docker-compose that can be used to start a circus (note: a digital one...)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
emile 508351773a
added an estimated time the setup should take
1 month ago
.env added ctfname 1 month ago
.gitignore added the *.env to the .gitignore 2 months ago
README.md added an estimated time the setup should take 1 month ago
docker-compose.yml tlschallenge 1 month ago
grafana.ini default grafana viewer 2 months ago
prometheus.yml added a prometheus file scraping the scoreboard 2 months ago
setup.sh subdividet the setup in sections 1 month ago
traefik_users cloudflare wildcard 2 months ago

README.md

circus-compose

docker-compose that can be used to start a circus (note: a digital one…)

Setup

You can setup the whole stack manually or using the setup.sh file semi-automatic. If you want to setup the circus automatically, simply execute the setup.sh, but if you want to do it by hand, read on…

The complete setup process should take no longer than 5 minutes.

Docker networking

Create some docker networks:

$ docker network create circus
$ docker network create circus_db

These will contain the various services and make sure some services can and some services can’t communiate with each other.

Gerneral configuration

First of all, you should define where the CTF should run and what it should be called. To do so, fill the .env file with the corresponding information:

HOSTNAME=docker.localhost
CTFNAME=MyCTF

Service configuration

Traefik

Traefik requires the credentials as a user:pass combination, the password is hashed.

To create a traefik basicauth user, execute $ htpasswd -nb user password with your username and password and append the result to the traefik_users file.

Grafana

Define the grafana location in the grafana.env file.

GF_SERVER_ROOT_URL=http://grafana.docker.localhost:3000
GF_SECURITY_ADMIN_PASSWORD=secret
  • When starting grafana, you can login as admin:secret
  • You can create a prometheus datasource using the URL http://prometheus:9090

Pull images

Pull the companion and the vpn container:

$ docker login registry.darknebu.la
$ docker pull registry.darknebu.la/circus/companion:latest
$ docker pull registry.darknebu.la/circus/vpn:latest

This has to be done, else the registration container will want to create and run a companion image, but there won’t be one there locally.

Opening the circus

Finally, start the stack:

$ docker-compose up -d

Services: