misp-docker/README.md

97 lines
4.6 KiB
Markdown
Raw Normal View History

2023-12-05 12:32:40 +01:00
# MISP Docker images
2020-01-29 15:30:26 +01:00
2023-12-05 12:32:40 +01:00
[![Build Status](https://img.shields.io/github/actions/workflow/status/MISP/misp-docker/release-latest.yml)](https://hub.docker.com/repository/docker/ostefano/misp-docker)
2020-02-27 15:49:29 +01:00
[![Gitter chat](https://badges.gitter.im/gitterHQ/gitter.png)](https://gitter.im/MISP/Docker)
2020-01-29 15:30:26 +01:00
2023-12-05 13:34:46 +01:00
A production ready Docker MISP project (formerly https://github.com/ostefano/docker-misp) loosely based on CoolAcid and DSCO builds (nearly all of the details have been rewritten).
Notable features:
- Components are split out where possible
- Cron job runs updates, pushes, and pulls
- Rely on off the shelf images for Redis and MySQL
- Images are pushed regularly, no build required
- Slimmed down images by using build stages and slim parent image
- ARM (M1) support: move to mariadb for increase compatibility
2022-12-07 09:52:49 +01:00
- ARM (M1) support: move to updated and cross-platform mail exim4 image
- Fix and improve support for cron jobs
2022-12-07 09:52:49 +01:00
- Fix and improve support for syncservers
- Fix supervisord process control (processes are correctly terminated upon reload)
- Fix schema update by making it completely offline (no user interaction required)
- Fix enforcement of permissions
- Fix MISP modules loading of faup library
- Fix MISP modules loading of gl library
- Add support for new background job system (see https://github.com/MISP/MISP/blob/2.4/docs/background-jobs-migration-guide.md)
- Add support for building specific MISP and MISP-modules commits
- Add automatic configuration of sync servers (see `configure_misp.sh`)
2023-12-05 13:34:46 +01:00
- Add automatic configuration of authentication keys (see `configure_misp.sh`)
2022-12-07 09:52:49 +01:00
- Add direct push of docker images to Docker Hub
- Consolidate docker compose files
2020-01-29 16:26:54 +01:00
2023-12-05 13:34:46 +01:00
The underlying spirit of this project is to allow "repeatable deployments", and all pull requests in this direction will be merged post-haste.
2020-02-12 15:18:32 +01:00
## Getting Started
2023-11-03 10:57:58 +01:00
- Copy the `template.env` to `.env`
- Customize `.env` based on your needs (optional step)
2022-09-03 13:59:35 +02:00
2023-11-03 10:57:58 +01:00
### Run
2020-02-12 15:18:32 +01:00
2023-11-03 10:57:58 +01:00
- `docker-compose pull` if you want to use pre-built images or `docker-compose build` if you want to build your own
2020-02-12 15:18:32 +01:00
- `docker-compose up`
- Login to `https://localhost`
2020-02-12 15:23:47 +01:00
- User: `admin@admin.test`
- Password: `admin`
2020-02-12 15:27:48 +01:00
2023-11-03 10:57:58 +01:00
### Configuration
2023-11-03 10:57:58 +01:00
The `docker-compose.yml` file allows further configuration settings:
```
"MYSQL_HOST=db"
"MYSQL_USER=misp"
"MYSQL_PASSWORD=example" # NOTE: This should be AlphaNum with no Special Chars. Otherwise, edit config files after first run.
"MYSQL_DATABASE=misp"
"MISP_MODULES_FQDN=http://misp-modules" # Set the MISP Modules FQDN, used for Enrichment_services_url/Import_services_url/Export_services_url
"WORKERS=1" # Legacy variable controlling the number of parallel workers (use variables below instead)
"NUM_WORKERS_DEFAULT=5" # To set the number of default workers
"NUM_WORKERS_PRIO=5" # To set the number of prio workers
"NUM_WORKERS_EMAIL=5" # To set the number of email workers
"NUM_WORKERS_UPDATE=1" # To set the number of update workers
"NUM_WORKERS_CACHE=5" # To set the number of cache workers
```
2020-02-28 01:53:47 +01:00
2023-11-03 10:57:58 +01:00
New options are added on a regular basis.
### Updating
2022-12-07 09:52:49 +01:00
Updating the images should be as simple as `docker-compose pull` which, unless changed in the `docker-compose.yml` file, will pull the latest built images.
2020-02-12 15:18:32 +01:00
### Production
2023-11-03 10:57:58 +01:00
- It is recommended to specify which build you want to be running, and modify that version number when you would like to upgrade
2020-02-12 15:18:32 +01:00
- Use docker-compose, or some other config management tool
2020-02-25 03:09:08 +01:00
- Directory volume mount SSL Certs `./ssl`: `/etc/ssl/certs`
2020-02-24 18:11:32 +01:00
- Certificate File: `cert.pem`
- Certificate Key File: `key.pem`
2021-04-07 16:46:59 +02:00
- CA File for Cert Authentication (optional) `ca.pem`
2020-02-12 15:18:32 +01:00
- Additional directory volume mounts:
- `./configs`: `/var/www/MISP/app/Config/`
- `./logs`: `/var/www/MISP/app/tmp/logs/`
- `./files`: `/var/www/MISP/app/files/`
- `./gnupg`: `/var/www/MISP/.gnupg/`
- If you need to automatically run additional steps each time the container starts, create a new file `files/customize_misp.sh`, and replace the variable `${CUSTOM_PATH}` inside `docker-compose.yml` with its parent path.
2020-02-12 15:18:32 +01:00
2023-11-03 10:57:58 +01:00
## Versioning
2020-11-04 00:50:11 +01:00
2023-11-03 10:57:58 +01:00
GitHub builds the images automatically and pushes them to [Docker hub](https://hub.docker.com/r/ostefano/misp-docker). We do not use tags and versioning works as follows:
- MISP (and modules) version specified inside the `template.env` file
- Docker images are tagged based on the commit hash
- Core and modules are tagged as core-commit-sha1[0:7] and modules-commit-sha1[0:7] respectively
- The latest images have additional tags core-latest and modules-latest
2020-11-04 00:50:11 +01:00
2020-02-12 15:18:32 +01:00
## Image file sizes
- Core server: 260MB
- Modules: 470MB