2018-06-01 05:01:47 +02:00
|
|
|
FROM ubuntu:18.04
|
2016-09-27 08:49:04 +02:00
|
|
|
MAINTAINER Ventz Petkov <ventz_petkov@harvard.edu>
|
|
|
|
|
|
|
|
# User supplied inputs
|
|
|
|
ARG MYSQL_MISP_PASSWORD=ChangeThisDefaultPassworda9564ebc3289b7a14551baf8ad5ec60a
|
|
|
|
ARG POSTFIX_RELAY_HOST=localhost
|
|
|
|
ARG MISP_FQDN=localhost
|
|
|
|
ARG MISP_EMAIL=admin@localhost
|
2019-03-16 19:35:30 +01:00
|
|
|
ARG MISP_GPG_PASSWORD=ChangeThisDefaultPasswordXuJBao5Q2bps89LWFqWkKgDZwAFpNHvc
|
2016-09-27 08:49:04 +02:00
|
|
|
|
|
|
|
# Dir you need to override to keep data on reboot/new container:
|
|
|
|
VOLUME /var/lib/mysql
|
2017-02-09 17:25:59 +01:00
|
|
|
#VOLUME /var/www/MISP/Config
|
2016-09-27 08:49:04 +02:00
|
|
|
|
|
|
|
# Dir you might want to override in order to have custom ssl certs
|
2017-09-25 15:26:37 +02:00
|
|
|
# Need: "misp.key" and "misp.crt"
|
2016-09-27 08:49:04 +02:00
|
|
|
#VOLUME /etc/ssl/private
|
|
|
|
|
2018-04-17 23:34:10 +02:00
|
|
|
# 80/443 - MISP web server, 3306 - mysql, 6379 - redis, 50000 - MISP ZeroMQ
|
|
|
|
EXPOSE 80 443 3306 6379 50000
|
|
|
|
|
2016-09-27 08:49:04 +02:00
|
|
|
ENV DEBIAN_FRONTEND noninteractive
|
2019-11-21 03:37:06 +01:00
|
|
|
ENV DEBIAN_PRIORITY critical
|
|
|
|
RUN apt-get update && apt-get install -y supervisor cron logrotate syslog-ng-core postfix curl gcc git gnupg-agent make python3 openssl redis-server sudo vim zip wget mariadb-client mariadb-server sqlite3 moreutils apache2 apache2-doc apache2-utils libapache2-mod-php php php-cli php-gnupg php-dev php-json php-mysql php7.2-opcache php-readline php-redis php-xml php-mbstring rng-tools python3-dev python3-pip python3-yara python3-redis python3-zmq libxml2-dev libxslt1-dev zlib1g-dev python3-setuptools libpq5 libjpeg-dev libfuzzy-dev ruby asciidoctor tesseract-ocr imagemagick libpoppler-cpp-dev
|
2016-09-27 08:49:04 +02:00
|
|
|
|
2018-06-21 04:43:16 +02:00
|
|
|
# Edit the php.ini file to adjust initial PHP settings to MISP recommended settings
|
|
|
|
RUN sed -i "s/max_execution_time = 30/max_execution_time = 300/" /etc/php/7.2/apache2/php.ini ; \
|
2019-11-21 03:37:06 +01:00
|
|
|
sed -i "s/memory_limit = 128M/memory_limit = 2048M/" /etc/php/7.2/apache2/php.ini ; \
|
2018-06-21 04:43:16 +02:00
|
|
|
sed -i "s/upload_max_filesize = 2M/upload_max_filesize = 50M/" /etc/php/7.2/apache2/php.ini ; \
|
|
|
|
sed -i "s/post_max_size = 8M/post_max_size = 50M/" /etc/php/7.2/apache2/php.ini
|
|
|
|
|
2016-09-27 08:49:04 +02:00
|
|
|
#echo "test -e /var/run/mysqld || install -m 755 -o mysql -g root -d /var/run/mysqld" ; \
|
|
|
|
RUN sed -i -E 's/^(\s*)system\(\);/\1unix-stream("\/dev\/log");/' /etc/syslog-ng/syslog-ng.conf ; \
|
|
|
|
postconf -e "relayhost = $POSTFIX_RELAY_HOST" ; \
