Commit f95971e4 authored by Václav Bartoš's avatar Václav Bartoš
Browse files

All occurences of "dsoclab" or "dsl" renamed to "soctools"

dsoclab-* -> soctools-*
dsldev -> soctoolsmain
dslproxy -> soctoolsproxy
parent 988cb786
......@@ -19,7 +19,7 @@ Temporary solution: Upload your ssh key to gitlab.geant.org
`cd soctools`
Install soctools:
Edit group_vars/all/main.yml and change 'dslproxy' so that it point to the FQDN of the server.
Edit group_vars/all/main.yml and change 'soctoolsproxy' so that it point to the FQDN of the server.
`vi group_vars/all/main.yml`
The first entry in the soctools_users variable is the user with full admin privileges in NiFi and Kibana.
......
---
- name: Build certification authority
hosts: dsldev
hosts: soctoolsmain
roles:
- ca
---
- name: Build docker images
hosts: dsldev
hosts: soctoolsmain
roles:
- build
---
dslproxy: "<CHANGE_ME:hostname>"
soctoolsproxy: "<CHANGE_ME:hostname>"
# TheHive Button plugin
THEHIVE_URL: "https://hive.gn4-3-wp8-soc.sunet.se/"
......@@ -14,14 +14,14 @@ repo: gn43-dsl
version: 7
suffix: a20201004
haproxy_name: "dsoclab-haproxy"
haproxy_name: "soctools-haproxy"
haproxy_version: "2.2"
haproxy_img: "{{repo}}/haproxy:{{version}}{{suffix}}"
HAPROXY_PROCESSES: "2"
HAPROXY_STATS_PASS: "eiph2Eepaizicheelah3tei+bae3ohgh"
FILEBEAT_VERSION: "7.9.3"
FILEBEAT_OUTPUT_HOST: "{{dslproxy}}"
FILEBEAT_OUTPUT_HOST: "{{soctoolsproxy}}"
FILEBEAT_OUTPUT_PORT: "6000"
FILEBEAT_CERT: "/opt/filebeat/filebeat.crt"
FILEBEAT_KEY: "/opt/filebeat/filebeat.key"
......@@ -30,27 +30,27 @@ temp_root: "/tmp/centosbuild"
openjdk_img: "{{repo}}/openjdk:{{version}}{{suffix}}"
zookeeper_name: "dsoclab-zookeeper"
zookeeper_name: "soctools-zookeeper"
zookeeper_img: "{{repo}}/zookeeper:{{version}}{{suffix}}"
misp_name: "dsoclab-misp"
misp_name: "soctools-misp"
misp_img: "{{repo}}/misp:{{version}}{{suffix}}"
nifi_img: "{{repo}}/nifi:{{version}}{{suffix}}"
mysql_name: "dsoclab-mysql"
mysql_name: "soctools-mysql"
mysql_img: "{{repo}}/mysql:{{version}}{{suffix}}"
mysql_dbrootpass: "Pass006"
cassandra_name: "dsoclab-cassandra"
cassandra_name: "soctools-cassandra"
cassandra_img: "{{repo}}/cassandra:{{version}}{{suffix}}"
thehive_name: "dsoclab-thehive"
thehive_name: "soctools-thehive"
thehive_img: "{{repo}}/thehive:{{version}}{{suffix}}"
# GENERATED WITH cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n 1
thehive_secret_key: "LcnI9eKLo33711BmCnzf6UM1y05pdmj3dlADL81PxuffWqhobRoiiGFftjNPKpmM"
cortex_name: "dsoclab-cortex"
cortex_name: "soctools-cortex"
cortex_img: "{{repo}}/cortex:{{version}}{{suffix}}"
cortex_elasticsearch_mem: "256m"
# GENERATED WITH cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n 1
......
