new: Add docker

2018-10-24 17:40:59 +01:00 · 2018-10-24 17:40:59 +01:00 · 323efad595
parent 52337596dc
commit 323efad595
3 changed files with 91 additions and 3 deletions
--- a/22
+++ b/22
@ -0,0 +1,22 @@
+FROM debian:buster-slim
+EXPOSE 9000
+
+RUN apt-get update && \
+    apt-get -y install python3 python3-pip git build-essential default-libmysqlclient-dev
+
+RUN git clone --recursive https://github.com/MISP/MISP-Taxii-Server
+
+RUN pip3 install libtaxii==1.1.111  mysqlclient gunicorn
+
+WORKDIR /MISP-Taxii-Server/OpenTAXII
+RUN python3 setup.py install
+
+WORKDIR /MISP-Taxii-Server
+RUN python3 setup.py install
+
+RUN export OPENTAXII_CONFIG=/MISP-Taxii-Server/config.yaml && export PYTHONPATH=.
+RUN opentaxii-create-services -c config/services.yaml && opentaxii-create-collections -c config/collections.yaml
+
+ADD ./docker-run.sh /run.sh
+
+CMD /bin/sh /run.sh
--- a/README.md
+++ b/README.md
@ -8,6 +8,30 @@ along with a callback for when data is sent to the TAXII Server's inbox.

 ## Installation

+### Docker install
+
+For a really simple sqlite-based installation (plug and play, no persistence)
+
+```bash
+docker pull floatingghost/misp-taxii-server
+docker run -it \
+    -e PERSIST_CONNECTION_STRING="sqlite:///persist.db" \
+    -e AUTH_CONNECTION_STRING="sqlite:///auth.db" \
+    -e MISP_URL="https://mymisp" \
+    -e MISP_KEY="myapikey" \
+    -e TAXII_USER=root \
+    -e TAXII_PASS=root 
+    -p 9000:9000 \
+    taxii
+```
+
+That'll get you set up with a basic server, but is not recommended for production.
+Switch the connection strings to use an external database for that.
+
+This docker image currently just runs the base server with no supplimentary scripts.
+
+### Manual install
+
 Download the repository with
 ```bash
 git clone --recursive https://github.com/MISP/MISP-Taxii-Server
@ -135,6 +159,3 @@ This will open your crontab. Paste in

 This will run the polling script every 6 hours to keep things all synced up.

-## Planned features
-
- Duplicate Detection
--- a/docker-run.sh
+++ b/docker-run.sh
@ -0,0 +1,45 @@
+export OPENTAXII_CONFIG=/MISP-Taxii-Server/config.yaml && export PYTHONPATH=.
+
+cat > /MISP-Taxii-Server/config.yaml <<EOF
+domain: "localhost:9000"
+support_basic_auth: yes
+
+persistence_api:
+  class: opentaxii.persistence.sqldb.SQLDatabaseAPI
+  parameters:
+    db_connection: $PERSIST_CONNECTION_STRING
+    create_tables: yes
+
+auth_api:
+  class: opentaxii.auth.sqldb.SQLDatabaseAPI
+  parameters:
+    db_connection: $AUTH_CONNECTION_STRING
+    create_tables: yes
+    secret: ILoveTheSecretStringIsIsGreatButNeedsToBeChangedFrienderino
+
+logging:
+  opentaxii: info
+  root: info
+
+hooks: misp_taxii_hooks.hooks
+# Sample configuration for misp_taxii_server
+
+zmq:
+    host: "$ZMQ_HOST"
+    port: "$ZMQ_PORT"
+
+misp:
+    url: "$MISP_URL"
+    api: "$MISP_KEY"
+
+taxii:
+    auth:
+        username: "$TAXII_USER"
+        password: "$TAXII_PASS"
+    collections:
+        - collection
+EOF
+opentaxii-create-services -c config/services.yaml && opentaxii-create-collections -c config/collections.yaml
+
+opentaxii-create-account -u $TAXII_USER -p $TAXII_PASS
+gunicorn opentaxii.http:app --bind 0.0.0.0:9000