From 73afb84a2788bc631df7ab9fa916a1561093bb6e Mon Sep 17 00:00:00 2001 From: Brandon Myers Date: Tue, 14 May 2019 15:07:01 -0500 Subject: [PATCH] Readd OPTIONS_METEOR_KIBANAURL --- cloudy_mozdef/cloudformation/mozdef-instance.yml | 6 +++++- docs/source/advanced_settings.rst | 2 +- meteor/imports/settings.js | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/cloudy_mozdef/cloudformation/mozdef-instance.yml b/cloudy_mozdef/cloudformation/mozdef-instance.yml index 993f6438..19348481 100644 --- a/cloudy_mozdef/cloudformation/mozdef-instance.yml +++ b/cloudy_mozdef/cloudformation/mozdef-instance.yml @@ -86,7 +86,7 @@ Parameters: AlertQueueUrl: Type: String Description: The url of the alert queue kombu should use for taskExchange. -Conditions: +Conditions: OIDCEnabledCondition: !Not [!Equals [!Ref OIDCClientId, Unset]] OIDCNotEnabledCondition: @@ -152,7 +152,11 @@ Resources: # Drives the configuration of variables for a variety of containers. OIDC_CLIENT_ID=${OIDCClientId} OPTIONS_ESSERVERS=${ESURL} + # Private unauthed kibana url for accessing kibana API OPTIONS_KIBANAURL=${KibanaURL} + # The OPTIONS_METEOR_KIBANAURL uses the reserved word "relative" which triggers MozDef + # to use relative links to Kibana : https://github.com/mozilla/MozDef/pull/956 + OPTIONS_METEOR_KIBANAURL=https://relative:9090/_plugin/kibana/ OPTIONS_METEOR_ROOTURL=https://${DomainName} METEOR_BACKEND=meteor:3000 ESBACKEND=${KibanaDomainOnlyURL} diff --git a/docs/source/advanced_settings.rst b/docs/source/advanced_settings.rst index 51fd5897..e14a69a0 100644 --- a/docs/source/advanced_settings.rst +++ b/docs/source/advanced_settings.rst @@ -25,7 +25,7 @@ Certain environment variables have special meaning to the web ui (meteor): OPTIONS_METEOR_ROOTURL is "http://localhost" by default and should be set to the dns name of the UI where you will run MozDef OPTIONS_METEOR_PORT is 80 by default and is the port on which the UI will run OPTIONS_METEOR_ROOTAPI is http://rest:8081 by default and should resolve to the location of the rest api - OPTIONS_KIBANAURL is http://localhost:9090/app/kibana# by default and should resolve to your kibana installation + OPTIONS_METEOR_KIBANAURL is http://localhost:9090/app/kibana# by default and should resolve to your kibana installation OPTIONS_METEOR_ENABLECLIENTACCOUNTCREATION is true by default and governs whether accounts can be created OPTIONS_METEOR_AUTHENTICATIONTYPE is meteor-password by default and can be set to oidc to allow for oidc authentication OPTIONS_REMOVE_FEATURES is empty by default, but if you pass a comma separated list of features you'd like to remove they will no longer be available. diff --git a/meteor/imports/settings.js b/meteor/imports/settings.js index 88f2c59f..c481a1f0 100644 --- a/meteor/imports/settings.js +++ b/meteor/imports/settings.js @@ -20,7 +20,7 @@ if (Meteor.isServer) { rootURL: process.env.OPTIONS_METEOR_ROOTURL || "http://localhost", port: process.env.OPTIONS_METEOR_PORT || "80", rootAPI: process.env.OPTIONS_METEOR_ROOTAPI || "http://rest:8081", - kibanaURL: process.env.OPTIONS_KIBANAURL || "http://localhost:9090/app/kibana", + kibanaURL: process.env.OPTIONS_METEOR_KIBANAURL || "http://localhost:9090/app/kibana", enableClientAccountCreation: allowAccountCreation, authenticationType: process.env.OPTIONS_METEOR_AUTHENTICATIONTYPE || "meteor-password", removeFeatures: process.env.OPTIONS_REMOVE_FEATURES || ""