[cassandra]
dsoclab-cassandra ansible_connection=docker
soctools-cassandra ansible_connection=docker
[cortex]
dsoclab-cortex ansible_connection=docker
soctools-cortex ansible_connection=docker
[odfeescontainers]
dsoclab-odfe-1 ansible_connection=docker
dsoclab-odfe-2 ansible_connection=docker
soctools-odfe-1 ansible_connection=docker
soctools-odfe-2 ansible_connection=docker
[filebeat]
dsoclab-nifi-1 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log"]' FILEBEAT_LOG_TYPE="nifi" FILEBEAT_LOG_FORMAT="text"
dsoclab-nifi-2 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log"]' FILEBEAT_LOG_TYPE="nifi" FILEBEAT_LOG_FORMAT="text"
dsoclab-nifi-3 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log"]' FILEBEAT_LOG_TYPE="nifi" FILEBEAT_LOG_FORMAT="text"
dsoclab-misp ansible_connection=docker FILEBEAT_FILES='["/var/opt/rh/rh-php72/log/php-fpm/*.log","/var/opt/rh/rh-redis32/log/redis/redis.log","/var/log/httpd/*log","/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="misp" FILEBEAT_LOG_FORMAT="text"
#dsoclab-odfe-1 ansible_connection=docker FILEBEAT_FILES='["/usr/share/elasticsearch/logs/dsoclab-cluster_server.json"]' FILEBEAT_LOG_TYPE="odfe1" FILEBEAT_LOG_FORMAT="json"
#dsoclab-odfe-2 ansible_connection=docker FILEBEAT_FILES='["/usr/share/elasticsearch/logs/dsoclab-cluster_server.json"]' FILEBEAT_LOG_TYPE="odfe2" FILEBEAT_LOG_FORMAT="json"
dsoclab-kibana ansible_connection=docker FILEBEAT_FILES='["/usr/share/kibana/kblog"]' FILEBEAT_LOG_TYPE="kibana" FILEBEAT_LOG_FORMAT="text"
dsoclab-keycloak ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="keycloak" FILEBEAT_LOG_FORMAT="text"
dsoclab-mysql ansible_connection=docker FILEBEAT_FILES='["/var/opt/rh/rh-mariadb103/log/mariadb/mariadb.log"]' FILEBEAT_LOG_TYPE="mysql" FILEBEAT_LOG_FORMAT="text"
dsoclab-haproxy ansible_connection=docker FILEBEAT_SYSLOG_PORT=9000 FILEBEAT_LOG_TYPE="haproxy" FILEBEAT_LOG_FORMAT="text"
dsoclab-zookeeper ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="zookeeper" FILEBEAT_LOG_FORMAT="text"
dsoclab-cortex ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="cortex" FILEBEAT_LOG_FORMAT="text"
dsoclab-thehive ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="thehive" FILEBEAT_LOG_FORMAT="text"
dsoclab-cassandra ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="cassandra" FILEBEAT_LOG_FORMAT="text"
soctools-nifi-1 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log"]' FILEBEAT_LOG_TYPE="nifi" FILEBEAT_LOG_FORMAT="text"
soctools-nifi-2 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log"]' FILEBEAT_LOG_TYPE="nifi" FILEBEAT_LOG_FORMAT="text"
soctools-nifi-3 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log"]' FILEBEAT_LOG_TYPE="nifi" FILEBEAT_LOG_FORMAT="text"
soctools-misp ansible_connection=docker FILEBEAT_FILES='["/var/opt/rh/rh-php72/log/php-fpm/*.log","/var/opt/rh/rh-redis32/log/redis/redis.log","/var/log/httpd/*log","/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="misp" FILEBEAT_LOG_FORMAT="text"
#soctools-odfe-1 ansible_connection=docker FILEBEAT_FILES='["/usr/share/elasticsearch/logs/soctools-cluster_server.json"]' FILEBEAT_LOG_TYPE="odfe1" FILEBEAT_LOG_FORMAT="json"
