From f95971e415c4350b5496b1934a5b75bfa987ff7c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?V=C3=A1clav=20Barto=C5=A1?= <bartos@cesnet.cz>
Date: Fri, 11 Dec 2020 17:18:43 +0100
Subject: [PATCH] All occurences of "dsoclab" or "dsl" renamed to "soctools"
dsoclab-* -> soctools-*
dsldev -> soctoolsmain
dslproxy -> soctoolsproxy
---
README.md | 2 +-
buildca.yml | 2 +-
buildimages.yml | 2 +-
group_vars/all/main.yml | 18 ++++++------
inventories/cassandra | 2 +-
inventories/cortex | 2 +-
inventories/elasticsearch | 4 +--
inventories/filebeat | 28 +++++++++----------
inventories/haproxy | 2 +-
inventories/keycloak | 2 +-
inventories/kibana | 2 +-
inventories/misp | 2 +-
inventories/mysql | 2 +-
inventories/nifi | 6 ++--
inventories/soctools | 2 +-
inventories/thehive | 2 +-
roles/build/tasks/main.yml | 2 +-
roles/build/templates/cortex/application.conf | 2 +-
roles/ca/tasks/main.yml | 2 +-
roles/cortex/templates/application.conf.j2 | 2 +-
.../templates/initkeycloakrealm.sh.j2 | 6 ++--
roles/misp/tasks/config.yml | 6 ++--
roles/misp/templates/misp.conf.j2 | 10 +++----
roles/nifi/templates/flow.xml.j2 | 2 +-
roles/nifi/templates/nifi.properties.j2 | 8 +++---
roles/odfees/tasks/main.yml | 2 +-
.../templates/config/elasticsearch.yml.j2 | 2 +-
.../templates/securityconfig/config.yml.j2 | 2 +-
roles/odfekibana/tasks/main.yml | 8 +++---
roles/odfekibana/templates/kibana.yml.j2 | 6 ++--
soctools_server.yml | 2 +-
startsoctools.yml | 2 +-
stopsoctools.yml | 2 +-
utils/flow2template.py | 2 +-
34 files changed, 74 insertions(+), 74 deletions(-)
diff --git a/README.md b/README.md
index cb026f8..ac1dfb4 100644
--- a/README.md
+++ b/README.md
@@ -19,7 +19,7 @@ Temporary solution: Upload your ssh key to gitlab.geant.org
`cd soctools`
Install soctools:
-Edit group_vars/all/main.yml and change 'dslproxy' so that it point to the FQDN of the server.
+Edit group_vars/all/main.yml and change 'soctoolsproxy' so that it point to the FQDN of the server.
`vi group_vars/all/main.yml`
The first entry in the soctools_users variable is the user with full admin privileges in NiFi and Kibana.
diff --git a/buildca.yml b/buildca.yml
index b718286..37ef902 100644
--- a/buildca.yml
+++ b/buildca.yml
@@ -1,7 +1,7 @@
---
- name: Build certification authority
- hosts: dsldev
+ hosts: soctoolsmain
roles:
- ca
diff --git a/buildimages.yml b/buildimages.yml
index d30f905..8a93583 100644
--- a/buildimages.yml
+++ b/buildimages.yml
@@ -1,7 +1,7 @@
---
- name: Build docker images
- hosts: dsldev
+ hosts: soctoolsmain
roles:
- build
diff --git a/group_vars/all/main.yml b/group_vars/all/main.yml
index 28c551b..840fe83 100644
--- a/group_vars/all/main.yml
+++ b/group_vars/all/main.yml
@@ -1,6 +1,6 @@
---
-dslproxy: "<CHANGE_ME:hostname>"
+soctoolsproxy: "<CHANGE_ME:hostname>"
# TheHive Button plugin
THEHIVE_URL: "https://hive.gn4-3-wp8-soc.sunet.se/"
@@ -14,14 +14,14 @@ repo: gn43-dsl
version: 7
suffix: a20201004
-haproxy_name: "dsoclab-haproxy"
+haproxy_name: "soctools-haproxy"
haproxy_version: "2.2"
haproxy_img: "{{repo}}/haproxy:{{version}}{{suffix}}"
HAPROXY_PROCESSES: "2"
HAPROXY_STATS_PASS: "eiph2Eepaizicheelah3tei+bae3ohgh"
FILEBEAT_VERSION: "7.9.3"
-FILEBEAT_OUTPUT_HOST: "{{dslproxy}}"
