Révisions pour Greenbone GSM

1

+

services:

2

+

vulnerability-tests:

3

+

image: greenbone/vulnerability-tests

4

+

environment:

5

+

STORAGE_PATH: /var/lib/openvas/22.04/vt-data/nasl

6

+

volumes:

7

+

- vt_data_vol:/mnt

8

+

9

+

notus-data:

10

+

image: greenbone/notus-data

11

+

volumes:

12

+

- notus_data_vol:/mnt

13

+

14

+

scap-data:

15

+

image: greenbone/scap-data

16

+

volumes:

17

+

- scap_data_vol:/mnt

18

+

19

+

cert-bund-data:

20

+

image: greenbone/cert-bund-data

21

+

volumes:

22

+

- cert_data_vol:/mnt

23

+

24

+

dfn-cert-data:

25

+

image: greenbone/dfn-cert-data

26

+

volumes:

27

+

- cert_data_vol:/mnt

28

+

depends_on:

29

+

- cert-bund-data

30

+

31

+

data-objects:

32

+

image: greenbone/data-objects

33

+

volumes:

34

+

- data_objects_vol:/mnt

35

+

36

+

report-formats:

37

+

image: greenbone/report-formats

38

+

volumes:

39

+

- data_objects_vol:/mnt

40

+

depends_on:

41

+

- data-objects

42

+

43

+

gpg-data:

44

+

image: greenbone/gpg-data

45

+

volumes:

46

+

- gpg_data_vol:/mnt

47

+

48

+

redis-server:

49

+

image: greenbone/redis-server

50

+

restart: on-failure

51

+

volumes:

52

+

- redis_socket_vol:/run/redis/

53

+

54

+

pg-gvm:

55

+

image: greenbone/pg-gvm:stable

56

+

restart: on-failure

57

+

volumes:

58

+

- psql_data_vol:/var/lib/postgresql

59

+

- psql_socket_vol:/var/run/postgresql

60

+

61

+

gvmd:

62

+

image: greenbone/gvmd:stable

63

+

restart: on-failure

64

+

volumes:

65

+

- gvmd_data_vol:/var/lib/gvm

66

+

- scap_data_vol:/var/lib/gvm/scap-data/

67

+

- cert_data_vol:/var/lib/gvm/cert-data

68

+

- data_objects_vol:/var/lib/gvm/data-objects/gvmd

69

+

- vt_data_vol:/var/lib/openvas/plugins

70

+

- psql_data_vol:/var/lib/postgresql

71

+

- gvmd_socket_vol:/run/gvmd

72

+

- ospd_openvas_socket_vol:/run/ospd

73

+

- psql_socket_vol:/var/run/postgresql

74

+

depends_on:

75

+

pg-gvm:

76

+

condition: service_started

77

+

scap-data:

78

+

condition: service_completed_successfully

79

+

cert-bund-data:

80

+

condition: service_completed_successfully

81

+

dfn-cert-data:

82

+

condition: service_completed_successfully

83

+

data-objects:

84

+

condition: service_completed_successfully

85

+

report-formats:

86

+

condition: service_completed_successfully

87

+

88

+

gsa:

89

+

image: greenbone/gsa:stable

90

+

restart: on-failure

91

+

ports:

92

+

- 9392:9392

93

+

volumes:

94

+

- gvmd_socket_vol:/run/gvmd

95

+

depends_on:

96

+

- gvmd

97

+

98

+

ospd-openvas:

99

+

image: greenbone/ospd-openvas:stable

100

+

restart: on-failure

101

+

init: true

102

+

hostname: ospd-openvas.local

103

+

cap_add:

104

+

- NET_ADMIN # for capturing packages in promiscuous mode

105

+

- NET_RAW # for raw sockets e.g. used for the boreas alive detection

106

+

security_opt:

107

+

- seccomp=unconfined

108

+

- apparmor=unconfined

109

+

command:

110

+

[

111

+

"ospd-openvas",

112

+

"-f",

113

+

"--config",

114

+

"/etc/gvm/ospd-openvas.conf",

115

+

"--mqtt-broker-address",

116

+

"mqtt-broker",

117

+

"--notus-feed-dir",

118

+

"/var/lib/notus/advisories",

119

+

"-m",

120

+

"666"

121

+

]

122

+

volumes:

