Commit Graph

66 Commits (bae3346f7acaa6a7834663294d28caceab188d12)

Author SHA1 Message Date
Stefano Ortolani bae3346f7a Remove referrer policy 2024-11-15 09:33:20 +00:00
Guilherme Capilé 7f36d2624b
temporary response should not enable a successful healthcheck or cache #185 (#186) 2024-11-14 16:05:46 +00:00
Stefano Ortolani d9bfc19f77 Set misp.org based on env var 2024-11-13 09:52:48 +00:00
Steven Goossens 7468cd9886
Add UUID for the Admin organisation when deploying (#183)
* Update template.env - Add ADMIN_ORG

* Update docker-compose.yml - Add ADMIN_ORG_UUID

* Update configure_misp.sh - Add uuid to database
2024-11-13 09:27:13 +00:00
Guilherme Capilé 5e60a88eeb
$OIDC_SCOPES must be an array, testing the env to be a valid json array before pushing to config (without escaping) (#184) 2024-11-13 09:26:48 +00:00
DiegolAmaral ce805b58a3
Fix OIDC SCOPES (#180)
Co-authored-by: diegolamaral <diego.arruda.amaral@gmail.com>
2024-11-01 08:42:48 +00:00
Stefano Ortolani 3855224c7c Allow special character inside redis password 2024-10-28 11:37:17 +00:00
Jordan Barnartt f23186129b
Configure OIDC scopes from env variable (#170) 2024-10-18 14:38:52 +01:00
DiegolAmaral 0a836d203e
Add additional PHP settings and cookie configurations (#164)
Add additional PHP settings and cookie configurations

---------

Co-authored-by: diegolamaral <diego.arruda.amaral@gmail.com>
2024-10-10 13:49:51 +01:00
DiegolAmaral 754220879b
add security settings for nginx (#159)
Co-authored-by: diegolamaral <diego.arruda.amaral@gmail.com>
2024-10-04 14:47:00 +01:00
DiegolAmaral 31db79c0df
Fix OIDC_ENABLE Toggle Logic in MISP Environment Configuration (#161)
* Fix OIDC_ENABLE Toggle Logic in MISP Environment Configuration

* Update sudo Usage for MISP Configuration Commands

---------

Co-authored-by: diegolamaral <diego.arruda.amaral@gmail.com>
2024-10-04 14:46:45 +01:00
Stefano Ortolani a5fd58ab25 Release MISP 2.5 and PHP 8.2 2024-10-04 13:58:20 +01:00
DiegolAmaral 26ae2bff7c
Add OIDC Custom Logout URL (#148)
* Add oidc logout url to env and docker image

* Set the custom logout URL if OIDC_LOGOUT_URL is defined

---------

Co-authored-by: diegolamaral <diego.arruda.amaral@gmail.com>
2024-10-02 12:24:12 +01:00
Stefano Ortolani beb62e4dcc Bump core and fix setuptools provenance 2024-09-16 09:58:10 +01:00
Stefano Ortolani 663c154a97 Add support for 'X-Forwarded-For'; merge podman PR by @urfin00djuce 2024-09-12 10:11:15 +01:00
Stefano Ortolani b033daec4f Fix upstream removal of python3-setuptools 2024-09-08 11:05:24 +01:00
Øivind Hoel 043437c83f Move settings and mysql env vars around 2024-09-08 10:31:06 +01:00
Øivind Hoel 7e595ff585 Run component updates in the background 2024-09-08 10:30:13 +01:00
Stefano Ortolani 24690cafe5 Update documentation and reduce benign errors at first bootstrap 2024-09-03 08:55:05 +01:00
Stefano Ortolani 57ce60ab66 Fix race conditions and typos 2024-08-25 13:44:18 +01:00
Stefano Ortolani e131f85e55 Bump modules plus many other changes 2024-08-24 13:50:19 +01:00
Stefano Ortolani 05f73f6c4c Enable workflows by default 2024-08-23 18:21:30 +01:00
Stefano Ortolani 02f81b886e Allow more redis options to be configured 2024-08-20 22:30:28 +01:00
Stefano Ortolani 3fbf7bff00 Fix default value (again) 2024-08-20 20:12:00 +01:00
Stefano Ortolani da02fb9b1e Fix default value 2024-08-20 14:04:07 +01:00
Stefano Ortolani 7ef14a06f5 Remove default value in favour of env var 2024-08-19 12:33:49 +01:00
Stefano Ortolani 60902dbcdc Fix missing redis password 2024-08-16 14:04:16 +01:00
Stefano Ortolani 8197b9b1d0
Add password to redis (#107) 2024-08-13 14:23:45 +01:00
Stefano Ortolani a8ea7e0923
Add support for encryption key (#108) 2024-08-13 14:23:37 +01:00
olekristoffer eaba308269
Balance quotes as requred by podman 4.9.4 (#109)
Podman 4.9.4 requires all quotes to be balanced when processing heredoc build statements, including in comments. Without the change building the container yields the following ERROR: "unexpected end of statement while looking for matching single-quote"
2024-08-13 14:23:29 +01:00
Stefano Ortolani 5ef80d3d0e Add syncservers pull rules 2024-08-06 13:18:32 +01:00
Stefano Ortolani 2f24067089 Remove bundled python dependencies in favour of pip installed ones 2024-08-06 12:37:15 +01:00
marjatech 2739a8c02f
hide nginx version from response headers (#99) 2024-08-02 09:54:59 +01:00
Stefano Ortolani 130a6ba8c0 Bump misp-modules and backport fixes 2024-07-19 16:43:15 +01:00
Stefano Ortolani 0b5dd32b65 Remove pip after installation 2024-07-19 11:30:36 +01:00
Stefano Ortolani 8911811384 Backport some fixes 2024-07-18 15:54:57 +01:00
marjatech b085e2b90c
set php parameters sid_length and use_strict_mode (#97)
these shall be set to 
sid_length > 32
use_strict_mode = 1

