mirror of https://github.com/MISP/docker-misp
86 lines
2.2 KiB
Markdown
86 lines
2.2 KiB
Markdown
Docker MISP Container
|
|
=====================
|
|
NOTE: Cannot autobuild on DockerHub due to size+time limit, and we
|
|
refuse to break this up into multiple images and chain them just to
|
|
get around the tiny resources that DockerHub provides!
|
|
|
|
Github repo + build script here:
|
|
https://github.com/harvard-itsecurity/docker-misp
|
|
|
|
# What is this?
|
|
This is an easy and highly customizable Docker container with MISP -
|
|
Malware Information Sharing Platform & Threat Sharing (http://www.misp-project.org)
|
|
|
|
Our goal was to provide a way to setup + run MISP in less than a minute!
|
|
|
|
We follow the official MISP installation steps everywhere possible,
|
|
while adding automation around tedious manual steps and configurations.
|
|
|
|
We have done this without sacrificing options and the ability to
|
|
customize MISP for your unique environment! Some examples include:
|
|
auto changing the salt hash, auto initializing the database, auto generating GPG
|
|
keys, auto generating working + secure configs, and adding custom
|
|
passwords/domain names/email addresses/ssl certificates.
|
|
|
|
# How to run it in 3 steps:
|
|
|
|
## 1. Initialize Database
|
|
|
|
```
|
|
docker run -it --rm \
|
|
-v /misp-db:/var/lib/mysql \
|
|
harvarditsecurity/misp /init-db
|
|
```
|
|
|
|
## 2. Start the container
|
|
```
|
|
docker run -it -d \
|
|
-p 443:443 \
|
|
-p 80:80 \
|
|
-p 3306:3306 \
|
|
-v /misp-db:/var/lib/mysql \
|
|
harvarditsecurity/misp
|
|
```
|
|
|
|
## 3. Access Web URL
|
|
```
|
|
Go to: https://localhost (or your "MISP_FQDN" setting)
|
|
|
|
Login: admin@admin.test
|
|
Password: admin
|
|
```
|
|
|
|
And change the password! :)
|
|
|
|
# What can you customize/pass during build?
|
|
You can customize the ```build.sh``` script to pass custom:
|
|
|
|
* MYSQL_ROOT_PASSWORD
|
|
* MYSQL_MISP_PASSWORD
|
|
* POSTFIX_RELAY_HOST
|
|
* MISP_FQDN
|
|
* MISP_EMAIL
|
|
|
|
See build.sh for an example on how to customize and build your own image with custom defaults.
|
|
|
|
# How to use custom SSL Certificates:
|
|
During run-time, override ```/etc/ssl/private```
|
|
|
|
```
|
|
docker run -it -d \
|
|
-p 443:443 \
|
|
-p 80:80 \
|
|
-p 3306:3306 \
|
|
-v /certs:/etc/ssl/private \
|
|
-v /misp-db:/var/lib/mysql \
|
|
harvarditsecurity/misp
|
|
```
|
|
|
|
And in your ```/certs``` dir, create private/public certs with file names:
|
|
|
|
* misp.key
|
|
* misp.cert
|
|
|
|
# Help/Questions/Comments:
|
|
For help or more info, feel free to contact Ventz Petkov: ventz_petkov@harvard.edu
|