gitignore + update

.gitatteibutes

@@ -0,0 +1 @@
+* text=auto

.github/workflows/build-parsedmarc-init.yml

@@ -1,23 +1,23 @@
-name: Build parsedmarc-init container
-
-on:
-  push:
-    paths:
-      - 'data/Dockerfiles/parsedmarc-init/**'
-  workflow_dispatch:
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v2
-      - name: Build and push Docker image
-        uses: docker/build-push-action@v1
-        with:
-          path: data/Dockerfiles/parsedmarc-init/
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_PASSWORD }}
-          repository: patschi/parsedmarc
-          tags: init
-          add_git_labels: true
+name: Build parsedmarc-init container
+
+on:
+  push:
+    paths:
+      - 'data/Dockerfiles/parsedmarc-init/**'
+  workflow_dispatch:
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v1
+        with:
+          path: data/Dockerfiles/parsedmarc-init/
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+          repository: patschi/parsedmarc
+          tags: init
+          add_git_labels: true

.github/workflows/build-parsedmarc.yml

@@ -1,25 +1,25 @@
-name: Build parsedmarc container
-
-on:
-  push:
-    paths:
-      - 'data/Dockerfiles/parsedmarc/**'
-  schedule:
-    - cron: '0 0 14 * *'
-  workflow_dispatch:
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v2
-      - name: Build and push Docker image
-        uses: docker/build-push-action@v1
-        with:
-          path: data/Dockerfiles/parsedmarc/
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_PASSWORD }}
-          repository: patschi/parsedmarc
-          tags: latest
-          add_git_labels: true
+name: Build parsedmarc container
+
+on:
+  push:
+    paths:
+      - 'data/Dockerfiles/parsedmarc/**'
+  schedule:
+    - cron: '0 0 14 * *'
+  workflow_dispatch:
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v1
+        with:
+          path: data/Dockerfiles/parsedmarc/
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+          repository: patschi/parsedmarc
+          tags: latest
+          add_git_labels: true

.gitignore

@@ -1 +1,10 @@
+data/conf/nginx/ssl/
+data/conf/nginx/.htpasswd
 data/conf/parsedmarc/config.ini
+data/conf/parsedmarc/flag.defaultRouteSet
+data/conf/parsedmarc/kibana_export.ndjson
+data/data/elasticsearch/nodes/
+data/data/geoipupdate/.geoipupdate.lock
+data/data/geoipupdate/GeoLite2-Country.mmdb
+docker-compose.override.yml
+geoipupdate.env

