mirror of https://github.com/MISP/misp-docker
Use distributed configs for defaults
parent
1ab5ba2f21
commit
4c7efe4977
|
@ -1,170 +0,0 @@
|
|||
<?php
|
||||
/**
|
||||
* This file is loaded automatically by the app/webroot/index.php file after core.php
|
||||
*
|
||||
* This file should load/create any application wide configuration settings, such as
|
||||
* Caching, Logging, loading additional configuration files.
|
||||
*
|
||||
* You should also use this file to include any files that provide global functions/constants
|
||||
* that your application uses.
|
||||
*/
|
||||
|
||||
/**
|
||||
* Cache Engine Configuration
|
||||
* Default settings provided below
|
||||
*
|
||||
* File storage engine.
|
||||
*
|
||||
* Cache::config('default', array(
|
||||
* 'engine' => 'File', //[required]
|
||||
* 'duration'=> 3600, //[optional]
|
||||
* 'probability'=> 100, //[optional]
|
||||
* 'path' => CACHE, //[optional] use system tmp directory - remember to use absolute path
|
||||
* 'prefix' => 'cake_', //[optional] prefix every cache file with this string
|
||||
* 'lock' => false, //[optional] use file locking
|
||||
* 'serialize' => true, // [optional]
|
||||
* 'mask' => 0666, // [optional] permission mask to use when creating cache files
|
||||
* ));
|
||||
*
|
||||
* APC (http://pecl.php.net/package/APC)
|
||||
*
|
||||
* Cache::config('default', array(
|
||||
* 'engine' => 'Apc', //[required]
|
||||
* 'duration'=> 3600, //[optional]
|
||||
* 'probability'=> 100, //[optional]
|
||||
* 'prefix' => Inflector::slug(APP_DIR) . '_', //[optional] prefix every cache file with this string
|
||||
* ));
|
||||
*
|
||||
* Xcache (http://xcache.lighttpd.net/)
|
||||
*
|
||||
* Cache::config('default', array(
|
||||
* 'engine' => 'Xcache', //[required]
|
||||
* 'duration'=> 3600, //[optional]
|
||||
* 'probability'=> 100, //[optional]
|
||||
* 'prefix' => Inflector::slug(APP_DIR) . '_', //[optional] prefix every cache file with this string
|
||||
* 'user' => 'user', //user from xcache.admin.user settings
|
||||
* 'password' => 'password', //plaintext password (xcache.admin.pass)
|
||||
* ));
|
||||
*
|
||||
* Memcache (http://memcached.org/)
|
||||
*
|
||||
* Cache::config('default', array(
|
||||
* 'engine' => 'Memcache', //[required]
|
||||
* 'duration'=> 3600, //[optional]
|
||||
* 'probability'=> 100, //[optional]
|
||||
* 'prefix' => Inflector::slug(APP_DIR) . '_', //[optional] prefix every cache file with this string
|
||||
* 'servers' => array(
|
||||
* '127.0.0.1:11211' // localhost, default port 11211
|
||||
* ), //[optional]
|
||||
* 'persistent' => true, // [optional] set this to false for non-persistent connections
|
||||
* 'compress' => false, // [optional] compress data in Memcache (slower, but uses less memory)
|
||||
* ));
|
||||
*
|
||||
* Wincache (http://php.net/wincache)
|
||||
*
|
||||
* Cache::config('default', array(
|
||||
* 'engine' => 'Wincache', //[required]
|
||||
* 'duration'=> 3600, //[optional]
|
||||
* 'probability'=> 100, //[optional]
|
||||
* 'prefix' => Inflector::slug(APP_DIR) . '_', //[optional] prefix every cache file with this string
|
||||
* ));
|
||||
*
|
||||
* Redis (http://http://redis.io/)
|
||||
*
|
||||
* Cache::config('default', array(
|
||||
* 'engine' => 'Redis', //[required]
|
||||
* 'duration'=> 3600, //[optional]
|
||||
* 'probability'=> 100, //[optional]
|
||||
* 'prefix' => Inflector::slug(APP_DIR) . '_', //[optional] prefix every cache file with this string
|
||||
* 'server' => '127.0.0.1' // localhost
|
||||
* 'port' => 6379 // default port 6379
|
||||
* 'timeout' => 0 // timeout in seconds, 0 = unlimited
|
||||
* 'persistent' => true, // [optional] set this to false for non-persistent connections
|
||||
* ));
|
||||
*/
|
||||
Cache::config('default', array('engine' => 'File'));
|
||||
Configure::load('config');
|
||||
|
||||
$appendPort = true;
|
||||
$relativePaths = false;
|
||||
|
||||
if (!$relativePaths) {
|
||||
if (isset($_SERVER['SERVER_NAME'])) $serverName = $_SERVER['SERVER_NAME'];
|
||||
else if (isset($_SERVER['HTTP_HOST'])) $serverName = $_SERVER['HTTP_HOST'];
|
||||
else if (isset($_SERVER['SERVER_ADDR'])) $serverName = $_SERVER['SERVER_ADDR'];
|
||||
|
||||
if (!Configure::read('MISP.baseurl') && isset($serverName)) {
|
||||
if (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || (isset($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == 443)) {
|
||||
$protocol = 'https';
|
||||
} else {
|
||||
$protocol = 'http';
|
||||
}
|
||||
if (!isset($_SERVER['SERVER_PORT']) || in_array($_SERVER['SERVER_PORT'], array('443', '80')) || !$appendPort) {
|
||||
Configure::write('MISP.baseurl', sprintf($protocol . '://%s', $serverName));
|
||||
} else {
|
||||
Configure::write('MISP.baseurl', sprintf($protocol . '://%s:%d', $serverName, $_SERVER['SERVER_PORT']));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Plugins need to be loaded manually, you can either load them one by one or all of them in a single call
|
||||
* Uncomment one of the lines below, as you need. make sure you read the documentation on CakePlugin to use more
|
||||
* advanced ways of loading plugins
|
||||
*
|
||||
* CakePlugin::loadAll(); // Loads all plugins at once
|
||||
* CakePlugin::load('DebugKit'); //Loads a single plugin named DebugKit
|
||||
*
|
||||
*/
|
||||
|
||||
CakePlugin::load('SysLog');
|
||||
CakePlugin::load('Assets'); // having Logable
|
||||
CakePlugin::load('SysLogLogable');
|
||||
CakePlugin::load('UrlCache');
|
||||
|
||||
/**
|
||||
* Uncomment the following line to enable client SSL certificate authentication.
