2023-06-13 21:58:46 +00:00 
										
									 
								 
							 
							
								
							 
							
								 
							
							
								# T-Pot config file. Do not remove.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
									
										
										
										
											2024-02-13 18:02:40 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								###############################################  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# T-Pot Base Settings - Adjust to your needs. #  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								###############################################  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
									
										
										
										
											2024-02-19 16:34:14 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								# Set Web usernames and passwords here. This section will be used to create / update the Nginx password file nginxpasswd.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#  <empty>: This is the default  
						 
					
						
							
								
									
										
										
										
											2024-02-23 19:41:58 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								#  <base64 encoded htpasswd usernames / passwords>:  
						 
					
						
							
								
									
										
										
										
											2024-03-13 15:37:05 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								#   Use 'htpasswd -n -b "username" "password" | base64 -w0' to create the WEB_USER if you want to manually deploy T-Pot, run 'install.sh' to automatically add a user during installation, or 'genuser.sh' if you just want to add a web user.  
						 
					
						
							
								
									
										
										
										
											2024-02-23 19:41:58 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								#   Example: 'htpasswd -n -b "tsec" "tsec" | base64 -w0' will print dHNlYzokYXByMSRYUnE2SC5rbiRVRjZQM1VVQmJVNWJUQmNmSGRuUFQxCgo=  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#   Copy the string and replace WEB_USER=dHNlYzokYXByMSRYUnE2SC5rbiRVRjZQM1VVQmJVNWJUQmNmSGRuUFQxCgo=  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#   Multiple users are possible:  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#   WEB_USER=dHNlYzokYXByMSRYUnE2SC5rbiRVRjZQM1VVQmJVNWJUQmNmSGRuUFQxCgo= dHNlYzokYXByMSR6VUFHVWdmOCRROXI3a09CTjFjY3lCeU1DTloyanEvCgo=  
						 
					
						
							
								
									
										
										
										
											2024-02-19 16:34:14 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								WEB_USER =  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# Set Logstash Web usernames and passwords here. This section will be used to create / update the Nginx password file lswebpasswd.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# The Lostsash Web usernames are used for T-Pot log ingestion via Logstash, each sensor should have its own user.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#  <empty>: This is empty by default.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#  <'htpasswd encoded usernames / passwords'>:  
						 
					
						
							
								
									
										
										
										
											2024-02-23 19:41:58 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								#   Use 'htpasswd -n -b "username" "password" | base64 -w0' to create the LS_WEB_USER if you want to manually deploy the sensor.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#   Example: 'htpasswd -n -b "sensor" "sensor" | base64 -w0' will print c2Vuc29yOiRhcHIxJGVpMHdzUmdYJHNyWHF4UG53ZzZqWUc3aEFaUWxrWDEKCg==  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#   Copy the string and replace / add LS_WEB_USER=c2Vuc29yOiRhcHIxJGVpMHdzUmdYJHNyWHF4UG53ZzZqWUc3aEFaUWxrWDEKCg==  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#   Multiple users are possible:  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#   LS_WEB_USER=c2Vuc29yMTokYXByMSQ5aXhNRk5yMCR6d3F2dGFwQ2x0cFBhU1pqMm9ZemYxCgo= c2Vuc29yMjokYXByMSRtYTlOS1J2NCQvU3dsVVBMeW5RaVIyM3pyWVAzOUkwCgo=  
						 
					
						
							
								
									
										
										
										
											2024-02-19 16:34:14 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								LS_WEB_USER =  
						 
					
						
							
								
									
										
										
										
											2023-06-13 21:58:46 +00:00 
										
									 
								 
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# T-Pot Blackhole  
						 
					
						
							
								
									
										
										
										
											2024-02-19 16:34:14 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								#  ENABLED: T-Pot will download a db of known mass scanners and nullroute them.  
						 