123

+

- gpg_data_vol:/etc/openvas/gnupg

124

+

- vt_data_vol:/var/lib/openvas/plugins

125

+

- notus_data_vol:/var/lib/notus

126

+

- ospd_openvas_socket_vol:/run/ospd

127

+

- redis_socket_vol:/run/redis/

128

+

depends_on:

129

+

redis-server:

130

+

condition: service_started

131

+

gpg-data:

132

+

condition: service_completed_successfully

133

+

vulnerability-tests:

134

+

condition: service_completed_successfully

135

+

136

+

mqtt-broker:

137

+

restart: on-failure

138

+

image: greenbone/mqtt-broker

139

+

# ports:

140

+

# - 1883:1883

141

+

networks:

142

+

default:

143

+

aliases:

144

+

- mqtt-broker

145

+

- broker

146

+

147

+

notus-scanner:

148

+

restart: on-failure

149

+

image: greenbone/notus-scanner:stable

150

+

volumes:

151

+

- notus_data_vol:/var/lib/notus

152

+

- gpg_data_vol:/etc/openvas/gnupg

153

+

environment:

154

+

NOTUS_SCANNER_MQTT_BROKER_ADDRESS: mqtt-broker

155

+

NOTUS_SCANNER_PRODUCTS_DIRECTORY: /var/lib/notus/products

156

+

depends_on:

157

+

- mqtt-broker

158

+

- gpg-data

159

+

- vulnerability-tests

160

+

161

+

gvm-tools:

162

+

image: greenbone/gvm-tools

163

+

volumes:

164

+

- gvmd_socket_vol:/run/gvmd

165

+

- ospd_openvas_socket_vol:/run/ospd

166

+

depends_on:

167

+

- gvmd

168

+

- ospd-openvas

169

+

170

+

volumes:

171

+

gpg_data_vol:

172

+

driver: local

173

+

driver_opts:

174

+

type: 'none'

175

+

o: 'bind'

176

+

device: '/volume1/docker/gsm/gpg_data_vol'

177

+

scap_data_vol:

178

+

driver: local

179

+

driver_opts:

180

+

type: 'none'

181

+

o: 'bind'

182

+

device: '/volume1/docker/gsm/scap_data_vol'

183

+

cert_data_vol:

184

+

driver: local

185

+

driver_opts:

186

+

type: 'none'

187

+

o: 'bind'

188

+

device: '/volume1/docker/gsm/cert_data_vol'

189

+

data_objects_vol:

190

+

driver: local

191

+

driver_opts:

192

+

type: 'none'

193

+

o: 'bind'

194

+

device: '/volume1/docker/gsm/data_objects_vol'

195

+

gvmd_data_vol:

196

+

driver: local

197

+

driver_opts:

198

+

type: 'none'

199

+

o: 'bind'

200

+

device: '/volume1/docker/gsm/gvmd_data_vol'

201

+

psql_data_vol:

202

+

driver: local

203

+

driver_opts:

204

+

type: 'none'

205

+

o: 'bind'

206

+

device: '/volume1/docker/gsm/psql_data_vol'

207

+

vt_data_vol:

208

+

driver: local

209

+

driver_opts:

210

+

type: 'none'

211

+

o: 'bind'

212

+

device: '/volume1/docker/gsm/vt_data_vol'

213

+

notus_data_vol:

214

+

driver: local

215

+

driver_opts:

216

+

type: 'none'

217

+

o: 'bind'

218

+

device: '/volume1/docker/gsm/notus_data_vol'

219

+

psql_socket_vol:

220

+

driver: local

221

+

driver_opts:

222

+

type: 'none'

223

+

o: 'bind'

224

+

device: '/volume1/docker/gsm/psql_socket_vol'

225

+

gvmd_socket_vol:

226

+

driver: local

227

+

driver_opts:

228

+

type: 'none'

229

+

o: 'bind'

230

+

device: '/volume1/docker/gsm/gvmd_socket_vol'

231

+

ospd_openvas_socket_vol:

232

+

driver: local

233

+

driver_opts:

234

+

type: 'none'

235

+

o: 'bind'

236

+

device: '/volume1/docker/gsm/ospd_openvas_socket_vol'

237

+

redis_socket_vol:

238

+

driver: local

239

+

driver_opts:

240

+

type: 'none'

241

+

o: 'bind'

