├── LICENSE ├── README.md ├── build.sh └── container ├── Dockerfile └── supervisord.conf /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2016, Harvard University IT Security - Ventz Petkov 2 | All rights reserved. 3 | 4 | Redistribution and use in source and binary forms, with or without 5 | modification, are permitted provided that the following conditions are met: 6 | 7 | 1. Redistributions of source code must retain the above copyright notice, this 8 | list of conditions and the following disclaimer. 9 | 10 | 2. Redistributions in binary form must reproduce the above copyright notice, 11 | this list of conditions and the following disclaimer in the documentation 12 | and/or other materials provided with the distribution. 13 | 14 | 3. Neither the name of the Harvard University nor the names of its 15 | contributors may be used to endorse or promote products derived from this 16 | software without specific prior written permission. 17 | 18 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND 19 | ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 20 | WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 21 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR 22 | ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 23 | (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 24 | LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 25 | ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 27 | SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Docker MISP Container 2 | ===================== 3 | ### Latest Update: 4-14-2020 4 | 5 | Following the Official MISP Ubuntu 18.04 LTS build instructions. 6 | 7 | Latest Upstream Change Included: a62bca4e169c919413bba4e6ce978e30aae9183e 8 | 9 | Github repo + build script here: 10 | https://github.com/harvard-itsecurity/docker-misp 11 | (note: after a git pull, update ```build.sh``` with your own passwords/FQDN, and then build the image) 12 | 13 | # What is this? 14 | This is an easy and highly customizable Docker container with MISP - 15 | Malware Information Sharing Platform & Threat Sharing (http://www.misp-project.org) 16 | 17 | Our goal was to provide a way to setup + run MISP in less than a minute! 18 | 19 | We follow the official MISP installation steps everywhere possible, 20 | while adding automation around tedious manual steps and configurations. 21 | 22 | We have done this without sacrificing options and the ability to 23 | customize MISP for your unique environment! Some examples include: 24 | auto changing the salt hash, auto initializing the database, auto generating GPG 25 | keys, auto generating working + secure configs, and adding custom 26 | passwords/domain names/email addresses/ssl certificates. 27 | 28 | The misp-modules extensions functionality has been included and can be 29 | accessed from http://[dockerhostip]:6666/modules. 30 | (thanks to Conrad) 31 | 32 | # Build Docker container vs using Dockerhub binary? 33 | 34 | We always recommend building your own Docker MISP image using our "build.sh" script. 35 | This allows you to change all the passwords and customize a few config options. 36 | 37 | That said, you can pull down the Dockerhub binary image, but this is 38 | _not_ supported or recommended. It's there purely for convenience, and so that you can "get 39 | a feel" for MISP without building it. It will by default contain "LOCALHOST" as all configured host everywhere, and this will only work on the same system or if you proxy/port forward. 