mirror of
https://github.com/telekom-security/tpotce.git
synced 2025-07-02 01:27:27 -04:00
tweaking nginx, ddospot:
- Remove ddospot from standard - Add ddospot only to tarpit - Decouple nginx from host mode, only export tcp/64297, tcp/64294 - Adjust editions accordingly - Keep LUA settings in Nginx config for now, just in case we find a different use case
This commit is contained in:
@ -1,10 +1,11 @@
|
||||
# T-Pot: TARPIT
|
||||
networks:
|
||||
ddospot_local:
|
||||
endlessh_local:
|
||||
go-pot_local:
|
||||
hellpot_local:
|
||||
heralding_local:
|
||||
spiderfoot_local:
|
||||
nginx_local:
|
||||
ewsposter_local:
|
||||
|
||||
services:
|
||||
@ -41,6 +42,29 @@ services:
|
||||
#### Honeypots
|
||||
##################
|
||||
|
||||
# Ddospot service
|
||||
ddospot:
|
||||
container_name: ddospot
|
||||
restart: always
|
||||
depends_on:
|
||||
tpotinit:
|
||||
condition: service_healthy
|
||||
networks:
|
||||
- ddospot_local
|
||||
ports:
|
||||
- "19:19/udp"
|
||||
- "53:53/udp"
|
||||
- "123:123/udp"
|
||||
# - "161:161/udp"
|
||||
- "1900:1900/udp"
|
||||
image: ${TPOT_REPO}/ddospot:${TPOT_VERSION}
|
||||
pull_policy: ${TPOT_PULL_POLICY}
|
||||
read_only: true
|
||||
volumes:
|
||||
- ${TPOT_DATA_PATH}/ddospot/log:/opt/ddospot/ddospot/logs
|
||||
- ${TPOT_DATA_PATH}/ddospot/bl:/opt/ddospot/ddospot/bl
|
||||
- ${TPOT_DATA_PATH}/ddospot/db:/opt/ddospot/ddospot/db
|
||||
|
||||
# Endlessh service
|
||||
endlessh:
|
||||
container_name: endlessh
|
||||
@ -197,6 +221,8 @@ services:
|
||||
depends_on:
|
||||
tpotinit:
|
||||
condition: service_healthy
|
||||
networks:
|
||||
- nginx_local
|
||||
environment:
|
||||
- bootstrap.memory_lock=true
|
||||
- ES_JAVA_OPTS=-Xms2048m -Xmx2048m
|
||||
@ -225,6 +251,8 @@ services:
|
||||
depends_on:
|
||||
elasticsearch:
|
||||
condition: service_healthy
|
||||
networks:
|
||||
- nginx_local
|
||||
mem_limit: 1g
|
||||
ports:
|
||||
- "127.0.0.1:64296:5601"
|
||||
@ -238,6 +266,8 @@ services:
|
||||
depends_on:
|
||||
elasticsearch:
|
||||
condition: service_healthy
|
||||
networks:
|
||||
- nginx_local
|
||||
environment:
|
||||
- LS_JAVA_OPTS=-Xms1024m -Xmx1024m
|
||||
- TPOT_TYPE=${TPOT_TYPE:-HIVE}
|
||||
@ -259,6 +289,8 @@ services:
|
||||
depends_on:
|
||||
tpotinit:
|
||||
condition: service_healthy
|
||||
networks:
|
||||
- nginx_local
|
||||
stop_signal: SIGKILL
|
||||
tty: true
|
||||
image: ${TPOT_REPO}/redis:${TPOT_VERSION}
|
||||
@ -272,6 +304,8 @@ services:
|
||||
depends_on:
|
||||
tpotinit:
|
||||
condition: service_healthy
|
||||
networks:
|
||||
- nginx_local
|
||||
environment:
|
||||
- MAP_COMMAND=AttackMapServer.py
|
||||
stop_signal: SIGKILL
|
||||
@ -288,6 +322,8 @@ services:
|
||||
depends_on:
|
||||
elasticsearch:
|
||||
condition: service_healthy
|
||||
networks:
|
||||
- nginx_local
|
||||
environment:
|
||||
- MAP_COMMAND=DataServer_v2.py
|
||||
- TPOT_ATTACKMAP_TEXT=${TPOT_ATTACKMAP_TEXT}
|
||||
@ -339,9 +375,11 @@ services:
|
||||
- /var/tmp/nginx/scgi
|
||||
- /run
|
||||
- /var/lib/nginx/tmp:uid=100,gid=82
|
||||
network_mode: "host"
|
||||
networks:
|
||||
- nginx_local
|
||||
ports:
|
||||
- "64297:64297"
|
||||
- "64294:64294"
|
||||
image: ${TPOT_REPO}/nginx:${TPOT_VERSION}
|
||||
pull_policy: ${TPOT_PULL_POLICY}
|
||||
read_only: true
|
||||
@ -359,7 +397,7 @@ services:
|
||||
tpotinit:
|
||||
condition: service_healthy
|
||||
networks:
|
||||
- spiderfoot_local
|
||||
- nginx_local
|
||||
ports:
|
||||
- "127.0.0.1:64303:8080"
|
||||
image: ${TPOT_REPO}/spiderfoot:${TPOT_VERSION}
|
||||
|
Reference in New Issue
Block a user