|
||||
* It's also necessary to configure the plugin — for more information, please read app/Plugin/CertAuth/reame.md
|
||||
*/
|
||||
// CakePlugin::load('CertAuth');
|
||||
// CakePlugin::load('ShibbAuth');
|
||||
/**
|
||||
* You can attach event listeners to the request lifecyle as Dispatcher Filter . By Default CakePHP bundles two filters:
|
||||
*
|
||||
* - AssetDispatcher filter will serve your asset files (css, images, js, etc) from your themes and plugins
|
||||
* - CacheDispatcher filter will read the Cache.check configure variable and try to serve cached content generated from controllers
|
||||
*
|
||||
* Feel free to remove or add filters as you see fit for your application. A few examples:
|
||||
*
|
||||
* Configure::write('Dispatcher.filters', array(
|
||||
* 'MyCacheFilter', // will use MyCacheFilter class from the Routing/Filter package in your app.
|
||||
* 'MyPlugin.MyFilter', // will use MyFilter class from the Routing/Filter package in MyPlugin plugin.
|
||||
* array('callable' => $aFunction, 'on' => 'before', 'priority' => 9), // A valid PHP callback type to be called on beforeDispatch
|
||||
* array('callable' => $anotherMethod, 'on' => 'after'), // A valid PHP callback type to be called on afterDispatch
|
||||
*
|
||||
* ));
|
||||
*/
|
||||
Configure::write('Dispatcher.filters', array(
|
||||
'AssetDispatcher',
|
||||
'CacheDispatcher'
|
||||
));
|
||||
|
||||
/**
|
||||
* Configures default file logging options
|
||||
*/
|
||||
App::uses('CakeLog', 'Log');
|
||||
CakeLog::config('debug', array(
|
||||
'engine' => 'FileLog',
|
||||
'types' => array('notice', 'info', 'debug'),
|
||||
'file' => 'debug',
|
||||
));
|
||||
CakeLog::config('error', array(
|
||||
'engine' => 'FileLog',
|
||||
'types' => array('warning', 'error', 'critical', 'alert', 'emergency'),
|
||||
'file' => 'error',
|
||||
));
|
||||
|
||||
// comment the following out if you do not with to use the background processing (not recommended)
|
||||
CakePlugin::loadAll(array(
|
||||
'CakeResque' => array('bootstrap' => true)
|
||||
));
|
|
@ -1,176 +0,0 @@
|
|||
<?php
|
||||
$config = array(
|
||||
'debug' => 0,
|
||||
'Security' =>
|
||||
array(
|
||||
'level' => 'medium',
|
||||
'salt' => '',
|
||||
'cipherSeed' => '',
|
||||
//'auth'=>array('CertAuth.Certificate'), // additional authentication methods
|
||||
//'auth'=>array('ShibbAuth.ApacheShibb'),
|
||||
),
|
||||
'MISP' =>
|
||||
array(
|
||||
'baseurl' => '',
|
||||
'footermidleft' => '',
|
||||
'footermidright' => '',
|
||||
'org' => 'ORGNAME',
|
||||
'showorg' => true,
|
||||
'threatlevel_in_email_subject' => true,
|
||||
'email_subject_TLP_string' => 'tlp:amber',
|
||||
'email_subject_tag' => 'tlp',
|
||||
'email_subject_include_tag_name' => true,
|
||||
'background_jobs' => true,
|
||||
'cached_attachments' => true,
|
||||
'email' => 'email@address.com',
|
||||
'contact' => 'email@address.com',
|
||||
'cveurl' => 'https://cve.circl.lu/cve/',
|
||||
'cweurl' => 'https://cve.circl.lu/cwe/',
|
||||
'disablerestalert' => false,
|
||||
'default_event_distribution' => '1',
|
||||
'default_attribute_distribution' => 'event',
|
||||
'tagging' => true,
|
||||
'full_tags_on_event_index' => true,
|
||||
'attribute_tagging' => true,
|
||||
'full_tags_on_attribute_index' => true,
|
||||
'footer_logo' => '',
|
||||
'take_ownership_xml_import' => false,
|
||||
'unpublishedprivate' => false,
|
||||
'disable_emailing' => false,
|
||||
'manage_workers' => true,
|
||||
'Attributes_Values_Filter_In_Event' => 'id, uuid, value, comment, type, category, Tag.name',
|
||||
),
|
||||
'GnuPG' =>
|
||||
array(
|
||||
'onlyencrypted' => false,
|
||||
'email' => '',
