MISP
/
misp-docker
mirror of https://github.com/MISP/misp-docker
2
0
Fork 0
Code Issues Releases Wiki Activity
429 Commits
2 Branches
0 Tags
3.3 MiB
Commit Graph

62 Commits (99eb71a4cd11f8c01733758b695a95cb7ce7c044)

Author SHA1 Message Date
Jeremy Huntwork 99eb71a4cd Some additional fixes/changes 
- Let the php container run the inet supervisord for the bg workers
  still
- Properly configure the cron container to exec cron
- Add configuration to optionally change the sock file location for
  php-fpm, allows us to specify a shared file between containers in a
  pod
- make new entrypoint files executable
- Set the php config value for `session.cookie_domain` so that it
  doesn't use the default of ''. When empty it falls back to the
  hostname which will be different per pod, meaning that each pod will
  handle session requests separately, which breaks things like OIDC.
 2025-01-08 17:54:41 +00:00
Steve Juergens b1dd1a81af Initial configuration to split configuration to containers 2025-01-08 10:03:29 -05:00
Stefano Ortolani 9bb03eab0a Fix bugs and defaults 2024-12-06 14:48:16 +00:00
Guilherme Capilé 9381b463d0
FIX: Adjust php-fpm pool: enable the increase of maximum number of processes #190 (#191) 2024-12-06 14:30:32 +00:00
Guilherme Capilé 6599e57297 FIX: Slow startup and performance on NFS or slow volume mounts #188 2024-12-06 14:26:28 +00:00
Stefano Ortolani bae3346f7a Remove referrer policy 2024-11-15 09:33:20 +00:00
Guilherme Capilé 7f36d2624b
temporary response should not enable a successful healthcheck or cache #185 (#186) 2024-11-14 16:05:46 +00:00
Stefano Ortolani d9bfc19f77 Set misp.org based on env var 2024-11-13 09:52:48 +00:00
Steven Goossens 7468cd9886
Add UUID for the Admin organisation when deploying (#183) 
* Update template.env - Add ADMIN_ORG

* Update docker-compose.yml - Add ADMIN_ORG_UUID

* Update configure_misp.sh - Add uuid to database
 2024-11-13 09:27:13 +00:00
Guilherme Capilé 5e60a88eeb
$OIDC_SCOPES must be an array, testing the env to be a valid json array before pushing to config (without escaping) (#184) 2024-11-13 09:26:48 +00:00
DiegolAmaral ce805b58a3
Fix OIDC SCOPES (#180) 
Co-authored-by: diegolamaral <diego.arruda.amaral@gmail.com>
 2024-11-01 08:42:48 +00:00
Stefano Ortolani 3855224c7c Allow special character inside redis password 2024-10-28 11:37:17 +00:00
Jordan Barnartt f23186129b
Configure OIDC scopes from env variable (#170) 2024-10-18 14:38:52 +01:00
DiegolAmaral 0a836d203e
Add additional PHP settings and cookie configurations (#164) 
Add additional PHP settings and cookie configurations

---------

Co-authored-by: diegolamaral <diego.arruda.amaral@gmail.com>
 2024-10-10 13:49:51 +01:00
DiegolAmaral 754220879b
add security settings for nginx (#159) 
Co-authored-by: diegolamaral <diego.arruda.amaral@gmail.com>
 2024-10-04 14:47:00 +01:00
DiegolAmaral 31db79c0df
Fix OIDC_ENABLE Toggle Logic in MISP Environment Configuration (#161) 
* Fix OIDC_ENABLE Toggle Logic in MISP Environment Configuration

* Update sudo Usage for MISP Configuration Commands

---------

Co-authored-by: diegolamaral <diego.arruda.amaral@gmail.com>
 2024-10-04 14:46:45 +01:00
Stefano Ortolani a5fd58ab25 Release MISP 2.5 and PHP 8.2 2024-10-04 13:58:20 +01:00
DiegolAmaral 26ae2bff7c
Add OIDC Custom Logout URL (#148) 
* Add oidc logout url to env and docker image

