mirror of
https://github.com/telekom-security/tpotce.git
synced 2025-04-28 11:18:51 +00:00
tweaking
This commit is contained in:
Marco Ochse
parent
cef8e5fded
commit
caf35b485f
2 changed files with 46 additions and 7 deletions
39
installer/data/nginx/tpotweb.conf
Normal file
39
installer/data/nginx/tpotweb.conf
Normal file
|
|
@ -0,0 +1,39 @@
|
|||
server {
|
||||
listen 64298;
|
||||
|
||||
server_name example.com;
|
||||
|
||||
# auth_basic "Restricted Access";
|
||||
# auth_basic_user_file /etc/nginx/htpasswd.users;
|
||||
|
||||
proxy_buffering on;
|
||||
proxy_buffer_size 8k;
|
||||
proxy_buffers 48 8k;
|
||||
proxy_busy_buffers_size 8k;
|
||||
proxy_max_temp_file_size 4096m;
|
||||
proxy_temp_file_write_size 64k;
|
||||
|
||||
gzip on;
|
||||
gzip_disable "msie6";
|
||||
|
||||
gzip_vary on;
|
||||
gzip_proxied any;
|
||||
gzip_comp_level 6;
|
||||
gzip_buffers 16 8k;
|
||||
gzip_http_version 1.1;
|
||||
gzip_min_length 256;
|
||||
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon;
|
||||
|
||||
|
||||
location /kibana/ {
|
||||
proxy_pass http://localhost:64296;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
rewrite /kibana/(.*)$ /$1 break;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
|
@ -275,25 +275,25 @@ tee -a /etc/crontab <<EOF
|
|||
*/2 * * * * root status.sh > /dev/tty2
|
||||
|
||||
# Check if containers and services are up
|
||||
*/5 * * * * root check.sh
|
||||
*/5 * * * * root check.sh
|
||||
|
||||
# Example for alerta-cli IP update
|
||||
#*/5 * * * * root alerta --endpoint-url http://<ip>:<port>/api delete --filters resource=<host> && alerta --endpoint-url http://<ip>:<port>/api send -e IP -r <host> -E Production -s ok -S T-Pot -t \$(cat /data/elk/logstash/mylocal.ip) --status open
|
||||
#*/5 * * * * root alerta --endpoint-url http://<ip>:<port>/api delete --filters resource=<host> && alerta --endpoint-url http://<ip>:<port>/api send -e IP -r <host> -E Production -s ok -S T-Pot -t \$(cat /data/elk/logstash/mylocal.ip) --status open
|
||||
|
||||
# Check if updated images are available and download them
|
||||
27 1 * * * root for i in \$(cat /data/images.conf); do docker pull dtagdevsec/\$i:latest1610; done
|
||||
27 1 * * * root for i in \$(cat /data/images.conf); do docker pull dtagdevsec/\$i:latest1610; done
|
||||
|
||||
# Restart docker service and containers
|
||||
27 3 * * * root dcres.sh
|
||||
27 3 * * * root dcres.sh
|
||||
|
||||
# Delete elastic indices older than 90 days (kibana index is omitted by default)
|
||||
27 4 * * * root docker exec elk bash -c '/usr/local/bin/curator --host 127.0.0.1 delete indices --older-than 90 --time-unit days --timestring \%Y.\%m.\%d'
|
||||
27 4 * * * root docker exec elk bash -c '/usr/local/bin/curator --host 127.0.0.1 delete indices --older-than 90 --time-unit days --timestring \%Y.\%m.\%d'
|
||||
|
||||
# Update IP and erase check.lock if it exists
|
||||
27 15 * * * root /etc/rc.local
|
||||
27 15 * * * root /etc/rc.local
|
||||
|
||||
# Check for updated packages every sunday, upgrade and reboot
|
||||
27 16 * * 0 root apt-get autoclean -y; apt-get autoremove -y; apt-get update -y; apt-get upgrade -y; sleep 5; reboot
|
||||
27 16 * * 0 root apt-get autoclean -y; apt-get autoremove -y; apt-get update -y; apt-get upgrade -y; sleep 5; reboot
|
||||
EOF
|
||||
|
||||
# Let's create some files and folders
|
||||
|
|
|
|||
Loading…
Reference in a new issue