|
||||
'homedir' => '',
|
||||
'password' => '',
|
||||
'bodyonlyencrypted' => false,
|
||||
'sign' => true,
|
||||
),
|
||||
'SMIME' =>
|
||||
array(
|
||||
'enabled' => false,
|
||||
'email' => '',
|
||||
'cert_public_sign' => '',
|
||||
'key_sign' => '',
|
||||
'password' => '',
|
||||
),
|
||||
'Proxy' =>
|
||||
array(
|
||||
'host' => '',
|
||||
'port' => '',
|
||||
'method' => '',
|
||||
'user' => '',
|
||||
'password' => '',
|
||||
),
|
||||
'SecureAuth' =>
|
||||
array(
|
||||
'amount' => 5,
|
||||
'expire' => 300,
|
||||
),
|
||||
// Uncomment the following to enable client SSL certificate authentication
|
||||
/*
|
||||
'CertAuth' =>
|
||||
array(
|
||||
|
||||
// CA
|
||||
'ca' => array('FIRST.Org'), // List of CAs authorized
|
||||
'caId' => 'O', // Certificate field used to verify the CA. In this example, the field O (organization) of the client certificate has to equal to 'FIRST.Org' in order to validate the CA
|
||||
|
||||
// User/client configuration
|
||||
'userModel' => 'User', // name of the User class (MISP class) to check if the user exists
|
||||
'userModelKey' => 'email', // User field that will be used for querying. In this example, the field email of the MISP accounts will be used to search if the user exists.
|
||||
'map' => array( // maps client certificate attributes to User properties. This map will be used as conditions to find if the user exists. In this example, the client certificate fields 'O' (organization) and 'emailAddress' have to match with the MISP fields 'org' and 'email' to validate the user.
|
||||
'O' => 'org',
|
||||
'emailAddress' => 'email',
|
||||
),
|
||||
|
||||
// Synchronization/RestAPI
|
||||
'syncUser' => true, // should the User be synchronized with an external REST API
|
||||
'userDefaults' => array( // default user attributes, only used when creating new users. By default, new users are "Read only" users (role_id: 6).
|
||||
'role_id' => 6,
|
||||
),
|
||||
'restApi' => array( // API parameters
|
||||
'url' => 'https://example.com/data/users', // URL to query
|
||||
'headers' => array(), // additional headers, used for authentication
|
||||
'param' => array('email' => 'email'), // query parameters to add to the URL, mapped to User properties
|
||||
'map' => array( // maps REST result to the User properties
|
||||
'uid' => 'nids_sid',
|
||||
'team' => 'org',
|
||||
'email' => 'email',
|
||||
'pgp_public' => 'gpgkey',
|
||||
),
|
||||
),
|
||||
'userDefaults' => array('role_id' => 6), // default attributes for new users. By default, new users are "Read only" users (role_id: 6).
|
||||
),
|
||||
*/
|
||||
/*
|
||||
'ApacheShibbAuth' => // Configuration for shibboleth authentication
|
||||
array(
|
||||
'apacheEnv' => 'REMOTE_USER', // If proxy variable = HTTP_REMOTE_USER
|
||||
'ssoAuth' => 'AUTH_TYPE',
|
||||
'MailTag' => 'EMAIL_TAG',
|
||||
'OrgTag' => 'FEDERATION_TAG',
|
||||
'GroupTag' => 'GROUP_TAG',
|
||||
'GroupSeparator' => ';',
|
||||
'GroupRoleMatching' => array( // 3:User, 1:admin. May be good to set "1" for the first user
|
||||
'group_three' => 3,
|
||||
'group_two' => 2,
|
||||
'group_one' => 1,
|
||||
),
|
||||
'DefaultRoleId' => 3,
|
||||
'DefaultOrg' => 'DEFAULT_ORG',
|
||||
),
|
||||
*/
|
||||
/*
|
||||
'LinOTPAuth' => // Configuration for the LinOTP authentication
|
||||
array(
|
||||
'baseUrl' => 'https://linotp', // The base URL of LinOTP
|
||||
'realm' => 'lino', // the (default) realm of all the users logging in through this system
|
||||
'userModel' => 'User', // name of the User class (MISP class) to check if the user exists
|
||||
'userModelKey' => 'email', // User field that will be used for querying.