#soctools-odfe-2 ansible_connection=docker FILEBEAT_FILES='["/usr/share/elasticsearch/logs/soctools-cluster_server.json"]' FILEBEAT_LOG_TYPE="odfe2" FILEBEAT_LOG_FORMAT="json"
soctools-kibana ansible_connection=docker FILEBEAT_FILES='["/usr/share/kibana/kblog"]' FILEBEAT_LOG_TYPE="kibana" FILEBEAT_LOG_FORMAT="text"
soctools-keycloak ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="keycloak" FILEBEAT_LOG_FORMAT="text"
soctools-mysql ansible_connection=docker FILEBEAT_FILES='["/var/opt/rh/rh-mariadb103/log/mariadb/mariadb.log"]' FILEBEAT_LOG_TYPE="mysql" FILEBEAT_LOG_FORMAT="text"
soctools-haproxy ansible_connection=docker FILEBEAT_SYSLOG_PORT=9000 FILEBEAT_LOG_TYPE="haproxy" FILEBEAT_LOG_FORMAT="text"
soctools-zookeeper ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="zookeeper" FILEBEAT_LOG_FORMAT="text"
soctools-cortex ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="cortex" FILEBEAT_LOG_FORMAT="text"
soctools-thehive ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="thehive" FILEBEAT_LOG_FORMAT="text"
soctools-cassandra ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="cassandra" FILEBEAT_LOG_FORMAT="text"
[haproxy]
dsoclab-haproxy ansible_connection=docker
\ No newline at end of file
soctools-haproxy ansible_connection=docker
\ No newline at end of file
[keycloakcontainers]
dsoclab-keycloak ansible_connection=docker
soctools-keycloak ansible_connection=docker
[odfekibanacontainers]
dsoclab-kibana ansible_connection=docker
soctools-kibana ansible_connection=docker
[mispcontainers]
dsoclab-misp ansible_connection=docker
soctools-misp ansible_connection=docker
[mysql]
dsoclab-mysql ansible_connection=docker
\ No newline at end of file
soctools-mysql ansible_connection=docker
\ No newline at end of file
[nificontainers]
dsoclab-nifi-1 ansible_connection=docker
dsoclab-nifi-2 ansible_connection=docker
dsoclab-nifi-3 ansible_connection=docker
soctools-nifi-1 ansible_connection=docker
soctools-nifi-2 ansible_connection=docker
soctools-nifi-3 ansible_connection=docker
[dsldev]
[soctoolsmain]
localhost ansible_connection=local
[thehive]
dsoclab-thehive ansible_connection=docker
soctools-thehive ansible_connection=docker
......@@ -2,7 +2,7 @@
- assert:
that:
- "'CHANGE_ME' not in dslproxy"
- "'CHANGE_ME' not in soctoolsproxy"
fail_msg: "Review *all* settings in group_vars/all/main.yml"
- include: centos.yml
......
......@@ -17,7 +17,7 @@ search {
index = cortex3
# ElasticSearch instance address.
# For cluster, join address:port with ',': "http://ip1:9200,ip2:9200,ip3:9200"
uri = "http://dsoclab-elastic:9200"
uri = "http://soctools-elastic:9200"
## Advanced configuration
# Scroll keepalive.
......
......@@ -57,7 +57,7 @@
- name: Generate host certificates
command: >
roles/ca/files/easyrsa/easyrsa
--subject-alt-name="DNS:{{item}},DNS:{{dslproxy}}"
--subject-alt-name="DNS:{{item}},DNS:{{soctoolsproxy}}"
build-serverClient-full {{item}} nopass
with_items:
- "{{ groups['nificontainers'] }}"
......
......@@ -38,7 +38,7 @@ search {
##
## ## SSL configuration
## search.keyStore {
## path = "/etc/cortex/dsoclab-cortex.p12"
## path = "/etc/cortex/soctools-cortex.p12"
## type = "PKCS12" # or PKCS12
## password = "{{kspass}}"
## }
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment