/SecurityRAT-dockercompose

Provide a docker compose file for SecurityRAT (version 1.x)

Primary LanguageDockerfile

SecurityRAT Docker Compose

This repository is a docker-compose setup for a quickstart with the SecurityRAT tool.

Important: the setup is not suitable for a production environment!

The docker-compose setup for version 1.7.x or lower is available on branch v1.7.x.

How to run

  1. Clone this project.

  2. [Optional] You can modify the database settings as described in the Configuration section below.

  3. Run docker-compose up --remove-orphans from the project's root directory.

  4. Update the database with the requirements set included as SQL dump (OWASP ASVS 3.0.1 set) in the mariadb-service image. Do this by running this command in a new terminal:

    docker exec securityrat-mariadb sh -c './var/dumpRequirements.sh'
  5. After all services have started, navigate to http://localhost:9002 in your browser.

  6. Authenticate with one of the default users admin/admin or user/user

Configuration

The docker-compose file already contains default configuration, hence the following settings are optional:

Database settings

  1. Change the default database settings using the following environment variables in the docker-compose.yml.

    environment:
        MYSQL_DATABASE: # database name
        MYSQL\_ROOT\_PASSWORD: # the root password.
        MYSQL\_USER: # This user has full priviledge over the MYSQL\_DATABASE
        MYSQL\_PASSWORD: #Password of the MYSQL\_USER
  2. Change the securiryrat service configuration in docker-compose.yml to match the modifications from the previous step.

    environment:
        - SPRING\_DATASOURCE\_URL=jdbc:mysql://mariadb-service:3306/${MYSQL\_DATABASE}?useUnicode=true&characterEncoding=utf8&useSSL=false&useLegacyDatetimeCode=false&serverTimezone=UTC&createDatabaseIfNotExist=true
        - SPRING\_DATASOURCE\_USERNAME=${MYSQL\_USER} 
        - SPRING\_DATASOURCE\_PASSWORD=${MYSQL\_PASSWORD}

Cleaning up

After stopping the app, run docker-compose down from the project's root directory to remove the created containers.