|
||||
),
|
||||
*/
|
||||
// Warning: The following is a 3rd party contribution and still untested (including security) by the MISP-project team.
|
||||
// Feel free to enable it and report back to us if you run into any issues.
|
||||
//
|
||||
// Uncomment the following to enable Kerberos authentication
|
||||
// needs PHP LDAP support enabled (e.g. compile flag --with-ldap or Debian package php5-ldap)
|
||||
/*
|
||||
'ApacheSecureAuth' => // Configuration for kerberos authentication
|
||||
array(
|
||||
'apacheEnv' => 'REMOTE_USER', // If proxy variable = HTTP_REMOTE_USER, If BasicAuth ldap = PHP_AUTH_USER
|
||||
'ldapServer' => 'ldap://example.com', // FQDN or IP
|
||||
'ldapProtocol' => 3,
|
||||
'ldapNetworkTimeout' => -1, // use -1 for unlimited network timeout
|
||||
'ldapReaderUser' => 'cn=userWithReadAccess,ou=users,dc=example,dc=com', // DN ou RDN LDAP with reader user right
|
||||
'ldapReaderPassword' => 'UserPassword', // the LDAP reader user password
|
||||
'ldapDN' => 'dc=example,dc=com',
|
||||
'ldapSearchFilter' => '', // Search filter to limit results from ldapsearh fx to specific group. FX
|
||||
//'ldapSearchFilter' => '(objectclass=InetOrgPerson)(!(nsaccountlock=True))(memberOf=cn=misp,cn=groups,cn=accounts,dc=example,dc=com)',
|
||||
'ldapSearchAttribut' => 'uid', // filter for search
|
||||
'ldapFilter' => array(
|
||||
'mail',
|
||||
// 'memberOf', //Needed filter if roles should be added depending on group membership.
|
||||
),
|
||||
'ldapDefaultRoleId' => 3, // 3:User, 1:admin. May be good to set "1" for the first user
|
||||
//ldapDefaultRoleId can also be set as an array to support creating users into different group, depending on ldap membership.
|
||||
//This will only work if the ldap server supports memberOf
|
||||
//'ldapDefaultRoleId' => array(
|
||||
// 'misp_admin' => 1,
|
||||
// 'misp_orgadmin' => 2,
|
||||
// 'misp_user' => 3,
|
||||
// 'misp_publisher' => 4,
|
||||
// 'misp_syncuser' => 5,
|
||||
// 'misp_readonly' => 6,
|
||||
// ),
|
||||
//
|
||||
'ldapDefaultOrg' => '1', // uses 1st local org in MISP if undefined,
|
||||
'ldapAllowReferrals' => true, // allow or disallow chasing LDAP referrals
|
||||
//'ldapEmailField' => array('emailAddress, 'mail'), // Optional : fields from which the email address should be retrieved. Default to 'mail' only. If more than one field is set (e.g. 'emailAddress' and 'mail' in this example), only the first one will be used.
|
||||
//'updateUser' => true, // Optional : Will update user on LDAP login to update user fields (e.g. role)
|
||||
),
|
||||
*/
|
||||
);
|
|
@ -1,290 +0,0 @@
|
|||
<?php
|
||||
/**
|
||||
* This is core configuration file.
|
||||
*
|
||||
* Use it to configure core behavior of Cake.
|
||||
*
|
||||
* PHP 5
|
||||
*
|
||||
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||
* Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||
*
|
||||
* Licensed under The MIT License
|
||||
* Redistributions of files must retain the above copyright notice.
|
||||
*
|
||||
* @copyright Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||
* @link http://cakephp.org CakePHP(tm) Project
|
||||
* @package app.Config
|
||||
* @since CakePHP(tm) v 0.2.9
|
||||
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||
*/
|
||||
|
||||
/**
|
||||
* CakePHP Debug Level:
|
||||
*
|
||||
* Production Mode:
|
||||
* 0: No error messages, errors, or warnings shown. Flash messages redirect.
|
||||
*
|
||||
* Development Mode:
|
||||
* 1: Errors and warnings shown, model caches refreshed, flash messages halted.
|
||||
* 2: As in 1, but also with full debug messages and SQL output.
|
||||
*
|
||||
* In production mode, flash messages redirect after a time interval.
|
||||
* In development mode, you need to click the flash message to continue.
|
||||
*/
|
||||
Configure::write('debug', 0); // 0 = for production, 2 = full debug mode
|
||||
|
||||
/**
|
||||
* Configure the Error handler used to handle errors for your application. By default
|
||||
* ErrorHandler::handleError() is used. It will display errors using Debugger, when debug > 0
|
||||
* and log errors with CakeLog when debug = 0.
|
||||
*
|
||||
* Options:
|
||||
*
|
||||
* - `handler` - callback - The callback to handle errors. You can set this to any callable type,
|
||||
* including anonymous functions.
|
||||
* - `level` - int - The level of errors you are interested in capturing.
