Skip to content

Commit

Permalink
Bump modules plus many other changes
Browse files Browse the repository at this point in the history
  • Loading branch information
@ostefano
ostefano committed Aug 24, 2024
1 parent 05f73f6 commit e131f85
Show file tree
Hide file tree
Showing 7 changed files with 63 additions and 10 deletions.
10 changes: 10 additions & 0 deletions core/files/entrypoint.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,5 +33,15 @@ export ENABLE_DB_SETTINGS=${ENABLE_DB_SETTINGS:-false}
export PROXY_ENABLE=${PROXY_ENABLE:-false}
export DEBUG=${DEBUG:-0}

export FASTCGI_READ_TIMEOUT=${FASTCGI_READ_TIMEOUT:-300s}
export FASTCGI_SEND_TIMEOUT=${FASTCGI_SEND_TIMEOUT:-300s}
export FASTCGI_CONNECT_TIMEOUT=${FASTCGI_CONNECT_TIMEOUT:-300s}

export PHP_MEMORY_LIMIT=${PHP_MEMORY_LIMIT:-2048M}
export PHP_MAX_EXECUTION_TIME=${PHP_MAX_EXECUTION_TIME:-300}
export PHP_UPLOAD_MAX_FILESIZE=${PHP_UPLOAD_MAX_FILESIZE:-50M}
export PHP_POST_MAX_SIZE=${PHP_POST_MAX_SIZE:-50M}
export PHP_MAX_INPUT_TIME:${PHP_MAX_INPUT_TIME:-300}

# start supervisord using the main configuration file so we have a socket interface
/usr/bin/supervisord -c /etc/supervisor/supervisord.conf
9 changes: 5 additions & 4 deletions core/files/entrypoint_fpm.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,10 +12,11 @@ change_php_vars() {
for FILE in /etc/php/*/fpm/php.ini
do
[[ -e $FILE ]] || break
sed -i "s/memory_limit = .*/memory_limit = 2048M/" "$FILE"
sed -i "s/max_execution_time = .*/max_execution_time = 300/" "$FILE"
sed -i "s/upload_max_filesize = .*/upload_max_filesize = 50M/" "$FILE"
sed -i "s/post_max_size = .*/post_max_size = 50M/" "$FILE"
sed -i "s/memory_limit = .*/memory_limit = ${PHP_MEMORY_LIMIT}/" "$FILE"
sed -i "s/max_execution_time = .*/max_execution_time = ${PHP_MAX_EXECUTION_TIME}/" "$FILE"
sed -i "s/upload_max_filesize = .*/upload_max_filesize = ${PHP_UPLOAD_MAX_FILESIZE}/" "$FILE"
sed -i "s/post_max_size = .*/post_max_size = ${PHP_POST_MAX_SIZE}/" "$FILE"
sed -i "s/max_input_time = .*/max_input_time = ${PHP_MAX_INPUT_TIME}|" "$FILE"
sed -i "s/session.save_handler = .*/session.save_handler = redis/" "$FILE"
sed -i "s|.*session.save_path = .*|session.save_path = '$(echo $REDIS_HOST | grep -E '^\w+://' || echo tcp://$REDIS_HOST):6379?auth=${REDIS_PASSWORD}'|" "$FILE"
sed -i "s/session.sid_length = .*/session.sid_length = 64/" "$FILE"
Expand Down
8 changes: 8 additions & 0 deletions core/files/entrypoint_nginx.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -199,6 +199,14 @@ flip_nginx() {
}

init_nginx() {
# Adjust timeouts
echo "... adjusting 'fastcgi_read_timeout' to ${FASTCGI_READ_TIMEOUT}"
sed -i "s/fastcgi_read_timeout .*;/fastcgi_read_timeout ${FASTCGI_READ_TIMEOUT};/" /etc/nginx/includes/misp
echo "... adjusting 'fastcgi_send_timeout' to ${FASTCGI_SEND_TIMEOUT}"
sed -i "s/fastcgi_send_timeout .*;/fastcgi_send_timeout ${FASTCGI_SEND_TIMEOUT};/" /etc/nginx/includes/misp
echo "... adjusting 'fastcgi_connect_timeout' to ${FASTCGI_CONNECT_TIMEOUT}"
sed -i "s/fastcgi_connect_timeout .*;/fastcgi_connect_timeout ${FASTCGI_CONNECT_TIMEOUT};/" /etc/nginx/includes/misp