* Set the custom logout URL if OIDC_LOGOUT_URL is defined

---------

Co-authored-by: diegolamaral <diego.arruda.amaral@gmail.com>
 2024-10-02 12:24:12 +01:00
Stefano Ortolani 663c154a97 Add support for 'X-Forwarded-For'; merge podman PR by @urfin00djuce 2024-09-12 10:11:15 +01:00
Øivind Hoel 043437c83f Move settings and mysql env vars around 2024-09-08 10:31:06 +01:00
Øivind Hoel 7e595ff585 Run component updates in the background 2024-09-08 10:30:13 +01:00
Stefano Ortolani 24690cafe5 Update documentation and reduce benign errors at first bootstrap 2024-09-03 08:55:05 +01:00
Stefano Ortolani 57ce60ab66 Fix race conditions and typos 2024-08-25 13:44:18 +01:00
Stefano Ortolani e131f85e55 Bump modules plus many other changes 2024-08-24 13:50:19 +01:00
Stefano Ortolani 05f73f6c4c Enable workflows by default 2024-08-23 18:21:30 +01:00
Stefano Ortolani 02f81b886e Allow more redis options to be configured 2024-08-20 22:30:28 +01:00
Stefano Ortolani 3fbf7bff00 Fix default value (again) 2024-08-20 20:12:00 +01:00
Stefano Ortolani da02fb9b1e Fix default value 2024-08-20 14:04:07 +01:00
Stefano Ortolani 7ef14a06f5 Remove default value in favour of env var 2024-08-19 12:33:49 +01:00
Stefano Ortolani 60902dbcdc Fix missing redis password 2024-08-16 14:04:16 +01:00
Stefano Ortolani 8197b9b1d0
Add password to redis (#107) 2024-08-13 14:23:45 +01:00
Stefano Ortolani a8ea7e0923
Add support for encryption key (#108) 2024-08-13 14:23:37 +01:00
Stefano Ortolani 5ef80d3d0e Add syncservers pull rules 2024-08-06 13:18:32 +01:00
marjatech 2739a8c02f
hide nginx version from response headers (#99) 2024-08-02 09:54:59 +01:00
marjatech b085e2b90c
set php parameters sid_length and use_strict_mode (#97) 
these shall be set to 
sid_length > 32
use_strict_mode = 1

Otherwise even MISP will complain about this in the Diagnostics
 2024-07-18 15:36:20 +01:00
marjatech 27bd316a71
keep environment, so curl will know about https_proxy (#87) 2024-07-04 07:41:37 +01:00
David Manzano c140a40f0d
Make SMTP host setting configurable (#77) 
* Allows to configure a STMP server different from the one in docker-compose

* Addresses @ostefano regarding envvars with defaults

* Ensures default is present in template.env
 2024-06-20 08:57:30 +01:00
UFOSmuggler 8aaec5d836
Bring forward when database updates occur (#76) 
Remove await_settings_db() entirely

Linebuffer some outputs so they look nicer

Move redis specific config items to minimum_config*json

Add start_interval to docker-compose.yml to avoid runUpdates race condition caused by health check which could lead to bad db updates, which seems to have been an issue for quite a while but is very hard to reproduce
 2024-06-14 13:41:55 +01:00
Stefano Ortolani 303ea9d2f9 Revert some changes to unblock new users 2024-06-12 15:28:38 +01:00
UFOSmuggler 261c541749
Update set_up_proxy(), add DEBUG envar, minor fixes (#71) 
* added missing PROXY_ENABLE envar to docker-compose.yml

add default value of false is PROXY_ENABLE unset

altered set_up_proxy() in configure_misp.sh to use json-based config system

fixed MISP.ca_path setting to use --force, since doesn't end in .pem

* Add DEBUG envar

Works in both config.php and system_settings table.
 2024-06-11 12:36:39 +01:00
Stefano Ortolani 16ec637742 Bump misp-modules and revert some defaults 2024-06-06 12:56:36 +01:00
Thibault Van Win 76fadc5496
Add option to configure proxy using environment vars (#69) 
Co-authored-by: Thibault Van Win <thibault.van.win@axsguard.com>
 2024-06-06 12:41:12 +01:00
UFOSmuggler d56c893f4d
Introduce new system to persist mandatory and optional settings (#66) 
* Make safe settings functions handling config json objects. 
* Also, update cake's cacerts. Previous method was using ubuntu's crts, which weren't pem.
* Bring config inline with previous config.php template version.
* Move settings into files in /etc/misp-docker.
* Fix Security.auth kludge.
* Rename functions and settings json files for a bit more clarity.
* Add documentation to README.md.
* Add a bit of context around adding new envars.
* Add ENABLE_DB_SETTINGS envar for turning on MISP.system_setting_db.
* Add documentation regarding new envar, and add to docker-compose.yml and template.php.
* Move "weird default" ZeroMQ setting to initialisation settings.
* Move some settings to cli_only.
* Add code to disable DB settings when applying cli_only settings.
* Change system_settings table availability check to until loop.
* Some language changes for clarity.
 2024-06-06 09:30:12 +01:00
Stefano Ortolani 639d6e746b Add documentation and fix default values for OIDC_ROLES_MAPPING 2024-05-09 10:03:55 +01:00
UFOSmuggler aeff7b3e3e
Fix issue where searching for 'php' returns an error (#54) 2024-05-01 14:25:16 +01:00
Christian Morales Guerrero 313681a344
Support optional OIDC_ISSUER parameter (#52) 2024-04-24 12:26:22 +01:00
Christian Morales Guerrero b8d722a86b
Allow Redis over TLS (#49) 2024-04-22 09:20:59 +01:00
Stefano Ortolani 52db2da71d Bump version 2024-04-11 08:45:25 +01:00
shieldsurge 0c24160035
Add AadAuth support in configure_misp.sh (#39) 2024-04-10 16:56:44 +01:00
Daan Willems 0673b30b2d
Add exemption to entrypoint_nginx for taxonomies (#41) 2024-04-10 16:22:55 +01:00