From e8621fbba1b867bec27f217dde6d24841d84357f Mon Sep 17 00:00:00 2001 From: Marco Ochse Date: Mon, 4 Jun 2018 13:43:59 +0000 Subject: [PATCH] tweaking --- docker/honeytrap/docker-compose.yml | 3 - docker/netdata/docker-compose.yml | 3 + .../{ui-for-docker => portainer}/Dockerfile | 0 docker/{ui-for-docker => portainer}/README.md | 0 .../doc/dashboard.png | Bin .../docker-compose.yml | 15 ++-- .../{ui-for-docker => portainer}/favicon.ico | Bin docker/suricata/docker-compose.yml | 4 +- docker/wetty/.docker-compose.yml.swp | Bin 0 -> 12288 bytes etc/compose/tpot.yml | 78 ++++++++++++------ 10 files changed, 62 insertions(+), 41 deletions(-) rename docker/{ui-for-docker => portainer}/Dockerfile (100%) rename docker/{ui-for-docker => portainer}/README.md (100%) rename docker/{ui-for-docker => portainer}/doc/dashboard.png (100%) rename docker/{ui-for-docker => portainer}/docker-compose.yml (52%) rename docker/{ui-for-docker => portainer}/favicon.ico (100%) create mode 100644 docker/wetty/.docker-compose.yml.swp diff --git a/docker/honeytrap/docker-compose.yml b/docker/honeytrap/docker-compose.yml index c94b30eb..148ddaf2 100644 --- a/docker/honeytrap/docker-compose.yml +++ b/docker/honeytrap/docker-compose.yml @@ -1,8 +1,5 @@ version: '2.3' -networks: - honeytrap_local: - services: # Honeytrap service diff --git a/docker/netdata/docker-compose.yml b/docker/netdata/docker-compose.yml index 0395a8a5..8f4df165 100644 --- a/docker/netdata/docker-compose.yml +++ b/docker/netdata/docker-compose.yml @@ -8,6 +8,9 @@ services: container_name: netdata restart: always network_mode: "host" + #depends_on: + # elasticsearch: + # condition: service_healthy cap_add: - SYS_PTRACE security_opt: diff --git a/docker/ui-for-docker/Dockerfile b/docker/portainer/Dockerfile similarity index 100% rename from docker/ui-for-docker/Dockerfile rename to docker/portainer/Dockerfile diff --git a/docker/ui-for-docker/README.md b/docker/portainer/README.md similarity index 100% rename from docker/ui-for-docker/README.md rename to docker/portainer/README.md diff --git a/docker/ui-for-docker/doc/dashboard.png b/docker/portainer/doc/dashboard.png similarity index 100% rename from docker/ui-for-docker/doc/dashboard.png rename to docker/portainer/doc/dashboard.png diff --git a/docker/ui-for-docker/docker-compose.yml b/docker/portainer/docker-compose.yml similarity index 52% rename from docker/ui-for-docker/docker-compose.yml rename to docker/portainer/docker-compose.yml index dca5a909..673f6c82 100644 --- a/docker/ui-for-docker/docker-compose.yml +++ b/docker/portainer/docker-compose.yml @@ -1,23 +1,20 @@ -# T-Pot (Standard) -# For docker-compose ... -version: '2.2' +version: '2.3' networks: - ui-for-docker_local: + portainer_local: services: -# Ui-for-docker service - ui-for-docker: + portainer: build: . - container_name: ui-for-docker + container_name: portainer command: -H unix:///var/run/docker.sock --no-auth restart: always networks: - - ui-for-docker_local + - portainer_local ports: - "127.0.0.1:64299:9000" - image: "dtagdevsec/ui-for-docker:1804" + image: "dtagdevsec/portainer:1804" read_only: true volumes: - /var/run/docker.sock:/var/run/docker.sock diff --git a/docker/ui-for-docker/favicon.ico b/docker/portainer/favicon.ico similarity index 100% rename from docker/ui-for-docker/favicon.ico rename to docker/portainer/favicon.ico diff --git a/docker/suricata/docker-compose.yml b/docker/suricata/docker-compose.yml index cbc131cc..239272ee 100644 --- a/docker/suricata/docker-compose.yml +++ b/docker/suricata/docker-compose.yml @@ -1,6 +1,4 @@ -# T-Pot (Standard) -# For docker-compose ... -version: '2.2' +version: '2.3' services: diff --git a/docker/wetty/.docker-compose.yml.swp b/docker/wetty/.docker-compose.yml.swp new file mode 100644 index 0000000000000000000000000000000000000000..1e4236ef304751ebfc4fc3c1d9001368adda2cd3 GIT binary patch literal 12288 zcmeI&J#W-77zc0{#K?=vz-q2T7n-D3hAI*>I?+lX1Plz38$Z2^n%I%;%QXvp2EIet z*npWCiItB46GQn1Jb8fu>59Y#`dj)dv131qf6@)7_$YZgJCyrTBDmcU;!Shq`PpSH z+H)bCwV@mSQ}eYAq0LoTkantEJN-phFb+IBr&!zkgj~ELUOIMma$D8bQ`A=Li>$4V z2M~b3#R6Bw-gLMBsc%hg%bS}|E}o935P$##AOHafKmY;|fWUtx5b6!_l6Q1z+|}lI z-T3V~c5#6K1Rwwb2tWV=5P$##AOHafK;Rz~P+EwG*MxY->AwH}{Qv*`x)A4_ubeNO z&zw)351iMWSDaH$#(Bh9jTM!eQz|DqsJW)bQ$Cz8Pj~l|yOVy3+>!CZRx}9WxG zrb&|AnU6R9)KJyOKK-@I*2CHLm_iLFdKb`y8aZ%E+*icwmcal|B zcQ3cFJ`C^TgRL`P%#A8j`FM8!!R+9mU+>5VIsEX_K2j}}I rN6Vtrsf@VO52j*EKI@LvOHZyTauQ;^;oXRaoG+|N<@Pk%+ZI0nBVd@j literal 0 HcmV?d00001 diff --git a/etc/compose/tpot.yml b/etc/compose/tpot.yml index 49ecc7dc..79ddd828 100644 --- a/etc/compose/tpot.yml +++ b/etc/compose/tpot.yml @@ -1,7 +1,6 @@ # T-Pot (Standard) -# For docker-compose ... # Do not erase ports sections, these are used by /opt/tpot/bin/rules.sh to setup iptables ACCEPT rules for NFQ (honeytrap / glutton) -version: '2.2' +version: '2.3' networks: cowrie_local: @@ -11,7 +10,7 @@ networks: mailoney_local: rdpy_local: spiderfoot_local: - ui-for-docker_local: + portainer_local: vnclowpot_local: services: @@ -21,11 +20,14 @@ services: container_name: ciscoasa restart: always stop_signal: SIGINT + tmpfs: + - /tmp/ciscoasa:uid=2000,gid=2000 network_mode: "host" ports: - "5000:5000/udp" - "8443:8443" image: "dtagdevsec/ciscoasa:1804" + read_only: true volumes: - /data/ciscoasa/log:/var/log/ciscoasa @@ -33,12 +35,16 @@ services: cowrie: container_name: cowrie restart: always + tmpfs: + - /tmp/cowrie:uid=2000,gid=2000 + - /tmp/cowrie/data:uid=2000,gid=2000 networks: - cowrie_local ports: - "22:22" - "23:23" image: "dtagdevsec/cowrie:1804" + read_only: true volumes: - /data/cowrie/downloads:/home/cowrie/cowrie/dl - /data/cowrie/keys:/home/cowrie/cowrie/etc @@ -49,6 +55,7 @@ services: dionaea: container_name: dionaea stdin_open: true + tty: true restart: always network_mode: "host" ports: @@ -56,7 +63,7 @@ services: - "21:21" - "42:42" - "69:69/udp" - - "8081:8081" + - "81:81" - "135:135" - "443:443" - "445:445" @@ -101,7 +108,8 @@ services: restart: always