README.md

@@ -1,40 +1,40 @@
-# parsedmarc-dockerized
-
-Note: The standalone `parsedmarc` docker image on [DockerHub @ patschi/parsedmarc](https://hub.docker.com/r/patschi/parsedmarc) can also be used, if interested.
-
-## Setup:
-1. Get basics together:
-```
-git clone https://github.com/patschi/parsedmarc-dockerized.git /opt/parsedmarc-dockerized/
-cd /opt/parsedmarc-dockerized/ && cp data/conf/parsedmarc/config.sample.ini data/conf/parsedmarc/config.ini
-```
-
-2. Next we change the `parsedmarc` config (see [docs](https://domainaware.github.io/parsedmarc/#configuration-file). You can set `Test` to `True` for testing purposes.)
-```
-nano data/conf/parsedmarc/config.ini
-```
-
-3. Now we create an environment file, containing your geoipupdate settings from your [MaxMind account](https://www.maxmind.com/en/account/) to allow the container to pull the databases. For update cycles of the databases, please see [here](https://support.maxmind.com/geoip-faq/geoip2-and-geoip-legacy-database-updates/how-often-are-the-geoip2-and-geoip-legacy-databases-updated/). (Fill in your data!)
-```
-cat > geoipupdate.env <<EOF
-GEOIPUPDATE_ACCOUNT_ID=HERE_GOES_YOUR_ACCOUNT_ID
-GEOIPUPDATE_LICENSE_KEY=HERE_GOES_YOUR_LICENSE_KEY
-GEOIPUPDATE_FREQUENCY=24
-EOF
-```
-
-4. Finally, we start up the stack and wait:
-```
-docker-compose up -d
-```
-
-### What's happening then?
-
-1. First, containers of the stack are created and started. This might take a while, as several containers have dependencies on others being in a healthy state (meaning that its service must be fully started).
-2. During the startup of the `parsedmarc-init` container, all required steps and preparations are being taken care of - like generating a self-signed certificate for the included `nginx` webserver.
-3. Once the Kibana container - where you can view the dashboards - is started up, the corresponding parsedmarc dashboards are automatically imported into Kibana by the `parsedmarc-init` container.
-4. After some while, when everything is up and running, you can then access Kibana and its dashboards under the shipped reverse proxy at `https://HOST_IP:9999`. (Make sure to use HTTPS!)
-
-## Credits
-
-Built with awesome [parsedmarc](https://github.com/domainaware/checkdmarc), [Elasticsearch and Kibana](https://www.elastic.co/), [nginx](https://nginx.org), [Docker](https://docker.com) and [MaxMind GeoIP](https://dev.maxmind.com/geoip/geoip2/geolite2/).
+# parsedmarc-dockerized
+
+Note: The standalone `parsedmarc` docker image on [DockerHub @ patschi/parsedmarc](https://hub.docker.com/r/patschi/parsedmarc) can also be used, if interested.
+
+## Setup:
+1. Get basics together:
+```
+git clone https://github.com/patschi/parsedmarc-dockerized.git /opt/parsedmarc-dockerized/
+cd /opt/parsedmarc-dockerized/ && cp data/conf/parsedmarc/config.sample.ini data/conf/parsedmarc/config.ini
+```
+
+2. Next we change the `parsedmarc` config (see [docs](https://domainaware.github.io/parsedmarc/#configuration-file). You can set `Test` to `True` for testing purposes.)
+```
+nano data/conf/parsedmarc/config.ini
+```
+
+3. Now we create an environment file, containing your geoipupdate settings from your [MaxMind account](https://www.maxmind.com/en/account/) to allow the container to pull the databases. For update cycles of the databases, please see [here](https://support.maxmind.com/geoip-faq/geoip2-and-geoip-legacy-database-updates/how-often-are-the-geoip2-and-geoip-legacy-databases-updated/). (Fill in your data!)
+```
+cat > geoipupdate.env <<EOF
+GEOIPUPDATE_ACCOUNT_ID=HERE_GOES_YOUR_ACCOUNT_ID
+GEOIPUPDATE_LICENSE_KEY=HERE_GOES_YOUR_LICENSE_KEY
+GEOIPUPDATE_FREQUENCY=24
+EOF
+```
+
+4. Finally, we start up the stack and wait:
+```
+docker-compose up -d
+```
+
+### What's happening then?
+
+1. First, containers of the stack are created and started. This might take a while, as several containers have dependencies on others being in a healthy state (meaning that its service must be fully started).
+2. During the startup of the `parsedmarc-init` container, all required steps and preparations are being taken care of - like generating a self-signed certificate for the included `nginx` webserver.
+3. Once the Kibana container - where you can view the dashboards - is started up, the corresponding parsedmarc dashboards are automatically imported into Kibana by the `parsedmarc-init` container.
+4. After some while, when everything is up and running, you can then access Kibana and its dashboards under the shipped reverse proxy at `https://HOST_IP:9999`. (Make sure to use HTTPS!)
+
+## Credits
+
+Built with awesome [parsedmarc](https://github.com/domainaware/checkdmarc), [Elasticsearch and Kibana](https://www.elastic.co/), [nginx](https://nginx.org), [Docker](https://docker.com) and [MaxMind GeoIP](https://dev.maxmind.com/geoip/geoip2/geolite2/).

data/Dockerfiles/parsedmarc-init/Dockerfile

@@ -1,8 +1,8 @@
-FROM alpine:latest
-
-ADD start.sh /start.sh
-
-RUN apk add --no-cache curl openssl jq bash \
-    && chmod +x /start.sh
-
-ENTRYPOINT [ "/start.sh" ]
+FROM alpine:latest
+
+ADD start.sh /start.sh
+
+RUN apk add --no-cache curl openssl jq bash \
+    && chmod +x /start.sh
+
+ENTRYPOINT [ "/start.sh" ]

