Title
#kolide
c

cips

06/24/2020, 11:54 AM
Hello to everyone. 👋 I have a first, newbie, question about Kolide: is there a way to block/filter access at the "/login" page? I mean, I'd like to have the login page accessible only from internal (private) addresses, leaving the other connections opened to osquery agents from external as well. Is there any internal option to do it? Thanks!!
defensivedepth

defensivedepth

06/24/2020, 12:59 PM
Hello there @cips! Here is how I did it for Security Onion using nginx - https://defensivedepth.com/2020/04/02/kolide-fleet-breaking-out-the-osquery-api-web-ui/
hilt

hilt

06/25/2020, 6:44 AM
looks good @defensivedepth I need to revisit my kubernetes config to get fleet working with an ingress controller that supports gRPC so that I can apply ingress rules to the fleet ui. @Kyle did you have any luck in that regards?
k

Kyle

06/25/2020, 11:27 PM
Yes, but without TLS termination, I just used the LB cert on fleet (since everything else behind the LB is just HTTP/unencrypted) then passed through GRPCS traffic (not GRPC), to
/kolide.agent.Api
hilt

hilt

06/25/2020, 11:30 PM
ok, thanks - I’ll probably revisit again soon. I’ve learnt a bit more about k8s since last week (that you need to restart ingress controllers after applying configmap changes apparently)
11:30 PM
are you in Australia or close to Au timezone @Kyle?