-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose.yml
140 lines (139 loc) · 3.89 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
version: '3.8'
services:
wireshark:
build:
context: .
dockerfile: ./Dockerfile.tools
image: ghcr.io/patsec/wind-turbine/tools:main
init: true
privileged: true # required for capturing traffic on host interfaces
network_mode: host
volumes:
- ./configs/docker/tigervnc-wireshark.conf:/etc/supervisor/conf.d/tigervnc-wireshark.conf
- ./configs/docker/wireshark.conf:/etc/supervisor/conf.d/wireshark.conf
adversary:
build:
context: .
dockerfile: ./Dockerfile.tools
image: ghcr.io/patsec/wind-turbine/tools:main
init: true
privileged: true # required for iptables to work
# sysctls: # uncomment this section if Docker host doesn't already have IP forwarding enabled
# - net.ipv4.ip_forward=1
# - net.ipv6.conf.all.forwarding=1
# - net.ipv4.conf.all.send_redirects=0
volumes:
- ./configs/docker/tigervnc-adversary.conf:/etc/supervisor/conf.d/tigervnc-adversary.conf
- ./scripts/aitm.py:/root/aitm.py
- ./scripts/attack.sh:/root/attack.sh
ports:
- 8090:8080
networks:
vpc:
ipv4_address: 10.11.12.200
main-ctlr:
image: ghcr.io/patsec/ot-sim/ot-sim:main
init: true
cap_add:
- NET_ADMIN # for Tailscale
depends_on:
- yaw-ctlr
- anemometer
- blade-1
- blade-2
- blade-3
volumes:
- /lib/modules:/lib/modules:ro # for Tailscale
- /dev/net/tun:/dev/net/tun # for Tailscale
- ./configs/ot-sim/main-controller.xml:/etc/ot-sim/config.xml
- ./configs/ot-sim/node-red.json:/etc/node-red.json
ports:
- 1880:1880
environment:
- OTSIM_TAILSCALE_AUTHKEY=${OTSIM_TAILSCALE_AUTHKEY} # for Tailscale
hostname: ${HOSTNAME} # for Tailscale
networks:
vpc:
ipv4_address: 10.11.12.100
yaw-ctlr:
image: ghcr.io/patsec/ot-sim/ot-sim:main
init: true
depends_on:
- opensearch
volumes:
- ./configs/ot-sim/yaw-controller.xml:/etc/ot-sim/config.xml
networks:
vpc:
ipv4_address: 10.11.12.101
anemometer:
image: ghcr.io/patsec/ot-sim/ot-sim:main
init: true
depends_on:
- opensearch
volumes:
- ./configs/ot-sim/anemometer.xml:/etc/ot-sim/config.xml
- ./configs/ot-sim/weather.csv:/etc/ot-sim/data/weather.csv
networks:
vpc:
ipv4_address: 10.11.12.102
blade-1:
image: ghcr.io/patsec/ot-sim/ot-sim:main
init: true
depends_on:
- opensearch
volumes:
- ./configs/ot-sim/blade-1.xml:/etc/ot-sim/config.xml
networks:
vpc:
ipv4_address: 10.11.12.103
blade-2:
image: ghcr.io/patsec/ot-sim/ot-sim:main
init: true
depends_on:
- opensearch
volumes:
- ./configs/ot-sim/blade-2.xml:/etc/ot-sim/config.xml
networks:
vpc:
ipv4_address: 10.11.12.104
blade-3:
image: ghcr.io/patsec/ot-sim/ot-sim:main
init: true
depends_on:
- opensearch
volumes:
- ./configs/ot-sim/blade-3.xml:/etc/ot-sim/config.xml
networks:
vpc:
ipv4_address: 10.11.12.105
opensearch:
image: opensearchproject/opensearch
init: true
volumes:
- ./configs/opensearch/opensearch.yml:/usr/share/opensearch/config/opensearch.yml
networks:
vpc:
ipv4_address: 10.11.12.150
grafana:
image: grafana/grafana-oss
init: true
depends_on:
- opensearch
ports:
- 3000:3000
volumes:
- ./configs/grafana/plugins:/var/lib/grafana/plugins
- ./configs/grafana/grafana.ini:/etc/grafana/grafana.ini
- ./configs/grafana/opensearch-data-source.yml:/etc/grafana/provisioning/datasources/opensearch.yml
- ./configs/grafana/dashboards.yml:/etc/grafana/provisioning/dashboards/dashboards.yml
- ./configs/grafana/turbine-dashboard.json:/var/lib/grafana/dashboards/turbine-dashboard.json
networks:
vpc:
ipv4_address: 10.11.12.151
networks:
vpc:
driver: bridge
ipam:
config:
- subnet: 10.11.12.0/24
gateway: 10.11.12.1