|
||||
* - `trace` - boolean - Include stack traces for errors in log files.
|
||||
*
|
||||
* @see ErrorHandler for more information on error handling and configuration.
|
||||
*/
|
||||
Configure::write('Error', array(
|
||||
'handler' => 'ErrorHandler::handleError',
|
||||
'level' => E_ALL & ~E_DEPRECATED,
|
||||
'trace' => true
|
||||
));
|
||||
|
||||
/**
|
||||
* Configure the Exception handler used for uncaught exceptions. By default,
|
||||
* ErrorHandler::handleException() is used. It will display a HTML page for the exception, and
|
||||
* while debug > 0, framework errors like Missing Controller will be displayed. When debug = 0,
|
||||
* framework errors will be coerced into generic HTTP errors.
|
||||
*
|
||||
* Options:
|
||||
*
|
||||
* - `handler` - callback - The callback to handle exceptions. You can set this to any callback type,
|
||||
* including anonymous functions.
|
||||
* - `renderer` - string - The class responsible for rendering uncaught exceptions. If you choose a custom class you
|
||||
* should place the file for that class in app/Lib/Error. This class needs to implement a render method.
|
||||
* - `log` - boolean - Should Exceptions be logged?
|
||||
*
|
||||
* @see ErrorHandler for more information on exception handling and configuration.
|
||||
*/
|
||||
Configure::write('Exception', array(
|
||||
'handler' => 'ErrorHandler::handleException',
|
||||
'renderer' => 'ExceptionRenderer',
|
||||
'log' => true,
|
||||
'skipLog' => array(
|
||||
'NotFoundException',
|
||||
'ForbiddenException',
|
||||
)
|
||||
));
|
||||
|
||||
/**
|
||||
* Application wide charset encoding
|
||||
*/
|
||||
Configure::write('App.encoding', 'UTF-8');
|
||||
|
||||
/**
|
||||
* To configure CakePHP *not* to use mod_rewrite and to
|
||||
* use CakePHP pretty URLs, remove these .htaccess
|
||||
* files:
|
||||
*
|
||||
* /.htaccess
|
||||
* /app/.htaccess
|
||||
* /app/webroot/.htaccess
|
||||
*
|
||||
* And uncomment the App.baseUrl below:
|
||||
*/
|
||||
//Configure::write('App.baseUrl', env('SCRIPT_NAME'));
|
||||
|
||||
/**
|
||||
* Uncomment the define below to use CakePHP prefix routes.
|
||||
*
|
||||
* The value of the define determines the names of the routes
|
||||
* and their associated controller actions:
|
||||
*
|
||||
* Set to an array of prefixes you want to use in your application. Use for
|
||||
* admin or other prefixed routes.
|
||||
*
|
||||
* Routing.prefixes = array('admin', 'manager');
|
||||
*
|
||||
* Enables:
|
||||
* `admin_index()` and `/admin/controller/index`
|
||||
* `manager_index()` and `/manager/controller/index`
|
||||
*
|
||||
*/
|
||||
Configure::write('Routing.prefixes', array('admin'));
|
||||
|
||||
/**
|
||||
* Turn off all caching application-wide.
|
||||
*
|
||||
*/
|
||||
Configure::write('Cache.disable', false);
|
||||
|
||||
/**
|
||||
* Enable cache checking.
|
||||
*
|
||||
* If set to true, for view caching you must still use the controller
|
||||
* public $cacheAction inside your controllers to define caching settings.
|
||||
* You can either set it controller-wide by setting public $cacheAction = true,
|
||||
* or in each action using $this->cacheAction = true.
|
||||
*
|
||||
*/
|
||||
//Configure::write('Cache.check', true);
|
||||
|
||||
/**
|
||||
* Defines the default error type when using the log() function. Used for
|
||||
* differentiating error logging and debugging. Currently PHP supports LOG_DEBUG.
|
||||
*/
|
||||
define('LOG_ERROR', LOG_ERR);
|
||||
|
||||
/**
|
||||
* Session configuration.
|
||||
*
|
||||
* Contains an array of settings to use for session configuration. The defaults key is
|
||||
* used to define a default preset to use for sessions, any settings declared here will override
|
||||
* the settings of the default config.
|
||||
*
|
||||
* ## Options
|
||||
*
|
||||
* - `Session.cookie` - The name of the cookie to use. Defaults to 'CAKEPHP'
|
||||
* - `Session.timeout` - The number of minutes you want sessions to live for. This timeout is handled by CakePHP
|
||||
* - `Session.cookieTimeout` - The number of minutes you want session cookies to live for.
|
||||
* - `Session.checkAgent` - Do you want the user agent to be checked when starting sessions? You might want to set the
|
||||
* value to false, when dealing with older versions of IE, Chrome Frame or certain web-browsing devices and AJAX
|
||||
* - `Session.defaults` - The default configuration set to use as a basis for your session.
|
||||
* There are four builtins: php, cake, cache, database.
|
||||
* - `Session.handler` - Can be used to enable a custom session handler. Expects an array of callables,
|
||||
* that can be used with `session_save_handler`. Using this option will automatically add `session.save_handler`
|
||||
* to the ini array.
