From 05689c3b0e6770a4b169dc6e898adfe5ca122b07 Mon Sep 17 00:00:00 2001 From: Eric Daras Date: Wed, 17 Oct 2018 19:13:22 +0200 Subject: [PATCH 1/2] DB part reworked to use std mysql database creation way, docker-compose simplified --- README.md | 3 ++ docker-compose.yml | 54 +++++++++++++----------------------- misp-db/Dockerfile | 10 ------- misp-db/init-misp-db.sql | 4 --- {misp-web => web}/Dockerfile | 0 {misp-web => web}/run.sh | 27 +++++++++++------- 6 files changed, 40 insertions(+), 58 deletions(-) delete mode 100644 misp-db/Dockerfile delete mode 100644 misp-db/init-misp-db.sql rename {misp-web => web}/Dockerfile (100%) rename {misp-web => web}/run.sh (82%) diff --git a/README.md b/README.md index 1c41681..19ba165 100644 --- a/README.md +++ b/README.md @@ -36,6 +36,9 @@ docker build -t misp . ``` ## Fix your environment Edit the docker-compose.yml and change the following environment variables: +* MYSQL_DATABASE +* MYSQL_USER +* MYSQL_PASSWORD * MYSQL_ROOT_PASSWORD * MYSQL_MISP_PASSWORD * MISP_ADMIN_PASSPHRASE diff --git a/docker-compose.yml b/docker-compose.yml index e975e03..4c22823 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,49 +1,35 @@ version: '2' -networks: - misp-network: - driver: bridge - services: - misp-web: - build: misp-web - depends_on: - - misp-db - container_name: misp-web - hostname: misp-web - image: misp-web:latest - restart: always - networks: - - misp-network - links: - - misp-db + web: + build: web + container_name: misp_web + image: misp:latest + restart: unless-stopped ports: - "80:80" volumes: - /dev/urandom:/dev/random - - /data/misp:/var/www/MISP + - /data/misp/web:/var/www/MISP environment: - - MYSQL_ROOT_PASSWORD=xxxxxxxx - - MYSQL_MISP_PASSWORD=xxxxxxxx - - MYSQL_HOST=misp-db + - MYSQL_HOST=db + - MYSQL_DATABASE=misp + - MYSQL_USER=misp + - MYSQL_PASSWORD=misp - MISP_ADMIN_EMAIL=admin@admin.test - - MISP_ADMIN_PASSPHRASE=xxxxxxxxx + - MISP_ADMIN_PASSPHRASE=admin - MISP_BASEURL=http:\/\/misp\.test - POSTFIX_RELAY_HOST=relay.fqdn - TIMEZONE=Europe/Brussels - misp-db: - build: - context: misp-db - args: - MYSQL_MISP_PASSWORD: xxxxxxxx - container_name: misp-db - hostname: misp-db - image: misp-db:latest - restart: always - networks: - - misp-network + db: + container_name: misp_db + image: mysql/mysql-server:5.7 + restart: unless-stopped volumes: - - /data/mysql:/var/lib/mysql + - /data/misp/db:/var/lib/mysql environment: - - MYSQL_ROOT_PASSWORD=xxxxxxxx + - MYSQL_DATABASE=misp + - MYSQL_USER=misp + - MYSQL_PASSWORD=misp + - MYSQL_ROOT_PASSWORD=misp diff --git a/misp-db/Dockerfile b/misp-db/Dockerfile deleted file mode 100644 index 7ce456d..0000000 --- a/misp-db/Dockerfile +++ /dev/null @@ -1,10 +0,0 @@ -# -# Dockerfile to customize the MISP MySQL container -# - -FROM mysql/mysql-server:5.7 -MAINTAINER Xavier Mertens - -ARG MYSQL_MISP_PASSWORD -COPY init-misp-db.sql /docker-entrypoint-initdb.d/ -RUN sed -i "s/XXXXXXXX/$MYSQL_MISP_PASSWORD/" /docker-entrypoint-initdb.d/init-misp-db.sql diff --git a/misp-db/init-misp-db.sql b/misp-db/init-misp-db.sql deleted file mode 100644 index 40ae357..0000000 --- a/misp-db/init-misp-db.sql +++ /dev/null @@ -1,4 +0,0 @@ -CREATE DATABASE misp; -CREATE USER 'misp' IDENTIFIED BY 'XXXXXXXX'; -GRANT ALL ON misp.