MISP Docker (XME edition)
 
 
 
Go to file
arnydo c943cd664e
Include libfuzzy-dev in Dockerfile
libfuzzy-dev is a dependency for PyDeep.
Adding to Dockerfile would eliminate an additional step post install.
2018-06-28 09:22:04 -04:00
misp-db New MySQL container 2018-06-20 12:53:48 +02:00
misp-proxy Add SSL placeholder 2018-06-22 15:31:18 +00:00
misp-web Include libfuzzy-dev in Dockerfile 2018-06-28 09:22:04 -04:00
README.md Add optional compose commands in README.md 2018-06-22 14:04:24 -04:00
docker-compose-nginx.yml Add misp-network to compose file. 2018-06-22 15:24:00 +00:00
docker-compose.yml Fixed HTTP port 2018-06-20 13:34:20 +02:00

README.md

MISP Docker

The files in this repository are used to create a Docker container running a MISP ("Malware Information Sharing Platform") instance.

I rewrote the Docker file to split the components in multiple containers (which is more in the philosophy of Docker).

The MISP container needs at least a MySQL container to store the data. By default it listen to port 80. I highly recommend to serve it behind a NGinx or Apache reverse proxy.

The build is based on Ubuntu and will install all the required components. The following configuration steps are performed automatically:

  • Reconfiguration of the base URL in config.php
  • Generation of a new salt in config.php
  • Generation of a self-signed certificate
  • Optimization of the PHP environment (php.ini) to match the MISP recommended values
  • Creation of the MySQL database
  • Generation of the admin PGP key

Optional NGINX config

Included is an optional Docker Compose file 'docker-compose-nginx.yml' to spin up a reverse proxy to sit in front of MISP.

Config

  • add your ".crt" and ".key" files to the ./misp-proxy/ssl folder If not implementing SSL (not recommended) then simply comment out the appropriate lines in the "./misp-proxy/default.conf" file.
  • Update "server_name" in default.conf file (will implement ENVIRONMENT VARIABLE in the future)

Building your image

Fetch files

# git clone https://github.com/MISP/misp-docker
# cd misp-docker
docker build -t misp .

Fix your environment

Edit the docker-compose.yml and change the following environment variables:

  • MYSQL_ROOT_PASSWORD
  • MYSQL_MISP_PASSWORD
  • MISP_ADMIN_PASSPHRASE
  • Changed the volumes to match your local filesystem

Build the containers

# docker-compose build
or
# docker-compose -f docker-compose-nginx.yml build

Run containers

# docker-compose up
or
# docker-compose -f docker-compose-nginx.yml up