environment: - bootstrap.memory_lock=true - - "ES_JAVA_OPTS=-Xms1024m -Xmx1024m" + - ES_JAVA_OPTS=-Xms1024m -Xmx1024m + - ES_TMPDIR=/tmp cap_add: - IPC_LOCK ulimits: @@ -173,11 +181,10 @@ services: # Glastopf service glastopf: container_name: glastopf - environment: - - PYTHON_EGG_CACHE=/tmp/glastopf tmpfs: - - /tmp/glastopf:exec + - /tmp/glastopf:uid=2000,gid=2000 restart: always + stop_signal: SIGINT networks: - glastopf_local ports: @@ -185,17 +192,20 @@ services: image: "dtagdevsec/glastopf:1804" read_only: true volumes: - - /data/glastopf/db:/opt/glastopf/db - - /data/glastopf/log:/opt/glastopf/log + - /data/glastopf/db:/tmp/glastopf/db + - /data/glastopf/log:/tmp/glastopf/log # Honeytrap service honeytrap: container_name: honeytrap restart: always + tmpfs: + - /tmp/honeytrap:uid=2000,gid=2000 network_mode: "host" cap_add: - NET_ADMIN image: "dtagdevsec/honeytrap:1804" + read_only: true volumes: - /data/honeytrap/attacks:/opt/honeytrap/var/attacks - /data/honeytrap/downloads:/opt/honeytrap/var/downloads @@ -205,11 +215,17 @@ services: mailoney: container_name: mailoney restart: always + environment: + - HPFEEDS_SERVER= + - HPFEEDS_IDENT=user + - HPFEEDS_SECRET=pass + - HPFEEDS_PORT=20000 + - HPFEEDS_CHANNELPREFIX=prefix stop_signal: SIGINT networks: - mailoney_local ports: - - "25:2525" + - "25:25" image: "dtagdevsec/mailoney:1804" read_only: true volumes: @@ -233,7 +249,7 @@ services: volumes: - /proc:/host/proc:ro - /sys:/host/sys:ro - - /var/run/docker.sock:/var/run/docker.sock + - /var/run/docker.sock:/var/run/docker.sock:ro # nginx service nginx: @@ -256,10 +272,32 @@ services: - /data/nginx/conf/nginxpasswd:/etc/nginx/nginxpasswd:ro - /data/nginx/log/:/var/log/nginx/ +# Portainer service + portainer: + container_name: portainer + command: -H unix:///var/run/docker.sock --no-auth + restart: always + networks: + - portainer_local + ports: + - "127.0.0.1:64299:9000" + image: "dtagdevsec/portainer:1804" + read_only: true + volumes: + - /var/run/docker.sock:/var/run/docker.sock + # Rdpy service rdpy: container_name: rdpy + extra_hosts: + - hpfeeds.example.com:127.0.0.1 restart: always + environment: + - HPFEEDS_SERVER=hpfeeds.example.com + - HPFEEDS_IDENT=user + - HPFEEDS_SECRET=pass + - HPFEEDS_PORT=65000 + - SERVERID=id networks: - rdpy_local ports: @@ -281,20 +319,6 @@ services: volumes: - /data/spiderfoot/spiderfoot.db:/home/spiderfoot/spiderfoot.db -# Ui-for-docker service - ui-for-docker: - container_name: ui-for-docker - command: -H unix:///var/run/docker.sock --no-auth - restart: always - networks: - - ui-for-docker_local - ports: - - "127.0.0.1:64299:9000" - image: "dtagdevsec/ui-for-docker:1804" - read_only: true - volumes: - - /var/run/docker.sock:/var/run/docker.sock - # Suricata service suricata: container_name: suricata @@ -343,5 +367,7 @@ services: network_mode: "host" env_file: - /opt/tpot/etc/compose/wetty_environment + tmpfs: + - /home/wetty/.ssh/:uid=2000,gid=2000 image: "dtagdevsec/wetty:1804" read_only: true