data/Dockerfiles/parsedmarc/Dockerfile

@@ -1,11 +1,11 @@
-FROM pypy:3-slim
-
-ADD start.sh /start.sh
-RUN apt-get update \
-    && apt-get install -y libxslt-dev libz-dev libxml2-dev gcc libemail-outlook-message-perl \
-    && pip install -U parsedmarc \
-    && apt-get purge --yes gcc && apt autoremove --yes && apt-get clean \
-    && rm -Rf /var/lib/{apt,dpkg}/ && rm -Rf /root/.cache/ \
-    && chmod +x /start.sh
-
-ENTRYPOINT [ "/start.sh" ]
+FROM pypy:3-slim
+
+ADD start.sh /start.sh
+RUN apt-get update \
+    && apt-get install -y libxslt-dev libz-dev libxml2-dev gcc libemail-outlook-message-perl \
+    && pip install -U parsedmarc \
+    && apt-get purge --yes gcc && apt autoremove --yes && apt-get clean \
+    && rm -Rf /var/lib/{apt,dpkg}/ && rm -Rf /root/.cache/ \
+    && chmod +x /start.sh
+
+ENTRYPOINT [ "/start.sh" ]

data/conf/nginx/site.conf

@@ -1,39 +1,39 @@
-server {
-	listen 443 ssl http2;
-
-	server_name _ default_server;
-	ssl_certificate /etc/nginx/ssl/kibana.crt;
-	ssl_certificate_key /etc/nginx/ssl/kibana.key;
-
-	server_tokens off;
-
-	ssl_session_timeout 1d;
-	ssl_session_cache shared:SSL:15m;
-	ssl_session_tickets off;
-
-	# modern configuration. tweak to your needs.
-    ssl_protocols TLSv1.2 TLSv1.3;
-    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
-    ssl_prefer_server_ciphers off;
-
-	add_header X-Frame-Options SAMEORIGIN;
-	add_header X-Content-Type-Options nosniff;
-
-	# Uncomment this next line if you are using a signed, trusted cert
-	#add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
-
-	#auth_basic "Login required";
-	#auth_basic_user_file /etc/nginx/htpasswd;
-
-	location / {
-		proxy_pass http://kibana:5601;
-		proxy_set_header Host $host;
-		proxy_set_header X-Real-IP $remote_addr;
-		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-	}
-}
-
-server {
-	listen 80;
-	return 301 https://$host$request_uri;
-}
+server {
+	listen 443 ssl;
+	http2 on;
+
+	server_name _ default_server;
+	ssl_certificate /etc/nginx/ssl/kibana.crt;
+	ssl_certificate_key /etc/nginx/ssl/kibana.key;
+
+	server_tokens off;
+
+	ssl_session_timeout 1d;
+	ssl_session_cache shared:SSL:15m;
+	ssl_session_tickets off;
+
+	# modern configuration. tweak to your needs.
+	ssl_protocols TLSv1.3;
+	ssl_prefer_server_ciphers off;
+
+	add_header X-Frame-Options SAMEORIGIN;
+	add_header X-Content-Type-Options nosniff;
+
+	# Uncomment this next line if you are using a signed, trusted cert
+	#add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
+
+	#auth_basic "Login required";
+	#auth_basic_user_file /etc/nginx/.htpasswd;
+
+	location / {
+		proxy_pass http://kibana:5601;
+		proxy_set_header Host $host;
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+	}
+}
+
+server {
+	listen 80;
+	return 301 https://$host$request_uri;
+}

data/conf/parsedmarc/config.sample.ini

@@ -1,27 +1,27 @@
-# See docs at: domainaware.github.io/parsedmarc/#configuration-file
-### ADJUST YOUR SETTINGS
-[general]
-save_aggregate = True
-save_forensic = True
-
-[imap]
-# IMAP login
-host = imap.example.com
-port = 993
-user = [email protected]
-password = $uperSecure
-ssl = True
-
-# advanced
-watch = True
-
-archive_folder = Processed
-delete = False
-
-# advanced advanced
-test = False
-
-### NO EDIT REQURIED DOWN BELOW
-[elasticsearch]
-hosts = elasticsearch:9200
-ssl = False
+# See docs at: domainaware.github.io/parsedmarc/#configuration-file
+### ADJUST YOUR SETTINGS
+[general]
+save_aggregate = True
+save_forensic = True
+
+[imap]
+# IMAP login
+host = imap.example.com
+port = 993
+user = [email protected]
+password = $uperSecure
+ssl = True
+
+# advanced
+watch = True
+
+archive_folder = Processed
+delete = False
+
+# advanced advanced
+test = False
+
+### NO EDIT REQURIED DOWN BELOW
+[elasticsearch]
+hosts = elasticsearch:9200
+ssl = False