Refactor (#136)

* Split Dockerfile into two containers * split project (be/fe) * updated docker * Update logo path in README.md * Move image file to frontend directory * updated nginx config * updated docker file * updated nginx * Add APIRouter for modularizing routes * updated nginx * updated ignore file * Update Dockerfile and docker-compose.yml * added env file * new tmp dockerfile for fe * docker changes * Remove port mapping for copilot-backend container and update nginx.conf for API endpoint but still not working as expected * updated fe package.json * fix httpclient headers * updated dependencies * Fix authentication bug and improve error handling * updated docker * Update Office365 integration documentation and Docker configuration * updated images * Delete unused files and update Docker configuration * Update Dockerfile to expose port 2000 * added ssl * updated ssl generator * precommit fixes * ignore ssl files * remove nginx certs * updated ssl script * add default ss keys * Update agent SOC cases and bookmarked alerts * precommit fixes * Add Docker installation check and update frontend URL * Update image reference for copilot-frontend container * Add SERVER_IP configuration for remote machine connection * Add build-dockers.sh script to build copilot-frontend image * Remove unnecessary SSL configuration * Update API URL in .env.example file * Refactor nginx.conf for improved logging and HTTPS redirection * Update Copilot port and protocol --------- Co-authored-by: Davide Di Modica <webmaster.ddm@gmail.com>
socfortress · Feb 9, 2024 · b3f3968 · b3f3968
1 parent cea2786
commit b3f3968
Show file tree

Hide file tree

Showing 583 changed files with 7,923 additions and 16,749 deletions.
diff --git a/.dockerignore b/.dockerignore
diff --git a/.env.example b/.env.example
@@ -1,15 +1,5 @@
-# base url
-SERVER_IP=YOUR_SERVER_IP
-VITE_API_URL=http://YOUR_SERVER_IP:5000
-
-# value in seconds
-VITE_TOKEN_DEBOUNCE_TIME=10
-
-# alert if value is over
-VITE_UNCOMMITTED_JOURNAL_ENTRIES_THRESHOLD=50000
-
-# value in seconds
-VITE_HEALTHCHECKS_INTERVAL=120
+# Leave this as is if connecting from a remote machine
+SERVER_IP=0.0.0.0
 
 # Connector Credentials
 # ! SETTING UP YOUR CONNECTORS DEMOs https://www.youtube.com/@taylorwalton_socfortress/videos! #

diff --git a/.gitignore b/.gitignore
@@ -1,6 +1,10 @@
+#server.key
+server.csr
+#server.crt
+
 # Logs
 logs
-!src/components/logs
+!frontend/src/components/logs
 *.log
 npm-debug.log*
 yarn-debug.log*
@@ -15,8 +19,8 @@ dist-ssr
 coverage
 *.local
 
-/cypress/videos/
-/cypress/screenshots/
+cypress/videos/
+cypress/screenshots/
 
 # Editor directories and files
 .vscode/*

diff --git a/.nvmrc b/.nvmrc
diff --git a/README.md b/README.md
@@ -1,6 +1,6 @@
 <h1 align="center">
 
-<a href="https://www.socfortress.co"><img src="src/assets/images/socfortress_logo.svg" width="300" height="200"></a>
+<a href="https://www.socfortress.co"><img src="frontend/src/assets/images/socfortress_logo.svg" width="300" height="200"></a>
 
 SOCFortress CoPilot
 
@@ -13,7 +13,7 @@ SOCFortress CoPilot
 
 [SOCFortress CoPilot](https://www.socfortress.co) focuses on providing a single pane of glass for all your security operations needs. Simplify your open source security stack with a single platform focused on making open source security tools easier to use and more accessible.
 
-![demo_timeline](src/assets/images/copilot_gif.gif)
+![demo_timeline](frontend/src/assets/images/copilot_gif.gif)
 
 ## Table of contents
 
@@ -71,11 +71,14 @@ cp .env.example .env
 
 # Make your changes to the .env file
 
+# Build the copilot-frontend image
+bash build-dockers.sh
+
 # Run Copilot
 docker compose up -d
 ```
 
-Copilot shall be available on the host interface, port 5173, protocol HTTP - `http://<your_instance_ip>:5173`.
+Copilot shall be available on the host interface, port 443, protocol HTTPS - `https://<your_instance_ip>`.
 By default, an `admin` account is created. The password is printed in stdout the very first time Copilot is started. It won't be printed anymore after that.
 `Admin user password` can be searched in the logs of the `copilot` docker to find the password. You will use the `plain` password to login to the web interface.
 

diff --git a/backend/.dockerignore b/backend/.dockerignore
@@ -0,0 +1,2 @@
+data/copilot.db
+copilot.db
diff --git a/Dockerfile.deb → backend/Dockerfile b/Dockerfile.deb → backend/Dockerfile
@@ -1,6 +1,7 @@
 # build with `docker build -t python-backend -f Dockerfile.deb .`
 # run with `docker run -p 5000:5000 -d python-backend`
 # Start with the base Debian 11 image
+# looking to split into 2 containers, one for the backend and one for the frontend
 FROM debian:11
 
 # Set environment variables
@@ -37,27 +38,15 @@ RUN /opt/venv/bin/pip install setuptools
 
 # Install your application's dependencies
 WORKDIR /opt/copilot/backend
-COPY backend/requirements.txt ./
+COPY requirements.txt ./
 RUN /opt/venv/bin/pip install --no-cache-dir -r requirements.txt
 
 # Copy your application into the Docker image
-WORKDIR /opt/copilot
+WORKDIR /opt/copilot/backend
 COPY . .
 
-# Install Node.js and npm
-RUN curl -sL https://deb.nodesource.com/setup_18.x | bash -
-RUN apt-get install -y nodejs
-
-# Install concurrently
-RUN npm install -g concurrently
-
-# Install your Vue.js application's dependencies
-WORKDIR /opt/copilot
-RUN npm install
-
 # Expose ports
-EXPOSE 5000 5173
+EXPOSE 5000
 
 # Run your application
-#CMD ["sh", "-c", "cd backend && python copilot.py & cd /opt/copilot && npm run dev"]
-CMD ["sh", "-c", "cd /opt/copilot && npm run start"]
+CMD ["sh", "-c", "ls -la && /opt/venv/bin/python copilot.py"]
diff --git a/backend/app/agents/dfir_iris/services/cases.py b/backend/app/agents/dfir_iris/services/cases.py
@@ -1,13 +1,16 @@
 from typing import List
 
-from loguru import logger
-
 from app.agents.dfir_iris.schema.cases import AssetCaseIDResponse
 from app.connectors.dfir_iris.services.assets import get_case_assets
 from app.connectors.dfir_iris.services.cases import get_all_cases
+from loguru import logger
+from sqlalchemy.ext.asyncio import AsyncSession
 
 
-async def collect_agent_soc_cases(agent_id: int) -> AssetCaseIDResponse:
+async def collect_agent_soc_cases(
+    agent_id: int,
+    session: AsyncSession,
+) -> AssetCaseIDResponse:
     """
     Get all cases for the given agent ID.
 
@@ -18,11 +21,15 @@ async def collect_agent_soc_cases(agent_id: int) -> AssetCaseIDResponse:
         AssetCaseIDResponse: An instance of AssetCaseIDResponse containing the cases for the given agent ID.
     """
     logger.info(f"Getting cases for agent: {agent_id}")
-    all_cases = await get_all_cases()
+    all_cases = await get_all_cases(session=session)
     case_ids = await filter_cases_by_agent_id(all_cases, agent_id)
 
     logger.info(f"Found cases: {case_ids}")
-    return AssetCaseIDResponse(case_ids=case_ids, success=True, message="Successfully retrieved cases for agent")
+    return AssetCaseIDResponse(
+        case_ids=case_ids,
+        success=True,
+        message="Successfully retrieved cases for agent",
+    )
 
 
 async def filter_cases_by_agent_id(cases, agent_id: int) -> List[int]: