Merge bec64f2306 into 3372a23eb2

- adding support for latest Elastic Stack

docker/elk/elasticsearch/Dockerfile

@@ -1,6 +1,6 @@
 FROM ubuntu:24.04
 ENV DEBIAN_FRONTEND noninteractive
-ENV ES_VER=8.17.5
+ENV ES_VER=8.18.1
 #
 # Include dist
 COPY dist/ /root/dist/

docker/elk/elasticsearch/dist/elasticsearch.yml

@@ -11,5 +11,5 @@ http.host: 0.0.0.0
 http.cors.enabled: true
 http.cors.allow-origin: "*"
 indices.query.bool.max_clause_count: 2000
-cluster.routing.allocation.disk.watermark.enable_for_single_data_node: true
+#cluster.routing.allocation.disk.watermark.enable_for_single_data_node: true
 discovery.type: single-node

docker/elk/kibana/Dockerfile

@@ -1,5 +1,5 @@
 FROM node:20.18.2-alpine3.20
-ENV KB_VER=8.17.5
+ENV KB_VER=8.18.1
 #
 # Include dist
 COPY dist/ /root/dist/

docker/elk/logstash/Dockerfile

@@ -1,6 +1,6 @@
 FROM ubuntu:24.04
 ENV DEBIAN_FRONTEND=noninteractive
-ENV LS_VER=8.17.5
+ENV LS_VER=8.18.1
 #
 # Include dist
 COPY dist/ /root/dist/

docker/nginx/builder/esvue/Dockerfile

@@ -1,17 +1,19 @@
 ### elasticvue build is currently broken, issue has been opened https://github.com/cars10/elasticvue/issues/215
 ### in the meantime we are using the older dist, if not resolved we need to find a different solution
-FROM node:20-alpine AS builder
+FROM node:22.5.1-alpine AS builder
 #
 # Prep and build Elasticvue 
 RUN apk -U --no-cache add git && \
-    git clone https://github.com/cars10/elasticvue -b v1.1.0 /opt/src && \
+    git clone https://github.com/cars10/elasticvue -b v1.7.0 /opt/src && \
 # We need to adjust consts.ts so the user has connection suggestion for reverse proxied ES
     sed -i "s#export const DEFAULT_CLUSTER_URI = 'http://localhost:9200'#export const DEFAULT_CLUSTER_URI = window.location.origin + '/es'#g" /opt/src/src/consts.ts && \
     sed -i 's#href="/images/logo/favicon.ico"#href="images/logo/favicon.ico"#g' /opt/src/index.html && \
     mkdir /opt/app && \
     cd /opt/app && \
+    corepack enable && \
     cp /opt/src/package.json . && \
     cp /opt/src/yarn.lock . && \
+    cp /opt/src/.yarnrc.yml . && \
     yarn install && \
     cp -R /opt/src/* . && \
     export VITE_APP_BUILD_MODE=docker && \

docker/nginx/docker-compose.yml

@@ -20,7 +20,7 @@ services:
       #    ports:
       #     - "64297:64297"
       #     - "127.0.0.1:64304:64304"
-    image: "dtagdevsec/nginx:24.04"
+    image: "ghcr.io/telekom-security/nginx:24.04.1"
     read_only: true
     volumes:
      - $HOME/tpotce/data/nginx/cert/:/etc/nginx/cert/:ro

docker/tpotinit/dist/bin/genuser.sh

@@ -13,6 +13,9 @@ __        __   _     _   _  [ T-Pot ]
 EOF
 )
 
+# Add trap to ensure SIGINT, SIGTERM works
+trap 'echo; echo; echo "# User interrupt. Exiting."; exit 1' SIGINT
+
 # Generate T-Pot WebUser
 echo "$myPW"
 echo

genuser.sh

@@ -1,2 +1,13 @@
 #!/usr/bin/env bash
-docker run -v $HOME/tpotce:/data --entrypoint bash -it -u $(id -u):$(id -g) dtagdevsec/tpotinit:24.04.1 "/opt/tpot/bin/genuser.sh"
+TPOT_REPO=$(grep -E "^TPOT_REPO" .env | cut -d "=" -f2-)
+TPOT_VERSION=$(grep -E "^TPOT_VERSION" .env | cut -d "=" -f2-)
+USER=$(id -u)
+USERNAME=$(id -un)
+GROUP=$(id -g)
+echo "### Repository:        ${TPOT_REPO}"
+echo "### Version Tag:       ${TPOT_VERSION}"
+echo "### Your User Name:    ${USERNAME}"
+echo "### Your User ID:      ${USER}"
+echo "### Your Group ID:     ${GROUP}"
+echo
+docker run -v $HOME/tpotce:/data --entrypoint "bash" -it -u "${USER}":"${GROUP}" "${TPOT_REPO}"/tpotinit:"${TPOT_VERSION}" "/opt/tpot/bin/genuser.sh"

update.sh

@@ -188,6 +188,10 @@ function fuRESTORE () {
 	fi
 	echo "### Restoring T-Pot config file .env"
 	tar xvf $myARCHIVE .env -C $HOME/tpotce >/dev/null 2>&1
+	# Backup file (.env) contains a record of the TPOT_VERSION that is used in docker-compose commmands. 
+	# We should upgrade the version in this file after restoring the backup.
+	newVERSION=$(cat version)
+	sed -i 's/^TPOT_VERSION=.*/TPOT_VERSION=${newVERSION}/' $HOME/tpotce/.env
 }
 
 ################