+FILEBEAT_OUTPUT_HOST: "{{soctoolsproxy}}"
FILEBEAT_OUTPUT_PORT: "6000"
FILEBEAT_CERT: "/opt/filebeat/filebeat.crt"
FILEBEAT_KEY: "/opt/filebeat/filebeat.key"
@@ -30,27 +30,27 @@ temp_root: "/tmp/centosbuild"
openjdk_img: "{{repo}}/openjdk:{{version}}{{suffix}}"
-zookeeper_name: "dsoclab-zookeeper"
+zookeeper_name: "soctools-zookeeper"
zookeeper_img: "{{repo}}/zookeeper:{{version}}{{suffix}}"
-misp_name: "dsoclab-misp"
+misp_name: "soctools-misp"
misp_img: "{{repo}}/misp:{{version}}{{suffix}}"
nifi_img: "{{repo}}/nifi:{{version}}{{suffix}}"
-mysql_name: "dsoclab-mysql"
+mysql_name: "soctools-mysql"
mysql_img: "{{repo}}/mysql:{{version}}{{suffix}}"
mysql_dbrootpass: "Pass006"
-cassandra_name: "dsoclab-cassandra"
+cassandra_name: "soctools-cassandra"
cassandra_img: "{{repo}}/cassandra:{{version}}{{suffix}}"
-thehive_name: "dsoclab-thehive"
+thehive_name: "soctools-thehive"
thehive_img: "{{repo}}/thehive:{{version}}{{suffix}}"
# GENERATED WITH cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n 1
thehive_secret_key: "LcnI9eKLo33711BmCnzf6UM1y05pdmj3dlADL81PxuffWqhobRoiiGFftjNPKpmM"
-cortex_name: "dsoclab-cortex"
+cortex_name: "soctools-cortex"
cortex_img: "{{repo}}/cortex:{{version}}{{suffix}}"
cortex_elasticsearch_mem: "256m"
# GENERATED WITH cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n 1
diff --git a/inventories/cassandra b/inventories/cassandra
index 82e7f1e..65a4f34 100644
--- a/inventories/cassandra
+++ b/inventories/cassandra
@@ -1,2 +1,2 @@
[cassandra]
-dsoclab-cassandra ansible_connection=docker
+soctools-cassandra ansible_connection=docker
diff --git a/inventories/cortex b/inventories/cortex
index aeedc48..6a64e81 100644
--- a/inventories/cortex
+++ b/inventories/cortex
@@ -1,2 +1,2 @@
[cortex]
-dsoclab-cortex ansible_connection=docker
+soctools-cortex ansible_connection=docker
diff --git a/inventories/elasticsearch b/inventories/elasticsearch
index 5f4b7de..73901fb 100644
--- a/inventories/elasticsearch
+++ b/inventories/elasticsearch
@@ -1,3 +1,3 @@
[odfeescontainers]
-dsoclab-odfe-1 ansible_connection=docker
-dsoclab-odfe-2 ansible_connection=docker
+soctools-odfe-1 ansible_connection=docker
+soctools-odfe-2 ansible_connection=docker
diff --git a/inventories/filebeat b/inventories/filebeat
index 067871d..d0fd1a2 100644
--- a/inventories/filebeat
+++ b/inventories/filebeat
@@ -1,15 +1,15 @@
[filebeat]
-dsoclab-nifi-1 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log"]' FILEBEAT_LOG_TYPE="nifi" FILEBEAT_LOG_FORMAT="text"
-dsoclab-nifi-2 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log"]' FILEBEAT_LOG_TYPE="nifi" FILEBEAT_LOG_FORMAT="text"
-dsoclab-nifi-3 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log"]' FILEBEAT_LOG_TYPE="nifi" FILEBEAT_LOG_FORMAT="text"
-dsoclab-misp ansible_connection=docker FILEBEAT_FILES='["/var/opt/rh/rh-php72/log/php-fpm/*.log","/var/opt/rh/rh-redis32/log/redis/redis.log","/var/log/httpd/*log","/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="misp" FILEBEAT_LOG_FORMAT="text"
-#dsoclab-odfe-1 ansible_connection=docker FILEBEAT_FILES='["/usr/share/elasticsearch/logs/dsoclab-cluster_server.json"]' FILEBEAT_LOG_TYPE="odfe1" FILEBEAT_LOG_FORMAT="json"
