Dockerized self-initializing parsedmarc docker stack for lazy people

Find a file

Patrik Kernstock 3d5860388a Disable kibana telemetry, disable nginx server_tokens		2020-08-09 00:10:42 +01:00
.github/workflows	Update	2020-08-08 23:28:40 +01:00
data	Disable kibana telemetry, disable nginx server_tokens	2020-08-09 00:10:42 +01:00
.gitignore	Improved setup and README	2020-08-08 23:02:00 +01:00
docker-compose.yml	Disable kibana telemetry, disable nginx server_tokens	2020-08-09 00:10:42 +01:00
LICENSE	Update	2020-08-08 23:28:40 +01:00
README.md	Fixed geoipupdate environment handling	2020-08-08 23:28:57 +01:00

README.md

parsedmarc-dockerized

Note: The standalone parsedmarc docker image on DockerHub @ patschi/parsedmarc can also be used, if interested.

Setup:

Get basics together:

git clone https://github.com/patschi/parsedmarc-dockerized.git /opt/parsedmarc-dockerized/
cd /opt/parsedmarc-dockerized/ && cp data/conf/parsedmarc/config.sample.ini data/conf/parsedmarc/config.ini

Now we create an environment file for your geoipupdate settings from your MaxMind account. For update cycles see here. (Fill in your data!)

cat > geoipupdate.env <<EOF
GEOIPUPDATE_ACCOUNT_ID=HERE_GOES_YOUR_ACCOUNT_ID
GEOIPUPDATE_LICENSE_KEY=HERE_GOES_YOUR_LICENSE_KEY
GEOIPUPDATE_FREQUENCY=24
EOF

Next we change the parsedmarc config (see docs, and change Test to False when proper testing done)

nano data/conf/parsedmarc/config.ini

Finally, we start up the stack:

docker-compose up -d

What's happening then?

First, the whole stack is being created and started.
During the startup of the "init" container, all required steps are being taken care of - like generating a self-signed certificate for the webserver.
Once kibana container is started up, the corresponding parsedmarc dashboard is automatically imported into Kibana.
After a while you can access the Kibana dashboard under the shipped reverse proxy with at https://HOST_IP:9999.

Credits

Built on top of the awesome parsedmarc, Elasticsearch and Kibana, nginx, Docker and using MaxMind GeoIP.