|
2019-01-16 02:49:20 +01:00
|
|
|
sed -i "s/daemonize yes/daemonize no/" /etc/redis/redis.conf ; \
|
2016-09-27 08:49:04 +02:00
|
|
|
test -e /var/run/mysqld || install -m 755 -o mysql -g root -d /var/run/mysqld ; \
|
|
|
|
a2dismod status ; \
|
2018-01-23 19:48:33 +01:00
|
|
|
a2enmod ssl rewrite headers; \
|
2016-09-27 08:49:04 +02:00
|
|
|
a2ensite 000-default ; \
|
|
|
|
a2ensite default-ssl ; \
|
2018-06-13 05:32:49 +02:00
|
|
|
mkdir -p /var/www/MISP /root/.config /root/.git
|
|
|
|
|
2019-03-17 02:56:03 +01:00
|
|
|
|
2018-06-13 05:32:49 +02:00
|
|
|
WORKDIR /var/www/MISP
|
|
|
|
RUN chown -R www-data:www-data /var/www/MISP /root/.config /root/.git; \
|
2016-09-27 08:49:04 +02:00
|
|
|
sudo -u www-data -H git clone https://github.com/MISP/MISP.git /var/www/MISP ; \
|
2018-12-12 20:52:32 +01:00
|
|
|
sudo -u www-data -H git submodule update --init --recursive ; \
|
|
|
|
sudo -u www-data -H git submodule foreach --recursive git config core.filemode false ; \
|
2016-09-27 08:49:04 +02:00
|
|
|
sudo -u www-data -H git config core.filemode false ; \
|
|
|
|
echo
|
|
|
|
|
2019-11-21 03:53:21 +01:00
|
|
|
RUN sudo pip3 install --upgrade pip ; \
|
|
|
|
sudo pip3 install git+https://github.com/CybOXProject/mixbox.git ; \
|
|
|
|
sudo pip3 install git+https://github.com/CybOXProject/python-cybox.git ; \
|
|
|
|
sudo pip3 install git+https://github.com/STIXProject/python-stix.git ; \
|
|
|
|
sudo pip3 install git+https://github.com/MAECProject/python-maec.git ; \
|
|
|
|
sudo pip3 install /var/www/MISP/cti-python-stix2 ; \
|
|
|
|
sudo pip3 install /var/www/MISP/PyMISP ; \
|
2019-03-17 18:46:35 +01:00
|
|
|
sudo pip3 install git+https://github.com/kbandla/pydeep.git ; \
|
2019-11-21 03:53:21 +01:00
|
|
|
sudo pip3 install https://github.com/lief-project/packages/raw/lief-master-latest/pylief-0.9.0.dev.zip ; \
|
|
|
|
sudo pip3 install jsonschema ; \
|
|
|
|
sudo pip3 install reportlab ; \
|
|
|
|
sudo pip3 install python-magic ; \
|
|
|
|
sudo pip3 install pyzmq ; \
|
|
|
|
sudo pip3 install redis
|
2019-03-17 02:56:03 +01:00
|
|
|
|
2017-06-20 18:35:16 +02:00
|
|
|
|
2016-09-27 08:49:04 +02:00
|
|
|
WORKDIR /var/www/MISP
|
|
|
|
RUN sudo -u www-data -H git submodule init ; \
|
|
|
|
sudo -u www-data -H git submodule update
|
|
|
|
|
2017-02-13 21:24:45 +01:00
|
|
|
WORKDIR /usr/local/src
|
2019-05-22 04:23:19 +02:00
|
|
|
RUN sudo -H git clone https://github.com/MISP/misp-modules.git
|
2017-02-13 21:24:45 +01:00
|
|
|
|
|
|
|
WORKDIR /usr/local/src/misp-modules
|
2019-05-22 04:19:26 +02:00
|
|
|
RUN sudo -H git checkout -b v2.4.104 ; \
|
|
|
|
sudo pip3 install -I -r REQUIREMENTS ; \
|
2017-02-13 21:24:45 +01:00
|
|
|
sudo pip3 install -I .