242

+

device: '/volume1/docker/gsm/redis_socket_vol'

tracerrx / Greenbone GSM

tracerrx a révisé ce gist 1685980621. Aller à la révision

		@@ -0,0 +1,242 @@
1	+	services:
2	+	vulnerability-tests:
3	+	image: greenbone/vulnerability-tests
4	+	environment:
5	+	STORAGE_PATH: /var/lib/openvas/22.04/vt-data/nasl
6	+	volumes:
7	+	- vt_data_vol:/mnt
8	+
9	+	notus-data:
10	+	image: greenbone/notus-data
11	+	volumes:
12	+	- notus_data_vol:/mnt
13	+
14	+	scap-data:
15	+	image: greenbone/scap-data
16	+	volumes:
17	+	- scap_data_vol:/mnt
18	+
19	+	cert-bund-data:
20	+	image: greenbone/cert-bund-data
21	+	volumes:
22	+	- cert_data_vol:/mnt
23	+
24	+	dfn-cert-data:
25	+	image: greenbone/dfn-cert-data
26	+	volumes:
27	+	- cert_data_vol:/mnt
28	+	depends_on:
29	+	- cert-bund-data
30	+
31	+	data-objects:
32	+	image: greenbone/data-objects
33	+	volumes:
34	+	- data_objects_vol:/mnt
35	+
36	+	report-formats:
37	+	image: greenbone/report-formats
38	+	volumes:
39	+	- data_objects_vol:/mnt
40	+	depends_on:
41	+	- data-objects
42	+
43	+	gpg-data:
44	+	image: greenbone/gpg-data
45	+	volumes:
46	+	- gpg_data_vol:/mnt
47	+
48	+	redis-server:
49	+	image: greenbone/redis-server
50	+	restart: on-failure
51	+	volumes:
52	+	- redis_socket_vol:/run/redis/
53	+
54	+	pg-gvm:
55	+	image: greenbone/pg-gvm:stable
56	+	restart: on-failure
57	+	volumes:
58	+	- psql_data_vol:/var/lib/postgresql
59	+	- psql_socket_vol:/var/run/postgresql
60	+
61	+	gvmd:
62	+	image: greenbone/gvmd:stable
63	+	restart: on-failure
64	+	volumes:
65	+	- gvmd_data_vol:/var/lib/gvm
66	+	- scap_data_vol:/var/lib/gvm/scap-data/
67	+	- cert_data_vol:/var/lib/gvm/cert-data
68	+	- data_objects_vol:/var/lib/gvm/data-objects/gvmd
69	+	- vt_data_vol:/var/lib/openvas/plugins
70	+	- psql_data_vol:/var/lib/postgresql
71	+	- gvmd_socket_vol:/run/gvmd
72	+	- ospd_openvas_socket_vol:/run/ospd
73	+	- psql_socket_vol:/var/run/postgresql
74	+	depends_on:
75	+	pg-gvm:
76	+	condition: service_started
77	+	scap-data:
78	+	condition: service_completed_successfully
79	+	cert-bund-data:
80	+	condition: service_completed_successfully
81	+	dfn-cert-data:
82	+	condition: service_completed_successfully
83	+	data-objects:
84	+	condition: service_completed_successfully
85	+	report-formats:
86	+	condition: service_completed_successfully
87	+
88	+	gsa:
89	+	image: greenbone/gsa:stable
90	+	restart: on-failure
91	+	ports:
92	+	- 9392:9392
93	+	volumes:
94	+	- gvmd_socket_vol:/run/gvmd
95	+	depends_on:
96	+	- gvmd
97	+
98	+	ospd-openvas:
99	+	image: greenbone/ospd-openvas:stable
100	+	restart: on-failure
101	+	init: true
102	+	hostname: ospd-openvas.local
103	+	cap_add:
104	+	- NET_ADMIN # for capturing packages in promiscuous mode
105	+	- NET_RAW # for raw sockets e.g. used for the boreas alive detection
106	+	security_opt:
107	+	- seccomp=unconfined
108	+	- apparmor=unconfined
109	+	command:
110	+	[
111	+	"ospd-openvas",
112	+	"-f",
113	+	"--config",
114	+	"/etc/gvm/ospd-openvas.conf",
115	+	"--mqtt-broker-address",
116	+	"mqtt-broker",
117	+	"--notus-feed-dir",
118	+	"/var/lib/notus/advisories",
