misp-docker/docker-compose.yml

version: '3'
services:
  # This is capable to relay via gmail, Amazon SES, or generic relays
  # See: https://hub.docker.com/r/ixdotai/smtp
  mail:
    image: ixdotai/smtp
    environment:
      - "SMARTHOST_ADDRESS=${SMARTHOST_ADDRESS}"
      - "SMARTHOST_PORT=${SMARTHOST_PORT}"
      - "SMARTHOST_USER=${SMARTHOST_USER}"
      - "SMARTHOST_PASSWORD=${SMARTHOST_PASSWORD}"
      - "SMARTHOST_ALIASES=${SMARTHOST_ALIASES}"

  redis:
    image: redis:5.0.6

  db:
    # We use MariaDB because it supports ARM and has the expected collations
    image: mariadb:10.8.2
    restart: always
    environment:
      - "MYSQL_USER=misp"
      - "MYSQL_PASSWORD=example"
      - "MYSQL_ROOT_PASSWORD=password"
      - "MYSQL_DATABASE=misp"
    volumes:
      - mysql_data:/var/lib/mysql
    cap_add:
      - SYS_NICE  # CAP_SYS_NICE Prevent runaway mysql log

  misp:
    image: coolacid/misp-docker:core-latest
    depends_on:
      - redis
      - db
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - "./configs/:/var/www/MISP/app/Config/"
      - "./logs/:/var/www/MISP/app/tmp/logs/"
      - "./files/:/var/www/MISP/app/files"
      - "./ssl/:/etc/nginx/certs"
#      - "./examples/custom-entrypoint.sh:/custom-entrypoint.sh" # Use the example custom-entrypoint.sh
      - "./.gnupg:/var/www/MISP/.gnupg"
    environment:
      - "HOSTNAME=https://localhost"
      - "REDIS_FQDN=redis"
      - "INIT=true"             # Initialze MISP, things includes, attempting to import SQL and the Files DIR
      - "CRON_USER_ID=1"        # The MISP user ID to run cron jobs as
#      - "SYNCSERVERS=1 2 3 4"  # The MISP Feed servers to sync in the cron job
      # Database Configuration (And their defaults)
#      - "MYSQL_HOST=db"
#      - "MYSQL_USER=misp"
#      - "MYSQL_PASSWORD=example" # NOTE: This should be AlphaNum with no Special Chars. Otherwise, edit config files after first run. 
#      - "MYSQL_DATABASE=misp"
      # Optional Settings
#      - "NOREDIR=true" # Do not redirect port 80
#      - "DISIPV6=true" # Disable IPV6 in nginx
#      - "CERTAUTH=optional" # Can be set to optional or on - Step 2 of https://github.com/MISP/MISP/tree/2.4/app/Plugin/CertAuth is still required
#      - "SECURESSL=true" # Enable higher security SSL in nginx
#      - "MISP_MODULES_FQDN=http://misp-modules" # Set the MISP Modules FQDN, used for Enrichment_services_url/Import_services_url/Export_services_url
#      - "WORKERS=1" # Legacy variable controlling the number of parallel workers (use variables below instead)
#      - "NUM_WORKERS_DEFAULT=5"    # To set the number of default workers
#      - "NUM_WORKERS_PRIO=5"       # To set the number of prio workers
#      - "NUM_WORKERS_EMAIL=5"      # To set the number of email workers
#      - "NUM_WORKERS_UPDATE=1"     # To set the number of update workers
#      - "NUM_WORKERS_CACHE=5"      # To set the number of cache workers
      # Custom Settings
      - "ADMIN_EMAIL=${ADMIN_EMAIL}"
      - "ADMIN_KEY=${ADMIN_KEY}"
      - "ADMIN_ORG=${ADMIN_ORG}"
      - "GPG_PASSPHRASE=${GPG_PASSPHRASE}"
      - "NSX_ANALYSIS_API_TOKEN=${NSX_ANALYSIS_API_TOKEN}"
      - "NSX_ANALYSIS_KEY=${NSX_ANALYSIS_KEY}"
      - "VIRUSTOTAL_KEY=${VIRUSTOTAL_KEY}"
  misp-modules:
    image: coolacid/misp-docker:modules-latest
    environment:
      - "REDIS_BACKEND=redis"
    depends_on:
      - redis
      - db