|
|
|
|
|
2019-03-17 02:56:03 +01:00
|
|
|
#RUN sudo pip uninstall -y cybox
|
2018-06-15 01:40:10 +02:00
|
|
|
|
2016-09-27 08:49:04 +02:00
|
|
|
WORKDIR /var/www/MISP/app
|
|
|
|
RUN mkdir /var/www/.composer && chown -R www-data:www-data /var/www/.composer ; \
|
|
|
|
sudo -u www-data -H wget https://getcomposer.org/download/1.2.1/composer.phar -O composer.phar ; \
|
|
|
|
sudo -u www-data -H php composer.phar require kamisama/cake-resque:4.1.2 ; \
|
|
|
|
sudo -u www-data -H php composer.phar config vendor-dir Vendor ; \
|
|
|
|
sudo -u www-data -H php composer.phar install ; \
|
2018-03-08 00:48:48 +01:00
|
|
|
sudo phpenmod redis ; \
|
2016-09-27 08:49:04 +02:00
|
|
|
sudo -u www-data -H cp -fa /var/www/MISP/INSTALL/setup/config.php /var/www/MISP/app/Plugin/CakeResque/Config/config.php ; \
|
|
|
|
sudo chown -R www-data:www-data /var/www/MISP ; \
|
|
|
|
sudo chmod -R 750 /var/www/MISP ; \
|
|
|
|
sudo chmod -R g+ws /var/www/MISP/app/tmp ; \
|
|
|
|
sudo chmod -R g+ws /var/www/MISP/app/files ; \
|
|
|
|
sudo chmod -R g+ws /var/www/MISP/app/files/scripts/tmp ; \
|
|
|
|
openssl req -x509 -nodes -days 3650 -newkey rsa:4096 -keyout /etc/ssl/private/misp.key -out /etc/ssl/private/misp.crt -batch ; \
|
|
|
|
echo "<VirtualHost *:80>" > /etc/apache2/sites-available/000-default.conf ; \
|
|
|
|
echo "ServerName $MISP_FQDN" >> /etc/apache2/sites-available/000-default.conf ; \
|
|
|
|
echo "Redirect permanent / https://$MISP_FQDN" >> /etc/apache2/sites-available/000-default.conf ; \
|
|
|
|
echo "LogLevel warn" >> /etc/apache2/sites-available/000-default.conf ; \
|
|
|
|
echo "ErrorLog /var/log/apache2/misp_error.log" >> /etc/apache2/sites-available/000-default.conf ; \
|
|
|
|
echo "CustomLog /var/log/apache2/misp_access.log combined" >> /etc/apache2/sites-available/000-default.conf ; \
|
|
|
|
echo "ServerSignature Off" >> /etc/apache2/sites-available/000-default.conf ; \
|
|
|
|
echo "</VirtualHost>" >> /etc/apache2/sites-available/000-default.conf ; \
|
|
|
|
echo "<VirtualHost *:443>" > /etc/apache2/sites-available/default-ssl.conf ; \
|
|
|
|
echo "ServerAdmin $MISP_EMAIL" >> /etc/apache2/sites-available/default-ssl.conf ; \
|
|
|
|
echo "ServerName $MISP_FQDN" >> /etc/apache2/sites-available/default-ssl.conf ; \
|
|
|
|
echo "DocumentRoot /var/www/MISP/app/webroot" >> /etc/apache2/sites-available/default-ssl.conf ; \
|
|
|
|
echo "<Directory /var/www/MISP/app/webroot>" >> /etc/apache2/sites-available/default-ssl.conf ; \
|
|
|
|
echo "Options -Indexes" >> /etc/apache2/sites-available/default-ssl.conf ; \
|
2017-09-25 15:26:37 +02:00
|
|
|
echo "AllowOverride all" >> /etc/apache2/sites-available/default-ssl.conf ; \
|
2016-09-27 08:49:04 +02:00
|
|
|
echo "</Directory>" >> /etc/apache2/sites-available/default-ssl.conf ; \
|
|
|
|
echo "SSLEngine On" >> /etc/apache2/sites-available/default-ssl.conf ; \
|
|
|
|
echo "SSLCertificateFile /etc/ssl/private/misp.crt" >> /etc/apache2/sites-available/default-ssl.conf ; \
|
|
|
|
echo "SSLCertificateKeyFile /etc/ssl/private/misp.key" >> /etc/apache2/sites-available/default-ssl.conf ; \
|
|
|
|
echo "#SSLCertificateChainFile /etc/ssl/private/misp-chain.crt" >> /etc/apache2/sites-available/default-ssl.conf ; \
|
|
|
|
echo "LogLevel warn" >> /etc/apache2/sites-available/default-ssl.conf ; \
|
|
|
|
echo "ErrorLog /var/log/apache2/misp_ssl_error.log" >> /etc/apache2/sites-available/default-ssl.conf ; \
|
|
|
|
echo "CustomLog /var/log/apache2/misp_ssl_access.log combined" >> /etc/apache2/sites-available/default-ssl.conf ; \
|
|
|
|
echo "ServerSignature Off" >> /etc/apache2/sites-available/default-ssl.conf ; \
|
|
|
|
echo "</VirtualHost>" >> /etc/apache2/sites-available/default-ssl.conf ; \
|
|
|
|
echo "ServerName localhost" >> /etc/apache2/apache2.conf ; \
|
|
|
|
sudo -u www-data cp -a /var/www/MISP/app/Config/bootstrap.default.php /var/www/MISP/app/Config/bootstrap.php ; \
|
|
|
|
sudo -u www-data cp -a /var/www/MISP/app/Config/database.default.php /var/www/MISP/app/Config/database.php ; \
|
|
|
|
sudo -u www-data cp -a /var/www/MISP/app/Config/core.default.php /var/www/MISP/app/Config/core.php ; \
|
|
|
|
sudo -u www-data cp -a /var/www/MISP/app/Config/config.default.php /var/www/MISP/app/Config/config.php
|
|
|
|
|
|
|
|
RUN sed -i -e 's/db login/misp/g' /var/www/MISP/app/Config/database.php ; \
|
2017-02-09 17:25:59 +01:00
|
|
|
sed -i -e "s/db password/${MYSQL_MISP_PASSWORD}/g" /var/www/MISP/app/Config/database.php ; \
|
2016-09-27 08:49:04 +02:00
|
|
|
sed -i -E "s/'salt'(\s+)=>\s''/'salt' => '`openssl rand -base64 32 | tr \'/\' \'0\'`'/" /var/www/MISP/app/Config/config.php ; \
|
2017-02-09 17:25:59 +01:00
|
|
|
sed -i -E "s/'baseurl'(\s+)=>\s''/'baseurl' => 'https:\/\/${MISP_FQDN}'/" /var/www/MISP/app/Config/config.php ; \
|
|
|
|
sed -i -e "s/email@address.com/${MISP_EMAIL}/" /var/www/MISP/app/Config/config.php ; \
|
2018-06-01 05:01:47 +02:00
|
|
|
sed -i -e "s/bind 127.0.0.1 ::1/bind 0.0.0.0/" /etc/redis/redis.conf ; \
|
2016-09-27 08:49:04 +02:00
|
|
|