119	+	"-m",
120	+	"666"
121	+	]
122	+	volumes:
123	+	- gpg_data_vol:/etc/openvas/gnupg
124	+	- vt_data_vol:/var/lib/openvas/plugins
125	+	- notus_data_vol:/var/lib/notus
126	+	- ospd_openvas_socket_vol:/run/ospd
127	+	- redis_socket_vol:/run/redis/
128	+	depends_on:
129	+	redis-server:
130	+	condition: service_started
131	+	gpg-data:
132	+	condition: service_completed_successfully
133	+	vulnerability-tests:
134	+	condition: service_completed_successfully
135	+
136	+	mqtt-broker:
137	+	restart: on-failure
138	+	image: greenbone/mqtt-broker
139	+	# ports:
140	+	# - 1883:1883
141	+	networks:
142	+	default:
143	+	aliases:
144	+	- mqtt-broker
145	+	- broker
146	+
147	+	notus-scanner:
148	+	restart: on-failure
149	+	image: greenbone/notus-scanner:stable
150	+	volumes:
151	+	- notus_data_vol:/var/lib/notus
152	+	- gpg_data_vol:/etc/openvas/gnupg
153	+	environment:
154	+	NOTUS_SCANNER_MQTT_BROKER_ADDRESS: mqtt-broker
155	+	NOTUS_SCANNER_PRODUCTS_DIRECTORY: /var/lib/notus/products
156	+	depends_on:
157	+	- mqtt-broker
158	+	- gpg-data
159	+	- vulnerability-tests
160	+
161	+	gvm-tools:
162	+	image: greenbone/gvm-tools
163	+	volumes:
164	+	- gvmd_socket_vol:/run/gvmd
165	+	- ospd_openvas_socket_vol:/run/ospd
166	+	depends_on:
167	+	- gvmd
168	+	- ospd-openvas
169	+
170	+	volumes:
171	+	gpg_data_vol:
172	+	driver: local
173	+	driver_opts:
174	+	type: 'none'
175	+	o: 'bind'
176	+	device: '/volume1/docker/gsm/gpg_data_vol'
177	+	scap_data_vol:
178	+	driver: local
179	+	driver_opts:
180	+	type: 'none'
181	+	o: 'bind'
182	+	device: '/volume1/docker/gsm/scap_data_vol'
183	+	cert_data_vol:
184	+	driver: local
185	+	driver_opts:
186	+	type: 'none'
187	+	o: 'bind'
188	+	device: '/volume1/docker/gsm/cert_data_vol'
189	+	data_objects_vol:
190	+	driver: local
191	+	driver_opts:
192	+	type: 'none'
193	+	o: 'bind'
194	+	device: '/volume1/docker/gsm/data_objects_vol'
195	+	gvmd_data_vol:
196	+	driver: local
197	+	driver_opts:
198	+	type: 'none'
199	+	o: 'bind'
200	+	device: '/volume1/docker/gsm/gvmd_data_vol'
201	+	psql_data_vol:
202	+	driver: local
203	+	driver_opts:
204	+	type: 'none'
205	+	o: 'bind'
206	+	device: '/volume1/docker/gsm/psql_data_vol'
207	+	vt_data_vol:
208	+	driver: local
209	+	driver_opts:
210	+	type: 'none'
211	+	o: 'bind'
212	+	device: '/volume1/docker/gsm/vt_data_vol'
213	+	notus_data_vol:
214	+	driver: local
215	+	driver_opts:
216	+	type: 'none'
217	+	o: 'bind'
218	+	device: '/volume1/docker/gsm/notus_data_vol'
219	+	psql_socket_vol:
220	+	driver: local
221	+	driver_opts:
222	+	type: 'none'
223	+	o: 'bind'
224	+	device: '/volume1/docker/gsm/psql_socket_vol'
225	+	gvmd_socket_vol:
226	+	driver: local
227	+	driver_opts:
228	+	type: 'none'
229	+	o: 'bind'
230	+	device: '/volume1/docker/gsm/gvmd_socket_vol'
231	+	ospd_openvas_socket_vol:
232	+	driver: local
233	+	driver_opts:
234	+	type: 'none'
235	+	o: 'bind'
236	+	device: '/volume1/docker/gsm/ospd_openvas_socket_vol'
237	+	redis_socket_vol:
238	+	driver: local
239	+	driver_opts:
240	+	type: 'none'
241	+	o: 'bind'
242	+	device: '/volume1/docker/gsm/redis_socket_vol'