-#dsoclab-odfe-2 ansible_connection=docker FILEBEAT_FILES='["/usr/share/elasticsearch/logs/dsoclab-cluster_server.json"]' FILEBEAT_LOG_TYPE="odfe2" FILEBEAT_LOG_FORMAT="json"
-dsoclab-kibana ansible_connection=docker FILEBEAT_FILES='["/usr/share/kibana/kblog"]' FILEBEAT_LOG_TYPE="kibana" FILEBEAT_LOG_FORMAT="text"
-dsoclab-keycloak ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="keycloak" FILEBEAT_LOG_FORMAT="text"
-dsoclab-mysql ansible_connection=docker FILEBEAT_FILES='["/var/opt/rh/rh-mariadb103/log/mariadb/mariadb.log"]' FILEBEAT_LOG_TYPE="mysql" FILEBEAT_LOG_FORMAT="text"
-dsoclab-haproxy ansible_connection=docker FILEBEAT_SYSLOG_PORT=9000 FILEBEAT_LOG_TYPE="haproxy" FILEBEAT_LOG_FORMAT="text"
-dsoclab-zookeeper ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="zookeeper" FILEBEAT_LOG_FORMAT="text"
-dsoclab-cortex ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="cortex" FILEBEAT_LOG_FORMAT="text"
-dsoclab-thehive ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="thehive" FILEBEAT_LOG_FORMAT="text"
-dsoclab-cassandra ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="cassandra" FILEBEAT_LOG_FORMAT="text"
+soctools-nifi-1 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log"]' FILEBEAT_LOG_TYPE="nifi" FILEBEAT_LOG_FORMAT="text"
+soctools-nifi-2 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log"]' FILEBEAT_LOG_TYPE="nifi" FILEBEAT_LOG_FORMAT="text"
+soctools-nifi-3 ansible_connection=docker FILEBEAT_FILES='["/opt/nifi/nifi-current/logs/nifi-app.log","/opt/nifi/nifi-current/logs/nifi-bootstrap.log","/opt/nifi/nifi-current/logs/nifi-user.log"]' FILEBEAT_LOG_TYPE="nifi" FILEBEAT_LOG_FORMAT="text"
+soctools-misp ansible_connection=docker FILEBEAT_FILES='["/var/opt/rh/rh-php72/log/php-fpm/*.log","/var/opt/rh/rh-redis32/log/redis/redis.log","/var/log/httpd/*log","/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="misp" FILEBEAT_LOG_FORMAT="text"
+#soctools-odfe-1 ansible_connection=docker FILEBEAT_FILES='["/usr/share/elasticsearch/logs/soctools-cluster_server.json"]' FILEBEAT_LOG_TYPE="odfe1" FILEBEAT_LOG_FORMAT="json"
+#soctools-odfe-2 ansible_connection=docker FILEBEAT_FILES='["/usr/share/elasticsearch/logs/soctools-cluster_server.json"]' FILEBEAT_LOG_TYPE="odfe2" FILEBEAT_LOG_FORMAT="json"
+soctools-kibana ansible_connection=docker FILEBEAT_FILES='["/usr/share/kibana/kblog"]' FILEBEAT_LOG_TYPE="kibana" FILEBEAT_LOG_FORMAT="text"
+soctools-keycloak ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="keycloak" FILEBEAT_LOG_FORMAT="text"
+soctools-mysql ansible_connection=docker FILEBEAT_FILES='["/var/opt/rh/rh-mariadb103/log/mariadb/mariadb.log"]' FILEBEAT_LOG_TYPE="mysql" FILEBEAT_LOG_FORMAT="text"
+soctools-haproxy ansible_connection=docker FILEBEAT_SYSLOG_PORT=9000 FILEBEAT_LOG_TYPE="haproxy" FILEBEAT_LOG_FORMAT="text"
+soctools-zookeeper ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="zookeeper" FILEBEAT_LOG_FORMAT="text"
+soctools-cortex ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="cortex" FILEBEAT_LOG_FORMAT="text"
+soctools-thehive ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="thehive" FILEBEAT_LOG_FORMAT="text"