40 | 41 | 42 | Building your own MISP Docker image is incredibly simple: 43 | ``` 44 | git clone https://github.com/harvard-itsecurity/docker-misp.git 45 | cd docker-misp 46 | 47 | # modify build.sh, specifically for: 48 | # 1.) all passwords (MYSQL, GPG) 49 | # 2.) change at LEAST "MISP_FQDN" to your FQDN (domain) 50 | 51 | # Build the docker image - will take a bit, but it's a one time thing! 52 | # Run this from the root of "docker-misp" 53 | ./build.sh 54 | ``` 55 | 56 | This will produce an image called: ```harvarditsecurity/docker-misp``` 57 | 58 | # How to run it in 3 steps: 59 | 60 | About ```$docker-root``` - If you are running Docker on a Mac, there are some mount directory restrictions by default (see: https://docs.docker.com/docker-for-mac/osxfs/#namespaces). Your ```$docker-root``` needs to be either one of the supported defaults ("Users", "Volumes", "private", or "tmp"), otherwise, you must go to "Preferences" -> "File Sharing" and add your chosen $docker-root to the list. 61 | 62 | We would suggest using ```/docker``` for your ```$docker-root```, and if using a Mac, adding that to the File Sharing list. 63 | 64 | Once you have your DB directory created (```mkdir -p /docker/misp-db```), follow the 3 steps: 65 | 66 | ## 1. Initialize Database 67 | 68 | ``` 69 | docker run -it --rm \ 70 | -v $docker-root/misp-db:/var/lib/mysql \ 71 | harvarditsecurity/misp /init-db 72 | ``` 73 | 74 | ## 2. Start the container 75 | ``` 76 | docker run -it -d \ 77 | -p 443:443 \ 78 | -p 80:80 \ 79 | -p 3306:3306 \ 80 | -p 6666:6666 \ 81 | -v $docker-root/misp-db:/var/lib/mysql \ 82 | harvarditsecurity/misp 83 | ``` 84 | 85 | ## 3. Access Web URL 86 | ``` 87 | Go to: https://localhost (or your "MISP_FQDN" setting) 88 | 89 | Login: admin@admin.test 90 | Password: admin 91 | ``` 92 | 93 | And change the password! :) 94 | 95 | # What can you customize/pass during build? 96 | You can customize the ```build.sh``` script to pass custom: 97 | 98 | * MYSQL_MISP_PASSWORD 99 | * POSTFIX_RELAY_HOST 100 | * MISP_FQDN 101 | * MISP_EMAIL 102 | * MISP_GPG_PASSWORD 103 | 104 | See build.sh for an example on how to customize and build your own image with custom defaults. 105 | 106 | # How to use custom SSL Certificates: 107 | During run-time, override ```/etc/ssl/private``` 108 | 109 | ``` 110 | docker run -it -d \ 111 | -p 443:443 \ 112 | -p 80:80 \ 113 | -p 3306:3306 \ 114 | -v $docker-root/certs:/etc/ssl/private \ 115 | -v $docker-root/misp-db:/var/lib/mysql \ 116 | harvarditsecurity/misp 117 | ``` 118 | 119 | And in your ```/certs``` dir, create private/public certs with file names: 120 | 121 | * misp.key 122 | * misp.crt 123 | 124 | # Security note in regards to key generation: 125 | We have added "rng-tools" in order to help with entropy generation, 126 | since users have mentioned that during the pgp generation, some 127 | systems have a hard time creating enough "randomness". This in turn 128 | uses a pseudo-random generator, which is not 100% secure. If this is a 129 | concern for a production environment, you can either 1.) take out the 130 | "rng-tools" part from the Dockerfile and re-build the container, or 131 | 2.) replace the keys with your own! For most users, this should not 132 | ever be an issue. The "rng-tools" is removed as part of the build 133 | process after it has been used. 134 | 135 | # Using a