Otherwise even MISP will complain about this in the Diagnostics
2024-07-18 15:36:20 +01:00
Stefano Ortolani 162f99f541
Update to Debian bookworm and python 3.12 (#92)
* Update to debian bookworm and python 3.12

* Ship lock file
2024-07-18 15:36:06 +01:00
marjatech 27bd316a71
keep environment, so curl will know about https_proxy (#87) 2024-07-04 07:41:37 +01:00
David Manzano c140a40f0d
Make SMTP host setting configurable (#77)
* Allows to configure a STMP server different from the one in docker-compose

* Addresses @ostefano regarding envvars with defaults

* Ensures default is present in template.env
2024-06-20 08:57:30 +01:00
UFOSmuggler 8aaec5d836
Bring forward when database updates occur (#76)
Remove await_settings_db() entirely

Linebuffer some outputs so they look nicer

Move redis specific config items to minimum_config*json

Add start_interval to docker-compose.yml to avoid runUpdates race condition caused by health check which could lead to bad db updates, which seems to have been an issue for quite a while but is very hard to reproduce
2024-06-14 13:41:55 +01:00
Stefano Ortolani 303ea9d2f9 Revert some changes to unblock new users 2024-06-12 15:28:38 +01:00
UFOSmuggler 261c541749
Update set_up_proxy(), add DEBUG envar, minor fixes (#71)
* added missing PROXY_ENABLE envar to docker-compose.yml

add default value of false is PROXY_ENABLE unset

altered set_up_proxy() in configure_misp.sh to use json-based config system

fixed MISP.ca_path setting to use --force, since doesn't end in .pem

* Add DEBUG envar

Works in both config.php and system_settings table.
2024-06-11 12:36:39 +01:00
Stefano Ortolani 16ec637742 Bump misp-modules and revert some defaults 2024-06-06 12:56:36 +01:00
Thibault Van Win 76fadc5496
Add option to configure proxy using environment vars (#69)
Co-authored-by: Thibault Van Win <thibault.van.win@axsguard.com>
2024-06-06 12:41:12 +01:00
UFOSmuggler d56c893f4d
Introduce new system to persist mandatory and optional settings (#66)
* Make safe settings functions handling config json objects. 
* Also, update cake's cacerts. Previous method was using ubuntu's crts, which weren't pem.
* Bring config inline with previous config.php template version.
* Move settings into files in /etc/misp-docker.
* Fix Security.auth kludge.
* Rename functions and settings json files for a bit more clarity.
* Add documentation to README.md.
* Add a bit of context around adding new envars.
* Add ENABLE_DB_SETTINGS envar for turning on MISP.system_setting_db.
* Add documentation regarding new envar, and add to docker-compose.yml and template.php.
* Move "weird default" ZeroMQ setting to initialisation settings.
* Move some settings to cli_only.
* Add code to disable DB settings when applying cli_only settings.
* Change system_settings table availability check to until loop.
* Some language changes for clarity.
2024-06-06 09:30:12 +01:00
Stefano Ortolani 639d6e746b Add documentation and fix default values for OIDC_ROLES_MAPPING 2024-05-09 10:03:55 +01:00
UFOSmuggler aeff7b3e3e
Fix issue where searching for 'php' returns an error (#54) 2024-05-01 14:25:16 +01:00
Christian Morales Guerrero 313681a344
Support optional OIDC_ISSUER parameter (#52) 2024-04-24 12:26:22 +01:00
Christian Morales Guerrero b8d722a86b
Allow Redis over TLS (#49) 2024-04-22 09:20:59 +01:00