+soctools-cassandra ansible_connection=docker FILEBEAT_FILES='["/var/log/supervisor/*.log"]' FILEBEAT_LOG_TYPE="cassandra" FILEBEAT_LOG_FORMAT="text"
diff --git a/inventories/haproxy b/inventories/haproxy
index b8ea6a7..7ded04a 100644
--- a/inventories/haproxy
+++ b/inventories/haproxy
@@ -1,2 +1,2 @@
[haproxy]
-dsoclab-haproxy ansible_connection=docker
\ No newline at end of file
+soctools-haproxy ansible_connection=docker
\ No newline at end of file
diff --git a/inventories/keycloak b/inventories/keycloak
index c2746ec..b998e8f 100644
--- a/inventories/keycloak
+++ b/inventories/keycloak
@@ -1,2 +1,2 @@
[keycloakcontainers]
-dsoclab-keycloak ansible_connection=docker
+soctools-keycloak ansible_connection=docker
diff --git a/inventories/kibana b/inventories/kibana
index 557280d..1f00ac6 100644
--- a/inventories/kibana
+++ b/inventories/kibana
@@ -1,2 +1,2 @@
[odfekibanacontainers]
-dsoclab-kibana ansible_connection=docker
+soctools-kibana ansible_connection=docker
diff --git a/inventories/misp b/inventories/misp
index 331506d..445ec1e 100644
--- a/inventories/misp
+++ b/inventories/misp
@@ -1,2 +1,2 @@
[mispcontainers]
-dsoclab-misp ansible_connection=docker
+soctools-misp ansible_connection=docker
diff --git a/inventories/mysql b/inventories/mysql
index f9dcc24..6d0b306 100644
--- a/inventories/mysql
+++ b/inventories/mysql
@@ -1,2 +1,2 @@
[mysql]
-dsoclab-mysql ansible_connection=docker
\ No newline at end of file
+soctools-mysql ansible_connection=docker
\ No newline at end of file
diff --git a/inventories/nifi b/inventories/nifi
index e2c7ff1..d434490 100644
--- a/inventories/nifi
+++ b/inventories/nifi
@@ -1,4 +1,4 @@
[nificontainers]
-dsoclab-nifi-1 ansible_connection=docker
-dsoclab-nifi-2 ansible_connection=docker
-dsoclab-nifi-3 ansible_connection=docker
+soctools-nifi-1 ansible_connection=docker
+soctools-nifi-2 ansible_connection=docker
+soctools-nifi-3 ansible_connection=docker
diff --git a/inventories/soctools b/inventories/soctools
index 71a2d97..46ea675 100644
--- a/inventories/soctools
+++ b/inventories/soctools
@@ -1,2 +1,2 @@
-[dsldev]
+[soctoolsmain]
localhost ansible_connection=local
diff --git a/inventories/thehive b/inventories/thehive
index e19556d..6fd7b99 100644
--- a/inventories/thehive
+++ b/inventories/thehive
@@ -1,2 +1,2 @@
[thehive]
-dsoclab-thehive ansible_connection=docker
+soctools-thehive ansible_connection=docker
diff --git a/roles/build/tasks/main.yml b/roles/build/tasks/main.yml
index 223766f..e08a9cf 100644
--- a/roles/build/tasks/main.yml
+++ b/roles/build/tasks/main.yml
@@ -2,7 +2,7 @@
- assert:
that:
- - "'CHANGE_ME' not in dslproxy"
+ - "'CHANGE_ME' not in soctoolsproxy"
fail_msg: "Review *all* settings in group_vars/all/main.yml"
- include: centos.yml
diff --git a/roles/build/templates/cortex/application.conf b/roles/build/templates/cortex/application.conf
index 0e28b4d..afe42a6 100644
--- a/roles/build/templates/cortex/application.conf
+++ b/roles/build/templates/cortex/application.conf
@@ -17,7 +17,7 @@ search {
index = cortex3
# ElasticSearch instance address.
# For cluster, join address:port with ',': "http://ip1:9200,ip2:9200,ip3:9200"
- uri = "http://dsoclab-elastic:9200"
+ uri = "http://soctools-elastic:9200"