reverse proxy/SSL offloading (Traefik, Caddy, HAProxy, Nginx, etc) 136 | 137 | You will need to removing the SSL block (see: `/etc/apache2/sites-available/default-ssl.conf`) 138 | 139 | And replace the HTTP block (see: `/etc/apache2/sites-available/000-default.conf` with: 140 | 141 | ``` 142 | 143 | ServerAdmin admin@localhost 144 | ServerName localhost 145 | DocumentRoot /var/www/MISP/app/webroot 146 | 147 | Options -Indexes 148 | AllowOverride all 149 | 150 | LogLevel warn 151 | ErrorLog /var/log/apache2/misp_error.log 152 | CustomLog /var/log/apache2/misp_access.log combined 153 | ServerSignature Off 154 | 155 | ``` 156 | 157 | If you don't want to build a new image with this, you can simply add to your run-time: 158 | (note again: $docker-root is the place holder for your docker container and configs path) 159 | ``` 160 | -v $docker-root/apache.conf:/etc/apache2/sites-available/000-default.conf 161 | ``` 162 | 163 | 164 | # Contributions: 165 | Conrad Crampton: @radder5 - RNG Tools and MISP Modules 166 | 167 | Jeremy Barlow: @jbarlow-mcafee - Cleanup, configs, conveniences, python 2 vs 3 compatibility 168 | 169 | Matt Saunders: @matt-saunders - Fixed all install warnings and errors 170 | 171 | Matija Čoklica: @XizzoR - Discovered problem where GPG key was empty, lots of python/misp modules debugging (thanks!) 172 | 173 | # Help/Questions/Comments: 174 | For help or more info, feel free to contact Ventz Petkov: ventz_petkov@harvard.edu 175 | -------------------------------------------------------------------------------- /build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | docker rmi harvarditsecurity/misp 3 | docker build \ 4 | --rm=true --force-rm=true \ 5 | --build-arg MYSQL_MISP_PASSWORD=ChangeThisDefaultPassworda9564ebc3289b7a14551baf8ad5ec60a \ 6 | --build-arg POSTFIX_RELAY_HOST=localhost \ 7 | --build-arg MISP_FQDN=localhost \ 8 | --build-arg MISP_EMAIL=admin@localhost \ 9 | --build-arg MISP_GPG_PASSWORD=ChangeThisDefaultPasswordXuJBao5Q2bps89LWFqWkKgDZwAFpNHvc \ 10 | -t harvarditsecurity/misp container 11 | -------------------------------------------------------------------------------- /container/Dockerfile: -------------------------------------------------------------------------------- 1 | # User supplied inputs - (see bellow within Dockerfile for real ARGS that you can replace) 2 | # // DO NOT TOUCH HERE - THIS SECTION IS NOT USED - SIMPLY USED AS README // 3 | ################################################################## 4 | # ARG MYSQL_MISP_PASSWORD=ChangeThisDefaultPassworda9564ebc3289b7a14551baf8ad5ec60a 5 | # ARG POSTFIX_RELAY_HOST=localhost 6 | # ARG MISP_FQDN=localhost 7 | # ARG MISP_EMAIL=admin@localhost 8 | # ARG MISP_GPG_PASSWORD=ChangeThisDefaultPasswordXuJBao5Q2bps89LWFqWkKgDZwAFpNHvc 9 | ################################################################## 10 | # ^^^ DO NOT TOUCH HERE - THIS SECTION IS NOT USED - SIMPLY USED AS README ^^^ 11 | FROM ubuntu:18.04 12 | MAINTAINER Ventz Petkov 13 | 14 | # Dir you need to override to keep data on reboot/new container: 15 | VOLUME /var/lib/mysql 16 | #VOLUME /var/www/MISP/Config 17 | 18 | # Dir you might want to override in order to have custom ssl certs 19 | # Need: "misp.key" and "misp.crt" 20 | #VOLUME /etc/ssl/private 21 | 22 | # 80/443 - MISP web server, 3306 - mysql, 6379 - redis, 6666 - MISP modules, 50000 - MISP ZeroMQ 23 | EXPOSE 80 443 3306 6379 6666 50000 24 | 25 | ENV