diff --git a/docs/changelog/index.md b/docs/changelog/index.md index 82a31af418..9aaa8b06cd 100644 --- a/docs/changelog/index.md +++ b/docs/changelog/index.md @@ -7,6 +7,31 @@ hide: # Changelog + +## Version 20240328 +Released: 2024-03-28 + +### ⚠️ Note +Upgrading to this Timesketch version requires a database upgrade! + +See https://timesketch.org/guides/admin/upgrade/ for more details. + +### What's Changed +#### ✨ Features + +* DFIQ new UI and navigation by @berggren in [#3041](https://github.com/google/timesketch/pull/3041) +* User profile and settings support by @berggren in [3048](https://github.com/google/timesketch/pull/3048) +* Enhancements to Yeti indicators by @tomchop in [3038](https://github.com/google/timesketch/pull/3038) + +#### 🐞 Fixes + +* Improvements to the sigma handling by @tomchop in [3050](https://github.com/google/timesketch/pull/3050) +* Update run_analyzers in the api client by @jkppr in [3037](https://github.com/google/timesketch/pull/3037) +* Fix a bug in the feature_extraction analyzer by @jkppr in [3047](https://github.com/google/timesketch/pull/3047) + + +**Full Changelog**: [20240207...20240328](https://github.com/google/timesketch/compare/20240207...20240328) + ## Version 20240207 Released: 2024-02-07 diff --git a/docs/guides/admin/install.md b/docs/guides/admin/install.md index fff3898460..4437262831 100644 --- a/docs/guides/admin/install.md +++ b/docs/guides/admin/install.md @@ -78,16 +78,44 @@ sudo docker compose exec timesketch-web tsctl create-user ### 4. Enable TLS (optional) -It is out of scope for the deployment script to setup certificates but here are pointers on how to use Let's Encrypt. - -1. You need to configure a DNS name for the server. Use your DNS provider instructions. -2. Make sure your webserver is reachable on port 80. -3. Follow the official guide to install and run Let's Encrypt on Ubuntu: - https://certbot.eff.org/lets-encrypt/ubuntufocal-other - -When Let's Encrypt has been installed and you have generated certificates (located in /etc/letsencrypt) it is time to reconfigure Nginx. - -Edit timesketch/etc/nginx.conf (HOSTNAME is the DNS name of your server): +It is out of scope for the deployment script to setup certificates but here are +pointers on how to use Let's Encrypt in a docker deployment. + +1. You need to configure a DNS name for the server. Use your DNS providers +instructions. +2. Update your `timesketch/docker-compose.yaml` file. Update the nginx service +and add the certbot service with the following config: + ``` + nginx: + container_name: nginx + image: nginx:${NGINX_VERSION} + restart: always + ports: + - ${NGINX_HTTP_PORT}:80 + - ${NGINX_HTTPS_PORT}:443 + volumes: + - ${NGINX_CONFIG_PATH}:/etc/nginx/nginx.conf + - ./etc/certbot/www/:/var/www/certbot/:ro + - ./etc/certbot/conf/:/etc/letsencrypt/:ro + + certbot: + image: certbot/certbot:latest + volumes: + - ./etc/certbot/www/:/var/www/certbot/:rw + - ./etc/certbot/conf/:/etc/letsencrypt/:rw + ``` +3. Add the following location to your `timesketch/etc/nginx.conf`: +``` +location /.well-known/acme-challenge/ { + root /var/www/certbot; + } +``` +4. Run certbot with `--dry-run` first. If all goes well, run it again without +the `--dry-run` flag. +``` +docker-compose run --rm certbot certonly --webroot --webroot-path /var/www/certbot/ --dry-run -d +``` +5. Edit `timesketch/etc/nginx.conf` (HOSTNAME is the DNS name of your server): ``` events { @@ -99,8 +127,8 @@ http { listen 80; listen [::]:80; listen 443 ssl; - ssl_certificate /etc/letsencrypt/live/>/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/>/privkey.pem; + ssl_certificate /etc/letsencrypt/live//fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live//privkey.pem; client_max_body_size 0m; location / { @@ -118,24 +146,8 @@ http { } } ``` -**If you need to use a non-standard port** you can change the `proxy_set_header Host $host;` to `proxy_set_header Host $http_host;` instead. - - -Make the certificate and key available to the Nginx Docker container. Edit timesketch/docker-compose.yml and mount /etc/letsencrypt: - -``` -... - -nginx: - image: nginx:${NGINX_VERSION} - restart: always - ports: - - "80:80" - - "443:443" - volumes: - - ./etc/nginx.conf:/etc/nginx/nginx.conf - - /etc/letsencrypt:/etc/letsencrypt/ -``` +**If you need to use a non-standard port** you can change the +`proxy_set_header Host $host;` to `proxy_set_header Host $http_host;` instead. Restart the system: