GVM Docker: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(Der Seiteninhalt wurde durch einen anderen Text ersetzt: „*https://greenbone.github.io/docs/latest/22.4/container/index.html“) Markierung: Ersetzt |
|||
| Zeile 1: | Zeile 1: | ||
| + | =Verzeichnis erstellen= | ||
| + | mkdir ~/gvm | ||
| + | cd ~./gvm | ||
| + | vi docker-compose | ||
| + | |||
| + | <pre> | ||
| + | name: greenbone-community-edition | ||
| + | |||
| + | services: | ||
| + | vulnerability-tests: | ||
| + | image: registry.community.greenbone.net/community/vulnerability-tests | ||
| + | environment: | ||
| + | FEED_RELEASE: "24.10" | ||
| + | volumes: | ||
| + | - ./data/vt_data_vol:/mnt | ||
| + | |||
| + | notus-data: | ||
| + | image: registry.community.greenbone.net/community/notus-data | ||
| + | volumes: | ||
| + | - ./data/notus_data_vol:/mnt | ||
| + | |||
| + | scap-data: | ||
| + | image: registry.community.greenbone.net/community/scap-data | ||
| + | volumes: | ||
| + | - ./data/scap_data_vol:/mnt | ||
| + | |||
| + | cert-bund-data: | ||
| + | image: registry.community.greenbone.net/community/cert-bund-data | ||
| + | volumes: | ||
| + | - ./data/cert_data_vol:/mnt | ||
| + | |||
| + | dfn-cert-data: | ||
| + | image: registry.community.greenbone.net/community/dfn-cert-data | ||
| + | volumes: | ||
| + | - ./data/cert_data_vol:/mnt | ||
| + | depends_on: | ||
| + | - cert-bund-data | ||
| + | |||
| + | data-objects: | ||
| + | image: registry.community.greenbone.net/community/data-objects | ||
| + | environment: | ||
| + | FEED_RELEASE: "24.10" | ||
| + | volumes: | ||
| + | - ./data/data_objects_vol:/mnt | ||
| + | |||
| + | report-formats: | ||
| + | image: registry.community.greenbone.net/community/report-formats | ||
| + | environment: | ||
| + | FEED_RELEASE: "24.10" | ||
| + | volumes: | ||
| + | - ./data/data_objects_vol:/mnt | ||
| + | depends_on: | ||
| + | - data-objects | ||
| + | |||
| + | gpg-data: | ||
| + | image: registry.community.greenbone.net/community/gpg-data | ||
| + | volumes: | ||
| + | - ./data/gpg_data_vol:/mnt | ||
| + | |||
| + | redis-server: | ||
| + | image: registry.community.greenbone.net/community/redis-server | ||
| + | restart: on-failure | ||
| + | volumes: | ||
| + | - ./data/redis_socket_vol:/run/redis/ | ||
| + | |||
| + | pg-gvm: | ||
| + | image: registry.community.greenbone.net/community/pg-gvm:stable | ||
| + | restart: on-failure | ||
| + | volumes: | ||
| + | - ./data/psql_data_vol:/var/lib/postgresql | ||
| + | - ./data/psql_socket_vol:/var/run/postgresql | ||
| + | |||
| + | gvmd: | ||
| + | image: registry.community.greenbone.net/community/gvmd:stable | ||
| + | restart: on-failure | ||
| + | volumes: | ||
| + | - ./data/gvmd_data_vol:/var/lib/gvm | ||
| + | - ./data/scap_data_vol:/var/lib/gvm/scap-data/ | ||
| + | - ./data/cert_data_vol:/var/lib/gvm/cert-data | ||
| + | - ./data/data_objects_vol:/var/lib/gvm/data-objects/gvmd | ||
| + | - ./data/vt_data_vol:/var/lib/openvas/plugins | ||
| + | - ./data/psql_data_vol:/var/lib/postgresql | ||
| + | - ./data/gvmd_socket_vol:/run/gvmd | ||
| + | - ./data/ospd_openvas_socket_vol:/run/ospd | ||
| + | - ./data/psql_socket_vol:/var/run/postgresql | ||
| + | depends_on: | ||
| + | pg-gvm: | ||
| + | condition: service_started | ||
| + | scap-data: | ||
| + | condition: service_completed_successfully | ||
| + | cert-bund-data: | ||
| + | condition: service_completed_successfully | ||
| + | dfn-cert-data: | ||
| + | condition: service_completed_successfully | ||
| + | data-objects: | ||
| + | condition: service_completed_successfully | ||
| + | report-formats: | ||
| + | condition: service_completed_successfully | ||
| + | |||
| + | gsa: | ||
| + | image: registry.community.greenbone.net/community/gsa:stable | ||
| + | restart: on-failure | ||
| + | ports: | ||
| + | - 127.0.0.1:9392:80 | ||
| + | volumes: | ||
| + | - ./data/gvmd_socket_vol:/run/gvmd | ||
| + | depends_on: | ||
| + | - gvmd | ||
| + | |||
| + | configure-openvas: | ||
| + | image: registry.community.greenbone.net/community/openvas-scanner:stable | ||
| + | volumes: | ||
| + | - ./data/openvas_data_vol:/mnt | ||
| + | - ./data/openvas_log_data_vol:/var/log/openvas | ||
| + | command: | ||
| + | - /bin/sh | ||
| + | - -c | ||
| + | - | | ||
| + | printf "table_driven_lsc = yes\nopenvasd_server = http://openvasd:80\n" > /mnt/openvas.conf | ||
| + | sed "s/127/128/" /etc/openvas/openvas_log.conf | sed 's/gvm/openvas/' > /mnt/openvas_log.conf | ||
| + | chmod 644 /mnt/openvas.conf | ||
| + | chmod 644 /mnt/openvas_log.conf | ||
| + | touch /var/log/openvas/openvas.log | ||
| + | chmod 666 /var/log/openvas/openvas.log | ||
| + | |||
| + | openvas: | ||
| + | image: registry.community.greenbone.net/community/openvas-scanner:stable | ||
| + | restart: on-failure | ||
| + | volumes: | ||
| + | - ./data/openvas_data_vol:/etc/openvas | ||
| + | - ./data/openvas_log_data_vol:/var/log/openvas | ||
| + | command: | ||
| + | - /bin/sh | ||
| + | - -c | ||
| + | - | | ||
| + | cat /etc/openvas/openvas.conf | ||
| + | tail -f /var/log/openvas/openvas.log | ||
| + | depends_on: | ||
| + | configure-openvas: | ||
| + | condition: service_completed_successfully | ||
| + | |||
| + | openvasd: | ||
| + | image: registry.community.greenbone.net/community/openvas-scanner:stable | ||
| + | restart: on-failure | ||
| + | environment: | ||
| + | OPENVASD_MODE: service_notus | ||
| + | GNUPGHOME: /etc/openvas/gnupg | ||
| + | LISTENING: 0.0.0.0:80 | ||
| + | volumes: | ||
| + | - ./data/openvas_data_vol:/etc/openvas | ||
| + | - ./data/openvas_log_data_vol:/var/log/openvas | ||
| + | - ./data/gpg_data_vol:/etc/openvas/gnupg | ||
| + | - ./data/notus_data_vol:/var/lib/notus | ||
| + | depends_on: | ||
| + | vulnerability-tests: | ||
| + | condition: service_completed_successfully | ||
| + | configure-openvas: | ||
| + | condition: service_completed_successfully | ||
| + | gpg-data: | ||
| + | condition: service_completed_successfully | ||
| + | networks: | ||
| + | default: | ||
| + | aliases: | ||
| + | - openvasd | ||
| + | |||
| + | ospd-openvas: | ||
| + | image: registry.community.greenbone.net/community/ospd-openvas:stable | ||
| + | restart: on-failure | ||
| + | hostname: ospd-openvas.local | ||
| + | cap_add: | ||
| + | - NET_ADMIN | ||
| + | - NET_RAW | ||
| + | security_opt: | ||
| + | - seccomp=unconfined | ||
| + | - apparmor=unconfined | ||
| + | command: | ||
| + | [ | ||
| + | "ospd-openvas", | ||
| + | "-f", | ||
| + | "--config", | ||
| + | "/etc/gvm/ospd-openvas.conf", | ||
| + | "--notus-feed-dir", | ||
| + | "/var/lib/notus/advisories", | ||
| + | "-m", | ||
| + | "666", | ||
| + | ] | ||
| + | volumes: | ||
| + | - ./data/gpg_data_vol:/etc/openvas/gnupg | ||
| + | - ./data/vt_data_vol:/var/lib/openvas/plugins | ||
| + | - ./data/notus_data_vol:/var/lib/notus | ||
| + | - ./data/ospd_openvas_socket_vol:/run/ospd | ||
| + | - ./data/redis_socket_vol:/run/redis/ | ||
| + | - ./data/openvas_data_vol:/etc/openvas/ | ||
| + | - ./data/openvas_log_data_vol:/var/log/openvas | ||
| + | depends_on: | ||
| + | redis-server: | ||
| + | condition: service_started | ||
| + | gpg-data: | ||
| + | condition: service_completed_successfully | ||
| + | vulnerability-tests: | ||
| + | condition: service_completed_successfully | ||
| + | configure-openvas: | ||
| + | condition: service_completed_successfully | ||
| + | |||
| + | gvm-tools: | ||
| + | image: registry.community.greenbone.net/community/gvm-tools | ||
| + | volumes: | ||
| + | - ./data/gvmd_socket_vol:/run/gvmd | ||
| + | - ./data/ospd_openvas_socket_vol:/run/ospd | ||
| + | depends_on: | ||
| + | - gvmd | ||
| + | - ospd-openvas | ||
| + | </pre> | ||
| + | |||
| + | |||
| + | |||
| + | |||
| + | |||
| + | |||
*https://greenbone.github.io/docs/latest/22.4/container/index.html | *https://greenbone.github.io/docs/latest/22.4/container/index.html | ||
Version vom 18. Mai 2025, 09:48 Uhr
Verzeichnis erstellen
mkdir ~/gvm cd ~./gvm vi docker-compose
name: greenbone-community-edition
services:
vulnerability-tests:
image: registry.community.greenbone.net/community/vulnerability-tests
environment:
FEED_RELEASE: "24.10"
volumes:
- ./data/vt_data_vol:/mnt
notus-data:
image: registry.community.greenbone.net/community/notus-data
volumes:
- ./data/notus_data_vol:/mnt
scap-data:
image: registry.community.greenbone.net/community/scap-data
volumes:
- ./data/scap_data_vol:/mnt
cert-bund-data:
image: registry.community.greenbone.net/community/cert-bund-data
volumes:
- ./data/cert_data_vol:/mnt
dfn-cert-data:
image: registry.community.greenbone.net/community/dfn-cert-data
volumes:
- ./data/cert_data_vol:/mnt
depends_on:
- cert-bund-data
data-objects:
image: registry.community.greenbone.net/community/data-objects
environment:
FEED_RELEASE: "24.10"
volumes:
- ./data/data_objects_vol:/mnt
report-formats:
image: registry.community.greenbone.net/community/report-formats
environment:
FEED_RELEASE: "24.10"
volumes:
- ./data/data_objects_vol:/mnt
depends_on:
- data-objects
gpg-data:
image: registry.community.greenbone.net/community/gpg-data
volumes:
- ./data/gpg_data_vol:/mnt
redis-server:
image: registry.community.greenbone.net/community/redis-server
restart: on-failure
volumes:
- ./data/redis_socket_vol:/run/redis/
pg-gvm:
image: registry.community.greenbone.net/community/pg-gvm:stable
restart: on-failure
volumes:
- ./data/psql_data_vol:/var/lib/postgresql
- ./data/psql_socket_vol:/var/run/postgresql
gvmd:
image: registry.community.greenbone.net/community/gvmd:stable
restart: on-failure
volumes:
- ./data/gvmd_data_vol:/var/lib/gvm
- ./data/scap_data_vol:/var/lib/gvm/scap-data/
- ./data/cert_data_vol:/var/lib/gvm/cert-data
- ./data/data_objects_vol:/var/lib/gvm/data-objects/gvmd
- ./data/vt_data_vol:/var/lib/openvas/plugins