## Advanced configuration
# Scroll keepalive.
diff --git a/roles/ca/tasks/main.yml b/roles/ca/tasks/main.yml
index ded1deb..8d982c5 100644
--- a/roles/ca/tasks/main.yml
+++ b/roles/ca/tasks/main.yml
@@ -57,7 +57,7 @@
- name: Generate host certificates
command: >
roles/ca/files/easyrsa/easyrsa
- --subject-alt-name="DNS:{{item}},DNS:{{dslproxy}}"
+ --subject-alt-name="DNS:{{item}},DNS:{{soctoolsproxy}}"
build-serverClient-full {{item}} nopass
with_items:
- "{{ groups['nificontainers'] }}"
diff --git a/roles/cortex/templates/application.conf.j2 b/roles/cortex/templates/application.conf.j2
index 35323e0..56ef22f 100644
--- a/roles/cortex/templates/application.conf.j2
+++ b/roles/cortex/templates/application.conf.j2
@@ -38,7 +38,7 @@ search {
##
## ## SSL configuration
## search.keyStore {
-## path = "/etc/cortex/dsoclab-cortex.p12"
+## path = "/etc/cortex/soctools-cortex.p12"
## type = "PKCS12" # or PKCS12
## password = "{{kspass}}"
## }
diff --git a/roles/keycloak/templates/initkeycloakrealm.sh.j2 b/roles/keycloak/templates/initkeycloakrealm.sh.j2
index 481942e..f4cfc9e 100644
--- a/roles/keycloak/templates/initkeycloakrealm.sh.j2
+++ b/roles/keycloak/templates/initkeycloakrealm.sh.j2
@@ -21,14 +21,14 @@ kcadm.sh create realms/{{openid_realm}}/users -b '{"enabled":true,"attributes":{
kcadm.sh set-password -r {{openid_realm}} --username {{user.username}} --new-password {{user.password}}
{% endfor %}
-NIFICLIENT=$(kcadm.sh create realms/{{openid_realm}}/clients -i -b '{"enabled":true, "clientId":"dsoclab-nifi","protocol":"openid-connect","clientAuthenticatorType": "client-secret","redirectUris": ["https://{{dslproxy}}:9443/*" ],"webOrigins": [], "publicClient": false }')
+NIFICLIENT=$(kcadm.sh create realms/{{openid_realm}}/clients -i -b '{"enabled":true, "clientId":"soctools-nifi","protocol":"openid-connect","clientAuthenticatorType": "client-secret","redirectUris": ["https://{{soctoolsproxy}}:9443/*" ],"webOrigins": [], "publicClient": false }')
kcadm.sh create realms/{{openid_realm}}/clients/${NIFICLIENT}/protocol-mappers/models -b '{"protocol":"openid-connect","config":{"id.token.claim":"true","access.token.claim":"true","userinfo.token.claim":"true","multivalued":"","aggregate.attrs":"","user.attribute":"DN","claim.name":"DN","jsonType.label":"String"},"name":"SendDN","protocolMapper":"oidc-usermodel-attribute-mapper"}'
kcadm.sh get realms/{{openid_realm}}/clients/${NIFICLIENT}/client-secret --fields value > /opt/jboss/keycloak/nifisecret
-KIBANACLIENT=$(kcadm.sh create realms/{{openid_realm}}/clients -i -b '{"enabled":true, "clientId":"dsoclab-kibana","protocol":"openid-connect","clientAuthenticatorType": "client-secret","rootUrl": "https://{{dslproxy}}:5601","adminUrl": "","redirectUris": ["https://{{dslproxy}}:5601", "https://{{dslproxy}}:5601/auth/openid/login", "https://{{dslproxy}}:5601/app/kibana" ],"webOrigins": [], "publicClient": false }')
+KIBANACLIENT=$(kcadm.sh create realms/{{openid_realm}}/clients -i -b '{"enabled":true, "clientId":"soctools-kibana","protocol":"openid-connect","clientAuthenticatorType": "client-secret","rootUrl": "https://{{soctoolsproxy}}:5601","adminUrl": "","redirectUris": ["https://{{soctoolsproxy}}:5601", "https://{{soctoolsproxy}}:5601/auth/openid/login", "https://{{soctoolsproxy}}:5601/app/kibana" ],"webOrigins": [], "publicClient": false }')
kcadm.sh get realms/{{openid_realm}}/clients/${KIBANACLIENT}/client-secret --fields value > /opt/jboss/keycloak/kibanasecret
-MISPCLIENT=$(kcadm.sh create realms/{{openid_realm}}/clients -i -b '{"enabled":true, "clientId":"dsoclab-misp","protocol":"openid-connect","clientAuthenticatorType": "client-secret","rootUrl": "https://{{dslproxy}}:6443","adminUrl": "","redirectUris": ["https://{{dslproxy}}:6443/users/login/keycloak"],"webOrigins": [], "publicClient": false }')
