version: '3'
services:
#CEPTD
suricata:
build:
context: ./CEPTD/docker/suricata
image: datalabauth/kea-curex_suricata:v1.0.0
container_name: curex-suricata
restart: always
network_mode: "host"
cap_add:
- NET_ADMIN
- SYS_NICE
- NET_RAW
command: ONLINE
volumes:
- ./data/suricata/log:/var/log/suricata
- ./data/pcap:/var/pcap
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.6.2
container_name: curex-elasticsearch
restart: always
environment:
- cluster.name=keacluster
- node.name=keacluster-node-01
- discovery.type=single-node
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms1024m -Xmx1024m"
- xpack.ml.enabled=false
- xpack.security.enabled=false
- xpack.ilm.enabled=false
- path.logs=/data/elk/log
- path.data=/data/elk/data
- http.host=0.0.0.0
- http.cors.enabled=true
- http.cors.allow-origin="*"
- indices.query.bool.max_clause_count=2000
ulimits:
memlock:
soft: -1
hard: -1
ports:
- "9200:9200"
volumes:
- ./data:/data #/usr/share/elasticsearch/data
logstash:
build:
context: ./CEPTD/docker/logstash
image: datalabauth/kea-curex_logstash:v1.0.0
container_name: curex-logstash
restart: always
volumes:
- ./data:/data
kibana:
image: "docker.elastic.co/kibana/kibana:7.6.2"
container_name: curex-kibana
restart: always
ports:
- "5611:5601"
#Controller
webserver:
build:
context: ./webserver
container_name: curex-webserver
restart: unless-stopped
tty: true
ports:
- "88:80"
- "443:443"
volumes:
- ./api:/var/www
composer:
restart: 'no'
image: composer:2.0.7
command: install
volumes:
- ./api:/app
api:
build:
context: ./api
image: curex-api
container_name: curex-api
restart: unless-stopped
tty: true
working_dir: /var/www
volumes:
- ./api:/var/www
#OD
od:
build:
context: ./OD
image: datalabauth/kea-curex_od:v1.0.0
container_name: curex-od
depends_on:
- timescaledb
restart: always
ports:
- "9091:9091"
#MLTD
mltd:
build:
context: ./MLTD
image: datalabauth/kea-curex_mltd:v1.0.0
container_name: curex-mltd
environment:
- REMOTESYSLOG=192.168.50.32
depends_on:
- timescaledb
- mosquitto
restart: always
ports:
- "5000:5000"
#MQTT
mosquitto:
image: eclipse-mosquitto:1.6.9
container_name: curex-mqtt
ports:
- "1883:1883"
- "9001:9001"
volumes:
- ./data/mosquitto/data:/mosquitto/data
- ./data/mosquitto/log:/mosquitto/log
#Persistence
timescaledb:
image: timescale/timescaledb:2.1.0-pg11-oss
container_name: curex-timescaledb
volumes:
- ./data/timescaledb:/var/lib/postgresql/data
environment:
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=postgres
- POSTGRES_DB=kea
ports:
- "5432:5432"
#Visualization
grafana:
build:
context: ./grafana
image: kea_grafana:1.0.0
container_name: curex-grafana
ports:
- "3001:3000"
environment:
- GF_SECURITY_ALLOW_EMBEDDING=true
- GF_SECURITY_COOKIE_SAMESITE=none
- GF_AUTH_ANONYMOUS_ENABLED=true
- GF_AUTH_ANONYMOUS_ORG_ROLE=Admin
volumes:
- ./data/grafana-storage:/var/lib/grafana