-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy pathdocker-compose.yml
131 lines (131 loc) · 4.58 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
services:
pgsql:
image: postgres:17-alpine
environment:
POSTGRES_USER: ${POSTGRES_USER}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
POSTGRES_DB: openbas
volumes:
- pgsqldata:/var/lib/postgresql/data
restart: always
healthcheck:
test: [ "CMD", "pg_isready", "-U", "${POSTGRES_USER}", "-d", "openbas" ]
interval: 10s
timeout: 5s
retries: 5
minio:
image: minio/minio:RELEASE.2024-05-28T17-19-04Z
volumes:
- s3data:/data
ports:
- "9000:9000"
environment:
MINIO_ROOT_USER: ${MINIO_ROOT_USER}
MINIO_ROOT_PASSWORD: ${MINIO_ROOT_PASSWORD}
command: server /data
restart: always
healthcheck:
test: [ "CMD", "curl", "-f", "http://localhost:9000/minio/health/live" ]
interval: 10s
timeout: 5s
retries: 5
rabbitmq:
image: rabbitmq:4.0-management
environment:
- RABBITMQ_DEFAULT_USER=${RABBITMQ_DEFAULT_USER}
- RABBITMQ_DEFAULT_PASS=${RABBITMQ_DEFAULT_PASS}
- RABBITMQ_NODENAME=rabbit01@localhost
volumes:
- type: bind
source: rabbitmq.conf
target: /etc/rabbitmq/rabbitmq.conf
- amqpdata:/var/lib/rabbitmq
restart: always
healthcheck:
test: [ "CMD", "rabbitmq-diagnostics", "-q", "ping" ]
interval: 10s
timeout: 5s
retries: 5
openbas:
image: openbas/platform:1.15.0
environment:
# OpenBAS General Configuration
- OPENBAS_BASE-URL=${OPENBAS_BASE_URL}
- OPENBAS_AUTH-LOCAL-ENABLE=true
- OPENBAS_ADMIN_EMAIL=${OPENBAS_ADMIN_EMAIL}
- OPENBAS_ADMIN_PASSWORD=${OPENBAS_ADMIN_PASSWORD}
- OPENBAS_ADMIN_TOKEN=${OPENBAS_ADMIN_TOKEN}
# POSTGRES
- SPRING_DATASOURCE_URL=jdbc:postgresql://pgsql:5432/openbas
- SPRING_DATASOURCE_USERNAME=${POSTGRES_USER}
- SPRING_DATASOURCE_PASSWORD=${POSTGRES_PASSWORD}
# MINIO
- MINIO_ENDPOINT=minio
- MINIO_ACCESS-KEY=${MINIO_ROOT_USER}
- MINIO_ACCESS-SECRET=${MINIO_ROOT_PASSWORD}
# RABBITMQ
- OPENBAS_RABBITMQ_HOSTNAME=rabbitmq
- OPENBAS_RABBITMQ_USER=${RABBITMQ_DEFAULT_USER}
- OPENBAS_RABBITMQ_PASS=${RABBITMQ_DEFAULT_PASS}
# SPRING MAIL Configurations
- SPRING_MAIL_HOST=${SPRING_MAIL_HOST}
- SPRING_MAIL_PORT=${SPRING_MAIL_PORT}
- SPRING_MAIL_USERNAME=${SPRING_MAIL_USERNAME}
- SPRING_MAIL_PASSWORD=${SPRING_MAIL_PASSWORD}
- SPRING_MAIL_PROPERTIES_MAIL_SMTP_AUTH=${SPRING_MAIL_PROPERTIES_MAIL_SMTP_AUTH}
- SPRING_MAIL_PROPERTIES_MAIL_SMTP_SSL_ENABLE=${SPRING_MAIL_PROPERTIES_MAIL_SMTP_SSL_ENABLE}
- SPRING_MAIL_PROPERTIES_MAIL_SMTP_SSL_TRUST=*
- SPRING_MAIL_PROPERTIES_MAIL_SMTP_STARTTLS_ENABLE=${SPRING_MAIL_PROPERTIES_MAIL_SMTP_STARTTLS_ENABLE}
# IMAP Configurations
- OPENBAS_MAIL_IMAP_ENABLED=${OPENBAS_MAIL_IMAP_ENABLED}
- OPENBAS_MAIL_IMAP_HOST=${OPENBAS_MAIL_IMAP_HOST}
- OPENBAS_MAIL_IMAP_PORT=${OPENBAS_MAIL_IMAP_PORT}
- OPENBAS_MAIL_IMAP_USERNAME=${SPRING_MAIL_USERNAME}
- OPENBAS_MAIL_IMAP_PASSWORD=${SPRING_MAIL_PASSWORD}
- OPENBAS_MAIL_IMAP_AUTH=${OPENBAS_MAIL_IMAP_AUTH}
- OPENBAS_MAIL_IMAP_SSL_ENABLE=${OPENBAS_MAIL_IMAP_SSL_ENABLE}
- OPENBAS_MAIL_IMAP_SSL_TRUST=*
- OPENBAS_MAIL_IMAP_STARTTLS_ENABLE=${OPENBAS_MAIL_IMAP_STARTTLS_ENABLE}
ports:
- "8080:8080" # If you change the host port (the left one) do not forget to update OPENBAS_BASE-URL in you .env
depends_on:
pgsql:
condition: service_healthy
minio:
condition: service_healthy
rabbitmq:
condition: service_healthy
restart: always
healthcheck:
test: [ "CMD", "wget", "-qO-", "http://openbas:8080/api/health?health_access_key=${OPENBAS_HEALTHCHECK_KEY}" ]
interval: 10s
timeout: 5s
retries: 20
collector-mitre-attack:
image: openbas/collector-mitre-attack:1.15.0
environment:
- OPENBAS_URL=http://openbas:8080
- OPENBAS_TOKEN=${OPENBAS_ADMIN_TOKEN}
- COLLECTOR_ID=${COLLECTOR_MITRE_ATTACK_ID} # Valid UUIDv4
- "COLLECTOR_NAME=MITRE ATT&CK"
- COLLECTOR_LOG_LEVEL=info
depends_on:
openbas:
condition: service_healthy
restart: always
collector-atomic-red-team:
image: openbas/collector-atomic-red-team:1.15.0
environment:
- OPENBAS_URL=http://openbas:8080
- OPENBAS_TOKEN=${OPENBAS_ADMIN_TOKEN}
- COLLECTOR_ID=${COLLECTOR_ATOMIC_RED_TEAM_ID} # Valid UUIDv4
- "COLLECTOR_NAME=Atomic Red Team"
- COLLECTOR_LOG_LEVEL=info
depends_on:
openbas:
condition: service_healthy
restart: always
volumes:
pgsqldata:
s3data:
amqpdata: