From f4227136a0abb0323aeffa3085d54857a2cb549e Mon Sep 17 00:00:00 2001
From: Mike Reeves <mike.reeves@securityonionsolutions.com>
Date: Tue, 13 Feb 2018 16:11:37 -0500
Subject: [PATCH] Kibana salt module - Add Kibana Skeleton

---
 salt/kibana/init.sls                   | 91 ++++++++++++++++++++++++++
 salt/kibana/nginx/nginx.conf.sensor    | 89 +++++++++++++++++++++++++
 salt/kibana/nginx/nginx.conf.so-master | 89 +++++++++++++++++++++++++
 3 files changed, 269 insertions(+)
 create mode 100644 salt/kibana/init.sls
 create mode 100644 salt/kibana/nginx/nginx.conf.sensor
 create mode 100644 salt/kibana/nginx/nginx.conf.so-master

diff --git a/salt/kibana/init.sls b/salt/kibana/init.sls
new file mode 100644
index 000000000..d034cab5c
--- /dev/null
+++ b/salt/kibana/init.sls
@@ -0,0 +1,91 @@
+# Create a state directory
+
+statedir:
+  file.directory:
+    - name: /opt/so/state
+
+salttmp:
+  file.directory:
+    - name: /opt/so/tmp
+
+# Install packages needed for the sensor
+
+sensorpkgs:
+  pkg.installed:
+    - skip_suggestions: True
+    - pkgs:
+      - docker-ce
+      - python-docker
+
+# Always keep these packages up to date
+
+alwaysupdated:
+  pkg.latest:
+    - pkgs:
+      - openssl
+      - openssh-server
+      - bash
+    - skip_suggestions: True
+
+# Set time to UTC
+
+Etc/UTC:
+  timezone.system
+
+# Set up docker network
+dockernet:
+  docker_network.present:
+    - name: so-elastic-net
+    - driver: bridge
+
+# Snag the so-core docker
+toosmooth/so-core:test2:
+  docker_image.present
+
+# Drop the correct nginx config based on role
+
+nginxconfdir:
+  file.directory:
+    - name: /opt/so/conf/nginx
+    - user: 939
+    - group: 939
+    - makedirs: True
+
+nginxconf:
+  file.managed:
+    - name: /opt/so/conf/nginx/nginx.conf
+    - user: 939
+    - group: 939
+    - template: jinja
+    - source: salt://common/nginx/nginx.conf.{{ grains.role }}
+
+nginxlogdir:
+  file.directory:
+    - name: /opt/so/log/nginx/
+    - user: 939
+    - group: 939
+
+nginxtmp:
+  file.directory:
+    - name: /opt/so/tmp/nginx/tmp
+    - user: 939
+    - group: 939
+    - makedirs: True
+
+# Start the core docker
+so-core:
+  docker_container.running:
+    - image: toosmooth/so-core:test2
+    - hostname: so-core
+    - user: socore
+    - binds:
+      - /opt/so:/opt/so:rw
+      - /opt/so/conf/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
+      - /opt/so/log/nginx/:/var/log/nginx:rw
+      - /opt/so/tmp/nginx/:/var/lib/nginx:rw
+      - /opt/so/tmp/nginx/:/run:rw
+    - network_mode: so-elastic-net
+    - cap_add: NET_BIND_SERVICE
+    - port_bindings:
+      - 80:80
+      - 443:443
diff --git a/salt/kibana/nginx/nginx.conf.sensor b/salt/kibana/nginx/nginx.conf.sensor
new file mode 100644
index 000000000..39688f3df
--- /dev/null
+++ b/salt/kibana/nginx/nginx.conf.sensor
@@ -0,0 +1,89 @@
+# For more information on configuration, see:
+#   * Official English Documentation: http://nginx.org/en/docs/
+#   * Official Russian Documentation: http://nginx.org/ru/docs/
+
+user nginx;
+worker_processes auto;
+error_log /var/log/nginx/error.log;
+pid /run/nginx.pid;
+
+# Load dynamic modules. See /usr/share/nginx/README.dynamic.
+include /usr/share/nginx/modules/*.conf;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile            on;
+    tcp_nopush          on;
+    tcp_nodelay         on;
+    keepalive_timeout   65;
+    types_hash_max_size 2048;
+
+    include             /etc/nginx/mime.types;
+    default_type        application/octet-stream;
+
+    # Load modular configuration files from the /etc/nginx/conf.d directory.
