Última actividad 1685980621

Automated Vulnerability Scanner and Management

tracerrx revisó este gist 1685980621. Ir a la revisión

1 file changed, 242 insertions

gistfile1.txt(archivo creado)

@@ -0,0 +1,242 @@
1 + services:
2 + vulnerability-tests:
3 + image: greenbone/vulnerability-tests
4 + environment:
5 + STORAGE_PATH: /var/lib/openvas/22.04/vt-data/nasl
6 + volumes:
7 + - vt_data_vol:/mnt
8 +
9 + notus-data:
10 + image: greenbone/notus-data
11 + volumes:
12 + - notus_data_vol:/mnt
13 +
14 + scap-data:
15 + image: greenbone/scap-data
16 + volumes:
17 + - scap_data_vol:/mnt
18 +
19 + cert-bund-data:
20 + image: greenbone/cert-bund-data
21 + volumes:
22 + - cert_data_vol:/mnt
23 +
24 + dfn-cert-data:
25 + image: greenbone/dfn-cert-data
26 + volumes:
27 + - cert_data_vol:/mnt
28 + depends_on:
29 + - cert-bund-data
30 +
31 + data-objects:
32 + image: greenbone/data-objects
33 + volumes:
34 + - data_objects_vol:/mnt
35 +
36 + report-formats:
37 + image: greenbone/report-formats
38 + volumes:
39 + - data_objects_vol:/mnt
40 + depends_on:
41 + - data-objects
42 +
43 + gpg-data:
44 + image: greenbone/gpg-data
45 + volumes:
46 + - gpg_data_vol:/mnt
47 +
48 + redis-server:
49 + image: greenbone/redis-server
50 + restart: on-failure
51 + volumes:
52 + - redis_socket_vol:/run/redis/
53 +
54 + pg-gvm:
55 + image: greenbone/pg-gvm:stable
56 + restart: on-failure
57 + volumes:
58 + - psql_data_vol:/var/lib/postgresql
59 + - psql_socket_vol:/var/run/postgresql
60 +
61 + gvmd:
62 + image: greenbone/gvmd:stable
63 + restart: on-failure
64 + volumes:
65 + - gvmd_data_vol:/var/lib/gvm
66 + - scap_data_vol:/var/lib/gvm/scap-data/
67 + - cert_data_vol:/var/lib/gvm/cert-data
68 + - data_objects_vol:/var/lib/gvm/data-objects/gvmd
69 + - vt_data_vol:/var/lib/openvas/plugins
70 + - psql_data_vol:/var/lib/postgresql
71 + - gvmd_socket_vol:/run/gvmd
72 + - ospd_openvas_socket_vol:/run/ospd
73 + - psql_socket_vol:/var/run/postgresql
74 + depends_on:
75 + pg-gvm:
76 + condition: service_started
77 + scap-data:
78 + condition: service_completed_successfully
79 + cert-bund-data:
80 + condition: service_completed_successfully
81 + dfn-cert-data:
82 + condition: service_completed_successfully
83 + data-objects:
84 + condition: service_completed_successfully
85 + report-formats:
86 + condition: service_completed_successfully
87 +
88 + gsa:
89 + image: greenbone/gsa:stable
90 + restart: on-failure
91 + ports:
92 + - 9392:9392
93 + volumes:
94 + - gvmd_socket_vol:/run/gvmd
95 + depends_on:
96 + - gvmd
97 +
98 + ospd-openvas:
99 + image: greenbone/ospd-openvas:stable
100 + restart: on-failure
101 + init: true
102 + hostname: ospd-openvas.local
103 + cap_add:
104 + - NET_ADMIN # for capturing packages in promiscuous mode
105 + - NET_RAW # for raw sockets e.g. used for the boreas alive detection
106 + security_opt:
107 + - seccomp=unconfined
108 + - apparmor=unconfined
109 + command:
110 + [
111 + "ospd-openvas",
112 + "-f",
113 + "--config",
114 + "/etc/gvm/ospd-openvas.conf",
115 + "--mqtt-broker-address",
116 + "mqtt-broker",
117 + "--notus-feed-dir",
118 + "/var/lib/notus/advisories",
