-
Notifications
You must be signed in to change notification settings - Fork 464
Docker Environment Setup
# Install pre-reqs
sudo apt install git maven docker docker-compose openjdk-8-jdk
# Clone the github repository
git clone https://github.com/OWASP/SecurityShepherd.git
# Change directory into the local copy of the repository
cd SecurityShepherd
# Add current user to the docker group (don't have to run docker with sudo)
sudo gpasswd -a $USER docker
# Run maven to generate the WAR and HTTPS Cert.
mvn -Pdocker clean install -DskipTests
# Build the docker images, docker network and bring up the environment
docker-compose up
# When you have code changes you can view them by updating the web app
mvn -Pdocker clean install -DskipTests
docker rm -f secshep_tomcat
docker-compose build web
docker-compose up -d
Open up an Internet Browser & type in the address bar;
To login use the following credentials (you will be asked to update after login);
- username:
admin
- password:
password
The project contains a .env
file. This file contains environment variables that you can set for the docker-compose set up.
docker-compose
creates
- x3 images
- owasp/security-shepherd_mariadb (database)
- owasp/security-shepherd (application)
- owasp/security-shepherd_mongo (for the NoSQL levels)
- x3 containers
- secshep_mariadb (database)
- secshep_tomcat (application)
- secshep_mongo (for the NoSQL levels)
- x4 volumes
- securityshepherd_conf (application configuration for tomcat)
- securityshepherd_data (the database data i.e. user progress etc.)
- securityshepherd_mongoconfig (created by base image - not used)
- securityshepherd_mongodata (created by base image -not used)
Change the value DB_PORT
in the .env
file to whatever you want e.g. DB_PORT=3312
Once you issue docker-compose up
it'll expose the database on port 3312.
Example when running docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ebc53c7fc3b0 owasp/security-shepherd_mariadb "docker-entrypoint.s…" 6 seconds ago Up 5 seconds 127.0.0.1:3312->3306/tcp secshep_mariadb
Test login with mysql client
mysql -u root -pCowSaysMoo -P 3312
For developers on Windows or Mac they'll need to run docker on a VM. In this case you may want to expose the database when developing to your local environment.
You should change the values DB_SERVER_IP
and DB_BIND_ADDRESS
to 0.0.0.0
e.g.
DB_SERVER_IP=0.0.0.0
DB_BIND_ADDRESS=0.0.0.0
Then issue docker-compose up
- To get your terminal back when running docker-compose (don't tail the logs) issue a -d
docker-compose up -d
# The web app
docker-compose stop web
# The db
docker-compose stop db
# Everything
docker-compose stop
# The web app
docker-compose start web
# The db
docker-compose start db
# Everything
docker-compose start
# When you have code changes you can view them by updating the web app
mvn -Pdocker clean install -DskipTests
docker rm -f secshep_tomcat
docker-compose build web
docker-compose up -d
# Build the WAR & generate the TLS cert
mvn -Pdocker clean install -DskipTests
# WARNING - All data will be lost from the database
# remove all docker containers
docker-compose down
# build the environment
docker-compose build
# bring the environment up
docker-compose up
docker volume ls
# Remove the web container
docker rm -f secshep_tomcat
# WARNING - All data will be lost from the database
# Remove the database container
docker rm -f secshep_mysql
# Remove all containers
docker-compose down
# WARNING - All data will be lost from database
# All Security Shepherd images will be wiped
docker-compose down --rmi all