docker-compose.yml 3.5 KB
   1
   2
   3
   4
   5
   6
   7
   8
   9
  10
  11
  12
  13
  14
  15
  16
  17
  18
  19
  20
  21
  22
  23
  24
  25
  26
  27
  28
  29
  30
  31
  32
  33
  34
  35
  36
  37
  38
  39
  40
  41
  42
  43
  44
  45
  46
  47
  48
  49
  50
  51
  52
  53
  54
  55
  56
  57
  58
  59
  60
  61
  62
  63
  64
  65
  66
  67
  68
  69
  70
  71
  72
  73
  74
  75
  76
  77
  78
  79
  80
  81
  82
  83
  84
  85
  86
  87
  88
  89
  90
  91
  92
  93
  94
  95
  96
  97
  98
  99
 100
 101
 102
 103
 104
 105
 106
 107
 108
 109
 110
 111
 112
 113
 114
 115
 116
 117
 118
 119
 120
 121
 122
 123
 124
 125
 126
 127
 128
 129
 130
 131
 132
 133
 134
 135
 136
 137
 138
 139
 140
 141
 142
 143
 144
 145
 146
 147
 148
 149
 150
 151
 152
 153
 154
 155
 156
 157
 158
 159
 160
 161
 162
version: '3'

services:
#CEPTD
suricata:
build:
context: ./CEPTD/docker/suricata
image: datalabauth/kea-curex_suricata:v1.0.0
container_name: curex-suricata
restart: always
network_mode: "host"
cap_add:
- NET_ADMIN
- SYS_NICE
- NET_RAW
command: ONLINE
volumes:
- ./data/suricata/log:/var/log/suricata
- ./data/pcap:/var/pcap
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.6.2
container_name: curex-elasticsearch
restart: always
environment:
- cluster.name=keacluster
- node.name=keacluster-node-01
- discovery.type=single-node
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms1024m -Xmx1024m"
- xpack.ml.enabled=false
- xpack.security.enabled=false
- xpack.ilm.enabled=false
- path.logs=/data/elk/log
- path.data=/data/elk/data
- http.host=0.0.0.0
- http.cors.enabled=true
- http.cors.allow-origin="*"
- indices.query.bool.max_clause_count=2000
ulimits:
memlock:
soft: -1
hard: -1
ports:
- "9200:9200"
volumes:
- ./data:/data #/usr/share/elasticsearch/data
logstash:
build:
context: ./CEPTD/docker/logstash
image: datalabauth/kea-curex_logstash:v1.0.0
container_name: curex-logstash
restart: always
volumes:
- ./data:/data
kibana:
image: "docker.elastic.co/kibana/kibana:7.6.2"
container_name: curex-kibana
restart: always
ports:
- "5611:5601"
#Controller
webserver:
build:
context: ./webserver
container_name: curex-webserver
restart: unless-stopped
tty: true
ports:
- "88:80"
- "443:443"
volumes:
- ./api:/var/www
composer:
restart: 'no'
image: composer:2.0.7
command: install
volumes:
- ./api:/app
api:
build:
context: ./api
image: curex-api
container_name: curex-api
restart: unless-stopped
tty: true
working_dir: /var/www
volumes:
- ./api:/var/www

#OD
od:
build:
context: ./OD
image: datalabauth/kea-curex_od:v1.0.0
container_name: curex-od
depends_on:
- timescaledb
restart: always
ports:
- "9091:9091"
#MLTD
mltd:
build:
context: ./MLTD
image: datalabauth/kea-curex_mltd:v1.0.0
container_name: curex-mltd
environment:
- REMOTESYSLOG=192.168.50.32
depends_on:
- timescaledb
- mosquitto
restart: always
ports:
- "5000:5000"
#MQTT
mosquitto:
image: eclipse-mosquitto:1.6.9
container_name: curex-mqtt
ports:
- "1883:1883"
- "9001:9001"
volumes:
- ./data/mosquitto/data:/mosquitto/data
- ./data/mosquitto/log:/mosquitto/log
#Persistence
timescaledb:
image: timescale/timescaledb:2.1.0-pg11-oss
container_name: curex-timescaledb
volumes:
- ./data/timescaledb:/var/lib/postgresql/data
environment:
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=postgres
- POSTGRES_DB=kea
ports:
- "5432:5432"
#Visualization
grafana:
build:
context: ./grafana
image: kea_grafana:1.0.0
container_name: curex-grafana
ports:
- "3001:3000"
environment:
- GF_SECURITY_ALLOW_EMBEDDING=true
- GF_SECURITY_COOKIE_SAMESITE=none
- GF_AUTH_ANONYMOUS_ENABLED=true
- GF_AUTH_ANONYMOUS_ORG_ROLE=Admin
volumes:
- ./data/grafana-storage:/var/lib/grafana