+MISPCLIENT=$(kcadm.sh create realms/{{openid_realm}}/clients -i -b '{"enabled":true, "clientId":"soctools-misp","protocol":"openid-connect","clientAuthenticatorType": "client-secret","rootUrl": "https://{{soctoolsproxy}}:6443","adminUrl": "","redirectUris": ["https://{{soctoolsproxy}}:6443/users/login/keycloak"],"webOrigins": [], "publicClient": false }')
kcadm.sh get realms/{{openid_realm}}/clients/${MISPCLIENT}/client-secret --fields value > /opt/jboss/keycloak/mispsecret
kcadm.sh config truststore --delete
diff --git a/roles/misp/tasks/config.yml b/roles/misp/tasks/config.yml
index 8ff0252..52bfaac 100644
--- a/roles/misp/tasks/config.yml
+++ b/roles/misp/tasks/config.yml
@@ -9,7 +9,7 @@
- {"var":"Plugin.CustomAuth_enable","value":"true"}
- {"var":"Plugin.CustomAuth_header","value":"X_REMOTE_USER"}
- {"var":"Plugin.CustomAuth_disable_logout","value":"true"}
- - {"var":"MISP.external_baseurl","value":"https://{{dslproxy}}:6443"}
+ - {"var":"MISP.external_baseurl","value":"https://{{soctoolsproxy}}:6443"}
- {"var":"MISP.live","value":"true"}
- name: Init default user
@@ -35,7 +35,7 @@
- name: add users
uri:
- url: "https://{{dslproxy}}:6443/admin/users/add/1"
+ url: "https://{{soctoolsproxy}}:6443/admin/users/add/1"
method: POST
body_format: json
headers:
@@ -49,7 +49,7 @@
- name: Enable feed
uri:
- url: "https://{{dslproxy}}:6443/feeds/edit/1"
+ url: "https://{{soctoolsproxy}}:6443/feeds/edit/1"
method: POST
body_format: json
headers:
diff --git a/roles/misp/templates/misp.conf.j2 b/roles/misp/templates/misp.conf.j2
index 4e3189c..a1fa137 100644
--- a/roles/misp/templates/misp.conf.j2
+++ b/roles/misp/templates/misp.conf.j2
@@ -1,7 +1,7 @@
Listen 6443 https
<VirtualHost *:6443>
-ServerAdmin admin@{{dslproxy}}
-ServerName {{dslproxy}}
+ServerAdmin admin@{{soctoolsproxy}}
+ServerName {{soctoolsproxy}}
DocumentRoot /var/www/MISP/app/webroot
<Directory /var/www/MISP/app/webroot>
Options -Indexes
@@ -15,9 +15,9 @@ ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/var/www/MISP/app/webroot
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
OIDCCryptoPassphrase {{misp_crypto_pass}}
-OIDCProviderMetadataURL https://{{dslproxy}}:12443/auth/realms/{{openid_realm}}/.well-known/openid-configuration
-OIDCRedirectURI https://{{dslproxy}}:6443/users/login/keycloak
-OIDCClientID dsoclab-misp
+OIDCProviderMetadataURL https://{{soctoolsproxy}}:12443/auth/realms/{{openid_realm}}/.well-known/openid-configuration
+OIDCRedirectURI https://{{soctoolsproxy}}:6443/users/login/keycloak
+OIDCClientID soctools-misp
OIDCScope "openid profile"
OIDCClientSecret {{mispsecret.value}}
OIDCRemoteUserClaim email
diff --git a/roles/nifi/templates/flow.xml.j2 b/roles/nifi/templates/flow.xml.j2
index 8070e40..8fbd37f 100644
--- a/roles/nifi/templates/flow.xml.j2
+++ b/roles/nifi/templates/flow.xml.j2
@@ -10679,7 +10679,7 @@
<variable name="misp_ip_first_interval" value="60d" />
<variable name="elastic_username" value="{{ elastic_username }}" />
<variable name="misp_url" value="{{ misp_url }}" />
- <variable name="elastic_url" value="https://{{ dslproxy }}:9200" />
+ <variable name="elastic_url" value="https://{{ soctoolsproxy }}:9200" />
<variable name="elastic_password" value="{{ odfees_adminpass }}" />
</rootGroup>
<controllerServices />
diff --git a/roles/nifi/templates/nifi.properties.j2 b/roles/nifi/templates/nifi.properties.j2
index e9db2e8..6efbc1e 100644
--- a/roles/nifi/templates/nifi.properties.j2
+++ b/roles/nifi/templates/nifi.properties.j2
@@ -143,7 +143,7 @@ nifi.web.jetty.working.directory=./work/jetty
nifi.web.jetty.threads=200
nifi.web.max.header.size=16 KB
nifi.web.proxy.context.path=/nifi
-nifi.web.proxy.host={{ dslproxy }}:9443