volumes:
    mysql_data:
Initial 2019-11-25 22:58:18 +01:00			`version: '3'`
			`services:`
Instantiate custom entrypoint 2022-09-03 13:59:35 +02:00			`# This is capable to relay via gmail, Amazon SES, or generic relays`
			`# See: https://hub.docker.com/r/ixdotai/smtp`
Add SMTP server and configs 2020-02-12 17:01:14 +01:00			`mail:`
Instantiate custom entrypoint 2022-09-03 13:59:35 +02:00			`image: ixdotai/smtp`
			`environment:`
			`- "SMARTHOST_ADDRESS=${SMARTHOST_ADDRESS}"`
			`- "SMARTHOST_PORT=${SMARTHOST_PORT}"`
			`- "SMARTHOST_USER=${SMARTHOST_USER}"`
			`- "SMARTHOST_PASSWORD=${SMARTHOST_PASSWORD}"`
			`- "SMARTHOST_ALIASES=${SMARTHOST_ALIASES}"`
Add SMTP server and configs 2020-02-12 17:01:14 +01:00
Initial 2019-11-25 22:58:18 +01:00			`redis:`
			`image: redis:5.0.6`

			`db:`
Instantiate custom entrypoint 2022-09-03 13:59:35 +02:00			`# We use MariaDB because it supports ARM and has the expected collations`
			`image: mariadb:10.8.2`
Initial 2019-11-25 22:58:18 +01:00			`restart: always`
			`environment:`
			`- "MYSQL_USER=misp"`
			`- "MYSQL_PASSWORD=example"`
			`- "MYSQL_ROOT_PASSWORD=password"`
			`- "MYSQL_DATABASE=misp"`
Create volume for MySQL Database fixes #47 2020-03-21 17:34:09 +01:00			`volumes:`
			`- mysql_data:/var/lib/mysql`
Prevent runaway mysql log We recently ran into an issue where the mysql console output was filling up the disk with > mbind: Operation not permitted It turns out this is a common problem with the `mysql` docker image. This is the fix. https://stackoverflow.com/questions/55559386/how-to-fix-mbind-operation-not-permitted-in-mysql-error-log 2020-12-11 17:10:36 +01:00			`cap_add:`
			`- SYS_NICE # CAP_SYS_NICE Prevent runaway mysql log`
Initial 2019-11-25 22:58:18 +01:00
			`misp:`
Move to new docker repo because their search sucks 2020-02-21 22:34:21 +01:00			`image: coolacid/misp-docker:core-latest`
Modules use Redis, and set some depends on 2019-11-28 20:14:38 +01:00			`depends_on:`
			`- redis`
			`- db`
Initial 2019-11-25 22:58:18 +01:00			`ports:`
			`- "80:80"`
			`- "443:443"`
			`volumes:`
Instantiate custom entrypoint 2022-09-03 13:59:35 +02:00			`- "./configs/:/var/www/MISP/app/Config/"`
Initial 2019-11-25 22:58:18 +01:00			`- "./logs/:/var/www/MISP/app/tmp/logs/"`
			`- "./files/:/var/www/MISP/app/files"`
Move SSL certs /etc/nginx/certs - fixes #53 2020-05-29 02:23:33 +02:00			`- "./ssl/:/etc/nginx/certs"`
remove trailing space 2020-03-06 17:10:24 +01:00			`# - "./examples/custom-entrypoint.sh:/custom-entrypoint.sh" # Use the example custom-entrypoint.sh`
Instantiate custom entrypoint 2022-09-03 13:59:35 +02:00			`- "./.gnupg:/var/www/MISP/.gnupg"`
Initial 2019-11-25 22:58:18 +01:00			`environment:`
Set baseurl to localhost so compose works out of the box 2020-01-29 21:15:17 +01:00			`- "HOSTNAME=https://localhost"`