|
||||
* - `Session.autoRegenerate` - Enabling this setting, turns on automatic renewal of sessions, and
|
||||
* sessionids that change frequently. See CakeSession::$requestCountdown.
|
||||
* - `Session.ini` - An associative array of additional ini values to set.
|
||||
*
|
||||
* The built in defaults are:
|
||||
*
|
||||
* - 'php' - Uses settings defined in your php.ini.
|
||||
* - 'cake' - Saves session files in CakePHP's /tmp directory.
|
||||
* - 'database' - Uses CakePHP's database sessions.
|
||||
* - 'cache' - Use the Cache class to save sessions.
|
||||
*
|
||||
* To define a custom session handler, save it at /app/Model/Datasource/Session/<name>.php.
|
||||
* Make sure the class implements `CakeSessionHandlerInterface` and set Session.handler to <name>
|
||||
*
|
||||
* To use database sessions, run the app/Config/Schema/sessions.php schema using
|
||||
* the cake shell command: cake schema create Sessions
|
||||
*
|
||||
*/
|
||||
Configure::write('Session', array(
|
||||
'timeout' => 60, // Session timeout, default is 1 hour
|
||||
'cookie_timeout' => 10080 , // Cookie timeout, default is 1 week
|
||||
'defaults' => 'php',
|
||||
'autoRegenerate' => false,
|
||||
'checkAgent' => false
|
||||
));
|
||||
|
||||
/**
|
||||
* The level of CakePHP security.
|
||||
*/
|
||||
Configure::write('Security.level', 'medium');
|
||||
|
||||
/**
|
||||
* A random string used in security hashing methods.
|
||||
*/
|
||||
Configure::write('Security.salt', 'Rooraenietu8Eeyo<Qu2eeNfterd-dd+');
|
||||
|
||||
/**
|
||||
* A random numeric string (digits only) used to encrypt/decrypt strings.
|
||||
*/
|
||||
Configure::write('Security.cipherSeed', '395786739573056621429506834955');
|
||||
|
||||
/**
|
||||
* Apply timestamps with the last modified time to static assets (js, css, images).
|
||||
* Will append a querystring parameter containing the time the file was modified. This is
|
||||
* useful for invalidating browser caches.
|
||||
*
|
||||
* Set to `true` to apply timestamps when debug > 0. Set to 'force' to always enable
|
||||
* timestamping regardless of debug value.
|
||||
*/
|
||||
//Configure::write('Asset.timestamp', true);
|
||||
|
||||
/**
|
||||
* Compress CSS output by removing comments, whitespace, repeating tags, etc.
|
||||
* This requires a/var/cache directory to be writable by the web server for caching.
|
||||
* and /vendors/csspp/csspp.php
|
||||
*
|
||||
* To use, prefix the CSS link URL with '/ccss/' instead of '/css/' or use HtmlHelper::css().
|
||||
*/
|
||||
//Configure::write('Asset.filter.css', 'css.php');
|
||||
|
||||
/**
|
||||
* Plug in your own custom JavaScript compressor by dropping a script in your webroot to handle the
|
||||
* output, and setting the config below to the name of the script.
|
||||
*
|
||||
* To use, prefix your JavaScript link URLs with '/cjs/' instead of '/js/' or use JavaScriptHelper::link().
|
||||
*/
|
||||
//Configure::write('Asset.filter.js', 'custom_javascript_output_filter.php');
|
||||
|
||||
/**
|
||||
* The classname and database used in CakePHP's
|
||||
* access control lists.
|
||||
*/
|
||||
Configure::write('Acl.classname', 'DbAcl');
|
||||
Configure::write('Acl.database', 'default');
|
||||
|
||||
/**
|
||||
* Uncomment this line and correct your server timezone to fix
|
||||
* any date & time related errors.
|
||||
*/
|
||||
//date_default_timezone_set('UTC');
|
||||
|
||||
/**
|
||||
* Pick the caching engine to use. If APC is enabled use it.
|
||||
* If running via cli - apc is disabled by default. ensure it's available and enabled in this case
|
||||
*
|
||||
* Note: 'default' and other application caches should be configured in app/Config/bootstrap.php.
|
||||
* Please check the comments in boostrap.php for more info on the cache engines available
|
||||
* and their setttings.
|
||||
*/
|
||||
$engine = 'File';
|
||||
if (extension_loaded('apc') && function_exists('apc_dec') && (php_sapi_name() !== 'cli' || ini_get('apc.enable_cli'))) {
|
||||
$engine = 'Apc';
|
||||
}
|
||||
|
||||
// In development mode, caches should expire quickly.
|
||||
$duration = '+999 days';
|
||||
if (Configure::read('debug') >= 1) {
|
||||
$duration = '+10 seconds';
|
||||
}
|
||||
|
||||
// Prefix each application on the same server with a different string, to avoid Memcache and APC conflicts.