					
						
							
								
									
										
										
										
											2023-06-13 21:58:46 +00:00 
										
									 
								 
							 
							
								
							 
							
								 
							
							
								#           Be aware, this will put T-Pot off the map for stealth reasons and  
						 
					
						
							
								
									
										
										
										
											2024-02-19 16:34:14 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								#           you will get less traffic. Routes will be active until next reboot  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#           and will be re-added with every T-Pot start until disabled.  
						 
					
						
							
								
									
										
										
										
											2023-06-13 21:58:46 +00:00 
										
									 
								 
							 
							
								
							 
							
								 
							
							
								#  DISABLED: This is the default and no stealth efforts are in place.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								TPOT_BLACKHOLE = DISABLED 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
									
										
										
										
											2024-01-05 11:00:36 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								# T-Pot Persistence  
						 
					
						
							
								
									
										
										
										
											2024-02-19 16:34:14 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								#  on: This is the default. T-Pot will keep the honeypot logfiles and rotate  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#      with logrotate for 30 days.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#  off: This is recommended for Raspberry Pi or setups with weaker CPUs or  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#       if you just do not need any of the logfiles.  
						 
					
						
							
								
									
										
										
										
											2024-01-05 11:00:36 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								TPOT_PERSISTENCE = on 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
									
										
										
										
											2025-05-13 13:32:00 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								# T-Pot Persistence Cycles  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#  <1-999>: Set the number of T-Pot restart cycles for logrotate.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#           Be mindful of this setting as the logs will use up a lot of available disk space.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#           In case the setting is invalid, T-Pot will default to 30 cycles.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#  Remember to adjust the Elastic Search Lifecycle Policy (https://github.com/telekom-security/tpotce/?tab=readme-ov-file#log-persistence)   
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#  as this setting only accounts for the honeypot logs in the ~/tpotce/data folder.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								TPOT_PERSISTENCE_CYCLES = 30  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
									
										
										
										
											2024-02-13 18:02:40 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								# T-Pot Type  
						 
					
						
							
								
									
										
										
										
											2024-02-19 16:34:14 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								#  HIVE: This is the default and offers everything to connect T-Pot sensors.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#  SENSOR: This needs to be used when running a sensor. Be aware to adjust all other  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#          settings as well.  
						 
					
						
							
								
									
										
										
										
											2025-03-28 08:39:38 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								#          1. You will need to copy compose/sensor.yml to ./docker-compose.yml  
						 
					
						
							
								
									
										
										
										
											2024-02-19 16:34:14 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								#          2. From HIVE host you will need to copy ~/tpotce/data/nginx/cert/nginx.crt to  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#             your SENSOR host to ~/tpotce/data/hive.crt  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#          3. On HIVE: Create a web user per SENSOR on HIVE and provide credentials below  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#             Create credentials with 'htpasswd ~/tpotce/data/nginx/conf/lswebpasswd <username>'  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#          4. On SENSOR: Provide username / password from (3) for TPOT_HIVE_USER as base64 encoded string:  
						 
					
						
							
								
									
										
										
										
											2024-02-23 19:41:58 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								#                        "echo -n 'username:password' | base64 -w0"  
						 
					
						
							
								
									
										
										
										
											2024-05-13 13:49:38 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								#  MOBILE: This will set the correct type for T-Pot Mobile (https://github.com/telekom-security/tpotmobile)  
						 
					
						
							
								
									
										
										
										
											2024-02-13 18:02:40 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								TPOT_TYPE = HIVE 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# T-Pot Hive User (only relevant for SENSOR deployment)  
						 
					
						
							
								
									
										
										
										
											2024-02-19 16:34:14 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								#  <empty>: This is empty by default.  
						 
					
						
							
								
									
										
										
										
											2024-02-23 19:41:58 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								#  <base64 encoded string>: Provide a base64 encoded string "echo -n 'username:password' | base64 -w0"  
						 
					
						
							
								
									
										
										
										
											2024-02-19 16:34:14 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								#                           i.e. TPOT_HIVE_USER='dXNlcm5hbWU6cGFzc3dvcmQ='  
						 
					
						
							
								
									
										
										
										
											2024-02-13 18:02:40 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								TPOT_HIVE_USER =  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
									
										
										
										
											2024-06-04 13:33:28 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								# Logstash Sensor SSL verfication (only relevant on SENSOR hosts)  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# full: This is the default. Logstash, by default, verifies the complete certificate chain for ssl certificates.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#       This also includes the FQDN and sANs. By default T-Pot will only generate a self-signed certificate which  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#       contains a sAN for the HIVE IP. In scenario where the HIVE needs to be accessed via Internet, maybe with  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#       a different NAT address, a new certificate needs to be generated before deployment that includes all the  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#       IPs and FQDNs as sANs for logstash successfully establishing a connection to the HIVE for transmitting  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#       logs. Details here: https://github.com/telekom-security/tpotce?tab=readme-ov-file#distributed-deployment  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# none: This setting will disable the ssl verification check of logstash and should only be used in a testing  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#       environment where IPs often change. It is not recommended for a production environment where trust between  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#       HIVE and SENSOR is only established through a self signed certificate.   
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								LS_SSL_VERIFICATION = full 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
									
										
										
										
											2024-02-13 18:02:40 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								# T-Pot Hive IP (only relevant for SENSOR deployment)  
						 
					
						
							
								
									
										
										
										
											2024-02-19 16:34:14 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								#  <empty>: This is empty by default.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#  <IP, FQDN>: This can be either a IP (i.e. 192.168.1.1) or a FQDN (i.e. foo.bar.local)  
						 
					
						
							
								
									
										
										
										
											2024-02-13 18:02:40 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								TPOT_HIVE_IP =  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
									
										
										
										
											2023-07-20 16:41:56 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								# T-Pot AttackMap Text Output  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#  ENABLED: This is the default and the docker container map_data will print events to the console.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#  DISABLED: Printing events to the console is disabled.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								TPOT_ATTACKMAP_TEXT = ENABLED 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# T-Pot AttackMap Text Output Timezone  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#  UTC: (T-Pot default) This is usually the best option.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#  Continent/City: In Linux you can check our timezone with `readlink` /etc/localtime or  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#                  see the full list here: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#  Examples: America/New_York, Asia/Taipei, Australia/Melbourne, Europe/Athens, Europe/Berlin  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								TPOT_ATTACKMAP_TEXT_TIMEZONE = UTC 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
									
										
										
										
											2024-02-13 18:02:40 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								###################################################################################  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# Honeypots / Tools settings  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								###################################################################################  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# Some services / tools offer adjustments using ENVs which can be adjusted here.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								###################################################################################  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# Suricata ET Pro ruleset  
						 
					
						
							
								
									
										
										
										
											2024-02-19 16:34:14 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								#  OPEN: This is the default and will the ET Open ruleset  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#  OINKCODE: Replace OPEN with your Oinkcode to use the ET Pro ruleset  
						 
					
						
							
								
									
										
										
										
											2024-02-13 18:02:40 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								OINKCODE = OPEN 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
									
										
										
										
											2024-09-04 19:45:00 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								# Beelzebub Honeypot supports LLMs such as ChatGPT and the Ollama backend.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# Beelzebub is not part of the standard edition, please follow the README regarding setup.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# It is recommended to use the Ollama backend to keep costs at bay.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# Remember to rate limit API usage / set budget alerts when using ChatGPT API.  
						 
					
						
							
								
									
										
										
										
