Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
gn4-3-wp8-t3.1 SOC
soctools
Commits
f95971e4
Commit
f95971e4
authored
Dec 11, 2020
by
Václav Bartoš
Browse files
All occurences of "dsoclab" or "dsl" renamed to "soctools"
dsoclab-* -> soctools-* dsldev -> soctoolsmain dslproxy -> soctoolsproxy
parent
988cb786
Changes
34
Hide whitespace changes
Inline
Side-by-side
README.md
View file @
f95971e4
...
...
@@ -19,7 +19,7 @@ Temporary solution: Upload your ssh key to gitlab.geant.org
`cd soctools`
Install soctools:
Edit group_vars/all/main.yml and change '
dsl
proxy' so that it point to the FQDN of the server.
Edit group_vars/all/main.yml and change '
soctools
proxy' so that it point to the FQDN of the server.
`vi group_vars/all/main.yml`
The first entry in the soctools_users variable is the user with full admin privileges in NiFi and Kibana.
...
...
buildca.yml
View file @
f95971e4
---
-
name
:
Build certification authority
hosts
:
dsldev
hosts
:
soctoolsmain
roles
:
-
ca
buildimages.yml
View file @
f95971e4
---
-
name
:
Build docker images
hosts
:
dsldev
hosts
:
soctoolsmain
roles
:
-
build
group_vars/all/main.yml
View file @
f95971e4
---
dsl
proxy
:
"
<CHANGE_ME:hostname>"
soctools
proxy
:
"
<CHANGE_ME:hostname>"
# TheHive Button plugin
THEHIVE_URL
:
"
https://hive.gn4-3-wp8-soc.sunet.se/"
...
...
@@ -14,14 +14,14 @@ repo: gn43-dsl
version
:
7
suffix
:
a20201004
haproxy_name
:
"
d
soc
lab
-haproxy"
haproxy_name
:
"
soc
tools
-haproxy"
haproxy_version
:
"
2.2"
haproxy_img
:
"
{{repo}}/haproxy:{{version}}{{suffix}}"
HAPROXY_PROCESSES
:
"
2"
HAPROXY_STATS_PASS
:
"
eiph2Eepaizicheelah3tei+bae3ohgh"
FILEBEAT_VERSION
:
"
7.9.3"
FILEBEAT_OUTPUT_HOST
:
"
{{
dsl
proxy}}"
FILEBEAT_OUTPUT_HOST
:
"
{{
soctools
proxy}}"
FILEBEAT_OUTPUT_PORT
:
"
6000"
FILEBEAT_CERT
:
"
/opt/filebeat/filebeat.crt"
FILEBEAT_KEY
:
"
/opt/filebeat/filebeat.key"
...
...
@@ -30,27 +30,27 @@ temp_root: "/tmp/centosbuild"
openjdk_img
:
"
{{repo}}/openjdk:{{version}}{{suffix}}"
zookeeper_name
:
"
d
soc
lab
-zookeeper"
zookeeper_name
:
"
soc
tools
-zookeeper"
zookeeper_img
:
"
{{repo}}/zookeeper:{{version}}{{suffix}}"
misp_name
:
"
d
soc
lab
-misp"
misp_name
:
"
soc
tools
-misp"
misp_img
:
"
{{repo}}/misp:{{version}}{{suffix}}"
nifi_img
:
"
{{repo}}/nifi:{{version}}{{suffix}}"
mysql_name
:
"
d
soc
lab
-mysql"
mysql_name
:
"
soc
tools
-mysql"
mysql_img
:
"
{{repo}}/mysql:{{version}}{{suffix}}"
mysql_dbrootpass
:
"
Pass006"
cassandra_name
:
"
d
soc
lab
-cassandra"
cassandra_name
:
"
soc
tools
-cassandra"
cassandra_img
:
"
{{repo}}/cassandra:{{version}}{{suffix}}"
thehive_name
:
"
d
soc
lab
-thehive"
thehive_name
:
"
soc
tools
-thehive"
thehive_img
:
"
{{repo}}/thehive:{{version}}{{suffix}}"
# GENERATED WITH cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n 1
thehive_secret_key
:
"
LcnI9eKLo33711BmCnzf6UM1y05pdmj3dlADL81PxuffWqhobRoiiGFftjNPKpmM"
cortex_name
:
"
d
soc
lab
-cortex"
cortex_name
:
"
soc
tools
-cortex"
cortex_img
:
"
{{repo}}/cortex:{{version}}{{suffix}}"
cortex_elasticsearch_mem
:
"
256m"
# GENERATED WITH cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n 1
...