# Testing for files also test for links, and generalize better to mounted files
if [[ ! -f "/etc/nginx/sites-enabled/misp80" ]]; then
echo "... enabling port 80 redirect"
Expand Down
4 changes: 3 additions & 1 deletion core/files/etc/nginx/includes/misp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,9 @@ location / {
location ~ ^/[^/]+\.php(/|$) {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_read_timeout 300;
fastcgi_read_timeout 300s;
fastcgi_send_timeout 300s;
fastcgi_connect_timeout 300s;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
Expand Down
16 changes: 14 additions & 2 deletions docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,9 @@ services:
start_period: 30s

misp-core:
image: ghcr.io/misp/misp-docker/misp-core:latest
image: ghcr.io/misp/misp-docker/misp-core:${CORE_RUNNING_TAG:-latest}
cap_add:
- CAP_AUDIT_WRITE
build:
context: core/.
args:
Expand Down Expand Up @@ -167,9 +169,19 @@ services:
- "DEBUG=${DEBUG}"
# SMTP setting
- "SMTP_FQDN=${SMTP_FQDN}"
# NGINX settings
- "FASTCGI_READ_TIMEOUT=${FASTCGI_READ_TIMEOUT:-300s}"
- "FASTCGI_SEND_TIMEOUT=${FASTCGI_SEND_TIMEOUT:-300s}"
- "FASTCGI_CONNECT_TIMEOUT=${FASTCGI_CONNECT_TIMEOUT:-300s}"
# PHP settings
- "PHP_MEMORY_LIMIT=${PHP_MEMORY_LIMIT:-2048M}"
- "PHP_MAX_EXECUTION_TIME=${PHP_MAX_EXECUTION_TIME:-300}"
- "PHP_UPLOAD_MAX_FILESIZE=${PHP_UPLOAD_MAX_FILESIZE:-50M}"
- "PHP_POST_MAX_SIZE=${PHP_POST_MAX_SIZE:-50M}"
- "PHP_MAX_INPUT_TIME:${PHP_MAX_INPUT_TIME:-300}"

misp-modules:
image: ghcr.io/misp/misp-docker/misp-modules:latest
image: ghcr.io/misp/misp-docker/misp-modules:${MODULES_RUNNING_TAG:-latest}
build:
context: modules/.
args:
Expand Down
9 changes: 7 additions & 2 deletions modules/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,9 +30,14 @@ FROM "${DOCKER_HUB_PROXY}python:3.12-slim-bookworm" AS python-build
EOF

WORKDIR /srv/misp-modules
RUN pip install pipenv
RUN pipenv requirements > requirements.txt
RUN pip install poetry
RUN sed -i "s/^python = .*/python = \"$(python -c 'import platform; print(platform.python_version())')\"/" pyproject.toml
RUN poetry lock
# RUN poetry install --with unstable
RUN poetry self add poetry-plugin-export
RUN poetry export --with unstable --without-hashes -f requirements.txt -o requirements.txt
RUN pip wheel -r requirements.txt --no-cache-dir -w /wheels/
RUN poetry build --output /wheels/

WORKDIR /srv/
RUN rm -rf /srv/misp-modules
Expand Down
17 changes: 16 additions & 1 deletion template.env
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
##

CORE_TAG=v2.4.196
MODULES_TAG=v2.4.195
MODULES_TAG=v2.4.196
PHP_VER=20190902
LIBFAUP_COMMIT=3a26d0a

Expand All @@ -28,6 +28,9 @@ LIBFAUP_COMMIT=3a26d0a
# Run-time variables
##

# CORE_RUNNING_TAG=latest
# MODULES_RUNNING_TAG=latest

# Email/username for user #1, defaults to MISP's default ([email protected])
ADMIN_EMAIL=
# name of org #1, default to MISP's default (ORGNAME)
Expand Down Expand Up @@ -166,3 +169,15 @@ SYNCSERVERS_1_PULL_RULES=
# 1 - Debug on
# 2 - Debug on + SQL dump
# DEBUG=

# FastCGI configuration
# FASTCGI_READ_TIMEOUT=300s
# FASTCGI_SEND_TIMEOUT=300s
# FASTCGI_CONNECT_TIMEOUT=300s

# PHP fpm configuration
# PHP_MEMORY_LIMIT=2048
# PHP_MAX_EXECUTION_TIME=300
# PHP_UPLOAD_MAX_FILESIZE=50M
# PHP_POST_MAX_SIZE=50M
# PHP_MAX_INPUT_TIME=300

0 comments on commit e131f85

Please sign in to comment.