securityonion/salt/nginx/soc_nginx.yaml

nginx:
  enabled: 
    description: Enables or disables the Nginx web server and reverse proxy. WARNING - Disabling this process will prevent access to SOC and other important web interfaces and APIs. Re-enabling the process is a manual effort. Do not change this setting without instruction from Security Onion support.
    advanced: True
    helpLink: nginx.html
  external_suricata:
    description: Enable this to allow external access to Suricata Rulesets managed by Detections.
    advanced: True
    helplink: nginx.html
    forcedType: bool
  ssl:
    replace_cert:
      description: Enable this if you would like to replace the Security Onion Certificate with your own.
      global: True
      advanced: True
      forcedType: bool
      title: Replace Default Cert
      helpLink: nginx.html
    ssl__key:
      description: If you enabled the replace_cert option, paste the contents of your .key file here.
      file: True
      title: SSL/TLS Key File
      advanced: True
      global: True
      helpLink: nginx.html
    ssl__crt:
      description: If you enabled the replace_cert option, paste the contents of your .crt file here.
      file: True
      title: SSL/TLS Cert File
      advanced: True
      global: True
      helpLink: nginx.html
  config:
    throttle_login_burst:
      description: Number of login requests that can burst without triggering request throttling. Higher values allow more repeated login attempts. Values greater than zero are required in order to provide a usable login flow.
      global: True
      helpLink: nginx.html
    throttle_login_rate:
      description: Number of login API requests per minute that can be processed without triggering a rate limit. Higher values allow more repeated login attempts. Requests are counted by unique client IP and averaged over time. Note that a single login flow will perform multiple requests to the login API, so this value will need to be adjusted accordingly.
      global: True
      helpLink: nginx.html