sudo chown -R www-data:www-data /var/www/MISP/app/Config ; \
|
|
|
|
sudo chmod -R 750 /var/www/MISP/app/Config ; \
|
2020-01-03 10:45:49 +01:00
|
|
|
sudo -u www-data -H wget https://github.com/ssdeep-project/ssdeep/releases/download/release-2.14.1/ssdeep-2.14.1.tar.gz ; \
|
2020-03-24 17:59:10 +01:00
|
|
|
tar zxvf ssdeep-2.14.1.tar.gz && cd ssdeep-2.14.1 && ./configure && make && sudo make install ; \
|
2018-03-08 00:48:48 +01:00
|
|
|
sudo pecl install ssdeep ; \
|
2018-06-13 05:32:49 +02:00
|
|
|
sudo echo "extension=ssdeep.so" > /etc/php/7.2/mods-available/ssdeep.ini ; \
|
2018-03-08 00:48:48 +01:00
|
|
|
sudo phpenmod ssdeep ; \
|
2016-09-27 08:49:04 +02:00
|
|
|
echo "#!/bin/bash" > /init-db ; \
|
|
|
|
echo "if [ ! -f /var/lib/mysql/.db_initialized ]; then" >> /init-db ; \
|
2017-02-09 17:25:59 +01:00
|
|
|
echo "sudo chown -R mysql:mysql /var/lib/mysql" >> /init-db ; \
|
2016-09-27 08:49:04 +02:00
|
|
|
echo "sudo -u mysql -H /usr/bin/mysql_install_db --user=mysql" >> /init-db ; \
|
|
|
|
echo "chown -R mysql:mysql /var/lib/mysql" >> /init-db ; \
|
|
|
|
echo "cd '/usr' ; /usr/bin/mysqld_safe --datadir='/var/lib/mysql' &" >> /init-db ; \
|
|
|
|
echo "sleep 5" >> /init-db ; \
|
2018-06-01 05:01:47 +02:00
|
|
|
echo "mysql -uroot -e \"DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')\"" >> /init-db ; \
|
|
|
|
echo "mysql -uroot -e \"DELETE FROM mysql.user WHERE User=''\"" >> /init-db ; \
|
|
|
|
echo "mysql -uroot -e \"DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%'\"" >> /init-db ; \
|
|
|
|
echo "mysql -uroot -e \"FLUSH PRIVILEGES;\"" >> /init-db ; \
|
|
|
|
echo "mysql -uroot -e \"create database misp\"" >> /init-db ; \
|
|
|
|
echo "mysql -uroot -e \"grant usage on *.* to misp@localhost identified by '$MYSQL_MISP_PASSWORD'\"" >> /init-db ; \
|
|
|
|
echo "mysql -uroot -e \"grant all privileges on misp.* to misp@localhost\"" >> /init-db ; \
|
|
|
|
echo "mysql -uroot -e \"flush privileges;\"" >> /init-db ; \
|
2016-09-27 08:49:04 +02:00
|
|
|
echo "sudo -u www-data -H sh -c \"mysql -u misp -p$MYSQL_MISP_PASSWORD misp < /var/www/MISP/INSTALL/MYSQL.sql\"" >> /init-db ; \
|
|
|
|
echo "touch /var/lib/mysql/.db_initialized" >> /init-db ; \
|
|
|
|
echo "chown -R mysql:mysql /var/lib/mysql" >> /init-db ; \
|
|
|
|
echo "fi" >> /init-db ; \
|
|
|
|
echo "rm -f /init-db" >> /init-db ; \
|
|
|
|
chmod 755 /init-db ; \
|
|
|
|
sudo -u www-data -H mkdir /var/www/MISP/.gnupg ; \
|
|
|
|
chmod 700 /var/www/MISP/.gnupg ; \
|
|
|
|
echo "Key-Type: 1" > /tmp/config_gpg ; \
