CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

New Config Values

Browse Source 
New config values with annotations and defaults.

Updated Nginx config to allow streaming requests to not be buffered on the way to the client.
This commit is contained in:
Corey Ogburn
2025-07-11 10:37:50 -06:00
parent 624ec3c93e
commit ec27517bdd
3 changed files with 32 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
salt/nginx/etc/nginx.conf
View File

@@ -196,19 +196,23 @@ http {
} }
location / { location / {
auth_request /auth/sessions/whoami; auth_request /auth/sessions/whoami;
auth_request_set $userid $upstream_http_x_kratos_authenticated_identity_id; auth_request_set $userid $upstream_http_x_kratos_authenticated_identity_id;
proxy_set_header x-user-id $userid; proxy_set_header x-user-id $userid;
proxy_pass http://{{ GLOBALS.manager }}:9822/; proxy_pass http://{{ GLOBALS.manager }}:9822/;
proxy_read_timeout 300; proxy_read_timeout 300;
proxy_connect_timeout 300; proxy_connect_timeout 300;
proxy_set_header Host $host; proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Proxy ""; proxy_set_header Proxy "";
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
proxy_cache off;
proxy_request_buffering off;
} }
location ~ ^/auth/.*?(login|oidc/callback) { location ~ ^/auth/.*?(login|oidc/callback) {

4
salt/soc/defaults.yaml
View File

@@ -1491,6 +1491,10 @@ soc:
- repo: file:///nsm/airgap-resources/playbooks/securityonion-resources-playbooks - repo: file:///nsm/airgap-resources/playbooks/securityonion-resources-playbooks
branch: main branch: main
folder: securityonion-normalized folder: securityonion-normalized
assistant:
apiKey:
apiUrl: https://onionai-dev.securityonion.net
model: claude-sonnet
salt: salt:
queueDir: /opt/sensoroni/queue queueDir: /opt/sensoroni/queue
timeoutMs: 45000 timeoutMs: 45000

11
salt/soc/soc_soc.yaml
View File

@@ -580,6 +580,17 @@ soc:
- field: folder - field: folder
label: Folder label: Folder
airgap: *pbRepos airgap: *pbRepos
assistant:
apiKey:
description: The auth token to be used when reaching out to the AI Assistant.
global: True
apiUrl:
description: The URL of the AI gateway.
advanced: True
global: True
model:
description: The model to use as the AI Assistant
global: True
client: client:
apiTimeoutMs: apiTimeoutMs:
description: Duration (in milliseconds) to wait for a response from the SOC server API before giving up and showing an error on the SOC UI. description: Duration (in milliseconds) to wait for a response from the SOC server API before giving up and showing an error on the SOC UI.