map server tweaking

docker/elk/docker-compose.yml

@@ -64,8 +64,6 @@ services:
     restart: always
     stop_signal: SIGKILL
     tty: true
-    #    networks:
-    #     - map_local
     ports:
       - "127.0.0.1:6379:6379"
     image: "dtagdevsec/redis:2203"
@@ -82,11 +80,9 @@ services:
      - /opt/tpot/etc/compose/elk_environment
     stop_signal: SIGKILL
     tty: true
-    #    networks:
-    #     - map_local
     ports:
      - "127.0.0.1:64299:64299"
-    image: "dtagdevsec/map_web:2203"
+    image: "dtagdevsec/map_server:2203"
     depends_on:
      - map_redis
 
@@ -100,8 +96,6 @@ services:
      - /opt/tpot/etc/compose/elk_environment
     stop_signal: SIGKILL
     tty: true
-    #    networks:
-    #     - map_local
-    image: "dtagdevsec/map_web:2203"
+    image: "dtagdevsec/map_server:2203"
     depends_on:
      - map_redis

docker/elk/map/Dockerfile

@@ -1,5 +1,8 @@
 FROM alpine:3.15
 #
+# Include dist
+#ADD dist/ /root/dist/
+#
 # Install packages
 RUN apk -U add \
              build-base \

docker/elk/map/docker-compose.yml

@@ -11,8 +11,6 @@ services:
     restart: always
     stop_signal: SIGKILL
     tty: true
-    #    networks:
-    #     - map_local
     ports:
       - "127.0.0.1:6379:6379"
     image: "dtagdevsec/redis:2203"
@@ -29,11 +27,9 @@ services:
      - /opt/tpot/etc/compose/elk_environment
     stop_signal: SIGKILL
     tty: true
-    #    networks:
-    #     - map_local
     ports:
      - "127.0.0.1:64299:64299"
-    image: "dtagdevsec/map_web:2203"
+    image: "dtagdevsec/map_server:2203"
     depends_on:
      - map_redis
 
@@ -47,8 +43,6 @@ services:
      - /opt/tpot/etc/compose/elk_environment
     stop_signal: SIGKILL
     tty: true
-    #    networks:
-    #     - map_local
-    image: "dtagdevsec/map_web:2203"
+    image: "dtagdevsec/map_server:2203"
     depends_on:
      - map_redis

docker/nginx/dist/conf/tpotweb.conf

@@ -27,7 +27,7 @@ server {
     ##############################################
     ssl_certificate /etc/nginx/cert/nginx.crt;
     ssl_certificate_key /etc/nginx/cert/nginx.key;
-    
+
     ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:!DHE:!SHA:!SHA256';
     ssl_ecdh_curve secp384r1;
     ssl_dhparam /etc/nginx/ssl/dhparam4096.pem;
@@ -40,8 +40,8 @@ server {
     ### OWASP recommendations / settings
     ####################################
 
-    ### Size Limits & Buffer Overflows 
-    ### the size may be configured based on the needs. 
+    ### Size Limits & Buffer Overflows
+    ### the size may be configured based on the needs.
     client_body_buffer_size  128k;
     client_header_buffer_size 1k;
     client_max_body_size 2M;
@@ -65,7 +65,7 @@ server {
 
     ### This will enforce HTTP browsing into HTTPS and avoid ssl stripping attack
     add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
-
+#    add_header 'Content-Security-Policy' 'upgrade-insecure-requests';
 
     ##################################
     ### Restrict access and basic auth
@@ -118,19 +118,28 @@ server {
         rewrite /kibana/(.*)$ /$1 break;
     }
 
-    ### ES 
+    ### ES
     location /es/ {
         proxy_pass http://127.0.0.1:64298/;
         rewrite /es/(.*)$ /$1 break;
     }
 
     ### Map
-    location /map/ {
-        proxy_pass http://127.0.0.1:64299/;
-        proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header Connection "Upgrade";
-        proxy_set_header Host $host;
-    }
+#    location /map/ {
+#        proxy_pass http://127.0.0.1:64299/;
+#        rewrite /map/(.*)$ /$1 break;
+#	proxy_http_version 1.1;
+#        proxy_set_header Upgrade $http_upgrade;
+#        proxy_set_header Connection "Upgrade";
+#	proxy_set_header Host $host;
+#    }
+#    location /websocket {
+#        proxy_pass http://127.0.0.1:64299;
+#        proxy_http_version 1.1;
+#        proxy_set_header Upgrade $http_upgrade;
+#        proxy_set_header Connection "Upgrade";
+#        proxy_set_header Host $host;
+#    }
 
     ### spiderfoot
     location /spiderfoot {
@@ -144,7 +153,7 @@ server {
         location /scanviz {
             proxy_pass http://127.0.0.1:64303/spiderfoot/scanviz;
         }
-        
+
         location /scandelete {
             proxy_pass http://127.0.0.1:64303/spiderfoot/scandelete;
         }

etc/compose/standard.yml

@@ -511,6 +511,51 @@ services:
     volumes:
      - /data:/data
 
+## Map Redis Service
+  map_redis:
+    container_name: map_redis
+    restart: always
+    stop_signal: SIGKILL
+    tty: true
+    ports:
+      - "127.0.0.1:6379:6379"
+    image: "dtagdevsec/redis:2203"
+    read_only: true
+
+## Map Web Service
+  map_web:
+    container_name: map_web
+    restart: always
+    environment:
+     - MAP_COMMAND=AttackMapServer.py
+    env_file:
+     - /opt/tpot/etc/compose/elk_environment
+    stop_signal: SIGKILL
+    tty: true
+    ports:
+     - "127.0.0.1:64299:64299"
+    image: "dtagdevsec/map_server:2203"
+    depends_on:
+     - map_redis
+
+## Map Data Service
+  map_data:
+    container_name: map_data
+    restart: always
+    depends_on:
+      elasticsearch:
+        condition: service_healthy
+    environment:
+     - MAP_COMMAND=DataServr_v2.py
+    env_file:
+     - /opt/tpot/etc/compose/elk_environment
+    stop_signal: SIGKILL
+    tty: true
+    image: "dtagdevsec/map_server:2203"
+    depends_on:
+     - map_redise
+#### /ELK
+
 # Ewsposter service
   ewsposter:
     container_name: ewsposter