|
|
|
|
echo "Key-Length: 4096" >> /tmp/config_gpg ; \
|
|
|
|
echo "Subkey-Type: 1" >> /tmp/config_gpg ; \
|
|
|
|
echo "Subkey-Length: 4096" >> /tmp/config_gpg ; \
|
|
|
|
echo "Name-Real: MISP" >> /tmp/config_gpg ; \
|
|
|
|
echo "Name-Email: $MISP_EMAIL" >> /tmp/config_gpg ; \
|
|
|
|
echo "Expire-Date: 0" >> /tmp/config_gpg ; \
|
2019-03-16 19:35:30 +01:00
|
|
|
#echo "%no-protection" >> /tmp/config_gpg ; \
|
|
|
|
echo "Passphrase: $MISP_GPG_PASSWORD" >> /tmp/config_gpg ; \
|
2016-09-27 08:49:04 +02:00
|
|
|
chmod 700 /tmp/config_gpg ; \
|
2017-02-13 21:24:45 +01:00
|
|
|
sudo rm -f /dev/random ; \
|
|
|
|
sudo mknod -m 0666 /dev/random c 1 9 ; \
|
2019-03-16 19:35:30 +01:00
|
|
|
#sudo echo RNGDOPTIONS="--random-device /dev/urandom --rng-device /dev/urandom" | sudo tee /etc/default/rng-tools ; \
|
|
|
|
sudo echo HRNGDEVICE=/dev/urandom | sudo tee -a /etc/default/rng-tools ; \
|
2017-02-13 21:24:45 +01:00
|
|
|
sudo /etc/init.d/rng-tools restart ; \
|
|
|
|
sudo rngd -f -r /dev/urandom ; \
|
2016-09-27 08:49:04 +02:00
|
|
|
chown www-data /tmp/config_gpg ; \
|
|
|
|
sudo -u www-data sh -c "gpg --batch --homedir /var/www/MISP/.gnupg --gen-key /tmp/config_gpg" ; \
|
2017-02-13 21:24:45 +01:00
|
|
|
sudo -u www-data sh -c "gpg --homedir /var/www/MISP/.gnupg --export --armor $MISP_EMAIL > /var/www/MISP/app/webroot/gpg.asc" ; \
|
|
|
|
sudo /etc/init.d/rng-tools stop ; \
|
|
|
|
sudo apt-get remove --purge -y rng-tools
|
2016-09-27 08:49:04 +02:00
|
|
|
|
2017-02-13 21:40:27 +01:00
|
|
|
WORKDIR /etc/logrotate.d
|
|
|
|
RUN echo "/var/www/MISP/app/tmp/logs/resque-*-error.log {" > misp ; \
|
|
|
|
echo " rotate 30" >> misp ; \
|
|
|
|
echo " dateext" >> misp ; \
|
|
|
|
echo " missingok" >> misp ; \
|
|
|
|
echo " notifempty" >> misp ; \
|
|
|
|
echo " compress" >> misp ; \
|
|
|
|
echo " weekly" >> misp ; \
|
|
|
|
echo " copytruncate" >> misp ; \
|
2018-09-04 20:30:03 +02:00
|
|
|
echo "}" >> misp ; \
|
|
|
|
chmod 0640 /etc/logrotate.d/misp
|
2018-06-15 06:16:12 +02:00
|
|
|
|
|
|
|
|
2016-09-27 08:49:04 +02:00
|
|
|
WORKDIR /var/www/MISP
|
2017-02-13 21:24:45 +01:00
|
|
|
COPY supervisord.conf /etc/supervisor/conf.d/
|
2016-09-27 08:49:04 +02:00
|
|
|
|
|
|
|
#>&2 echo "The default user = "admin@admin.test" | The default password = admin" ; \
|
|
|
|
# To change it:
|
|
|
|
#echo "/var/www/MISP/app/Console/cake Password 'admin@admin.test' '@dmin1!'" >> /root/init-db ; \
|
|
|
|
|
|
|
|
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"]
|