Greenbone GSM - Docker Compose

Revision 253122b1654531f6a6c511e2aaf27d3c9c1e3029

gistfile1.txt · 5.6 KiB · Text Raw

services: vulnerability-tests: image: greenbone/vulnerability-tests environment: STORAGE_PATH: /var/lib/openvas/22.04/vt-data/nasl volumes: - vt_data_vol:/mnt notus-data: image: greenbone/notus-data volumes: - notus_data_vol:/mnt scap-data: image: greenbone/scap-data volumes: - scap_data_vol:/mnt cert-bund-data: image: greenbone/cert-bund-data volumes: - cert_data_vol:/mnt dfn-cert-data: image: greenbone/dfn-cert-data volumes: - cert_data_vol:/mnt depends_on: - cert-bund-data data-objects: image: greenbone/data-objects volumes: - data_objects_vol:/mnt report-formats: image: greenbone/report-formats volumes: - data_objects_vol:/mnt depends_on: - data-objects gpg-data: image: greenbone/gpg-data volumes: - gpg_data_vol:/mnt redis-server: image: greenbone/redis-server restart: on-failure volumes: - redis_socket_vol:/run/redis/ pg-gvm: image: greenbone/pg-gvm:stable restart: on-failure volumes: - psql_data_vol:/var/lib/postgresql - psql_socket_vol:/var/run/postgresql gvmd: image: greenbone/gvmd:stable restart: on-failure volumes: - gvmd_data_vol:/var/lib/gvm - scap_data_vol:/var/lib/gvm/scap-data/ - cert_data_vol:/var/lib/gvm/cert-data - data_objects_vol:/var/lib/gvm/data-objects/gvmd - vt_data_vol:/var/lib/openvas/plugins - psql_data_vol:/var/lib/postgresql - gvmd_socket_vol:/run/gvmd - ospd_openvas_socket_vol:/run/ospd - psql_socket_vol:/var/run/postgresql depends_on: pg-gvm: condition: service_started scap-data: condition: service_completed_successfully cert-bund-data: condition: service_completed_successfully dfn-cert-data: condition: service_completed_successfully data-objects: condition: service_completed_successfully report-formats: condition: service_completed_successfully gsa: image: greenbone/gsa:stable restart: on-failure ports: - 9392:9392 volumes: - gvmd_socket_vol:/run/gvmd depends_on: - gvmd ospd-openvas: image: greenbone/ospd-openvas:stable restart: on-failure init: true hostname: ospd-openvas.local cap_add: - NET_ADMIN # for capturing packages in promiscuous mode - NET_RAW # for raw sockets e.g. used for the boreas alive detection security_opt: - seccomp=unconfined - apparmor=unconfined command: [ "ospd-openvas", "-f", "--config", "/etc/gvm/ospd-openvas.conf", "--mqtt-broker-address", "mqtt-broker", "--notus-feed-dir", "/var/lib/notus/advisories", "-m", "666" ] volumes: - gpg_data_vol:/etc/openvas/gnupg - vt_data_vol:/var/lib/openvas/plugins - notus_data_vol:/var/lib/notus - ospd_openvas_socket_vol:/run/ospd - redis_socket_vol:/run/redis/ depends_on: redis-server: condition: service_started gpg-data: condition: service_completed_successfully vulnerability-tests: condition: service_completed_successfully mqtt-broker: restart: on-failure image: greenbone/mqtt-broker # ports: # - 1883:1883 networks: default: aliases: - mqtt-broker - broker notus-scanner: restart: on-failure image: greenbone/notus-scanner:stable volumes: - notus_data_vol:/var/lib/notus - gpg_data_vol:/etc/openvas/gnupg environment: NOTUS_SCANNER_MQTT_BROKER_ADDRESS: mqtt-broker NOTUS_SCANNER_PRODUCTS_DIRECTORY: /var/lib/notus/products depends_on: - mqtt-broker - gpg-data - vulnerability-tests gvm-tools: image: greenbone/gvm-tools volumes: - gvmd_socket_vol:/run/gvmd - ospd_openvas_socket_vol:/run/ospd depends_on: - gvmd - ospd-openvas volumes: gpg_data_vol: driver: local driver_opts: type: 'none' o: 'bind' device: '/volume1/docker/gsm/gpg_data_vol' scap_data_vol: driver: local driver_opts: type: 'none' o: 'bind' device: '/volume1/docker/gsm/scap_data_vol' cert_data_vol: driver: local driver_opts: type: 'none' o: 'bind' device: '/volume1/docker/gsm/cert_data_vol' data_objects_vol: driver: local driver_opts: type: 'none' o: 'bind' device: '/volume1/docker/gsm/data_objects_vol' gvmd_data_vol: driver: local driver_opts: type: 'none' o: 'bind' device: '/volume1/docker/gsm/gvmd_data_vol' psql_data_vol: driver: local driver_opts: type: 'none' o: 'bind' device: '/volume1/docker/gsm/psql_data_vol' vt_data_vol: driver: local driver_opts: type: 'none' o: 'bind' device: '/volume1/docker/gsm/vt_data_vol' notus_data_vol: driver: local driver_opts: type: 'none' o: 'bind' device: '/volume1/docker/gsm/notus_data_vol' psql_socket_vol: driver: local driver_opts: type: 'none' o: 'bind' device: '/volume1/docker/gsm/psql_socket_vol' gvmd_socket_vol: driver: local driver_opts: type: 'none' o: 'bind' device: '/volume1/docker/gsm/gvmd_socket_vol' ospd_openvas_socket_vol: driver: local driver_opts: type: 'none' o: 'bind' device: '/volume1/docker/gsm/ospd_openvas_socket_vol' redis_socket_vol: driver: local driver_opts: type: 'none' o: 'bind' device: '/volume1/docker/gsm/redis_socket_vol'

1	services:
2	vulnerability-tests:
3	image: greenbone/vulnerability-tests
4	environment:
5	STORAGE_PATH: /var/lib/openvas/22.04/vt-data/nasl
6	volumes:
7	- vt_data_vol:/mnt
8
9	notus-data:
10	image: greenbone/notus-data
11	volumes:
12	- notus_data_vol:/mnt
13
14	scap-data:
15	image: greenbone/scap-data
16	volumes:
17	- scap_data_vol:/mnt
18
19	cert-bund-data:
20	image: greenbone/cert-bund-data
21	volumes:
22	- cert_data_vol:/mnt
23
24	dfn-cert-data:
25	image: greenbone/dfn-cert-data
26	volumes:
27	- cert_data_vol:/mnt
28	depends_on:
29	- cert-bund-data
30
31	data-objects:
32	image: greenbone/data-objects
33	volumes:
34	- data_objects_vol:/mnt
35
36	report-formats:
37	image: greenbone/report-formats
38	volumes:
39	- data_objects_vol:/mnt
40	depends_on:
41	- data-objects
42
43	gpg-data:
44	image: greenbone/gpg-data
45	volumes:
46	- gpg_data_vol:/mnt
47
48	redis-server:
49	image: greenbone/redis-server
50	restart: on-failure
51	volumes:
52	- redis_socket_vol:/run/redis/
53
54	pg-gvm:
55	image: greenbone/pg-gvm:stable
56	restart: on-failure
57	volumes:
58	- psql_data_vol:/var/lib/postgresql
59	- psql_socket_vol:/var/run/postgresql
60
61	gvmd:
62	image: greenbone/gvmd:stable
63	restart: on-failure
64	volumes:
65	- gvmd_data_vol:/var/lib/gvm
66	- scap_data_vol:/var/lib/gvm/scap-data/
67	- cert_data_vol:/var/lib/gvm/cert-data
68	- data_objects_vol:/var/lib/gvm/data-objects/gvmd
69	- vt_data_vol:/var/lib/openvas/plugins
70	- psql_data_vol:/var/lib/postgresql
71	- gvmd_socket_vol:/run/gvmd
72	- ospd_openvas_socket_vol:/run/ospd
73	- psql_socket_vol:/var/run/postgresql
74	depends_on:
75	pg-gvm:
76	condition: service_started
77	scap-data:
78	condition: service_completed_successfully
79	cert-bund-data:
80	condition: service_completed_successfully
81	dfn-cert-data:
82	condition: service_completed_successfully
83	data-objects:
84	condition: service_completed_successfully
85	report-formats:
86	condition: service_completed_successfully
87
88	gsa:
89	image: greenbone/gsa:stable
90	restart: on-failure
91	ports:
92	- 9392:9392
93	volumes:
94	- gvmd_socket_vol:/run/gvmd
