From 87ef005c176de23a344f1232ce79fb0e1fb6e2c2 Mon Sep 17 00:00:00 2001
From: Marco Ochse <t3chn0m4g3@users.noreply.github.com>
Date: Sat, 27 May 2023 14:49:20 +0200
Subject: [PATCH] tweaking for tpotlight

---
 docker/nginx/dist/conf/nginx.conf   |  7 ++-
 docker/nginx/dist/conf/tpotweb.conf | 86 +++++++++++++++++++----------
 2 files changed, 62 insertions(+), 31 deletions(-)

diff --git a/docker/nginx/dist/conf/nginx.conf b/docker/nginx/dist/conf/nginx.conf
index 231273d6..988a92b6 100644
--- a/docker/nginx/dist/conf/nginx.conf
+++ b/docker/nginx/dist/conf/nginx.conf
@@ -7,6 +7,7 @@ load_module /usr/lib/nginx/modules/ngx_http_brotli_static_module.so;
 
 # OS ENV variables need to be defined here, so Lua can use them
 env COCKPIT;
+env TPOT_OSTYPE;
 
 # Both modules are needed for Lua, in this exact order
 load_module /usr/lib/nginx/modules/ndk_http_module.so;
@@ -18,10 +19,10 @@ events {
 }
 
 http {
-
 	##
 	# Basic Settings
 	##
+	resolver 127.0.0.11;
 	sendfile on;
 	tcp_nopush on;
 	tcp_nodelay on;
@@ -101,11 +102,11 @@ http {
         '"server_protocol": "$server_protocol", ' # request protocol, like HTTP/1.1 or HTTP/2.0
         '"pipe": "$pipe", ' # “p” if request was pipelined, “.” otherwise
         '"gzip_ratio": "$gzip_ratio", '
-        '"http_cf_ray": "$http_cf_ray"'
+        '"http_cf_ray": "$http_cf_ray", '
+        '"proxy_host": "$proxy_host"'
       '}';
 
  	access_log /var/log/nginx/access.log main_json;
-	error_log /var/log/nginx/error.log;
 
 	##
 	# Virtual Host Configs
diff --git a/docker/nginx/dist/conf/tpotweb.conf b/docker/nginx/dist/conf/tpotweb.conf
index d46369f0..2f48cb4c 100644
--- a/docker/nginx/dist/conf/tpotweb.conf
+++ b/docker/nginx/dist/conf/tpotweb.conf
@@ -121,61 +121,91 @@ server {
         try_files $uri $uri/ /cyberchef/index.html;
     }
 
-
-
     #################
     ### Proxied sites
     #################
 
     ### Kibana
     location /kibana/ {
-        proxy_pass http://127.0.0.1:64296;
+        set_by_lua_block $kibana {
+            local tpot_ostype = os.getenv("TPOT_OSTYPE")
+            if tpot_ostype == "mac" or tpot_ostype == "win" then
+                return "http://kibana:5601";
+            else
+                return "http://127.0.0.1:64296";
+            end
+        }
+        proxy_pass $kibana;
         rewrite /kibana/(.*)$ /$1 break;
     }
 
     ### ES
     location /es/ {
-        proxy_pass http://127.0.0.1:64298/;
+        set_by_lua_block $elasticsearch {
+            local tpot_ostype = os.getenv("TPOT_OSTYPE")
+            if tpot_ostype == "mac" or tpot_ostype == "win" then
+                return "http://elasticsearch:9200";
+            else
+                return "http://127.0.0.1:64298";
+            end
+        }
+        proxy_pass $elasticsearch;
         rewrite /es/(.*)$ /$1 break;
     }
 
     ### Map
     location /map/ {
-        proxy_pass http://127.0.0.1:64299/;
+        set_by_lua_block $map_web {
+            local tpot_ostype = os.getenv("TPOT_OSTYPE")
+            if tpot_ostype == "mac" or tpot_ostype == "win" then
+                return "http://map_web:64299";
+            else
+                return "http://127.0.0.1:64299";
+            end
+        }
+        proxy_pass $map_web;
         rewrite /map/(.*)$ /$1 break;
+        proxy_read_timeout 7200s;
 	proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;
         proxy_set_header Connection "Upgrade";
-	proxy_set_header Host $host;
+	proxy_set_header Host $http_host;
+	proxy_redirect http:// https://;
     }
     location /websocket {
-        proxy_pass http://127.0.0.1:64299;
-        proxy_read_timeout 3600s;
+        set_by_lua_block $map_web {
+            local tpot_ostype = os.getenv("TPOT_OSTYPE")
+            if tpot_ostype == "mac" or tpot_ostype == "win" then
+                return "http://map_web:64299";
+            else
+                return "http://127.0.0.1:64299";
+            end
+        }
+        proxy_pass $map_web;
+        proxy_read_timeout 7200s;
         proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;
         proxy_set_header Connection "Upgrade";
-        proxy_set_header Host $host;
+        proxy_set_header Host $http_host;
+	proxy_redirect http:// https://;
     }
 
-    ### spiderfoot
-    location /spiderfoot {
-        proxy_pass http://127.0.0.1:64303;
+    ### Spiderfoot
+        set_by_lua_block $spiderfoot_backend {
+            local tpot_ostype = os.getenv("TPOT_OSTYPE")
+            if tpot_ostype == "mac" or tpot_ostype == "win" then
+                return "http://spiderfoot:8080";
+            else
+                return "http://127.0.0.1:64303";
+            end
+        }
+    location /spiderfoot/ {
+        proxy_pass $spiderfoot_backend;
+	proxy_set_header Host $http_host;
+	proxy_redirect http:// https://;
+    }
+    location ~ ^/(static|scanviz|scandelete|scaninfo) {
+        proxy_pass $spiderfoot_backend/spiderfoot/$1$is_args$args;
     }
-
-        location /static {
-            proxy_pass http://127.0.0.1:64303/spiderfoot/static;
-        }
-
-        location /scanviz {
-            proxy_pass http://127.0.0.1:64303/spiderfoot/scanviz;
-        }
-
-        location /scandelete {
-            proxy_pass http://127.0.0.1:64303/spiderfoot/scandelete;
-        }
-
-        location /scaninfo {
-            proxy_pass http://127.0.0.1:64303/spiderfoot/scaninfo;
-        }
 
 }