...
inventories/cassandra
View file @
f95971e4
[cassandra]
d
soc
lab
-cassandra ansible_connection=docker
soc
tools
-cassandra ansible_connection=docker
inventories/cortex
View file @
f95971e4
[cortex]
d
soc
lab
-cortex ansible_connection=docker
soc
tools
-cortex ansible_connection=docker
inventories/elasticsearch
View file @
f95971e4
[odfeescontainers]
d
soc
lab
-odfe-1 ansible_connection=docker
d
soc
lab
-odfe-2 ansible_connection=docker
soc
tools
-odfe-1 ansible_connection=docker
soc
tools
-odfe-2 ansible_connection=docker
inventories/filebeat
View file @
f95971e4
[filebeat]
d
soc
lab
-nifi-1 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log"]' FILEBEAT_LOG_TYPE="nifi" FILEBEAT_LOG_FORMAT="text"
d
soc
lab
-nifi-2 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log"]' FILEBEAT_LOG_TYPE="nifi" FILEBEAT_LOG_FORMAT="text"
d
soc
lab
-nifi-3 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log"]' FILEBEAT_LOG_TYPE="nifi" FILEBEAT_LOG_FORMAT="text"
d
soc
lab
-misp ansible_connection=docker FILEBEAT_FILES='["/var/opt/rh/rh-php72/log/php-fpm/*.log","/var/opt/rh/rh-redis32/log/redis/redis.log","/var/log/httpd/*log","/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="misp" FILEBEAT_LOG_FORMAT="text"
#
d
soc
lab
-odfe-1 ansible_connection=docker FILEBEAT_FILES='["/usr/share/elasticsearch/logs/
d
soc
lab
-cluster_server.json"]' FILEBEAT_LOG_TYPE="odfe1" FILEBEAT_LOG_FORMAT="json"
#
d
soc
lab
-odfe-2 ansible_connection=docker FILEBEAT_FILES='["/usr/share/elasticsearch/logs/
d
soc
lab
-cluster_server.json"]' FILEBEAT_LOG_TYPE="odfe2" FILEBEAT_LOG_FORMAT="json"
d
soc
lab
-kibana ansible_connection=docker FILEBEAT_FILES='["/usr/share/kibana/kblog"]' FILEBEAT_LOG_TYPE="kibana" FILEBEAT_LOG_FORMAT="text"
d
soc
lab
-keycloak ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="keycloak" FILEBEAT_LOG_FORMAT="text"
d
soc
lab
-mysql ansible_connection=docker FILEBEAT_FILES='["/var/opt/rh/rh-mariadb103/log/mariadb/mariadb.log"]' FILEBEAT_LOG_TYPE="mysql" FILEBEAT_LOG_FORMAT="text"
d
soc
lab
-haproxy ansible_connection=docker FILEBEAT_SYSLOG_PORT=9000 FILEBEAT_LOG_TYPE="haproxy" FILEBEAT_LOG_FORMAT="text"
d
soc
lab
-zookeeper ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="zookeeper" FILEBEAT_LOG_FORMAT="text"
d
soc
lab
-cortex ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="cortex" FILEBEAT_LOG_FORMAT="text"
d
soc
lab
-thehive ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="thehive" FILEBEAT_LOG_FORMAT="text"
d
soc
lab
-cassandra ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="cassandra" FILEBEAT_LOG_FORMAT="text"
soc
tools
-nifi-1 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log"]' FILEBEAT_LOG_TYPE="nifi" FILEBEAT_LOG_FORMAT="text"
soc
tools
-nifi-2 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log"]' FILEBEAT_LOG_TYPE="nifi" FILEBEAT_LOG_FORMAT="text"
soc
tools
-nifi-3 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log"]' FILEBEAT_LOG_TYPE="nifi" FILEBEAT_LOG_FORMAT="text"
soc
tools
-misp ansible_connection=docker FILEBEAT_FILES='["/var/opt/rh/rh-php72/log/php-fpm/*.log","/var/opt/rh/rh-redis32/log/redis/redis.log","/var/log/httpd/*log","/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="misp" FILEBEAT_LOG_FORMAT="text"
#soc
tools
-odfe-1 ansible_connection=docker FILEBEAT_FILES='["/usr/share/elasticsearch/logs/soc
tools
-cluster_server.json"]' FILEBEAT_LOG_TYPE="odfe1" FILEBEAT_LOG_FORMAT="json"
#soc
tools
-odfe-2 ansible_connection=docker FILEBEAT_FILES='["/usr/share/elasticsearch/logs/soc
tools
-cluster_server.json"]' FILEBEAT_LOG_TYPE="odfe2" FILEBEAT_LOG_FORMAT="json"
soc
tools