DEBIAN_FRONTEND noninteractive 26 | ENV DEBIAN_PRIORITY critical 27 | RUN apt-get update && apt-get install -y supervisor cron logrotate syslog-ng-core postfix curl gcc git gnupg-agent make python3 openssl redis-server sudo vim zip wget mariadb-client mariadb-server sqlite3 moreutils apache2 apache2-doc apache2-utils libapache2-mod-php php php-cli php-gnupg php-dev php-json php-mysql php7.2-opcache php-readline php-redis php-xml php-mbstring rng-tools python3-dev python3-pip python3-yara python3-redis python3-zmq libxml2-dev libxslt1-dev zlib1g-dev python3-setuptools libpq5 libjpeg-dev libfuzzy-dev ruby asciidoctor tesseract-ocr imagemagick libpoppler-cpp-dev virtualenv libopencv-dev zbar-tools libzbar0 libzbar-dev build-essential -y 28 | 29 | # Edit the php.ini file to adjust initial PHP settings to MISP recommended settings 30 | RUN sed -i "s/max_execution_time = 30/max_execution_time = 300/" /etc/php/7.2/apache2/php.ini ; \ 31 | sed -i "s/memory_limit = 128M/memory_limit = 2048M/" /etc/php/7.2/apache2/php.ini ; \ 32 | sed -i "s/upload_max_filesize = 2M/upload_max_filesize = 50M/" /etc/php/7.2/apache2/php.ini ; \ 33 | sed -i "s/post_max_size = 8M/post_max_size = 50M/" /etc/php/7.2/apache2/php.ini 34 | 35 | ARG POSTFIX_RELAY_HOST=localhost 36 | 37 | #echo "test -e /var/run/mysqld || install -m 755 -o mysql -g root -d /var/run/mysqld" ; \ 38 | RUN sed -i -E 's/^(\s*)system\(\);/\1unix-stream("\/dev\/log");/' /etc/syslog-ng/syslog-ng.conf ; \ 39 | postconf -e "relayhost = $POSTFIX_RELAY_HOST" ; \ 40 | sed -i "s/daemonize yes/daemonize no/" /etc/redis/redis.conf ; \ 41 | test -e /var/run/mysqld || install -m 755 -o mysql -g root -d /var/run/mysqld ; \ 42 | a2dismod status ; \ 43 | a2enmod ssl rewrite headers; \ 44 | a2ensite 000-default ; \ 45 | a2ensite default-ssl ; \ 46 | mkdir -p /var/www/MISP /root/.config /root/.git 47 | 48 | 49 | WORKDIR /var/www/MISP 50 | RUN chown -R www-data:www-data /var/www/MISP /root/.config /root/.git; \ 51 | sudo -u www-data -H git clone https://github.com/MISP/MISP.git /var/www/MISP ; \ 52 | sudo -u www-data -H git submodule update --init --recursive ; \ 53 | sudo -u www-data -H git submodule foreach --recursive git config core.filemode false ; \ 54 | sudo -u www-data -H git config core.filemode false ; \ 55 | echo 56 | 57 | RUN sudo pip3 install --upgrade pip ; \ 58 | sudo pip3 install git+https://github.com/CybOXProject/mixbox.git ; \ 59 | sudo pip3 install git+https://github.com/CybOXProject/python-cybox.git ; \ 60 | sudo pip3 install git+https://github.com/STIXProject/python-stix.git ; \ 61 | sudo pip3 install git+https://github.com/MAECProject/python-maec.git ; \ 62 | sudo pip3 install /var/www/MISP/cti-python-stix2 ; \ 63 | sudo pip3 install /var/www/MISP/PyMISP ; \ 64 | sudo pip3 install git+https://github.com/kbandla/pydeep.git ; \ 65 | sudo pip3 install https://github.com/lief-project/packages/raw/lief-master-latest/pylief-0.9.0.dev.zip ; \ 66 | sudo pip3 install jsonschema ; \ 67 | sudo pip3 install reportlab ; \ 68 | sudo pip3 install python-magic ; \ 69 | sudo pip3 install pyzmq ; \ 70 | sudo pip3 install redis 71 | 72 | 73 | WORKDIR /var/www/MISP 74 | RUN sudo -u www-data -H git submodule init ; \ 75 | sudo -u www-data -H git submodule update 76 | 77 | WORKDIR /usr/local/src 78 | RUN sudo -H git clone https://github.com/MISP/misp-modules.git 79 | 80 | WORKDIR /usr/local/src/misp-modules 81 | RUN sudo -H git checkout ; \ 82 | sudo pip3 install -I -r REQUIREMENTS ; \ 83 | sudo pip3 install -I . 