Skip to content

Commit

Permalink
fix read-only version of nginx.conf
Browse files Browse the repository at this point in the history
  • Loading branch information
mmguero committed Nov 21, 2022
1 parent b23bdb7 commit bd05c0c
Showing 1 changed file with 10 additions and 25 deletions.
35 changes: 10 additions & 25 deletions nginx/nginx_readonly.conf
Original file line number Diff line number Diff line change
Expand Up @@ -37,10 +37,6 @@ http {
server api:5000;
}

upstream malcolm-readme {
server arkime:8000;
}

upstream dashboards {
server dashboards:5601;
}
Expand All @@ -49,15 +45,11 @@ http {
server dashboards-helper:28991;
}

upstream netbox {
server netbox:8080;
}

upstream extracted-file-http-server {
server file-monitor:8440;
}

# Arkime interface
# Main web interface
server {
listen 443;
include /etc/nginx/nginx_ssl_config.conf;
Expand All @@ -67,9 +59,8 @@ http {

# Malcolm readme
location /readme {
proxy_pass http://malcolm-readme/README.html;
proxy_redirect off;
proxy_set_header Host arkime.malcolm.local;
root /usr/share/nginx/html;
try_files $uri $uri/index.html;
}

# Arkime -> Dashboards shortcut
Expand Down Expand Up @@ -104,7 +95,8 @@ http {
# Dashboards -> Arkime shortcut
location ~* /iddash2ark/(.*) {
rewrite ^.*/iddash2ark/(.*) /sessions?expression=($1) redirect;
proxy_pass http://arkime;
proxy_pass https://arkime;
proxy_ssl_verify off;
proxy_redirect off;
proxy_set_header Host arkime.malcolm.local;
proxy_set_header http_auth_http_user $authenticated_user;
Expand Down Expand Up @@ -139,16 +131,6 @@ http {
proxy_set_header Host file-monitor.malcolm.local;
}

# netbox
location /netbox {
proxy_pass http://netbox;
proxy_redirect off;
proxy_set_header Host netbox.malcolm.local;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
}

# favicon, logos, banners, etc.
include /etc/nginx/nginx_image_aliases.conf;

Expand All @@ -160,13 +142,15 @@ http {
add_header Content-Type "application/javascript";
default_type application/javascript;
add_header X-Content-Type-Options 'nosniff';
proxy_pass http://arkime/cyberchef/$1;
proxy_pass https://arkime/cyberchef/$1;
proxy_ssl_verify off;
proxy_redirect off;
proxy_set_header Host arkime.malcolm.local;
proxy_set_header http_auth_http_user $authenticated_user;
proxy_set_header Authorization "";
}

# Malcolm API
location /mapi {
proxy_pass http://api/;
proxy_redirect off;
Expand All @@ -179,7 +163,8 @@ http {

location / {
limit_except GET POST { deny all; }
proxy_pass http://arkime;
proxy_pass https://arkime;
proxy_ssl_verify off;
proxy_redirect off;
proxy_set_header Host arkime.malcolm.local;
proxy_set_header http_auth_http_user $authenticated_user;
Expand Down

0 comments on commit bd05c0c

Please sign in to comment.