											2024-10-04 18:03:09 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								# BEELZEBUB_LLM_MODEL: Set to "ollama" or "gpt4-o".  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# BEELZEBUB_LLM_HOST: When using "ollama" set it to the URL of your Ollama backend.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# BEELZEBUB_OLLAMA_MODEL: Set to the model you are serving on your Ollama backend, i.e. "openchat".  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# BEELZEBUB_LLM_MODEL: "gpt4-o"  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# BEELZEBUB_OPENAISECRETKEY: "sk-proj-123456"  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								BEELZEBUB_LLM_MODEL: "ollama" 
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								BEELZEBUB_LLM_HOST: "http://ollama.local:11434/api/chat" 
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								BEELZEBUB_OLLAMA_MODEL: "openchat" 
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# Galah is a LLM-powered web honeypot supporting various LLM backends.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# Galah is not part of the standard edition, please follow the README regarding setup.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# It is recommended to use the Ollama backend to keep costs at bay.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# Remember to rate limit API usage / set budget alerts when using ChatGPT API.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# GALAH_LLM_PROVIDER: Set to "ollama" or "gpt4-o".  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# GALAH_LLM_SERVER_URL: When using "ollama" set it to the URL of your Ollama backend.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# GALAH_LLM_MODEL: Set to the model you are serving on your Ollama backend, i.e. "llama3".  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# GALAH_LLM_TEMPERATURE: "1"  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# GALAH_LLM_API_KEY: "sk-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# GALAH_LLM_CLOUD_LOCATION: ""  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# GALAH_LLM_CLOUD_PROJECT: ""  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								GALAH_LLM_PROVIDER: "ollama" 
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								GALAH_LLM_SERVER_URL: "http://ollama.local:11434" 
							 
						 
					
						
							
								
									
										
										
										
											2024-12-10 13:11:52 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								GALAH_LLM_MODEL: "llama3.1" 
							 
						 
					
						
							
								
									
										
										
										
											2024-10-04 18:03:09 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
									
										
										
										
											2024-02-13 18:02:40 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
									
										
										
										
											2023-06-13 21:58:46 +00:00 
										
									 
								 
							 
							
								
							 
							
								 
							
							
								###################################################################################  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# NEVER MAKE CHANGES TO THIS SECTION UNLESS YOU REALLY KNOW WHAT YOU ARE DOING!!! #  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								###################################################################################  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# docker.sock Path  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								TPOT_DOCKER_SOCK = /var/run/docker.sock 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# docker compose .env  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								TPOT_DOCKER_ENV = ./.env 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# Docker-Compose file  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								TPOT_DOCKER_COMPOSE = ./docker-compose.yml 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
									
										
										
										
											2024-02-19 16:34:14 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								# T-Pot Docker Repo  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#  Depending on where you are located you may choose between DockerHub and GHCR  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#  dtagdevsec: This will use the DockerHub image registry  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#  ghcr.io/telekom-security: This will use the GitHub container registry  
						 
					
						
							
								
									
										
										
										
											2024-12-11 10:45:16 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								TPOT_REPO = ghcr.io/telekom-security 
						 
					
						
							
								
									
										
										
										
											2023-06-13 21:58:46 +00:00 
										
									 
								 
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# T-Pot Version Tag  
						 
					
						
							
								
									
										
										
										
											2024-12-10 13:11:52 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								TPOT_VERSION = 24.04.1 
						 
					
						
							
								
									
										
										
										
											2023-06-13 21:58:46 +00:00 
										
									 
								 
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# T-Pot Pull Policy  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#  always: (T-Pot default) Compose implementations SHOULD always pull the image from the registry.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#  never: Compose implementations SHOULD NOT pull the image from a registry and SHOULD rely on the platform cached image.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#  missing: Compose implementations SHOULD pull the image only if it's not available in the platform cache.  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#  build: Compose implementations SHOULD build the image. Compose implementations SHOULD rebuild the image if already present.  
						 
					
						
							
								
									
										
										
										
											2024-09-05 13:09:35 +00:00 
										
									 
								 
							 
							
								
									
										 
								
							 
							
								 
							
							
								TPOT_PULL_POLICY = always 
						 
					
						
							
								
									
										
										
										
											2023-06-13 21:58:46 +00:00 
										
									 
								 
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# T-Pot Data Path  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								TPOT_DATA_PATH = ./data 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								
							 
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								# OSType (linux, mac, win)  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								#  Most docker features are available on linux  
						 
					
						
							
								
							 
							
								
							 
							
								 
							
							
								TPOT_OSTYPE = linux