Dockerized self-initializing parsedmarc docker stack for lazy people
Find a file
2020-08-08 23:28:57 +01:00
.github/workflows Update 2020-08-08 23:28:40 +01:00
data Update 2020-08-08 23:28:40 +01:00
.gitignore Improved setup and README 2020-08-08 23:02:00 +01:00
docker-compose.yml Fixed geoipupdate environment handling 2020-08-08 23:28:57 +01:00
LICENSE Update 2020-08-08 23:28:40 +01:00
README.md Fixed geoipupdate environment handling 2020-08-08 23:28:57 +01:00

parsedmarc-dockerized

Note: The standalone parsedmarc docker image on DockerHub @ patschi/parsedmarc can also be used, if interested.

Setup:

  1. Get basics together:
git clone https://github.com/patschi/parsedmarc-dockerized.git /opt/parsedmarc-dockerized/
cd /opt/parsedmarc-dockerized/ && cp data/conf/parsedmarc/config.sample.ini data/conf/parsedmarc/config.ini
  1. Now we create an environment file for your geoipupdate settings from your MaxMind account. For update cycles see here. (Fill in your data!)
cat > geoipupdate.env <<EOF
GEOIPUPDATE_ACCOUNT_ID=HERE_GOES_YOUR_ACCOUNT_ID
GEOIPUPDATE_LICENSE_KEY=HERE_GOES_YOUR_LICENSE_KEY
GEOIPUPDATE_FREQUENCY=24
EOF
  1. Next we change the parsedmarc config (see docs, and change Test to False when proper testing done)
nano data/conf/parsedmarc/config.ini
  1. Finally, we start up the stack:
docker-compose up -d

What's happening then?

  1. First, the whole stack is being created and started.
  2. During the startup of the "init" container, all required steps are being taken care of - like generating a self-signed certificate for the webserver.
  3. Once kibana container is started up, the corresponding parsedmarc dashboard is automatically imported into Kibana.
  4. After a while you can access the Kibana dashboard under the shipped reverse proxy with at https://HOST_IP:9999.

Credits

Built on top of the awesome parsedmarc, Elasticsearch and Kibana, nginx, Docker and using MaxMind GeoIP.