Set DB name from VAR closes #45, cleanup docker-compose env 2020-03-21 17:10:13 +01:00			`- "REDIS_FQDN=redis"`
			`- "INIT=true" # Initialze MISP, things includes, attempting to import SQL and the Files DIR`
			`- "CRON_USER_ID=1" # The MISP user ID to run cron jobs as`
			`# - "SYNCSERVERS=1 2 3 4" # The MISP Feed servers to sync in the cron job`
			`# Database Configuration (And their defaults)`
			`# - "MYSQL_HOST=db"`
			`# - "MYSQL_USER=misp"`
Update docker-compose.yml Add note about MySQL passwords being AlphaNum - Closes #56 2020-07-27 21:42:44 +02:00			`# - "MYSQL_PASSWORD=example" # NOTE: This should be AlphaNum with no Special Chars. Otherwise, edit config files after first run.`
Set DB name from VAR closes #45, cleanup docker-compose env 2020-03-21 17:10:13 +01:00			`# - "MYSQL_DATABASE=misp"`
			`# Optional Settings`
			`# - "NOREDIR=true" # Do not redirect port 80`
			`# - "DISIPV6=true" # Disable IPV6 in nginx`
Add new option CERTAUTH 2021-04-07 16:46:05 +02:00			`# - "CERTAUTH=optional" # Can be set to optional or on - Step 2 of https://github.com/MISP/MISP/tree/2.4/app/Plugin/CertAuth is still required`
Default to modern nginx security - resolves #50 2020-05-29 01:33:54 +02:00			`# - "SECURESSL=true" # Enable higher security SSL in nginx`
Add usage of MISP_MODULES_FQDN 2020-08-26 02:27:53 +02:00			`# - "MISP_MODULES_FQDN=http://misp-modules" # Set the MISP Modules FQDN, used for Enrichment_services_url/Import_services_url/Export_services_url`
Instantiate custom entrypoint 2022-09-03 13:59:35 +02:00			`# - "WORKERS=1" # Legacy variable controlling the number of parallel workers (use variables below instead)`
			`# - "NUM_WORKERS_DEFAULT=5" # To set the number of default workers`
			`# - "NUM_WORKERS_PRIO=5" # To set the number of prio workers`
			`# - "NUM_WORKERS_EMAIL=5" # To set the number of email workers`
			`# - "NUM_WORKERS_UPDATE=1" # To set the number of update workers`
			`# - "NUM_WORKERS_CACHE=5" # To set the number of cache workers`
			`# Custom Settings`
			`- "ADMIN_EMAIL=${ADMIN_EMAIL}"`
			`- "ADMIN_KEY=${ADMIN_KEY}"`
			`- "ADMIN_ORG=${ADMIN_ORG}"`
			`- "GPG_PASSPHRASE=${GPG_PASSPHRASE}"`
			`- "NSX_ANALYSIS_API_TOKEN=${NSX_ANALYSIS_API_TOKEN}"`
			`- "NSX_ANALYSIS_KEY=${NSX_ANALYSIS_KEY}"`
			`- "VIRUSTOTAL_KEY=${VIRUSTOTAL_KEY}"`
Initial 2019-11-25 22:58:18 +01:00			`misp-modules:`
Move to new docker repo because their search sucks 2020-02-21 22:34:21 +01:00			`image: coolacid/misp-docker:modules-latest`
Modules use Redis, and set some depends on 2019-11-28 20:14:38 +01:00			`environment:`
			`- "REDIS_BACKEND=redis"`
			`depends_on:`
			`- redis`
			`- db`

Create volume for MySQL Database fixes #47 2020-03-21 17:34:09 +01:00			`volumes:`
			`mysql_data:`