+nifi.web.proxy.host={{ soctoolsproxy }}:9443
# security properties #
nifi.sensitive.props.key=
@@ -165,10 +165,10 @@ nifi.security.ocsp.responder.url=
nifi.security.ocsp.responder.certificate=
# OpenId Connect SSO Properties #
-nifi.security.user.oidc.discovery.url=https://{{dslproxy}}:12443/auth/realms/{{openid_realm}}/.well-known/openid-configuration
+nifi.security.user.oidc.discovery.url=https://{{soctoolsproxy}}:12443/auth/realms/{{openid_realm}}/.well-known/openid-configuration
nifi.security.user.oidc.connect.timeout=5 secs
nifi.security.user.oidc.read.timeout=5 secs
-nifi.security.user.oidc.client.id=dsoclab-nifi
+nifi.security.user.oidc.client.id=soctools-nifi
nifi.security.user.oidc.client.secret={{nifisecret.value}}
nifi.security.user.oidc.preferred.jwsalgorithm=
nifi.security.user.oidc.additional.scopes={{openid_scope}}
@@ -226,7 +226,7 @@ nifi.cluster.load.balance.max.thread.count=8
nifi.cluster.load.balance.comms.timeout=30 sec
# zookeeper properties, used for cluster management #
-nifi.zookeeper.connect.string=dsoclab-zookeeper:2181
+nifi.zookeeper.connect.string=soctools-zookeeper:2181
nifi.zookeeper.connect.timeout=60 secs
nifi.zookeeper.session.timeout=60 secs
nifi.zookeeper.root.node=/nifi
diff --git a/roles/odfees/tasks/main.yml b/roles/odfees/tasks/main.yml
index ae6ae65..2153928 100644
--- a/roles/odfees/tasks/main.yml
+++ b/roles/odfees/tasks/main.yml
@@ -106,7 +106,7 @@
- start
- name: Configure OpenDistro security
- command: "bash ./plugins/opendistro_security/tools/securityadmin.sh -h {{groups['odfeescontainers'][0]}} -cd /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/ -ks '/usr/share/elasticsearch/config/{{soctools_users[0].CN}}.p12' -kspass {{soctools_users[0].password}} -ts /usr/share/elasticsearch/config/cacerts.jks -tspass {{tspass}} -cn dsoclab-cluster"
+ command: "bash ./plugins/opendistro_security/tools/securityadmin.sh -h {{groups['odfeescontainers'][0]}} -cd /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/ -ks '/usr/share/elasticsearch/config/{{soctools_users[0].CN}}.p12' -kspass {{soctools_users[0].password}} -ts /usr/share/elasticsearch/config/cacerts.jks -tspass {{tspass}} -cn soctools-cluster"
when: "'{{groups['odfeescontainers'][0]}}' in inventory_hostname"
tags:
- start
diff --git a/roles/odfees/templates/config/elasticsearch.yml.j2 b/roles/odfees/templates/config/elasticsearch.yml.j2
index ef61cd3..2983888 100644
--- a/roles/odfees/templates/config/elasticsearch.yml.j2
+++ b/roles/odfees/templates/config/elasticsearch.yml.j2
@@ -1,4 +1,4 @@
-cluster.name: "dsoclab-cluster"
+cluster.name: "soctools-cluster"
#network.host: 0.0.0.0
network.host: {{ inventory_hostname }}
discovery.seed_hosts:
diff --git a/roles/odfees/templates/securityconfig/config.yml.j2 b/roles/odfees/templates/securityconfig/config.yml.j2
index 26e77a4..4936867 100644
--- a/roles/odfees/templates/securityconfig/config.yml.j2
+++ b/roles/odfees/templates/securityconfig/config.yml.j2
@@ -116,7 +116,7 @@ config:
config:
subject_key: {{openid_subjkey}}
roles_key: roles
- openid_connect_url: https://{{dslproxy}}:12443/auth/realms/{{openid_realm}}/.well-known/openid-configuration
+ openid_connect_url: https://{{soctoolsproxy}}:12443/auth/realms/{{openid_realm}}/.well-known/openid-configuration
enable_ssl: true
verify_hostnames: false
pemtrustedcas_filepath: "/usr/share/elasticsearch/config/{{ca_cn}}.crt"
diff --git a/roles/odfekibana/tasks/main.yml b/roles/odfekibana/tasks/main.yml
index de89a77..8d37381 100644
--- a/roles/odfekibana/tasks/main.yml
+++ b/roles/odfekibana/tasks/main.yml
@@ -119,7 +119,7 @@
- name: Check Kibana health
remote_user: kibana
- shell: 'curl -k -b /tmp/cookie.txt -c /tmp/cookie.txt -X "GET" "https://{{dslproxy}}:5601/api/status" \
