blob: f814e687f1e0aea56e12e39f8df98ce230bacd1b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
|
# circus-compose
docker-compose that can be used to start a circus (note: a digital one...)
## Setup
You can setup the whole stack manually or using the `setup.sh` file
semi-automatic. If you want to setup the circus automatically, simply execute
the `setup.sh`, but if you want to do it by hand, read on...
The complete setup process should take no longer than 5 minutes.
### Docker networking
Create some docker networks:
```
$ docker network create circus
$ docker network create circus_db
```
These will contain the various services and make sure some services can and some
services can't communiate with each other.
### Gerneral configuration
First of all, you should define where the CTF should run and what it should be
called. To do so, fill the `.env` file with the corresponding information:
```
HOSTNAME=docker.localhost
CTFNAME=MyCTF
```
### Service configuration
#### Traefik
Traefik requires the credentials as a `user:pass` combination, the password is
hashed.
To create a traefik basicauth user, execute `$ htpasswd -nb user password` with
your username and password and append the result to the `traefik_users` file.
#### Grafana
Define the grafana location in the `grafana.env` file.
```
GF_SERVER_ROOT_URL=http://grafana.docker.localhost:3000
GF_SECURITY_ADMIN_PASSWORD=secret
```
- When starting grafana, you can login as `admin:secret`
- You can create a prometheus datasource using the URL `http://prometheus:9090`
### Pull images
Pull the companion and the vpn container:
```
$ docker login registry.darknebu.la
$ docker pull registry.darknebu.la/circus/companion:latest
$ docker pull registry.darknebu.la/circus/vpn:latest
```
This has to be done, else the registration container will want to create and run a
companion image, but there won't be one there locally.
### Opening the circus
Finally, start the stack:
```
$ docker-compose up -d
```
Services:
- [http://traefik.docker.localhost](http://traefik.docker.localhost)
- [http://register.docker.localhost](http://register.docker.localhost)
- [http://manager.docker.localhost](http://manager.docker.localhost)
- [http://scoreboard.docker.localhost](http://scoreboard.docker.localhost)
- [http://prometheus.docker.localhost](http://prometheus.docker.localhost)
- [http://grafana.docker.localhost](http://grafana.docker.localhost)
|
