-
Notifications
You must be signed in to change notification settings - Fork 45
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
5150dcb
commit 73472f8
Showing
7 changed files
with
179 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| [submodule "manuka-server"] | ||
| path = manuka-server | ||
| url = https://github.com/spaceraccoon/manuka-server.git | ||
| [submodule "manuka-client"] | ||
| path = manuka-client | ||
| url = https://github.com/spaceraccoon/manuka-client.git | ||
| [submodule "manuka-listener"] | ||
| path = manuka-listener | ||
| url = https://github.com/spaceraccoon/manuka-listener.git |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,2 +1,22 @@ | ||
| # manuka | ||
| A modular OSINT honeypot for blue teamers | ||
|
|
||
| ## Development | ||
|
|
||
| In development, the components run on the following ports on `localhost`: | ||
|
|
||
| 1. `manuka-client`: `3000` | ||
| 2. `manuka-server`: `3001` | ||
| 3. `manuka-listener`: `3002` | ||
|
|
||
| To allow for the client and server to talk without CORS issues, an additional nginx layer proxy-passes `/api/` from port `3003` to port `3001` and `/` to port `3000`. | ||
|
|
||
| ### Requirements | ||
|
|
||
| See the individual component repositories for their requirements. | ||
|
|
||
| 1. `nginx >= 1.17.9` | ||
|
|
||
| ### Run | ||
|
|
||
| 1. `./start-dev.sh`; follow the instructions to start the individual components |
Submodule manuka-client
added at
5f6d2a
Submodule manuka-listener
added at
7eed88
Submodule manuka-server
added at
882833
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,131 @@ | ||
| worker_processes auto; | ||
| worker_rlimit_nofile 65535; | ||
|
|
||
| events { | ||
| multi_accept on; | ||
| worker_connections 65535; | ||
| } | ||
|
|
||
| http { | ||
| charset utf-8; | ||
| sendfile on; | ||
| tcp_nopush on; | ||
| tcp_nodelay on; | ||
| server_tokens off; | ||
| log_not_found off; | ||
| types_hash_max_size 2048; | ||
| client_max_body_size 16M; | ||
|
|
||
| # MIME | ||
| types { | ||
| text/html html htm shtml; | ||
| text/css css; | ||
| text/xml xml rss; | ||
| image/gif gif; | ||
| image/jpeg jpeg jpg; | ||
| application/x-javascript js; | ||
| text/plain txt; | ||
| text/x-component htc; | ||
| text/mathml mml; | ||
| image/png png; | ||
| image/x-icon ico; | ||
| image/x-jng jng; | ||
| image/vnd.wap.wbmp wbmp; | ||
| application/java-archive jar war ear; | ||
| application/mac-binhex40 hqx; | ||
| application/pdf pdf; | ||
| application/x-cocoa cco; | ||
| application/x-java-archive-diff jardiff; | ||
| application/x-java-jnlp-file jnlp; | ||
| application/x-makeself run; | ||
| application/x-perl pl pm; | ||
| application/x-pilot prc pdb; | ||
| application/x-rar-compressed rar; | ||
| application/x-redhat-package-manager rpm; | ||
| application/x-sea sea; | ||
| application/x-shockwave-flash swf; | ||
| application/x-stuffit sit; | ||
| application/x-tcl tcl tk; | ||
| application/x-x509-ca-cert der pem crt; | ||
| application/x-xpinstall xpi; | ||
| application/zip zip; | ||
| application/octet-stream deb; | ||
| application/octet-stream bin exe dll; | ||
| application/octet-stream dmg; | ||
| application/octet-stream eot; | ||
| application/octet-stream iso img; | ||
| application/octet-stream msi msp msm; | ||
| audio/mpeg mp3; | ||
| audio/x-realaudio ra; | ||
| video/mpeg mpeg mpg; | ||
| video/quicktime mov; | ||
| video/x-flv flv; | ||
| video/x-msvideo avi; | ||
| video/x-ms-wmv wmv; | ||
| video/x-ms-asf asx asf; | ||
| video/x-mng mng; | ||
| } | ||
| default_type application/octet-stream; | ||
|
|
||
| server { | ||
| listen 3003; | ||
| listen [::]:3003; | ||
|
|
||
| root .; | ||
|
|
||
| # security | ||
| # security headers | ||
| add_header X-Frame-Options "SAMEORIGIN" always; | ||
| add_header X-XSS-Protection "1; mode=block" always; | ||
| add_header X-Content-Type-Options "nosniff" always; | ||
| add_header Referrer-Policy "no-referrer-when-downgrade" always; | ||
| add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always; | ||
|
|
||
| # . files | ||
| location ~ /\.(?!well-known) { | ||
| deny all; | ||
| } | ||
|
|
||
| # proxy-pass | ||
| proxy_http_version 1.1; | ||
| proxy_cache_bypass $http_upgrade; | ||
|
|
||
| proxy_set_header Upgrade $http_upgrade; | ||
| proxy_set_header Connection "upgrade"; | ||
| proxy_set_header Host $host; | ||
| proxy_set_header X-Real-IP $remote_addr; | ||
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
| proxy_set_header X-Forwarded-Proto $scheme; | ||
| proxy_set_header X-Forwarded-Host $host; | ||
| proxy_set_header X-Forwarded-Port $server_port; | ||
|
|
||
| # reverse proxy | ||
| location / { | ||
| proxy_pass http://localhost:3000; | ||
| } | ||
|
|
||
| location /api/ { | ||
| proxy_pass http://127.0.0.1:3001; | ||
| } | ||
|
|
||
| # additional config | ||
| # favicon.ico | ||
| location = /favicon.ico { | ||
| log_not_found off; | ||
| access_log off; | ||
| } | ||
|
|
||
| # robots.txt | ||
| location = /robots.txt { | ||
| log_not_found off; | ||
| access_log off; | ||
| } | ||
|
|
||
| # gzip | ||
| gzip on; | ||
| gzip_vary on; | ||
| gzip_proxied any; | ||
| gzip_comp_level 6; | ||
| gzip_types text/plain text/css text/xml application/json application/javascript application/rss+xml application/atom+xml image/svg+xml; | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| #!/bin/bash | ||
|
|
||
| function stop { | ||
| echo "Stopping nginx..." | ||
| nginx -s quit | ||
| } | ||
|
|
||
| trap stop EXIT | ||
|
|
||
| nginx -c ${PWD}/nginx/conf/nginx.dev.conf | ||
|
|
||
| echo -e "Started nginx, please start the individual components in new shells:" | ||
| echo "manuka-server: CompileDaemon -command='./manuka-server'" | ||
| echo "manuka-client: npm start" | ||
| echo "manuka-listener: CompileDaemon -command='./manuka-listener'" | ||
| read -n 1 -s -r -p "Press any key to stop nginx:"; echo |