+    # See http://nginx.org/en/docs/ngx_core_module.html#include
+    # for more information.
+    include /etc/nginx/conf.d/*.conf;
+
+    server {
+        listen       80 default_server;
+        listen       [::]:80 default_server;
+        server_name  _;
+        root         /usr/share/nginx/html;
+
+        # Load configuration files for the default server block.
+        include /etc/nginx/default.d/*.conf;
+
+        location / {
+        }
+
+        error_page 404 /404.html;
+            location = /40x.html {
+        }
+
+        error_page 500 502 503 504 /50x.html;
+            location = /50x.html {
+        }
+    }
+
+# Settings for a TLS enabled server.
+#
+#    server {
+#        listen       443 ssl http2 default_server;
+#        listen       [::]:443 ssl http2 default_server;
+#        server_name  _;
+#        root         /usr/share/nginx/html;
+#
+#        ssl_certificate "/etc/pki/nginx/server.crt";
+#        ssl_certificate_key "/etc/pki/nginx/private/server.key";
+#        ssl_session_cache shared:SSL:1m;
+#        ssl_session_timeout  10m;
+#        ssl_ciphers HIGH:!aNULL:!MD5;
+#        ssl_prefer_server_ciphers on;
+#
+#        # Load configuration files for the default server block.
+#        include /etc/nginx/default.d/*.conf;
+#
+#        location / {
+#        }
+#
+#        error_page 404 /404.html;
+#            location = /40x.html {
+#        }
+#
+#        error_page 500 502 503 504 /50x.html;
+#            location = /50x.html {
+#        }
+#    }
+
+}
diff --git a/salt/kibana/nginx/nginx.conf.so-master b/salt/kibana/nginx/nginx.conf.so-master
new file mode 100644
index 000000000..39688f3df
--- /dev/null
+++ b/salt/kibana/nginx/nginx.conf.so-master
@@ -0,0 +1,89 @@
+# For more information on configuration, see:
+#   * Official English Documentation: http://nginx.org/en/docs/
+#   * Official Russian Documentation: http://nginx.org/ru/docs/
+
+user nginx;
+worker_processes auto;
+error_log /var/log/nginx/error.log;
+pid /run/nginx.pid;
+
+# Load dynamic modules. See /usr/share/nginx/README.dynamic.
+include /usr/share/nginx/modules/*.conf;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile            on;
+    tcp_nopush          on;
+    tcp_nodelay         on;
+    keepalive_timeout   65;
+    types_hash_max_size 2048;
+
+    include             /etc/nginx/mime.types;
+    default_type        application/octet-stream;
+
+    # Load modular configuration files from the /etc/nginx/conf.d directory.
+    # See http://nginx.org/en/docs/ngx_core_module.html#include
+    # for more information.
+    include /etc/nginx/conf.d/*.conf;
+
+    server {
+        listen       80 default_server;
+        listen       [::]:80 default_server;
+        server_name  _;
+        root         /usr/share/nginx/html;
+
+        # Load configuration files for the default server block.
+        include /etc/nginx/default.d/*.conf;
+
+        location / {
+        }
+
+        error_page 404 /404.html;
+            location = /40x.html {
+        }
+
+        error_page 500 502 503 504 /50x.html;
+            location = /50x.html {
+        }
+    }
+
+# Settings for a TLS enabled server.
+#
+#    server {
+#        listen       443 ssl http2 default_server;
+#        listen       [::]:443 ssl http2 default_server;
+#        server_name  _;
+#        root         /usr/share/nginx/html;
+#
+#        ssl_certificate "/etc/pki/nginx/server.crt";
+#        ssl_certificate_key "/etc/pki/nginx/private/server.key";
+#        ssl_session_cache shared:SSL:1m;
+#        ssl_session_timeout  10m;
+#        ssl_ciphers HIGH:!aNULL:!MD5;
+#        ssl_prefer_server_ciphers on;
+#
+#        # Load configuration files for the default server block.
+#        include /etc/nginx/default.d/*.conf;
+#
+#        location / {
+#        }
+#
+#        error_page 404 /404.html;
+#            location = /40x.html {
+#        }
+#
+#        error_page 500 502 503 504 /50x.html;
+#            location = /50x.html {
+#        }
+#    }
+
+}