MISP
/
misp-docker
mirror of https://github.com/MISP/misp-docker
2
0
Fork 0
Code Issues Releases Wiki Activity
168 Commits
3 Branches
0 Tags
3 MiB
Commit Graph

84 Commits (2ab1940bea926c5500a31a04ef97dea3ef818908)

Author SHA1 Message Date
Eduardo Balsa 0c84e0b71b
Configuring nginx for cert authentication 
If the user enables cert authentication on the docker-compose file we must do the following changes to allow CertAuth to work
- Pass on SSL_CLIENT_I_DN and SSL_CLIENT_S_DN to PHP
- Enable ssl_client_certificate using  /etc/nginx/certs/ca.pem
- Enable the CertAuth ( https://github.com/MISP/MISP/tree/2.4/app/Plugin/CertAuth ) plugin on the bootstrap.php file
 2021-04-07 16:42:20 +02:00
Jason Kendall 1684553045 Better way to remove extra pip wheel packages. Fixes #101 2021-03-10 13:01:52 -05:00
Jason Kendall 88c6be64e7 Add php-intl and php-bcmath for #93 2021-02-16 19:00:52 -05:00
Jason Kendall 6da2a69d40 Actual pre-grab/build all python modules, work around cryptography version issues 2021-02-16 17:37:51 -05:00
Sentinel Bot d00c31ef33
Replace redis 127.0.0.1 in cake config 2020-12-29 22:40:32 +00:00
qh4t ce26836c90 Add php-zip 2020-09-10 19:35:10 -05:00
James Droste 6b4ae09b08
Allow customization of the MISP Modules server 
Similar to redis, we should allow the ability to customize this value, as it gets overwritten on startup
 2020-08-25 17:04:06 -07:00
Anders Einar Hilden efcb8a7da9 entrypoint_nginx.sh: Make it "safe" to run with INIT=true multiple times 2020-07-27 15:38:25 +00:00
Jason Kendall 270e20806d Move SSL certs /etc/nginx/certs - fixes #53 2020-05-28 20:23:33 -04:00
Jason Kendall 6fb8b182a9 Prevent globbing and word splitting 2020-05-28 19:51:41 -04:00
Jason Kendall 3773870ae3 Ensure upstream files are synced to virtual mount - closes 52 2020-05-28 19:49:27 -04:00
Jason Kendall 29949f8f5f Default to modern nginx security - resolves #50 2020-05-28 19:38:33 -04:00
Jason Kendall 9d2e722140 Default to modern nginx security - resolves #50 2020-05-28 19:33:54 -04:00
Jason Kendall 5083315a00 Revert "Ensure CA certs are updated" 
This reverts commit 5b67d6c8a4.
 2020-05-18 09:22:41 -04:00
Jason Kendall 5b67d6c8a4 Ensure CA certs are updated 2020-05-15 12:39:53 -04:00
Jason Kendall b77ce6c623 Set DB name from VAR closes #45, cleanup docker-compose env 2020-03-21 12:10:13 -04:00
Jason Kendall 7e997fb3fd Don't recreate symlinks - closes #42 2020-03-21 11:48:43 -04:00
Jason Kendall a676d0b65f Match nginx max upload to php 2020-03-20 10:14:53 -04:00
Jason Kendall 5efd4dd8f6 Add FPM timeout to nginx 2020-03-17 18:32:01 -04:00
Jason Kendall 6a7f555def Disable IPv6 option 2020-03-12 09:40:27 -04:00
Jason Kendall dcd893e069 Sync Servers now set be ENV SYNCSERVERS - Closes #40 2020-03-11 14:00:10 -04:00
Jason Kendall 49f65a9b54 Always use Bash, make fifo if it doesn't exist, closes #39 2020-03-06 11:09:11 -05:00
Jason Kendall 003d4cd1d7 Add custom entrypoint closes #15 2020-03-06 11:00:35 -05:00
Jason Kendall 0170dc6427 Simplify workers entrypoint 2020-03-05 11:22:23 -05:00
Jason Kendall b2f76743af Fix some order of operations 2020-02-27 18:14:59 -05:00
Jason Kendall 4c7efe4977 Use distributed configs for defaults 2020-02-27 18:10:39 -05:00
Jason Kendall c57f2669ec ENV to disable port 80 redirect - fixes #34 2020-02-27 15:28:21 -05:00
Jason Kendall 690094e6ed Seperate misp configs per port 2020-02-25 09:24:17 -05:00
Jason Kendall 89caffc58e Fix #31 auto-generating SSL certs 2020-02-24 21:09:08 -05:00
Jason Kendall e9614b253b Add procps for ps and kill 2020-02-24 20:14:47 -05:00
Jason Kendall 72881df281
Merge pull request #29 from seanthegeek/patch-1 
Remove dhparams.pem and chain.pem check
 2020-02-24 19:35:39 -05:00
Sean Whalen 8d928399e1
Update entrypoint_nginx.sh 2020-02-24 19:25:58 -05:00
Jason Kendall e7ab8db479 .gitignore broken, didn't actually add this file 2020-02-24 13:36:42 -05:00
Jason Kendall 3902256c9c Move php config to a fpm entrypoint 2020-02-24 13:31:37 -05:00
Sean Whalen 19a634763d
Remove dhparams.pem and chain.pem check 
These files are not needed with the new nginx config
 2020-02-24 13:17:07 -05:00
Sean Whalen a8b43368b9
Write nginx errors to /dev/stderr 2020-02-24 13:05:07 -05:00
Sean Whalen 8198a6eded
Revert log file linking 2020-02-24 13:02:24 -05:00
Sean Whalen e1af198d4c
Forward nginx request and error logs to docker 2020-02-23 22:10:58 -05:00
Sean Whalen 07cbd8b84f
Improve security and privacy in nginx config 
- Use modern protocols (TLSv1.3 and HTTTP2)
- Enable browser XSS prevention
- Disable `Referrer` headers (prevent information leaks)
- Prohibit search engine crawling
- Disable access logs
 2020-02-23 14:59:26 -05:00
Jason Kendall 8a37160fc3 Move full MISP branch to MISP_TAG arg 2020-02-21 10:30:15 -05:00
Jason Kendall 674dd65739 Remove more apache stuff 2020-02-21 10:15:05 -05:00
Jason Kendall 0a3a46ad63 Work arround MISP/issues/5608 2020-02-21 10:14:43 -05:00
Jason Kendall 9dd2fb11d8 Pull latest images before build 2020-02-21 10:05:42 -05:00
Jason Kendall d1a95be518 add missing nginx misp config file 2020-02-19 20:37:14 -05:00
Jason Kendall b5f20b951d First stab at nginx 2020-02-19 20:21:49 -05:00
Jason Kendall d1ee246e25 Add more sane defaults 2020-02-19 10:57:02 -05:00
Jason Kendall b8a8c6454e prevent globbing on the variable 2020-02-19 09:38:41 -05:00
Jason Kendall e8ae81b65c Set Redis FQDN in misp 2020-02-19 09:30:43 -05:00
Jason Kendall 1c80986c66 Add ssdeep extension ini files 2020-02-19 09:26:42 -05:00
Jason Kendall 451a26dfb1 Fix post_hook tagging 2020-02-12 11:06:21 -05:00