+ shell: 'curl -k -b /tmp/cookie.txt -c /tmp/cookie.txt -X "GET" "https://{{soctoolsproxy}}:5601/api/status" \
| egrep status....overall....state...green'
register: result
until: result.rc == 0
@@ -138,7 +138,7 @@
# - start
#
#- name: change tenant to global
-# shell: 'curl -X "POST" "https://{{dslproxy}}:5601/api/v1/multitenancy/tenant" \
+# shell: 'curl -X "POST" "https://{{soctoolsproxy}}:5601/api/v1/multitenancy/tenant" \
# -b /tmp/cookie.txt -c /tmp/cookie.txt \
# -k --user admin:{{ odfees_adminpass }} \
# -H "kbn-xsrf: reporting" -H "Content-Type: application/json" \
@@ -156,7 +156,7 @@
- name: Import graphs to kibana
remote_user: kibana
- shell: 'curl -X "POST" "https://{{dslproxy}}:5601/api/saved_objects/_import?overwrite=true" \
+ shell: 'curl -X "POST" "https://{{soctoolsproxy}}:5601/api/saved_objects/_import?overwrite=true" \
-b /tmp/cookie.txt -c /tmp/cookie.txt \
-k --user admin:{{ odfees_adminpass }} \
-H "kbn-xsrf: reporting" -H "Content-Type: multipart/form-data" \
@@ -174,7 +174,7 @@
- name: Grant admin permissions to users
remote_user: kibana
- shell: 'curl -X "POST" "https://{{dslproxy}}:5601/api/v1/configuration/rolesmapping/all_access" \
+ shell: 'curl -X "POST" "https://{{soctoolsproxy}}:5601/api/v1/configuration/rolesmapping/all_access" \
-b /tmp/cookie.txt -c /tmp/cookie.txt \
-k --user admin:{{ odfees_adminpass }} \
-H "kbn-xsrf: reporting" -H "Content-Type: application/json" \
diff --git a/roles/odfekibana/templates/kibana.yml.j2 b/roles/odfekibana/templates/kibana.yml.j2
index 55210f5..a94de65 100644
--- a/roles/odfekibana/templates/kibana.yml.j2
+++ b/roles/odfekibana/templates/kibana.yml.j2
@@ -39,11 +39,11 @@ opendistro_security.readonly_mode.roles: ["kibana_read_only"]
#telemetry.enabled: false
opendistro_security.auth.type: "openid"
-opendistro_security.openid.connect_url: "https://{{dslproxy}}:12443/auth/realms/{{openid_realm}}/.well-known/openid-configuration"
-opendistro_security.openid.client_id: "dsoclab-kibana"
+opendistro_security.openid.connect_url: "https://{{soctoolsproxy}}:12443/auth/realms/{{openid_realm}}/.well-known/openid-configuration"
+opendistro_security.openid.client_id: "soctools-kibana"
opendistro_security.openid.client_secret: "{{kibanasecret.value}}"
opendistro_security.openid.root_ca: "/usr/share/kibana/config/{{ca_cn}}.crt"
-opendistro_security.openid.base_redirect_url: "https://{{dslproxy}}:5601"
+opendistro_security.openid.base_redirect_url: "https://{{soctoolsproxy}}:5601"
opendistro_security.cookie.secure: true
opendistro_security.cookie.password: "{{odfekibana_cookie}}"
diff --git a/soctools_server.yml b/soctools_server.yml
index 23716c5..382d998 100644
--- a/soctools_server.yml
+++ b/soctools_server.yml
@@ -1,5 +1,5 @@
---
-- hosts: dsldev
+- hosts: soctoolsmain
become: true
roles:
- soctools-server
diff --git a/startsoctools.yml b/startsoctools.yml
index f2fd9c9..929573b 100644
--- a/startsoctools.yml
+++ b/startsoctools.yml
@@ -1,7 +1,7 @@
---
- name: Start docker containers
- hosts: dsldev
+ hosts: soctoolsmain
roles:
- docker
diff --git a/stopsoctools.yml b/stopsoctools.yml
index 045c3f0..5bd1217 100644
--- a/stopsoctools.yml
+++ b/stopsoctools.yml
@@ -6,7 +6,7 @@
- nifi
- name: Stop all containers
- hosts: dsldev
+ hosts: soctoolsmain
roles:
- docker
diff --git a/utils/flow2template.py b/utils/flow2template.py
index 570a1ef..e00930a 100755
--- a/utils/flow2template.py
+++ b/utils/flow2template.py
@@ -19,7 +19,7 @@ for v in et.findall(".//variable"):
elif a['name']=="maxmind_key":
a['value']="{{ maxmind_key }}"
elif a['name']=="elastic_url":
- a['value']="https://{{ dslproxy }}:9200"
+ a['value']="https://{{ soctoolsproxy }}:9200"
elif a['name']=="elastic_username":
a['value']="{{ elastic_username }}"
elif a['name']=="elastic_password":
--
GitLab