MISP
/
misp-docker
mirror of https://github.com/MISP/misp-docker
2
0
Fork 0
Code Issues Releases Wiki Activity

Rename variable 'HOSTNAME' to 'BASE_URL'

pull/15/head
Stefano Ortolani 2023-12-22 11:02:20 +01:00
parent 9aded348b1
commit 70b32a739c
6 changed files with 15 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/test-build-latest.yml vendored
View File

@ -30,5 +30,5 @@ jobs:
uses: docker/bake-action@v4
with:
push: false
rovenance: false
provenance: false
files: docker-bake.hcl, env.hcl

5
README.md
View File

@ -34,7 +34,7 @@ The underlying spirit of this project is to allow "repeatable deployments", and
### Run
- `docker-compose pull` if you want to use pre-built images or `docker-compose build` if you want to build your own
- `docker-compose pull` if you want to use pre-built images or `docker-compose build` if you want to build your own (see the `Troubleshooting` section in case of errors)
- `docker-compose up`
- Login to `https://localhost`
- User: `admin@admin.test`
@ -70,7 +70,7 @@ New options are added on a regular basis.
- Certificate Key File: `key.pem`
- CA File for Cert Authentication (optional) `ca.pem`
- Additional directory volume mounts:
- `./configs`: `/var/www/MISP/app/Config/`s
- `./configs`: `/var/www/MISP/app/Config/`
- `./logs`: `/var/www/MISP/app/tmp/logs/`
- `./files`: `/var/www/MISP/app/files/`
- `./gnupg`: `/var/www/MISP/.gnupg/`
@ -79,6 +79,7 @@ New options are added on a regular basis.
## Troubleshooting
- Make sure you run a fairly recent version of Docker and Docker Compose (if in doubt, update following the steps outlined in https://docs.docker.com/engine/install/ubuntu/)
- Some Linux distributions provide a recent version of Docker but a legacy version of Docker Compose, so you can try running `docker compose` instead of `docker-compose`
- Make sure you are not running an old image or container; when in doubt run `docker system prune --volumes` and clone this repository into an empty directory
## Versioning