- ./data/psql_data_vol:/var/lib/postgresql
- ./data/gvmd_socket_vol:/run/gvmd
- ./data/ospd_openvas_socket_vol:/run/ospd
- ./data/psql_socket_vol:/var/run/postgresql
depends_on:
pg-gvm:
condition: service_started
scap-data:
condition: service_completed_successfully
cert-bund-data:
condition: service_completed_successfully
dfn-cert-data:
condition: service_completed_successfully
data-objects:
condition: service_completed_successfully
report-formats:
condition: service_completed_successfully
gsa:
image: registry.community.greenbone.net/community/gsa:stable
restart: on-failure
ports:
- 127.0.0.1:9392:80
volumes:
- ./data/gvmd_socket_vol:/run/gvmd
depends_on:
- gvmd
configure-openvas:
image: registry.community.greenbone.net/community/openvas-scanner:stable
volumes:
- ./data/openvas_data_vol:/mnt
- ./data/openvas_log_data_vol:/var/log/openvas
command:
- /bin/sh
- -c
- |
printf "table_driven_lsc = yes\nopenvasd_server = http://openvasd:80\n" > /mnt/openvas.conf
sed "s/127/128/" /etc/openvas/openvas_log.conf | sed 's/gvm/openvas/' > /mnt/openvas_log.conf
chmod 644 /mnt/openvas.conf
chmod 644 /mnt/openvas_log.conf
touch /var/log/openvas/openvas.log
chmod 666 /var/log/openvas/openvas.log
openvas:
image: registry.community.greenbone.net/community/openvas-scanner:stable
restart: on-failure
volumes:
- ./data/openvas_data_vol:/etc/openvas
- ./data/openvas_log_data_vol:/var/log/openvas
command:
- /bin/sh
- -c
- |
cat /etc/openvas/openvas.conf
tail -f /var/log/openvas/openvas.log
depends_on:
configure-openvas:
condition: service_completed_successfully
openvasd:
image: registry.community.greenbone.net/community/openvas-scanner:stable
restart: on-failure
environment:
OPENVASD_MODE: service_notus
GNUPGHOME: /etc/openvas/gnupg
LISTENING: 0.0.0.0:80
volumes:
- ./data/openvas_data_vol:/etc/openvas
- ./data/openvas_log_data_vol:/var/log/openvas
- ./data/gpg_data_vol:/etc/openvas/gnupg
- ./data/notus_data_vol:/var/lib/notus
depends_on:
vulnerability-tests:
condition: service_completed_successfully
configure-openvas:
condition: service_completed_successfully
gpg-data:
condition: service_completed_successfully
networks:
default:
aliases:
- openvasd
ospd-openvas:
image: registry.community.greenbone.net/community/ospd-openvas:stable
restart: on-failure
hostname: ospd-openvas.local
cap_add:
- NET_ADMIN
- NET_RAW
security_opt:
- seccomp=unconfined
- apparmor=unconfined
command:
[
"ospd-openvas",
"-f",
"--config",
"/etc/gvm/ospd-openvas.conf",
"--notus-feed-dir",
"/var/lib/notus/advisories",
"-m",
"666",
]
volumes:
- ./data/gpg_data_vol:/etc/openvas/gnupg
- ./data/vt_data_vol:/var/lib/openvas/plugins
- ./data/notus_data_vol:/var/lib/notus
- ./data/ospd_openvas_socket_vol:/run/ospd
- ./data/redis_socket_vol:/run/redis/
- ./data/openvas_data_vol:/etc/openvas/
- ./data/openvas_log_data_vol:/var/log/openvas
depends_on:
redis-server:
condition: service_started
gpg-data:
condition: service_completed_successfully
vulnerability-tests:
condition: service_completed_successfully
configure-openvas:
condition: service_completed_successfully
gvm-tools:
image: registry.community.greenbone.net/community/gvm-tools
volumes:
- ./data/gvmd_socket_vol:/run/gvmd
- ./data/ospd_openvas_socket_vol:/run/ospd
depends_on:
- gvmd
- ospd-openvas