SunRed/parsedmarc-dockerized
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Several changes and updated formatting

Browse source 
* Update ElasticSearch and Kibana version
* Remove nginx config and cert generation for use of
  reverse proxy on host
* Replace geoip updater with crazymax image
* Update formatting to have unix line endings
* Rename docker-compose.yml to compose.yml
* Add explicit network to compose.yml for use with ipv6 (optional)
This commit is contained in:
Manuel 2021-10-17 20:33:59 +02:00
parent af71a46479
commit dd4bbc4b22
Signed by: Manuel
GPG key ID: 4085037435E1F07A
6 changed files with 126 additions and 168 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

84
docker-compose.yml → compose.yml
View file

@ -1,50 +1,56 @@
version: '2.4'
services: services:
parsedmarc-init: parsedmarc-init:
image: patschi/parsedmarc:init image: patschi/parsedmarc:init
restart: always container_name: parsedmarc-init
build:
context: ./data/Dockerfiles/parsedmarc-init
dockerfile: Dockerfile
restart: unless-stopped
volumes: volumes:
- ./data/conf/parsedmarc/:/etc/parsedmarc/:rw - ./data/conf/parsedmarc/:/etc/parsedmarc/:rw
- ./data/conf/nginx/ssl/:/etc/nginx/ssl/:rw
- ./data/data/elasticsearch:/usr/share/elasticsearch/data/:rw - ./data/data/elasticsearch:/usr/share/elasticsearch/data/:rw
networks: networks:
- parsedmarc-network - parsedmarc
healthcheck: healthcheck:
test: [ "CMD", "test", "-f", "/ready" ] test: [ "CMD", "test", "-f", "/ready" ]
interval: 10s interval: 10s
timeout: 5s timeout: 5s
retries: 9999 retries: 9999
start_period: 10s start_period: 10s
parsedmarc: parsedmarc:
image: patschi/parsedmarc:latest image: patschi/parsedmarc:latest
container_name: parsedmarc
build:
context: ./data/Dockerfiles/parsedmarc
dockerfile: Dockerfile
volumes: volumes:
- ./data/conf/parsedmarc/:/etc/parsedmarc/ - ./data/conf/parsedmarc/:/etc/parsedmarc/
- ./data/data/geoipupdate/:/usr/share/GeoIP:z,ro - ./data/data/geoipupdate:/usr/share/GeoIP:z,ro
restart: always restart: unless-stopped
networks: networks:
- parsedmarc-network - parsedmarc
depends_on: depends_on:
elasticsearch: elasticsearch:
condition: service_healthy condition: service_healthy
elasticsearch: elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.8.1 image: docker.elastic.co/elasticsearch/elasticsearch:7.15.0
container_name: parsedmarc-elasticsearch
environment: environment:
- xpack.security.enabled=false
- cluster.name=parsedmarc - cluster.name=parsedmarc
- discovery.type=single-node - discovery.type=single-node
- bootstrap.memory_lock=true - bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms512m -Xmx512m" - "ES_JAVA_OPTS=-Xms256m -Xmx256m"
ulimits: ulimits:
memlock: memlock:
soft: -1 soft: -1
hard: -1 hard: -1
volumes: volumes:
- ./data/data/elasticsearch:/usr/share/elasticsearch/data/ - ./data/data/elasticsearch:/usr/share/elasticsearch/data/
restart: always restart: unless-stopped
networks: networks:
- parsedmarc-network - parsedmarc
expose: # only expose docker-internally expose: # only expose docker-internally
- 9200 - 9200
healthcheck: healthcheck:
@ -56,18 +62,21 @@ services:
depends_on: depends_on:
parsedmarc-init: parsedmarc-init:
condition: service_started condition: service_started
kibana: kibana:
image: docker.elastic.co/kibana/kibana-oss:7.8.1 image: docker.elastic.co/kibana/kibana:7.15.0
container_name: parsedmarc-kibana
environment: environment:
- elasticsearch.hosts=http://elasticsearch:9200 - elasticsearch.hosts=http://elasticsearch:9200
- telemetry.enabled=false - telemetry.enabled=false
- telemetry.optIn=false - telemetry.optIn=false
expose: # only expose docker-internally expose: # only expose docker-internally
- 5601 - 5601
restart: always ports:
- "127.0.0.1:5601:5601"
- "[::1]:5601:5601"
restart: unless-stopped
networks: networks:
- parsedmarc-network - parsedmarc
depends_on: depends_on:
elasticsearch: elasticsearch:
condition: service_healthy condition: service_healthy
@ -77,34 +86,25 @@ services:
timeout: 10s timeout: 10s
retries: 3 retries: 3
start_period: 30s start_period: 30s
geoipupdate: geoipupdate:
image: maxmindinc/geoipupdate image: crazymax/geoip-updater:latest
container_name: parsedmarc-geoipupdate
volumes:
- ./data/data/geoipupdate:/data:z,rw
env_file: env_file:
- geoipupdate.env - ./data/conf/geoipupdate.env
environment:
- "GEOIPUPDATE_EDITION_IDS=GeoLite2-ASN GeoLite2-City GeoLite2-Country"
- GEOIPUPDATE_PRESERVE_FILE_TIMES=1
restart: always
volumes:
- ./data/data/geoipupdate/:/usr/share/GeoIP:z,rw
nginx:
image: nginx:alpine
restart: always
ports:
- "9999:443"
volumes:
- ./data/conf/nginx/site.conf:/etc/nginx/conf.d/default.conf:ro
- ./data/conf/nginx/ssl/:/etc/nginx/ssl/:ro
networks: networks:
- parsedmarc-network - parsedmarc
depends_on: restart: unless-stopped
kibana:
condition: service_healthy
parsedmarc-init:
condition: service_healthy
networks: networks:
parsedmarc-network: parsedmarc:
name: "parsedmarc"
driver: bridge driver: bridge
driver_opts:
com.docker.network.bridge.name: br-parsedmarc
enable_ipv6: true
ipam:
config:
- subnet: 172.18.0.0/29
- subnet: fd00:1720:180::/64

