MISP
/
misp-docker
mirror of https://github.com/MISP/misp-docker
2
0
Fork 0
Code Issues Releases Wiki Activity
MISP Docker (XME edition)
33 Commits
2 Branches
0 Tags
1.4 MiB
Shell 73.8%
Dockerfile 22.1%
HCL 4%
 
 
 
Go to file
Jason Kendall 022bb19320 More readme tweaks 2020-01-29 10:26:54 -05:00
files Initial 2019-11-25 16:58:18 -05:00
logs Initial 2019-11-25 16:58:18 -05:00
modules Add libfuzzy to modules 2020-01-28 14:21:33 -05:00
server Bump MISP 2.4.120 2020-01-28 12:54:36 -05:00
server-configs Initial 2019-11-25 16:58:18 -05:00
ssl Initial 2019-11-25 16:58:18 -05:00
.gitignore gitignore MISP attachments 2019-11-26 09:27:15 -05:00
.travis.yml Add travisci build test 2020-01-29 09:26:44 -05:00
README.md More readme tweaks 2020-01-29 10:26:54 -05:00
docker-compose.yml Point docker-compose at hub images 2020-01-28 16:04:09 -05:00

README.md

CoolAcid's MISP Docker images

Build Status

A (nearly) production ready Dockered MISP

This is based on some of the work from the DSCO docker build, nearly all of the details have been rewritten.

  • Components are split out where possible, currently this is only the MISP modules
  • Over writable configuration files
  • Allows volumes for file store
  • Cron job runs updates, pushes, and pulls - Logs go to docker logs
  • Docker-Compose uses off the shelf images for Redis and MySQL
  • Images directly from docker hub, no build required
  • Slimmed down images by using build stages and slim parent image, removes unnecessary files from images

Docker Tags

Docker hub builds the images automatically based on git tags. I try and tag using the following details

v[MISP Version][Our build version]

  • MISP version is the MISP tag we're building
  • Our build version is the iteration for our changes with the same MISP version

Getting Started

Development/Test

  • Pull the repository
  • Copy the "default" configs removing "default" and edit the files in server-configs -- Note: A dry run without this step will try and make a sane DEV build for docker-compose
  • Run generate.sh in ./ssl to generate some fake certs
  • docker-compose up --build
  • Login with -- User: admin@admin.test -- Password: admin

Production

  • Use docker-compose, or some other config management tool
  • Directory volume mount SSL Certs /etc/apache2/ssl/ -- DH Parameters: dhparams.pem -- Certificate File: cert.pem -- Certificate Key File: key.pem -- Certificate Chain File: chain.pem
  • Directory volume mount and create configs: /var/www/MISP/app/Config/
  • Additional directory volume mounts: -- /var/www/MISP/app/files -- /var/www/MISP/.gnupg -- /var/www/MISP/.smime

Image file sizes

  • Core server(Saved: 2.5GB) -- Original Image: 3.17GB -- First attempt: 2.24GB -- Remove chown: 1.56GB -- PreBuild python modules, and only pull submodules we need: 800MB -- PreBuild PHP modules: 664MB

  • Modules (Saved: 640MB) -- Original: 1.36GB -- Pre-build modules: 750MB