Initial commit

data/conf/nginx/site.conf

@@ -0,0 +1,37 @@
+server {
+	listen 443 ssl http2;
+
+	server_name _ default_server;
+	ssl_certificate /etc/nginx/ssl/kibana.crt;
+	ssl_certificate_key /etc/nginx/ssl/kibana.key;
+
+	ssl_session_timeout 1d;
+	ssl_session_cache shared:SSL:15m;
+	ssl_session_tickets off;
+
+	# modern configuration. tweak to your needs.
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
+    ssl_prefer_server_ciphers off;
+
+	add_header X-Frame-Options SAMEORIGIN;
+	add_header X-Content-Type-Options nosniff;
+
+	# Uncomment this next line if you are using a signed, trusted cert
+	#add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
+
+	#auth_basic "Login required";
+	#auth_basic_user_file /etc/nginx/htpasswd;
+
+	location / {
+		proxy_pass http://kibana:5601;
+		proxy_set_header Host $host;
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+	}
+}
+
+server {
+	listen 80;
+	return 301 https://$host$request_uri;
+}

data/conf/parsedmarc/config.ini

@@ -0,0 +1,27 @@
+# See docs at: domainaware.github.io/parsedmarc/#configuration-file
+### ADJUST YOUR SETTINGS
+[general]
+save_aggregate = True
+save_forensic = True
+
+[imap]
+# IMAP login
+host = imap.example.com
+port = 993
+user = dmarcresports@example.com
+password = $uperSecure
+
+# advanced
+watch = True
+ssl = True
+
+archive_folder = Processed
+delete = False
+
+# advanced advanced
+test = True
+
+### NO EDIT REQURIED DOWN BELOW
+[elasticsearch]
+hosts = elasticsearch:9200
+ssl = False