diff --git a/README.md b/README.md index cd155e7..9ca73c1 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ Docker MISP Container ===================== -### Latest Update: 11-20-2019 +### Latest Update: 4-14-2020 Following the Official MISP Ubuntu 18.04 LTS build instructions. @@ -77,6 +77,7 @@ docker run -it -d \ -p 443:443 \ -p 80:80 \ -p 3306:3306 \ + -p 6666:6666 \ -v $docker-root/misp-db:/var/lib/mysql \ harvarditsecurity/misp ``` @@ -131,6 +132,35 @@ concern for a production environment, you can either 1.) take out the ever be an issue. The "rng-tools" is removed as part of the build process after it has been used. +# Using a reverse proxy/SSL offloading (Traefik, Caddy, HAProxy, Nginx, etc) + +You will need to removing the SSL block (see: `/etc/apache2/sites-available/default-ssl.conf`) + +And replace the HTTP block (see: `/etc/apache2/sites-available/000-default.conf` with: + +``` + +ServerAdmin admin@localhost +ServerName localhost +DocumentRoot /var/www/MISP/app/webroot + +Options -Indexes +AllowOverride all + +LogLevel warn +ErrorLog /var/log/apache2/misp_error.log +CustomLog /var/log/apache2/misp_access.log combined +ServerSignature Off + +``` + +If you don't want to build a new image with this, you can simply add to your run-time: +(note again: $docker-root is the place holder for your docker container and configs path) +``` +-v $docker-root/apache.conf:/etc/apache2/sites-available/000-default.conf +``` + + # Contributions: Conrad Crampton: @radder5 - RNG Tools and MISP Modules diff --git a/container/Dockerfile b/container/Dockerfile index f3abd0e..98bb5f3 100644 --- a/container/Dockerfile +++ b/container/Dockerfile @@ -16,12 +16,12 @@ VOLUME /var/lib/mysql # Need: "misp.key" and "misp.crt" #VOLUME /etc/ssl/private -# 80/443 - MISP web server, 3306 - mysql, 6379 - redis, 50000 - MISP ZeroMQ -EXPOSE 80 443 3306 6379 50000 +# 80/443 - MISP web server, 3306 - mysql, 6379 - redis, 6666 - MISP modules, 50000 - MISP ZeroMQ +EXPOSE 80 443 3306 6379 6666 50000 ENV DEBIAN_FRONTEND noninteractive ENV DEBIAN_PRIORITY critical -RUN apt-get update && apt-get install -y supervisor cron logrotate syslog-ng-core postfix curl gcc git gnupg-agent make python3 openssl redis-server sudo vim zip wget mariadb-client mariadb-server sqlite3 moreutils apache2 apache2-doc apache2-utils libapache2-mod-php php php-cli php-gnupg php-dev php-json php-mysql php7.2-opcache php-readline php-redis php-xml php-mbstring rng-tools python3-dev python3-pip python3-yara python3-redis python3-zmq libxml2-dev libxslt1-dev zlib1g-dev python3-setuptools libpq5 libjpeg-dev libfuzzy-dev ruby asciidoctor tesseract-ocr imagemagick libpoppler-cpp-dev +RUN apt-get update && apt-get install -y supervisor cron logrotate syslog-ng-core postfix curl gcc git gnupg-agent make python3 openssl redis-server sudo vim zip wget mariadb-client mariadb-server sqlite3 moreutils apache2 apache2-doc apache2-utils libapache2-mod-php php php-cli php-gnupg php-dev php-json php-mysql php7.2-opcache php-readline php-redis php-xml php-mbstring rng-tools python3-dev python3-pip python3-yara python3-redis python3-zmq libxml2-dev libxslt1-dev zlib1g-dev python3-setuptools libpq5 libjpeg-dev libfuzzy-dev ruby asciidoctor tesseract-ocr imagemagick libpoppler-cpp-dev virtualenv libopencv-dev zbar-tools libzbar0 libzbar-dev build-essential -y # Edit the php.ini file to adjust initial PHP settings to MISP recommended settings RUN sed -i "s/max_execution_time = 30/max_execution_time = 300/" /etc/php/7.2/apache2/php.ini ; \ @@ -73,7 +73,7 @@ WORKDIR /usr/local/src RUN sudo -H git clone https://github.com/MISP/misp-modules.git WORKDIR /usr/local/src/misp-modules -RUN sudo -H git checkout -b v2.4.104 ; \ +RUN sudo -H git checkout ; \ sudo pip3 install -I -r REQUIREMENTS ; \ sudo pip3 install -I .