|
||||
$prefix = 'myapp_';
|
||||
|
||||
/**
|
||||
* Configure the cache used for general framework caching. Path information,
|
||||
* object listings, and translation cache files are stored with this configuration.
|
||||
*/
|
||||
Cache::config('_cake_core_', array(
|
||||
'engine' => $engine,
|
||||
'prefix' => $prefix . 'cake_core_',
|
||||
'path' => CACHE . 'persistent' . DS,
|
||||
'serialize' => ($engine === 'File'),
|
||||
'duration' => $duration
|
||||
));
|
||||
|
||||
/**
|
||||
* Configure the cache for model and datasource caches. This cache configuration
|
||||
* is used to store schema descriptions, and table listings in connections.
|
||||
*/
|
||||
Cache::config('_cake_model_', array(
|
||||
'engine' => $engine,
|
||||
'prefix' => $prefix . 'cake_model_',
|
||||
'path' => CACHE . 'models' . DS,
|
||||
'serialize' => ($engine === 'File'),
|
||||
'duration' => $duration
|
||||
));
|
||||
|
||||
|
||||
//Comment the following out if you do not with to use the background workers (not recommended)
|
||||
require_once dirname(__DIR__) . '/Vendor/autoload.php';
|
|
@ -1,75 +0,0 @@
|
|||
<?php
|
||||
/**
|
||||
* This is core configuration file.
|
||||
*
|
||||
* Use it to configure core behaviour of Cake.
|
||||
*
|
||||
* PHP 5
|
||||
*
|
||||
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||
* Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||
*
|
||||
* Licensed under The MIT License
|
||||
* Redistributions of files must retain the above copyright notice.
|
||||
*
|
||||
* @copyright Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||
* @link http://cakephp.org CakePHP(tm) Project
|
||||
* @package app.Config
|
||||
* @since CakePHP(tm) v 0.2.9
|
||||
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||
*/
|
||||
/**
|
||||
* In this file you set up your database connection details.
|
||||
*
|
||||
* @package cake.config
|
||||
*/
|
||||
/**
|
||||
* Database configuration class.
|
||||
* You can specify multiple configurations for production, development and testing.
|
||||
*
|
||||
* datasource => The name of a supported datasource; valid options are as follows:
|
||||
* Database/Mysql - MySQL 4 & 5,
|
||||
* Database/Sqlite - SQLite (PHP5 only),
|
||||
* Database/Postgres - PostgreSQL 7 and higher,
|
||||
* Database/Sqlserver - Microsoft SQL Server 2005 and higher
|
||||
*
|
||||
* You can add custom database datasources (or override existing datasources) by adding the
|
||||
* appropriate file to app/Model/Datasource/Database. Datasources should be named 'MyDatasource.php',
|
||||
*
|
||||
*
|
||||
* persistent => true / false
|
||||
* Determines whether or not the database should use a persistent connection
|
||||
*
|
||||
* host =>
|
||||
* the host you connect to the database. To add a socket or port number, use 'port' => #
|
||||
*
|
||||
* prefix =>
|
||||
* Uses the given prefix for all the tables in this database. This setting can be overridden
|
||||
* on a per-table basis with the Model::$tablePrefix property.
|
||||
*
|
||||
* schema =>
|
||||
* For Postgres specifies which schema you would like to use the tables in. Postgres defaults to 'public'.
|
||||
*
|
||||
* encoding =>
|
||||
* For MySQL, Postgres specifies the character encoding to use when connecting to the
|
||||
* database. Uses database default not specified.
|
||||
*
|
||||
* unix_socket =>
|
||||
* For MySQL to connect via socket specify the `unix_socket` parameter instead of `host` and `port`
|
||||
*/
|
||||
class DATABASE_CONFIG {
|
||||
|
||||
public $default = array(
|
||||
'datasource' => 'Database/Mysql',
|
||||
//'datasource' => 'Database/Postgres',
|
||||
'persistent' => false,
|
||||
'host' => 'localhost',
|
||||
'login' => 'db login',
|
||||
'port' => 3306, // MySQL & MariaDB
|
||||
//'port' => 5432, // PostgreSQL
|
||||
'password' => 'db password',
|
||||
'database' => 'misp',
|
||||
'prefix' => '',
|
||||
'encoding' => 'utf8',
|
||||
);
|
||||
}
|
|
@ -1,55 +0,0 @@
|
|||
<?php
|
||||
/**
|
||||
* Routes configuration
|
||||
*
|
||||
* In this file, you set up routes to your controllers and their actions.
|
||||
* Routes are very important mechanism that allows you to freely connect
|
||||
* different urls to chosen controllers and their actions (functions).
|
||||
*
|
||||
* PHP 5
|
||||
*
|
||||
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||
* Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||
*
|
||||
* Licensed under The MIT License
|
||||
* Redistributions of files must retain the above copyright notice.
|
||||
*
|
||||
* @copyright Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||
* @link http://cakephp.org CakePHP(tm) Project
|
||||
* @package app.Config
|
||||
* @since CakePHP(tm) v 0.2.9
|
||||
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||
*/
|
||||
/**
|
||||
* Here, we are connecting '/' (base path) to controller called 'Pages',
|
||||
* its action called 'display', and we pass a param to select the view file
|
||||
* to use (in this case, /app/View/Pages/home.ctp)...