* TO 'misp'@'%'; -FLUSH PRIVILEGES; diff --git a/misp-web/Dockerfile b/web/Dockerfile similarity index 100% rename from misp-web/Dockerfile rename to web/Dockerfile diff --git a/misp-web/run.sh b/web/run.sh similarity index 82% rename from misp-web/run.sh rename to web/run.sh index 6baa441..7116163 100755 --- a/misp-web/run.sh +++ b/web/run.sh @@ -5,6 +5,7 @@ # # 2017/05/17 - Created # 2017/05/31 - Fixed small errors +# 2019/10/17 - Use built-in mysql docker DB creation and use std env names (dafal) # set -e @@ -44,16 +45,22 @@ if [ -r /.firstboot.tmp ]; then echo "MYSQL_HOST is not set. Aborting." exit 1 fi - - # Set MYSQL_MISP_PASSWORD - if [ -z "$MYSQL_MISP_PASSWORD" ]; then - echo "MYSQL_MISP_PASSWORD is not set, use default value 'misp'" - MYSQL_MISP_PASSWORD=misp + + # Waiting for DB to be ready + while ! mysqladmin ping -h"$MYSQL_HOST" --silent; do + sleep 5 + echo "Waiting for database to be ready..." + done + + # Set MYSQL_PASSWORD + if [ -z "$MYSQL_PASSWORD" ]; then + echo "MYSQL_PASSWORD is not set, use default value 'misp'" + MYSQL_PASSWORD=misp else - echo "MYSQL_MISP_PASSWORD is set to '$MYSQL_MISP_PASSWORD'" + echo "MYSQL_PASSWORD is set to '$MYSQL_PASSWORD'" fi - ret=`echo 'SHOW TABLES;' | mysql -u misp --password="$MYSQL_MISP_PASSWORD" -h $MYSQL_HOST -P 3306 misp # 2>&1` + ret=`echo 'SHOW TABLES;' | mysql -u $MYSQL_USER --password="$MYSQL_PASSWORD" -h $MYSQL_HOST -P 3306 $MYSQL_DATABASE # 2>&1` if [ $? -eq 0 ]; then echo "Connected to database successfully!" found=0 @@ -66,7 +73,7 @@ if [ -r /.firstboot.tmp ]; then echo "Database misp available" else echo "Database misp empty, creating tables ..." - ret=`mysql -u misp --password="$MYSQL_MISP_PASSWORD" misp -h $MYSQL_HOST -P 3306 2>&1 < /var/www/MISP/INSTALL/MYSQL.sql` + ret=`mysql -u $MYSQL_USER --password="$MYSQL_PASSWORD" $MYSQL_DATABASE -h $MYSQL_HOST -P 3306 2>&1 < /var/www/MISP/INSTALL/MYSQL.sql` if [ $? -eq 0 ]; then echo "Imported /var/www/MISP/INSTALL/MYSQL.sql successfully" else @@ -84,9 +91,9 @@ if [ -r /.firstboot.tmp ]; then cd /var/www/MISP/app/Config cp -a database.default.php database.php sed -i "s/localhost/$MYSQL_HOST/" database.php - sed -i "s/db\s*login/misp/" database.php + sed -i "s/db\s*login/$MYSQL_DATABASE/" database.php sed -i "s/8889/3306/" database.php - sed -i "s/db\s*password/$MYSQL_MISP_PASSWORD/" database.php + sed -i "s/db\s*password/$MYSQL_PASSWORD/" database.php # Fix the base url if [ -z "$MISP_BASEURL" ]; then From 0a452d4d243c5018c0315b41866ba4d992452ad0 Mon Sep 17 00:00:00 2001 From: Eric Daras Date: Wed, 17 Oct 2018 19:20:26 +0200 Subject: [PATCH 2/2] Adapt the proxy part to fit with the new naming et simplified db part --- docker-compose-nginx.yml | 65 ++++++++------------ {misp-proxy => proxy}/Dockerfile | 0 {misp-proxy => proxy}/backend-not-found.html | 0 {misp-proxy => proxy}/default.conf | 2 +- {misp-proxy => proxy}/includes/proxy.conf | 0 {misp-proxy => proxy}/includes/ssl.conf | 0 {misp-proxy => proxy}/ssl/place_certs_here | 0 7 files changed, 25 insertions(+), 42 deletions(-) rename {misp-proxy => proxy}/Dockerfile (100%) rename {misp-proxy => proxy}/backend-not-found.html (100%) rename {misp-proxy => proxy}/default.conf (97%) rename {misp-proxy => proxy}/includes/proxy.conf (100%) rename {misp-proxy => proxy}/includes/ssl.conf (100%) rename {misp-proxy => proxy}/ssl/place_certs_here (100%) diff --git a/docker-compose-nginx.yml b/docker-compose-nginx.yml index 845c7ea..a02e108 100644 --- a/docker-compose-nginx.yml +++ b/docker-compose-nginx.yml @@ -3,59 +3,42 @@ version: '2' services: proxy: build: - context: misp-proxy - container_name: misp-proxy - depends_on: - - misp-web - hostname: misp-proxy + context: proxy + container_name: proxy + restart: unless-stopped image: misp-proxy:latest - networks: - - misp-network ports: - - 81:80 + - 80:80 - 4443:443 - misp-web: - build: misp-web - depends_on: - - misp-db - container_name: misp-web - hostname: misp-web - image: misp-web:latest - restart: always - networks: - - misp-network - links: - - misp-db + web: + build: web + container_name: misp_web + image: misp:latest + restart: unless-stopped volumes: - /dev/urandom:/dev/random - - /data/misp:/var/www/MISP + - /data/misp/web:/var/www/MISP environment: - - MYSQL_ROOT_PASSWORD=xxxxxxxx - - MYSQL_MISP_PASSWORD=xxxxxxxx - - MYSQL_HOST=misp-db + - MYSQL_HOST=db + - MYSQL_DATABASE=misp + - MYSQL_USER=misp + - MYSQL_PASSWORD=misp - MISP_ADMIN_EMAIL=admin@admin.test - - MISP_ADMIN_PASSPHRASE=xxxxxxxxx + - MISP_ADMIN_PASSPHRASE=admin - MISP_BASEURL=http:\/\/misp\.test - POSTFIX_RELAY_HOST=relay.fqdn - TIMEZONE=Europe/Brussels - misp-db: - build: - context: misp-db - args: - MYSQL_MISP_PASSWORD: xxxxxxxx - container_name: misp-db - hostname: misp-db - image: misp-db:latest - restart: always - networks: - - misp-network + db: + container_name: misp_db + image: mysql/mysql-server:5.7 + restart: unless-stopped volumes: - - /data/mysql:/var/lib/mysql + - /data/misp/db:/var/lib/mysql environment: - - MYSQL_ROOT_PASSWORD=xxxxxxxx + - MYSQL_DATABASE=misp + - MYSQL_USER=misp + - MYSQL_PASSWORD=misp + - MYSQL_ROOT_PASSWORD=misp -networks: - misp-network: - driver: bridge diff --git a/misp-proxy/Dockerfile b/proxy/Dockerfile similarity index 100% rename from misp-proxy/Dockerfile rename to proxy/Dockerfile diff --git a/misp-proxy/backend-not-found.html b/proxy/backend-not-found.html similarity index 100% rename from misp-proxy/backend-not-found.html rename to proxy/backend-not-found.html diff --git a/misp-proxy/default.conf b/proxy/default.conf similarity index 97% rename from misp-proxy/default.conf rename to proxy/default.conf index 13dd9fa..b266ee1 100644 --- a/misp-proxy/default.conf +++ b/proxy/default.conf @@ -2,7 +2,7 @@ server { listen 80; listen 443 ssl http2; - server_name misp.test; + server_name web; if ($scheme != "https") { rewrite ^ https://$host$uri permanent; diff --git a/misp-proxy/includes/proxy.conf b/proxy/includes/proxy.conf similarity index 100% rename from misp-proxy/includes/proxy.conf rename to proxy/includes/proxy.conf diff --git a/misp-proxy/includes/ssl.conf b/proxy/includes/ssl.conf similarity index 100% rename from misp-proxy/includes/ssl.conf rename to proxy/includes/ssl.conf diff --git a/misp-proxy/ssl/place_certs_here b/proxy/ssl/place_certs_here similarity index 100% rename from misp-proxy/ssl/place_certs_here rename to proxy/ssl/place_certs_here