A neat little tool to document your IT environment in a structured way and map your system to the BSI Grundschutz requirements.
Basically any set of structured requirements can be mapped.
As a result you can see which requirements you need to fulfill.
MYSQL_ROOT_PASSWORD=YourAppPassWordHere
MYSQL_USER=gsonline
MYSQL_PASSWORD=YourRootPassWordHere
MYSQL_DATABASE=opengs
DATABASE_URL=mysql+pymysql://${MYSQL_USER}:${MYSQL_PASSWORD}@mysql:3306/${MYSQL_DATABASE}
SECRET_KEY=SomeSecretKeyWhichIForgotWhatItIsGoodFor
MAIL_SERVER=localhost
MAIL_PORT=8025
ADMINS = ['your@email.here']
You need to have a MySQL server available and accessible for the app. The db user needs permissions to create and modify tables.
- Create a virtual environment:
python -m venv .venv
- Activate the environment:
.\.venv\Scripts\activate
- Install packages:
pip install -r requirements.txt
- Create db and populate it:
flask db init && flask db upgrade
- Start the app:
flask run
- Build the app container with
docker build -t gsonline:dev .
- Execute
docker-compose up -d
Either way, access the app at http://localhost:5000. Register a user, login and go for it :)
The technical buildingblocks start at scroll-bookmark-1305
with the chapter APP in the file IT-Grundschutz-Kompendium-Edition-2022.xml.
A hooman-readable version can be found directly at the BSI: https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Standards-und-Zertifizierung/IT-Grundschutz/IT-Grundschutz-Kompendium/IT-Grundschutz-Bausteine/Bausteine_Download_Edition_node.html