2
data/Dockerfiles/parsedmarc-init/Dockerfile
View file

@ -2,7 +2,7 @@ FROM alpine:latest
ADD start.sh /start.sh ADD start.sh /start.sh
RUN apk add --no-cache curl openssl jq bash \ RUN apk add --no-cache curl jq bash \
&& chmod +x /start.sh && chmod +x /start.sh
ENTRYPOINT [ "/start.sh" ] ENTRYPOINT [ "/start.sh" ]

10
data/Dockerfiles/parsedmarc-init/start.sh
View file

@ -8,16 +8,6 @@ echo "Setting permissions..."
chmod g+rwx -R /usr/share/elasticsearch/data/ chmod g+rwx -R /usr/share/elasticsearch/data/
chgrp 0 -R /usr/share/elasticsearch/data/ chgrp 0 -R /usr/share/elasticsearch/data/
echo "## NGINX"
echo "Checking nginx certs..."
cd /etc/nginx/ssl/
if [ ! -f "/etc/nginx/ssl/kibana.crt" ] || [ ! -f "/etc/nginx/ssl/kibana.key" ]; then
echo "No certs found. Generating..."
openssl req -x509 -nodes -days 365 -newkey rsa:3072 -keyout kibana.key -out kibana.crt \
-subj "/CN=parsedmarc" -addext "subjectAltName=DNS:parsedmarc"
echo "Certs generated."
fi
echo "## KIBANA" echo "## KIBANA"
exportFile="/etc/parsedmarc/kibana_export.ndjson" exportFile="/etc/parsedmarc/kibana_export.ndjson"
if [ ! -f "${exportFile}" ]; then if [ ! -f "${exportFile}" ]; then

7
data/conf/geoipupdate.env Normal file
View file

@ -0,0 +1,7 @@
TZ=Europe/Berlin
EDITION_IDS="GeoLite2-ASN,GeoLite2-City,GeoLite2-Country"
LICENSE_KEY=abc1234
DOWNLOAD_PATH="/data"
SCHEDULE="0 0 * * 0"
LOG_LEVEL=warn
LOG_JSON=false

39
data/conf/nginx/site.conf
View file

@ -1,39 +0,0 @@
server {
listen 443 ssl http2;
server_name _ default_server;
ssl_certificate /etc/nginx/ssl/kibana.crt;
ssl_certificate_key /etc/nginx/ssl/kibana.key;
server_tokens off;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:15m;
ssl_session_tickets off;
# modern configuration. tweak to your needs.
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
# Uncomment this next line if you are using a signed, trusted cert
#add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
#auth_basic "Login required";
#auth_basic_user_file /etc/nginx/htpasswd;
location / {
proxy_pass http://kibana:5601;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen 80;
return 301 https://$host$request_uri;
}

2
data/conf/parsedmarc/config.sample.ini
View file

@ -15,7 +15,7 @@ ssl = True
# advanced # advanced
watch = True watch = True
archive_folder = Processed #archive_folder = Processed
delete = False delete = False
# advanced advanced # advanced advanced