From 4ca8d99691283ca557a1fb7e1244c8c3ad91c766 Mon Sep 17 00:00:00 2001 From: SG Date: Thu, 4 Jan 2024 12:19:54 -0700 Subject: [PATCH] landingpage work in progress (idaholab/Malcolm#252) --- nginx/nginx_readonly.conf | 29 ++++++++--------------------- 1 file changed, 8 insertions(+), 21 deletions(-) diff --git a/nginx/nginx_readonly.conf b/nginx/nginx_readonly.conf index 5edd50341..fd12a4a8d 100644 --- a/nginx/nginx_readonly.conf +++ b/nginx/nginx_readonly.conf @@ -72,12 +72,6 @@ http { # use either auth_basic or auth_ldap include /etc/nginx/nginx_auth_rt.conf; - # Malcolm readme - location /readme { - root /usr/share/nginx/html; - try_files $uri $uri/index.html; - } - # Arkime -> Dashboards shortcut location ~* ^/idark2dash(.*) { @@ -101,7 +95,7 @@ http { set $filter_value $arg_value; } - rewrite ^/idark2dash/(.*) /dashboards/app/discover#/?_g=(refreshInterval:(pause:!t,value:0),time:(from:$filter_start_time,mode:absolute,to:$filter_stop_time))&_a=(columns:!(_source),filters:!((meta:(alias:!n,disabled:!f,index:'sessions2-*',key:$filter_field,negate:!f,params:(query:'$filter_value',type:phrase),type:phrase,value:'$filter_value'),query:(match:($filter_field:(query:'$filter_value',type:phrase))))),index:'sessions2-*',interval:auto,query:(language:lucene,query:''),sort:!(firstPacket,desc)) redirect; + rewrite ^/idark2dash/(.*) /dashboards/app/discover#/?_g=(refreshInterval:(pause:!t,value:0),time:(from:$filter_start_time,mode:absolute,to:$filter_stop_time))&_a=(columns:!(_source),filters:!((meta:(alias:!n,disabled:!f,index:'arkime_sessions3-*',key:$filter_field,negate:!f,params:(query:'$filter_value',type:phrase),type:phrase,value:'$filter_value'),query:(match:($filter_field:(query:'$filter_value',type:phrase))))),index:'arkime_sessions3-*',interval:auto,query:(language:lucene,query:''),sort:!(firstPacket,desc)) redirect; proxy_pass http://dashboards; proxy_redirect off; proxy_set_header Host dashboards.malcolm.local; @@ -109,7 +103,7 @@ http { # Dashboards -> Arkime shortcut location ~* /iddash2ark/(.*) { - rewrite ^.*/iddash2ark/(.*) /sessions?expression=($1) redirect; + rewrite ^.*/iddash2ark/(.*) /arkime/sessions?expression=($1) redirect; proxy_pass https://arkime; proxy_ssl_verify off; proxy_redirect off; @@ -180,7 +174,6 @@ http { # passthrough NetBox from the Malcolm API location /mapi/netbox/ { limit_except GET { deny all; } - include /etc/nginx/nginx_auth_rt.conf; proxy_pass http://netbox/netbox/api/; proxy_redirect off; proxy_set_header Host netbox.malcolm.local; @@ -197,31 +190,25 @@ http { proxy_set_header Host api.malcolm.local; } - location ~* ^/(api/)?(files|d?stats|es(indices|nodes|shards|tasks|recovery)|histor(y|ies)|notifiers|hunts?|settings|shortcuts|users|user/(config/(es)?[nN]odes|cron|settings)) { + location ~* ^/arkime/(api/)?(files|d?stats|es(indices|nodes|shards|tasks|recovery)|histor(y|ies)|notifiers|hunts?|settings|shortcuts|users|user/(config/(es)?[nN]odes|cron|settings)) { deny all; } - location /sessions { + # Arkime + location /arkime { limit_except GET POST { deny all; } proxy_pass https://arkime; - proxy_ssl_verify off; proxy_redirect off; proxy_set_header Host arkime.malcolm.local; proxy_set_header http_auth_http_user $authenticated_user; proxy_set_header Authorization ""; } - # Landing Page + # Landing Page and README location / { - include /etc/nginx/nginx_auth_rt.conf; - root /usr/share/nginx/html/; + limit_except GET POST { deny all; } + root /usr/share/nginx/html; try_files $uri $uri/index.html; - proxy_pass https://landing; - proxy_ssl_verify off; - proxy_redirect off; - proxy_set_header Host arkime.malcolm.local; - proxy_set_header http_auth_http_user $authenticated_user; - proxy_set_header Authorization ""; } }