 12 ++++++++++++
 salt/top.sls                           |  2 ++
 4 files changed, 38 insertions(+)

diff --git a/salt/common/nginx/nginx.conf.so-eval b/salt/common/nginx/nginx.conf.so-eval
index fe55dc274..a0b3a39de 100644
--- a/salt/common/nginx/nginx.conf.so-eval
+++ b/salt/common/nginx/nginx.conf.so-eval
@@ -188,6 +188,18 @@ http {
           proxy_set_header      Proxy "";
 
         }
+        
+        location /cyberchef/ {
+          proxy_pass http://{{ masterip }}:9080/;
+          proxy_read_timeout    90;
+          proxy_connect_timeout 90;
+          proxy_http_version 1.1; # this is essential for chunked responses to work
+          proxy_set_header      Host $host;
+          proxy_set_header      X-Real-IP $remote_addr;
+          proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
+          proxy_set_header      Proxy "";
+
+        }
 	
         location /soctopus/ {
           proxy_pass http://{{ masterip }}:7000/;
diff --git a/salt/common/nginx/nginx.conf.so-master b/salt/common/nginx/nginx.conf.so-master
index 964579a96..265413fa2 100644
--- a/salt/common/nginx/nginx.conf.so-master
+++ b/salt/common/nginx/nginx.conf.so-master
@@ -187,6 +187,18 @@ http {
           proxy_set_header      Proxy "";
 
         }
+
+        location /cyberchef/ {
+          proxy_pass http://{{ masterip }}:9080/;
+          proxy_read_timeout    90;
+          proxy_connect_timeout 90;
+          proxy_http_version 1.1; # this is essential for chunked responses to work
+          proxy_set_header      Host $host;
+          proxy_set_header      X-Real-IP $remote_addr;
+          proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
+          proxy_set_header      Proxy "";
+
+        }
 	
         location /soctopus/ {
           proxy_pass http://{{ masterip }}:7000/;
diff --git a/salt/firewall/init.sls b/salt/firewall/init.sls
index c0c1e6d82..b0ff81b00 100644
--- a/salt/firewall/init.sls
+++ b/salt/firewall/init.sls
@@ -276,6 +276,18 @@ enable_master_cortex_9001_{{ip}}:
     - position: 1
     - save: True 
 
+enable_master_cyberchef_9080_{{ip}}:
+  iptables.insert:
+    - table: filter
+    - chain: DOCKER-USER
+    - jump: ACCEPT
+    - proto: tcp
+    - source: {{ ip }}
+    - dport: 9080
+    - position: 1
+    - save: True
+
+
 {% endfor %}
 
 # Make it so all the minions can talk to salt and update etc.
diff --git a/salt/top.sls b/salt/top.sls
index f742a66cf..1d7d6ccf8 100644
--- a/salt/top.sls
+++ b/salt/top.sls
@@ -43,6 +43,7 @@ base:
     - suricata
     - bro
     - curator
+    - cyberchef
     - elastalert
     {%- if OSQUERY != 0 %}
     - fleet
@@ -69,6 +70,7 @@ base:
     - ca
     - ssl
     - common
+    - cyberchef
     - sensoroni
     - firewall
     - master