16
core/files/configure_misp.sh
View File

@ -16,7 +16,7 @@ source /utilities.sh
init_configuration(){
# Note that we are doing this after enforcing permissions, so we need to use the www-data user for this
echo "... configuring default settings"
sudo -u www-data /var/www/MISP/app/Console/cake Admin setSetting -q "MISP.baseurl" "$HOSTNAME"
sudo -u www-data /var/www/MISP/app/Console/cake Admin setSetting -q "MISP.baseurl" "$BASE_URL"
sudo -u www-data /var/www/MISP/app/Console/cake Admin setSetting -q "MISP.email" "${MISP_EMAIL-$ADMIN_EMAIL}"
sudo -u www-data /var/www/MISP/app/Console/cake Admin setSetting -q "MISP.contact" "${MISP_CONTACT-$ADMIN_EMAIL}"
sudo -u www-data /var/www/MISP/app/Console/cake Admin setSetting -q "MISP.redis_host" "$REDIS_FQDN"
@ -173,7 +173,7 @@ init_user() {
}
apply_critical_fixes() {
sudo -u www-data /var/www/MISP/app/Console/cake Admin setSetting -q "MISP.external_baseurl" "${HOSTNAME}"
sudo -u www-data /var/www/MISP/app/Console/cake Admin setSetting -q "MISP.external_baseurl" "${BASE_URL}"
sudo -u www-data /var/www/MISP/app/Console/cake Admin setSetting -q "MISP.host_org_id" 1
sudo -u www-data /var/www/MISP/app/Console/cake Admin setSetting -q "Plugin.Action_services_enable" false
sudo -u www-data /var/www/MISP/app/Console/cake Admin setSetting -q "Plugin.Enrichment_hover_enable" false
@ -181,7 +181,7 @@ apply_critical_fixes() {
sudo -u www-data /var/www/MISP/app/Console/cake Admin setSetting -q "Security.csp_enforce" true
sudo -u www-data php /var/www/MISP/tests/modify_config.php modify "{
\"Security\": {
\"rest_client_baseurl\": \"${HOSTNAME}\"
\"rest_client_baseurl\": \"${BASE_URL}\"
}
}" > /dev/null
sudo -u www-data php /var/www/MISP/tests/modify_config.php modify "{
@ -237,7 +237,7 @@ create_sync_servers() {
# Skip sync server if we can
echo "... searching sync server ${NAME}"
SERVER_ID=$(get_server ${HOSTNAME} ${ADMIN_KEY} ${NAME})
SERVER_ID=$(get_server ${BASE_URL} ${ADMIN_KEY} ${NAME})
if [[ -n "$SERVER_ID" ]]; then
echo "... found existing sync server ${NAME} with id ${SERVER_ID}"
continue
@ -252,18 +252,18 @@ create_sync_servers() {
# Get remote organization
echo "... searching remote organization ${UUID}"
ORG_ID=$(get_organization ${HOSTNAME} ${ADMIN_KEY} ${UUID})
ORG_ID=$(get_organization ${BASE_URL} ${ADMIN_KEY} ${UUID})
if [[ -z "$ORG_ID" ]]; then
# Add remote organization if missing
echo "... adding missing organization ${UUID}"
add_organization ${HOSTNAME} ${ADMIN_KEY} ${NAME} false ${UUID} > /dev/null
ORG_ID=$(get_organization ${HOSTNAME} ${ADMIN_KEY} ${UUID})
add_organization ${BASE_URL} ${ADMIN_KEY} ${NAME} false ${UUID} > /dev/null
ORG_ID=$(get_organization ${BASE_URL} ${ADMIN_KEY} ${UUID})
fi
# Add sync server
echo "... adding new sync server ${NAME} with organization id ${ORG_ID}"
JSON_DATA=$(echo "${!DATA}" | jq --arg org_id ${ORG_ID} 'del(.remote_org_uuid) | . + {remote_org_id: $org_id}')
add_server ${HOSTNAME} ${ADMIN_KEY} "$JSON_DATA" > /dev/null
add_server ${BASE_URL} ${ADMIN_KEY} "$JSON_DATA" > /dev/null
done
}

2
core/files/entrypoint_nginx.sh
View File

@ -15,7 +15,7 @@ trap term_proc SIGTERM
[ -z "$MYSQL_DATABASE" ] && MYSQL_DATABASE=misp
[ -z "$MYSQLCMD" ] && export MYSQLCMD="mysql -u $MYSQL_USER -p$MYSQL_PASSWORD -P $MYSQL_PORT -h $MYSQL_HOST -r -N $MYSQL_DATABASE"
[ -z "$CRON_USER_ID" ] && export CRON_USER_ID="1"
[ -z "$HOSTNAME" ] && export HOSTNAME="https://localhost"
[ -z "$BASE_URL" ] && export BASE_URL="https://localhost"
[ -z "$DISABLE_IPV6" ] && export DISABLE_IPV6=false
init_mysql(){

2
docker-compose.yml
View File

@ -60,7 +60,7 @@ services:
# customize by replacing ${CUSTOM_PATH} with a path containing 'files/customize_misp.sh'
# - "${CUSTOM_PATH}/:/custom/"
environment:
- "HOSTNAME=${HOSTNAME}"
- "BASE_URL=${BASE_URL}"
- "CRON_USER_ID=${CRON_USER_ID}"
- "DISABLE_IPV6=${DISABLE_IPV6}"
# standard settings

2
template.env
View File

@ -40,7 +40,7 @@ GPG_PASSPHRASE=
# defaults to 1 (the admin user)
CRON_USER_ID=
# defaults to 'https://localhost'
HOSTNAME=
BASE_URL=
# optional and used by the mail sub-system
SMARTHOST_ADDRESS=