This repository is a docker-compose setup for a quickstart with the SecurityRAT tool.
Important: the setup is not suitable for a production environment!
The docker-compose setup for version 1.7.x or lower is available on branch v1.7.x.
-
Clone this project.
-
[Optional] You can modify the database settings as described in the Configuration section below.
-
Run
docker-compose up --remove-orphansfrom the project's root directory. -
Update the database with the requirements set included as SQL dump (OWASP ASVS 3.0.1 set) in the mariadb-service image. Do this by running this command in a new terminal:
docker exec securityrat-mariadb sh -c './var/dumpRequirements.sh'
-
After all services have started, navigate to http://localhost:9002 in your browser.
-
Authenticate with one of the default users
admin/adminoruser/user
The docker-compose file already contains default configuration, hence the following settings are optional:
-
Change the default database settings using the following environment variables in the docker-compose.yml.
environment: MYSQL_DATABASE: # database name MYSQL\_ROOT\_PASSWORD: # the root password. MYSQL\_USER: # This user has full priviledge over the MYSQL\_DATABASE MYSQL\_PASSWORD: #Password of the MYSQL\_USER
-
Change the securiryrat service configuration in docker-compose.yml to match the modifications from the previous step.
environment: - SPRING\_DATASOURCE\_URL=jdbc:mysql://mariadb-service:3306/${MYSQL\_DATABASE}?useUnicode=true&characterEncoding=utf8&useSSL=false&useLegacyDatetimeCode=false&serverTimezone=UTC&createDatabaseIfNotExist=true - SPRING\_DATASOURCE\_USERNAME=${MYSQL\_USER} - SPRING\_DATASOURCE\_PASSWORD=${MYSQL\_PASSWORD}
After stopping the app, run docker-compose down from the project's root directory to remove the created containers.