|
||||
*/
|
||||
Router::connect('/', array('controller' => 'events', 'action' => 'index'));
|
||||
|
||||
// admin Paginator
|
||||
Router::connect('/whitelists/admin_index/*', array('controller' => 'whitelists', 'action' => 'index', 'admin' => true));
|
||||
Router::connect('/users/admin_index/*', array('controller' => 'users', 'action' => 'index', 'admin' => true));
|
||||
Router::connect('/roles/admin_index/*', array('controller' => 'roles', 'action' => 'index', 'admin' => true));
|
||||
Router::connect('/logs/admin_search/*', array('controller' => 'logs', 'action' => 'search', 'admin' => true));
|
||||
Router::connect('/logs/admin_index/*', array('controller' => 'logs', 'action' => 'index', 'admin' => true));
|
||||
Router::connect('/regexp/admin_index/*', array('controller' => 'regexp', 'action' => 'index', 'admin' => true));
|
||||
|
||||
// Activate REST
|
||||
Router::mapResources(array('events', 'attributes'));
|
||||
Router::parseExtensions('xml', 'json', 'csv');
|
||||
|
||||
Router::connectNamed(
|
||||
array('attributesPage' => array('controller' => 'events', 'action' => 'view'))
|
||||
);
|
||||
/**
|
||||
* Load all plugin routes. See the CakePlugin documentation on
|
||||
* how to customize the loading of plugin routes.
|
||||
*/
|
||||
CakePlugin::routes();
|
||||
|
||||
/**
|
||||
* Load the CakePHP default routes. Only remove this if you do not want to use
|
||||
* the built-in default routes.
|
||||
*/
|
||||
require CAKE . 'Config' . DS . 'routes.php';
|
|
@ -127,6 +127,9 @@ ARG PHP_VER
|
|||
# Make a copy of the file store, so we can sync from it
|
||||
RUN cp -R /var/www/MISP/app/files /var/www/MISP/app/files.dist
|
||||
|
||||
# Make a copy of the configurations, so we can sync from it
|
||||
RUN cp -R /var/www/MISP/app/Config /var/www/MISP/app/Config.dist
|
||||
|
||||
# Entrypoints
|
||||
COPY files/etc/supervisor/supervisor.conf /etc/supervisor/conf.d/supervisord.conf
|
||||
COPY files/entrypoint_fpm.sh /
|
||||
|
|
|
@ -17,10 +17,12 @@ setup_cake_config(){
|
|||
}
|
||||
|
||||
init_misp_config(){
|
||||
[ -f $MISP_APP_CONFIG_PATH/bootstrap.php ] || cp $MISP_APP_CONFIG_PATH/bootstrap.default.php $MISP_APP_CONFIG_PATH/bootstrap.php
|
||||
[ -f $MISP_APP_CONFIG_PATH/database.php ] || cp $MISP_APP_CONFIG_PATH/database.default.php $MISP_APP_CONFIG_PATH/database.php
|
||||
[ -f $MISP_APP_CONFIG_PATH/core.php ] || cp $MISP_APP_CONFIG_PATH/core.default.php $MISP_APP_CONFIG_PATH/core.php
|
||||
[ -f $MISP_APP_CONFIG_PATH/config.php ] || cp $MISP_APP_CONFIG_PATH/config.default.php $MISP_APP_CONFIG_PATH/config.php
|
||||
[ -f $MISP_APP_CONFIG_PATH/bootstrap.php ] || cp $MISP_APP_CONFIG_PATH.dist/bootstrap.default.php $MISP_APP_CONFIG_PATH/bootstrap.php
|
||||
[ -f $MISP_APP_CONFIG_PATH/database.php ] || cp $MISP_APP_CONFIG_PATH.dist/database.default.php $MISP_APP_CONFIG_PATH/database.php
|
||||
[ -f $MISP_APP_CONFIG_PATH/core.php ] || cp $MISP_APP_CONFIG_PATH.dist/core.default.php $MISP_APP_CONFIG_PATH/core.php
|
||||
[ -f $MISP_APP_CONFIG_PATH/config.php ] || cp $MISP_APP_CONFIG_PATH.dist/config.default.php $MISP_APP_CONFIG_PATH/config.php
|
||||
[ -f $MISP_APP_CONFIG_PATH/email.php ] || cp $MISP_APP_CONFIG_PATH.dist/email.php $MISP_APP_CONFIG_PATH/email.php
|
||||
[ -f $MISP_APP_CONFIG_PATH/routes.php ] || cp $MISP_APP_CONFIG_PATH.dist/routes.php $MISP_APP_CONFIG_PATH/routes.php
|
||||
|
||||
echo "Configure MISP | Set DB User, Password and Host in database.php"
|
||||
sed -i "s/localhost/$MYSQL_HOST/" $MISP_APP_CONFIG_PATH/database.php
|
||||
|
|
Loading…
Reference in New Issue