84 | 85 | #RUN sudo pip uninstall -y cybox 86 | ARG MISP_FQDN=localhost 87 | ARG MISP_EMAIL=admin@localhost 88 | 89 | WORKDIR /var/www/MISP/app 90 | RUN mkdir /var/www/.composer && chown -R www-data:www-data /var/www/.composer ; \ 91 | sudo -u www-data -H wget https://getcomposer.org/download/1.2.1/composer.phar -O composer.phar ; \ 92 | sudo -u www-data -H php composer.phar require kamisama/cake-resque:4.1.2 ; \ 93 | sudo -u www-data -H php composer.phar config vendor-dir Vendor ; \ 94 | sudo -u www-data -H php composer.phar install ; \ 95 | sudo phpenmod redis ; \ 96 | sudo -u www-data -H cp -fa /var/www/MISP/INSTALL/setup/config.php /var/www/MISP/app/Plugin/CakeResque/Config/config.php ; \ 97 | sudo chown -R www-data:www-data /var/www/MISP ; \ 98 | sudo chmod -R 750 /var/www/MISP ; \ 99 | sudo chmod -R g+ws /var/www/MISP/app/tmp ; \ 100 | sudo chmod -R g+ws /var/www/MISP/app/files ; \ 101 | sudo chmod -R g+ws /var/www/MISP/app/files/scripts/tmp ; \ 102 | openssl req -x509 -nodes -days 3650 -newkey rsa:4096 -keyout /etc/ssl/private/misp.key -out /etc/ssl/private/misp.crt -batch ; \ 103 | echo "" > /etc/apache2/sites-available/000-default.conf ; \ 104 | echo "ServerName $MISP_FQDN" >> /etc/apache2/sites-available/000-default.conf ; \ 105 | echo "Redirect permanent / https://$MISP_FQDN" >> /etc/apache2/sites-available/000-default.conf ; \ 106 | echo "LogLevel warn" >> /etc/apache2/sites-available/000-default.conf ; \ 107 | echo "ErrorLog /var/log/apache2/misp_error.log" >> /etc/apache2/sites-available/000-default.conf ; \ 108 | echo "CustomLog /var/log/apache2/misp_access.log combined" >> /etc/apache2/sites-available/000-default.conf ; \ 109 | echo "ServerSignature Off" >> /etc/apache2/sites-available/000-default.conf ; \ 110 | echo "" >> /etc/apache2/sites-available/000-default.conf ; \ 111 | echo "" > /etc/apache2/sites-available/default-ssl.conf ; \ 112 | echo "ServerAdmin $MISP_EMAIL" >> /etc/apache2/sites-available/default-ssl.conf ; \ 113 | echo "ServerName $MISP_FQDN" >> /etc/apache2/sites-available/default-ssl.conf ; \ 114 | echo "DocumentRoot /var/www/MISP/app/webroot" >> /etc/apache2/sites-available/default-ssl.conf ; \ 115 | echo "" >> /etc/apache2/sites-available/default-ssl.conf ; \ 116 | echo "Options -Indexes" >> /etc/apache2/sites-available/default-ssl.conf ; \ 117 | echo "AllowOverride all" >> /etc/apache2/sites-available/default-ssl.conf ; \ 118 | echo "" >> /etc/apache2/sites-available/default-ssl.conf ; \ 119 | echo "SSLEngine On" >> /etc/apache2/sites-available/default-ssl.conf ; \ 120 | echo "SSLCertificateFile /etc/ssl/private/misp.crt" >> /etc/apache2/sites-available/default-ssl.conf ; \ 121 | echo "SSLCertificateKeyFile /etc/ssl/private/misp.key" >> /etc/apache2/sites-available/default-ssl.conf ; \ 122 | echo "#SSLCertificateChainFile /etc/ssl/private/misp-chain.crt" >> /etc/apache2/sites-available/default-ssl.conf ; \ 123 | echo "LogLevel warn" >> /etc/apache2/sites-available/default-ssl.conf ; \ 124 | echo "ErrorLog /var/log/apache2/misp_ssl_error.log" >> /etc/apache2/sites-available/default-ssl.conf ; \ 125 | echo "CustomLog /var/log/apache2/misp_ssl_access.log combined" >> /etc/apache2/sites-available/default-ssl.conf ; \ 126 | echo "ServerSignature Off" >> /etc/apache2/sites-available/default-ssl.conf ; \ 127 | echo "" >> /etc/apache2/sites-available/default-ssl.conf ; \ 128 | echo "ServerName localhost" >> /etc/apache2/apache2.conf ; \ 129 | sudo -u www-data cp -a /var/www/MISP/app/Config/bootstrap.default.php /var/www/MISP/app/Config/bootstrap.php ; \ 130 | sudo -u www-data cp -a /var/www/MISP/app/Config/database.default.php /var/www/MISP/app/Config/database.php ; \ 131 | sudo -u www-data cp -a /var/www/MISP/app/Config/core.default.php /var/www/MISP/app/Config/core.php ; \ 132 | sudo -u www-data cp -a /var/www/MISP/app/Config/config.default.php /var/www/MISP/app/Config/config.php 133 | 134 | ARG MYSQL_MISP_PASSWORD=ChangeThisDefaultPassworda9564ebc3289b7a14551baf8ad5ec60a 135 | ARG MISP_GPG_PASSWORD=ChangeThisDefaultPasswordXuJBao5Q2bps89LWFqWkKgDZwAFpNHvc 136 | 137 | RUN sed -i -e 's/db login/misp/g' /var/www/MISP/app/Config/database.php ; \ 138 | sed -i -e "s/db password/${MYSQL_MISP_PASSWORD}/g" /var/www/MISP/app/Config/database.php ; \ 139 | sed -i -E "s/'salt'(\s+)=>\s''/'salt' => '`openssl rand -base64 32 | tr \'/\' \'0\'`'/" /var/www/MISP/app/Config/config.php ; \ 140 | sed -i -E "s/'baseurl'(\s+)=>\s''/'baseurl' => 'https:\/\/${MISP_FQDN}'/" /var/www/MISP/app/Config/config.php ; \ 141 | sed -i -e "s/email@address.com/${MISP_EMAIL}/" /var/www/MISP/app/Config/config.php ; \ 142 | sed -i -e "s/bind 127.0.0.1 ::1/bind 0.0.0.0/" /etc/redis/redis.conf ; \ 143 | sudo chown -R www-data:www-data /var/www/MISP/app/Config ; \ 144 | sudo chmod -R 750 /var/www/MISP/app/Config ; \ 145 | sudo -u www-data -H wget https://github.com/ssdeep-project/ssdeep/releases/download/release-2.14.1/ssdeep-2.14.1.tar.gz ; \ 146 | tar zxvf ssdeep-2.14.1.tar.gz && cd ssdeep-2.14.1 && ./configure && make && sudo make install ; \ 147 | sudo pecl install ssdeep ; \ 148 | sudo echo "extension=ssdeep.so" > /etc/php/7.2/mods-available/ssdeep.ini ; \ 149 | sudo phpenmod ssdeep ; \ 150 | echo "#!/bin/bash" > /init-db ; \ 151 | echo "if [ ! -f /var/lib/mysql/.db_initialized ]; then" >> /init-db ; \ 152 | echo "sudo chown -R mysql:mysql /var/lib/mysql" >> /init-db ; \ 153 | echo "sudo -u mysql -H /usr/bin/mysql_install_db --user=mysql" >> /init-db ; \ 154 | echo "chown -R mysql:mysql /var/lib/mysql" >> /init-db ; \ 155 | echo "cd '/usr' ; /usr/bin/mysqld_safe --datadir='/var/lib/mysql' &" >> /init-db ; \ 156 | echo "sleep 5" >> /init-db ; \ 157 | echo "mysql -uroot -e \"DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')\"" >> /init-db ; \ 158 | echo "mysql -uroot -e \"DELETE FROM mysql.user WHERE User=''\"" >> /init-db ; \ 159 | echo "mysql -uroot -e \"DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%'\"" >> /init-db ; \ 160 | echo "mysql -uroot -e \"FLUSH PRIVILEGES;\"" >> /init-db ; \ 161 | echo "mysql -uroot -e \"create database misp\"" >> /init-db ; \ 162 | echo "mysql -uroot -e \"grant usage on *.* to misp@localhost identified by '$MYSQL_MISP_PASSWORD'\"" >> /init-db ; \ 163 | echo "mysql -uroot -e \"grant all privileges on misp.* to misp@localhost\"" >> /init-db ; \ 164 | echo "mysql -uroot -e \"flush privileges;\"" >> /init-db ; \ 165 | echo "sudo -u www-data -H sh -c \"mysql -u misp -p$MYSQL_MISP_PASSWORD misp < /var/www/MISP/INSTALL/MYSQL.sql\"" >> /init-db ; \ 166 | echo "touch /var/lib/mysql/.db_initialized" >> /init-db ; \ 167 | echo "chown -R mysql:mysql /var/lib/mysql" >> /init-db ; \ 168 | echo "fi" >> /init-db ; \ 169 | echo "rm -f /init-db" >> /init-db ; \ 170 | chmod 755 /init-db ; \ 171 | sudo -u www-data -H mkdir /var/www/MISP/.gnupg ; \ 172 | chmod 700 /var/www/MISP/.gnupg ; \ 173 | echo "Key-Type: 1" > /tmp/config_gpg ; \ 174 | echo "Key-Length: 4096" >> /tmp/config_gpg ; \ 175 | echo "Subkey-Type: 1" >> /tmp/config_gpg ; \ 176 | echo "Subkey-Length: 4096" >> /tmp/config_gpg ; \ 177 | echo "Name-Real: MISP" >> /tmp/config_gpg ; \ 178 | echo "Name-Email: $MISP_EMAIL" >> /tmp/config_gpg ; \ 179 | echo "Expire-Date: 0" >> /tmp/config_gpg ; \ 180 | #echo "%no-protection" >> /tmp/config_gpg ; \ 181 | echo "Passphrase: $MISP_GPG_PASSWORD" >> /tmp/config_gpg ; \ 182 | chmod 700 /tmp/config_gpg ; \ 183 | sudo rm -f /dev/random ; \ 184 | sudo mknod -m 0666 /dev/random c 1 9 ; \ 185 | #sudo echo RNGDOPTIONS="--random-device /dev/urandom --rng-device /dev/urandom" | sudo tee /etc/default/rng-tools ; \ 186 | sudo echo HRNGDEVICE=/dev/urandom | sudo tee -a /etc/default/rng-tools ; \ 187 | sudo /etc/init.d/rng-tools restart ; \ 188 | sudo rngd -f -r /dev/urandom ; \ 189 | chown www-data /tmp/config_gpg ; \ 190 | sudo -u www-data sh -c "gpg --batch --homedir /var/www/MISP/.gnupg --gen-key /tmp/config_gpg" ; \ 191 | sudo -u www-data sh -c "gpg --homedir /var/www/MISP/.gnupg --export --armor $MISP_EMAIL > /var/www/MISP/app/webroot/gpg.asc" ; \ 192 | sudo /etc/init.d/rng-tools stop ; \ 193 | sudo apt-get remove --purge -y rng-tools 194 | 195 | WORKDIR /etc/logrotate.d 196 | RUN echo "/var/www/MISP/app/tmp/logs/resque-*-error.log {" > misp ; \ 197 | echo " rotate 30" >> misp ; \ 198 | echo " dateext" >> misp ; \ 199 | echo " missingok" >> misp ; \ 200 | echo " notifempty" >> misp ; \ 201 | echo " compress" >> misp ; \ 202 | echo " weekly" >> misp ; \ 203 | echo " copytruncate" >> misp ; \ 204 | echo "}" >> misp ; \ 205 | chmod 0640 /etc/logrotate.d/misp 206 | 207 | 208 | WORKDIR /var/www/MISP 209 | COPY supervisord.conf /etc/supervisor/conf.d/ 210 | 211 | #>&2 echo "The default user = "admin@admin.test" | The default password = admin" ; \ 212 | # To change it: 213 | #echo "/var/www/MISP/app/Console/cake Password 'admin@admin.test' '@dmin1!'" >> /root/init-db ; \ 214 | 215 | CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"] 216 | -------------------------------------------------------------------------------- /container/supervisord.conf: -------------------------------------------------------------------------------- 1 | [supervisord] 2 | nodaemon=true 3 | 4 | [program:cron] 5 | command=/usr/sbin/cron -f 6 | 7 | [program:syslog-ng] 8 | command=/usr/sbin/syslog-ng -F -p /var/run/syslog-ng.pid --no-caps 9 | 10 | [program:postfix] 11 | process_name = master 12 | directory = /etc/postfix 13 | command=/usr/lib/postfix/sbin/master -c /etc/postfix -d 14 | 15 | [program:mysql] 16 | process_name = mysqld_safe 17 | directory = /var/lib/mysql 18 | command=/usr/bin/mysqld_safe 19 | 20 | [program:redis-server] 21 | process_name = redis-server 22 | directory = /var/lib/redis 23 | command=/usr/bin/redis-server /etc/redis/redis.conf 24 | user=redis 25 | 26 | [program:apache2] 27 | command=/bin/bash -c "source /etc/apache2/envvars && exec /usr/sbin/apache2 -DFOREGROUND" 28 | 29 | [program:misp-modules] 30 | command=/bin/bash -c "/usr/local/bin/misp-modules -l '0.0.0.0' -s" 31 | user = www-data 32 | startsecs = 0 33 | 34 | [program:workers] 35 | command=/bin/bash /var/www/MISP/app/Console/worker/start.sh 36 | user=www-data 37 | --------------------------------------------------------------------------------