-kibana ansible_connection=docker FILEBEAT_FILES='["/usr/share/kibana/kblog"]' FILEBEAT_LOG_TYPE="kibana" FILEBEAT_LOG_FORMAT="text"
soc
tools
-keycloak ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="keycloak" FILEBEAT_LOG_FORMAT="text"
soc
tools
-mysql ansible_connection=docker FILEBEAT_FILES='["/var/opt/rh/rh-mariadb103/log/mariadb/mariadb.log"]' FILEBEAT_LOG_TYPE="mysql" FILEBEAT_LOG_FORMAT="text"
soc
tools
-haproxy ansible_connection=docker FILEBEAT_SYSLOG_PORT=9000 FILEBEAT_LOG_TYPE="haproxy" FILEBEAT_LOG_FORMAT="text"
soc
tools
-zookeeper ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="zookeeper" FILEBEAT_LOG_FORMAT="text"
soc
tools
-cortex ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="cortex" FILEBEAT_LOG_FORMAT="text"
soc
tools
-thehive ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="thehive" FILEBEAT_LOG_FORMAT="text"
soc
tools
-cassandra ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="cassandra" FILEBEAT_LOG_FORMAT="text"
inventories/haproxy
View file @
f95971e4
[haproxy]
dsoclab-haproxy ansible_connection=docker
\ No newline at end of file
soctools-haproxy ansible_connection=docker
\ No newline at end of file
inventories/keycloak
View file @
f95971e4
[keycloakcontainers]
d
soc
lab
-keycloak ansible_connection=docker
soc
tools
-keycloak ansible_connection=docker
inventories/kibana
View file @
f95971e4
[odfekibanacontainers]
d
soc
lab
-kibana ansible_connection=docker
soc
tools
-kibana ansible_connection=docker
inventories/misp
View file @
f95971e4
[mispcontainers]
d
soc
lab
-misp ansible_connection=docker
soc
tools
-misp ansible_connection=docker
inventories/mysql
View file @
f95971e4
[mysql]
dsoclab-mysql ansible_connection=docker
\ No newline at end of file
soctools-mysql ansible_connection=docker
\ No newline at end of file
inventories/nifi
View file @
f95971e4
[nificontainers]
d
soc
lab
-nifi-1 ansible_connection=docker
d
soc
lab
-nifi-2 ansible_connection=docker
d
soc
lab
-nifi-3 ansible_connection=docker
soc
tools
-nifi-1 ansible_connection=docker
soc
tools
-nifi-2 ansible_connection=docker
soc
tools
-nifi-3 ansible_connection=docker
inventories/soctools
View file @
f95971e4
[
dsldev
]
[
soctoolsmain
]
localhost ansible_connection=local
inventories/thehive
View file @
f95971e4
[thehive]
d
soc
lab
-thehive ansible_connection=docker
soc
tools
-thehive ansible_connection=docker
roles/build/tasks/main.yml
View file @
f95971e4
...
...
@@ -2,7 +2,7 @@
-
assert
:
that
:
-
"
'CHANGE_ME'
not
in
dsl
proxy"
-
"
'CHANGE_ME'
not
in
soctools
proxy"
fail_msg
:
"
Review
*all*
settings
in
group_vars/all/main.yml"
-
include
:
centos.yml
...
...
roles/build/templates/cortex/application.conf
View file @
f95971e4
...
...
@@ -17,7 +17,7 @@ search {
index
=
cortex3
# ElasticSearch instance address.
# For cluster, join address:port with ',': "http://ip1:9200,ip2:9200,ip3:9200"
uri
=
"http://
d
soc
lab
-elastic:9200"
uri
=
"http://soc
tools
-elastic:9200"
## Advanced configuration
# Scroll keepalive.
...
...
roles/ca/tasks/main.yml
View file @
f95971e4
...
...
@@ -57,7 +57,7 @@
-
name
:
Generate host certificates
command
:
>
roles/ca/files/easyrsa/easyrsa
--subject-alt-name="DNS:{{item}},DNS:{{
dsl
proxy}}"
--subject-alt-name="DNS:{{item}},DNS:{{
soctools
proxy}}"
build-serverClient-full {{item}} nopass
with_items
:
-
"
{{
groups['nificontainers']
}}"
...
...
roles/cortex/templates/application.conf.j2
View file @
f95971e4
...
...
@@ -38,7 +38,7 @@ search {
##
## ## SSL configuration
## search.keyStore {
## path = "/etc/cortex/
d
soc
lab
-cortex.p12"
## path = "/etc/cortex/soc
tools
-cortex.p12"
## type = "PKCS12" # or PKCS12
## password = "{{kspass}}"
## }
...
...
Prev
1
2
Next
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
