From 59cca98e7f9f2599b3f09055bd4e14a517959a16 Mon Sep 17 00:00:00 2001 From: t3chn0m4g3 Date: Fri, 6 Jan 2023 18:58:03 +0000 Subject: [PATCH] update geoip map to latest release update nginx to include brotli and gzip compression improve load performance --- docker/elk/map/Dockerfile | 15 +++++++------- docker/nginx/Dockerfile | 3 ++- docker/nginx/dist/conf/nginx.conf | 33 ++++++++++++++++++------------- 3 files changed, 29 insertions(+), 22 deletions(-) diff --git a/docker/elk/map/Dockerfile b/docker/elk/map/Dockerfile index f18b89f3..3f3cc5b8 100644 --- a/docker/elk/map/Dockerfile +++ b/docker/elk/map/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.15 +FROM alpine:3.17 # # Include dist COPY dist/ /root/dist/ @@ -12,17 +12,18 @@ RUN apk -U --no-cache add \ python3 \ python3-dev && \ # -# Install Server from GitHub and setup +# Install from GitHub and setup mkdir -p /opt && \ cd /opt/ && \ - git clone https://github.com/t3chn0m4g3/geoip-attack-map && \ + git clone https://github.com/t3chn0m4g3/geoip-attack-map -b 1.0.0 && \ cd geoip-attack-map && \ # git checkout 4dae740178455f371b667ee095f824cb271f07e8 && \ - cp /root/dist/* . && \ +# git branch -a && \ +# git checkout multi && \ +# cp /root/dist/index.html . && \ pip3 install --upgrade pip && \ pip3 install -r requirements.txt && \ - pip3 install flask && \ - setcap cap_net_bind_service=+ep /usr/bin/python3.9 && \ + setcap cap_net_bind_service=+ep /usr/bin/python3.10 && \ # # Setup user, groups and configs addgroup -g 2000 map && \ @@ -39,4 +40,4 @@ RUN apk -U --no-cache add \ STOPSIGNAL SIGINT USER map:map WORKDIR /opt/geoip-attack-map -CMD ./entrypoint.sh && exec /usr/bin/python3 $MAP_COMMAND +CMD /usr/bin/python3 $MAP_COMMAND diff --git a/docker/nginx/Dockerfile b/docker/nginx/Dockerfile index ec772b15..57d2831f 100644 --- a/docker/nginx/Dockerfile +++ b/docker/nginx/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.16 +FROM alpine:3.17 # # Include dist COPY dist/ /root/dist/ @@ -6,6 +6,7 @@ COPY dist/ /root/dist/ # Get and install dependencies & packages RUN apk -U --no-cache add \ nginx \ + nginx-mod-http-brotli \ nginx-mod-http-headers-more && \ # ## Setup T-Pot Landing Page, Eleasticvue, Cyberchef diff --git a/docker/nginx/dist/conf/nginx.conf b/docker/nginx/dist/conf/nginx.conf index dbe2d6f9..1a3abd1c 100644 --- a/docker/nginx/dist/conf/nginx.conf +++ b/docker/nginx/dist/conf/nginx.conf @@ -2,6 +2,8 @@ user nginx; worker_processes auto; pid /run/nginx.pid; load_module /usr/lib/nginx/modules/ngx_http_headers_more_filter_module.so; +load_module /usr/lib/nginx/modules/ngx_http_brotli_filter_module.so; +load_module /usr/lib/nginx/modules/ngx_http_brotli_static_module.so; events { worker_connections 768; @@ -27,6 +29,23 @@ http { include /etc/nginx/mime.types; default_type application/octet-stream; + ## + # Compression + ## + + # gzip + gzip on; + gzip_vary on; + gzip_proxied any; + gzip_comp_level 6; + gzip_types text/plain text/css text/xml application/json application/javascript application/xml+rss application/atom+xml image/svg+xml; + + # brotli + brotli on; + brotli_static on; + brotli_comp_level 6; + brotli_types text/xml image/svg+xml application/x-font-ttf image/vnd.microsoft.icon application/x-font-opentype application/json font/eot application/vnd.ms-fontobject application/javascript font/otf application/xml application/xhtml+xml text/javascript application/x-javascript text/plain application/x-font-truetype application/xml+rss image/x-icon font/opentype text/css image/x-win-bitmap; + ## # SSL Settings ## @@ -82,20 +101,6 @@ http { access_log /var/log/nginx/access.log main_json; error_log /var/log/nginx/error.log; - ## - # Gzip Settings - ## - - gzip on; - gzip_disable "msie6"; - - # gzip_vary on; - # gzip_proxied any; - # gzip_comp_level 6; - # gzip_buffers 16 8k; - # gzip_http_version 1.1; - # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; - ## # Virtual Host Configs ##