mirror of https://github.com/MISP/misp-docker
Compare commits
5 Commits
9a56062ad6
...
dc47ff7e21
Author | SHA1 | Date |
---|---|---|
Lex van Roon | dc47ff7e21 | |
ftoppi | a20eece2d5 | |
Stefano Ortolani | 66a683c075 | |
Christian Morales Guerrero | 313681a344 | |
Lex van Roon | 4807195416 |
12
README.md
12
README.md
|
@ -109,3 +109,15 @@ A GitHub Action builds both `misp-core` and `misp-modules` images automatically
|
|||
- `misp-core:${commit-sha1}[0:7]` and `misp-modules:${commit-sha1}[0:7]` where `${commit-sha1}` is the commit hash triggering the build
|
||||
- `misp-core:latest` and `misp-modules:latest` in order to track the latest builds available
|
||||
- `misp-core:${CORE_TAG}` and `misp-modules:${MODULES_TAG}` reflecting the underlying version of MISP and MISP modules (as specified inside the `template.env` file at build time)
|
||||
|
||||
## Running without docker-compose
|
||||
|
||||
On Ubuntu 20.04 with docker 25.0.4 an issue can happen where the workers are not restarted once they are gracefully exited. This results in a log message like the following:
|
||||
|
||||
`Mar 11 13:37:42 misp01 docker[12345]: 2024-03-11 13:37:42,503 INFO spawnerr: unknown error making dispatchers for 'default_00': EACCES`
|
||||
|
||||
This is caused by a bug in moby (https://github.com/moby/moby/issues/31243). A workaround for this situation is to expose a TTY to the container. This can be done in the following way:
|
||||
- Run the container with the `--tty` flag
|
||||
- Add the `www-data` user to the `tty` group: `usermod -G tty www-data`
|
||||
|
||||
More information can be found in https://github.com/MISP/misp-docker/issues/25
|
||||
|
|
|
@ -103,6 +103,7 @@ set_up_oidc() {
|
|||
fi
|
||||
|
||||
# Check required variables
|
||||
# OIDC_ISSUER may be empty
|
||||
check_env_vars OIDC_PROVIDER_URL OIDC_CLIENT_ID OIDC_CLIENT_SECRET OIDC_ROLES_PROPERTY OIDC_ROLES_MAPPING OIDC_DEFAULT_ORG
|
||||
|
||||
sudo -u www-data php /var/www/MISP/tests/modify_config.php modify "{
|
||||
|
@ -114,6 +115,7 @@ set_up_oidc() {
|
|||
sudo -u www-data php /var/www/MISP/tests/modify_config.php modify "{
|
||||
\"OidcAuth\": {
|
||||
\"provider_url\": \"${OIDC_PROVIDER_URL}\",
|
||||
${OIDC_ISSUER:+\"issuer\": \"${OIDC_ISSUER}\",}
|
||||
\"client_id\": \"${OIDC_CLIENT_ID}\",
|
||||
\"client_secret\": \"${OIDC_CLIENT_SECRET}\",
|
||||
\"roles_property\": \"${OIDC_ROLES_PROPERTY}\",
|
||||
|
|
|
@ -13,6 +13,12 @@ services:
|
|||
|
||||
redis:
|
||||
image: valkey/valkey:7.2
|
||||
healthcheck:
|
||||
test: valkey-cli ping || exit 1
|
||||
interval: 2s
|
||||
timeout: 1s
|
||||
retries: 3
|
||||
start_period: 30s
|
||||
|
||||
db:
|
||||
# We use MariaDB because it supports ARM and has the expected collations
|
||||
|
@ -27,6 +33,12 @@ services:
|
|||
- mysql_data:/var/lib/mysql
|
||||
cap_add:
|
||||
- SYS_NICE # CAP_SYS_NICE Prevent runaway mysql log
|
||||
healthcheck:
|
||||
test: mysqladmin --user=$$MYSQL_USER --password=$$MYSQL_PASSWORD status
|
||||
interval: 2s
|
||||
timeout: 1s
|
||||
retries: 3
|
||||
start_period: 30s
|
||||
|
||||
misp-core:
|
||||
image: ghcr.io/misp/misp-docker/misp-core:latest
|
||||
|
@ -46,8 +58,16 @@ services:
|
|||
- PYPI_CYBOX_VERSION=${PYPI_CYBOX_VERSION}
|
||||
- PYPI_PYMISP_VERSION=${PYPI_PYMISP_VERSION}
|
||||
depends_on:
|
||||
- redis
|
||||
- db
|
||||
redis:
|
||||
condition: service_healthy
|
||||
db:
|
||||
condition: service_healthy
|
||||
healthcheck:
|
||||
test: curl -ks https://localhost/users/login > /dev/null || exit 1
|
||||
interval: 2s
|
||||
timeout: 1s
|
||||
retries: 3
|
||||
start_period: 30s
|
||||
ports:
|
||||
- "80:80"
|
||||
- "443:443"
|
||||
|
@ -138,7 +158,8 @@ services:
|
|||
environment:
|
||||
- "REDIS_BACKEND=redis"
|
||||
depends_on:
|
||||
- redis
|
||||
redis:
|
||||
condition: service_healthy
|
||||
|
||||
volumes:
|
||||
mysql_data:
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
# Build-time variables
|
||||
##
|
||||
|
||||
CORE_TAG=v2.4.190
|
||||
CORE_TAG=v2.4.191
|
||||
MODULES_TAG=v2.4.188
|
||||
PHP_VER=20190902
|
||||
LIBFAUP_COMMIT=3a26d0a
|
||||
|
|
Loading…
Reference in New Issue