119 + "-m",
120 + "666"
121 + ]
122 + volumes:
123 + - gpg_data_vol:/etc/openvas/gnupg
124 + - vt_data_vol:/var/lib/openvas/plugins
125 + - notus_data_vol:/var/lib/notus
126 + - ospd_openvas_socket_vol:/run/ospd
127 + - redis_socket_vol:/run/redis/
128 + depends_on:
129 + redis-server:
130 + condition: service_started
131 + gpg-data:
132 + condition: service_completed_successfully
133 + vulnerability-tests:
134 + condition: service_completed_successfully
135 +
136 + mqtt-broker:
137 + restart: on-failure
138 + image: greenbone/mqtt-broker
139 + # ports:
140 + # - 1883:1883
141 + networks:
142 + default:
143 + aliases:
144 + - mqtt-broker
145 + - broker
146 +
147 + notus-scanner:
148 + restart: on-failure
149 + image: greenbone/notus-scanner:stable
150 + volumes:
151 + - notus_data_vol:/var/lib/notus
152 + - gpg_data_vol:/etc/openvas/gnupg
153 + environment:
154 + NOTUS_SCANNER_MQTT_BROKER_ADDRESS: mqtt-broker
155 + NOTUS_SCANNER_PRODUCTS_DIRECTORY: /var/lib/notus/products
156 + depends_on:
157 + - mqtt-broker
158 + - gpg-data
159 + - vulnerability-tests
160 +
161 + gvm-tools:
162 + image: greenbone/gvm-tools
163 + volumes:
164 + - gvmd_socket_vol:/run/gvmd
165 + - ospd_openvas_socket_vol:/run/ospd
166 + depends_on:
167 + - gvmd
168 + - ospd-openvas
169 +
170 + volumes:
171 + gpg_data_vol:
172 + driver: local
173 + driver_opts:
174 + type: 'none'
175 + o: 'bind'
176 + device: '/volume1/docker/gsm/gpg_data_vol'
177 + scap_data_vol:
178 + driver: local
179 + driver_opts:
180 + type: 'none'
181 + o: 'bind'
182 + device: '/volume1/docker/gsm/scap_data_vol'
183 + cert_data_vol:
184 + driver: local
185 + driver_opts:
186 + type: 'none'
187 + o: 'bind'
188 + device: '/volume1/docker/gsm/cert_data_vol'
189 + data_objects_vol:
190 + driver: local
191 + driver_opts:
192 + type: 'none'
193 + o: 'bind'
194 + device: '/volume1/docker/gsm/data_objects_vol'
195 + gvmd_data_vol:
196 + driver: local
197 + driver_opts:
198 + type: 'none'
199 + o: 'bind'
200 + device: '/volume1/docker/gsm/gvmd_data_vol'
201 + psql_data_vol:
202 + driver: local
203 + driver_opts:
204 + type: 'none'
205 + o: 'bind'
206 + device: '/volume1/docker/gsm/psql_data_vol'
207 + vt_data_vol:
208 + driver: local
209 + driver_opts:
210 + type: 'none'
211 + o: 'bind'
212 + device: '/volume1/docker/gsm/vt_data_vol'
213 + notus_data_vol:
214 + driver: local
215 + driver_opts:
216 + type: 'none'
217 + o: 'bind'
218 + device: '/volume1/docker/gsm/notus_data_vol'
219 + psql_socket_vol:
220 + driver: local
221 + driver_opts:
222 + type: 'none'
223 + o: 'bind'
224 + device: '/volume1/docker/gsm/psql_socket_vol'
225 + gvmd_socket_vol:
226 + driver: local
227 + driver_opts:
228 + type: 'none'
229 + o: 'bind'
230 + device: '/volume1/docker/gsm/gvmd_socket_vol'
231 + ospd_openvas_socket_vol:
232 + driver: local
233 + driver_opts:
234 + type: 'none'
235 + o: 'bind'
236 + device: '/volume1/docker/gsm/ospd_openvas_socket_vol'
237 + redis_socket_vol:
238 + driver: local
239 + driver_opts:
240 + type: 'none'
241 + o: 'bind'
242 + device: '/volume1/docker/gsm/redis_socket_vol'
Siguiente Anterior