95	depends_on:
96	- gvmd
97
98	ospd-openvas:
99	image: greenbone/ospd-openvas:stable
100	restart: on-failure
101	init: true
102	hostname: ospd-openvas.local
103	cap_add:
104	- NET_ADMIN # for capturing packages in promiscuous mode
105	- NET_RAW # for raw sockets e.g. used for the boreas alive detection
106	security_opt:
107	- seccomp=unconfined
108	- apparmor=unconfined
109	command:
110	[
111	"ospd-openvas",
112	"-f",
113	"--config",
114	"/etc/gvm/ospd-openvas.conf",
115	"--mqtt-broker-address",
116	"mqtt-broker",
117	"--notus-feed-dir",
118	"/var/lib/notus/advisories",
119	"-m",
120	"666"
121	]
122	volumes:
123	- gpg_data_vol:/etc/openvas/gnupg
124	- vt_data_vol:/var/lib/openvas/plugins
125	- notus_data_vol:/var/lib/notus
126	- ospd_openvas_socket_vol:/run/ospd
127	- redis_socket_vol:/run/redis/
128	depends_on:
129	redis-server:
130	condition: service_started
131	gpg-data:
132	condition: service_completed_successfully
133	vulnerability-tests:
134	condition: service_completed_successfully
135
136	mqtt-broker:
137	restart: on-failure
138	image: greenbone/mqtt-broker
139	# ports:
140	# - 1883:1883
141	networks:
142	default:
143	aliases:
144	- mqtt-broker
145	- broker
146
147	notus-scanner:
148	restart: on-failure
149	image: greenbone/notus-scanner:stable
150	volumes:
151	- notus_data_vol:/var/lib/notus
152	- gpg_data_vol:/etc/openvas/gnupg
153	environment:
154	NOTUS_SCANNER_MQTT_BROKER_ADDRESS: mqtt-broker
155	NOTUS_SCANNER_PRODUCTS_DIRECTORY: /var/lib/notus/products
156	depends_on:
157	- mqtt-broker
158	- gpg-data
159	- vulnerability-tests
160
161	gvm-tools:
162	image: greenbone/gvm-tools
163	volumes:
164	- gvmd_socket_vol:/run/gvmd
165	- ospd_openvas_socket_vol:/run/ospd
166	depends_on:
167	- gvmd
168	- ospd-openvas
169
170	volumes:
171	gpg_data_vol:
172	driver: local
173	driver_opts:
174	type: 'none'
175	o: 'bind'
176	device: '/volume1/docker/gsm/gpg_data_vol'
177	scap_data_vol:
178	driver: local
179	driver_opts:
180	type: 'none'
181	o: 'bind'
182	device: '/volume1/docker/gsm/scap_data_vol'
183	cert_data_vol:
184	driver: local
185	driver_opts:
186	type: 'none'
187	o: 'bind'
188	device: '/volume1/docker/gsm/cert_data_vol'
189	data_objects_vol:
190	driver: local
191	driver_opts:
192	type: 'none'
193	o: 'bind'
194	device: '/volume1/docker/gsm/data_objects_vol'
195	gvmd_data_vol:
196	driver: local
197	driver_opts:
198	type: 'none'
199	o: 'bind'
200	device: '/volume1/docker/gsm/gvmd_data_vol'
201	psql_data_vol:
202	driver: local
203	driver_opts:
204	type: 'none'
205	o: 'bind'
206	device: '/volume1/docker/gsm/psql_data_vol'
207	vt_data_vol:
208	driver: local
209	driver_opts:
210	type: 'none'
211	o: 'bind'
212	device: '/volume1/docker/gsm/vt_data_vol'
213	notus_data_vol:
214	driver: local
215	driver_opts:
216	type: 'none'
217	o: 'bind'
218	device: '/volume1/docker/gsm/notus_data_vol'
219	psql_socket_vol:
220	driver: local
221	driver_opts:
222	type: 'none'
223	o: 'bind'
224	device: '/volume1/docker/gsm/psql_socket_vol'
225	gvmd_socket_vol:
226	driver: local
227	driver_opts:
228	type: 'none'
229	o: 'bind'
230	device: '/volume1/docker/gsm/gvmd_socket_vol'
231	ospd_openvas_socket_vol:
232	driver: local
233	driver_opts:
234	type: 'none'
235	o: 'bind'
236	device: '/volume1/docker/gsm/ospd_openvas_socket_vol'
237	redis_socket_vol:
238	driver: local
239	driver_opts:
240	type: 'none'
241	o: 'bind'
242	device: '/volume1/docker/gsm/redis_socket_vol'
243