{"id":49,"date":"2024-12-23T22:17:25","date_gmt":"2024-12-23T20:17:25","guid":{"rendered":"https:\/\/xavs.cat\/?p=49"},"modified":"2024-12-23T22:23:38","modified_gmt":"2024-12-23T20:23:38","slug":"greenbone-per-docker","status":"publish","type":"post","link":"https:\/\/xavs.cat\/?p=49","title":{"rendered":"Greenbone per Docker"},"content":{"rendered":"\n

Contingut del fitxer \/etc\/cron.weekly\/greenbone-update.sh<\/code>:<\/p>\n\n\n\n

#!\/bin\/bash
cd \/opt\/docker\/greenbone
docker compose pull
docker compose up -d
docker images --format \"{{.ID}} {{.Repository}}:{{.Tag}}\" | grep \"<none>\" | awk '{print $1}' | xargs docker rmi
docker system prune -A

<\/pre>\n\n\n\n
Contingut del ficher docker-compose.yml<\/code>:<\/p>\n\n\n\n
services:
  vulnerability-tests:
    image: greenbone\/vulnerability-tests
    environment:
      STORAGE_PATH: \/var\/lib\/openvas\/22.04\/vt-data\/nasl
    volumes:
      - vt_data_vol:\/mnt

  notus-data:
    image: greenbone\/notus-data:latest
    volumes:
      - notus_data_vol:\/mnt

  scap-data:
    image: greenbone\/scap-data:latest
    volumes:
      - scap_data_vol:\/mnt

  cert-bund-data:
    image: greenbone\/cert-bund-data:latest
    volumes:
      - cert_data_vol:\/mnt

  dfn-cert-data:
    image: greenbone\/dfn-cert-data:latest
    volumes:
      - cert_data_vol:\/mnt
    depends_on:
      - cert-bund-data

  data-objects:
    image: greenbone\/data-objects
    volumes:
      - data_objects_vol:\/mnt

  report-formats:
    image: greenbone\/report-formats
    volumes:
      - data_objects_vol:\/mnt
    depends_on:
      - data-objects

  gpg-data:
    image: greenbone\/gpg-data:latest
    volumes:
      - gpg_data_vol:\/mnt

  redis-server:
    image: greenbone\/redis-server:latest
    restart: on-failure
    volumes:
      - redis_socket_vol:\/run\/redis\/

  pg-gvm:
    image: greenbone\/pg-gvm:stable
    restart: on-failure
    volumes:
      - psql_data_vol:\/var\/lib\/postgresql
      - psql_socket_vol:\/var\/run\/postgresql

  gvmd:
    image: greenbone\/gvmd:latest
    restart: on-failure
    volumes:
      - gvmd_data_vol:\/var\/lib\/gvm
      - scap_data_vol:\/var\/lib\/gvm\/scap-data\/
      - cert_data_vol:\/var\/lib\/gvm\/cert-data
      - data_objects_vol:\/var\/lib\/gvm\/data-objects\/gvmd
      - vt_data_vol:\/var\/lib\/openvas\/plugins
      - psql_data_vol:\/var\/lib\/postgresql
      - gvmd_socket_vol:\/run\/gvmd
      - ospd_openvas_socket_vol:\/run\/ospd
      - psql_socket_vol:\/var\/run\/postgresql
    depends_on:
      pg-gvm:
        condition: service_started
      scap-data:
        condition: service_completed_successfully
      cert-bund-data:
        condition: service_completed_successfully
      dfn-cert-data:
        condition: service_completed_successfully
      data-objects:
        condition: service_completed_successfully
      report-formats:
        condition: service_completed_successfully

  gsa:
    image: greenbone\/gsa:latest
    restart: on-failure
    ports:
      - 80:80
    volumes:
      - gvmd_socket_vol:\/run\/gvmd
    depends_on:
      - gvmd

  ospd-openvas:
    image: greenbone\/ospd-openvas:latest
    restart: on-failure
    cap_add:
      - NET_ADMIN
      - NET_RAW
    security_opt:
      - seccomp=unconfined
      - apparmor=unconfined
    command:
      [
        \"ospd-openvas\",
        \"-f\",
        \"--config\",
        \"\/etc\/gvm\/ospd-openvas.conf\",
        \"--mqtt-broker-address\",
        \"mqtt-broker\",
        \"--notus-feed-dir\",
        \"\/var\/lib\/notus\/advisories\",
        \"-m\",
        \"666\"
      ]
    volumes:
      - gpg_data_vol:\/etc\/openvas\/gnupg
      - vt_data_vol:\/var\/lib\/openvas\/plugins
      - notus_data_vol:\/var\/lib\/notus
      - ospd_openvas_socket_vol:\/run\/ospd
      - redis_socket_vol:\/run\/redis\/
    depends_on:
      redis-server:
        condition: service_started
      gpg-data:
        condition: service_completed_successfully
      vulnerability-tests:
        condition: service_completed_successfully

  mqtt-broker:
    restart: on-failure
    image: greenbone\/mqtt-broker
    ports:
      - 1883:1883
    networks:
      default:
        aliases:
          - mqtt-broker
          - broker

  notus-scanner:
    restart: on-failure
    image: greenbone\/notus-scanner:stable
    volumes:
      - notus_data_vol:\/var\/lib\/notus
      - gpg_data_vol:\/etc\/openvas\/gnupg
    environment:
      NOTUS_SCANNER_MQTT_BROKER_ADDRESS: mqtt-broker
      NOTUS_SCANNER_PRODUCTS_DIRECTORY: \/var\/lib\/notus\/products
    depends_on:
      - mqtt-broker
      - gpg-data
      - vulnerability-tests

  gvm-tools:
    image: greenbone\/gvm-tools:latest
    volumes:
      - gvmd_socket_vol:\/run\/gvmd
      - ospd_openvas_socket_vol:\/run\/ospd
    depends_on:
      - gvmd
      - ospd-openvas


volumes:
  gpg_data_vol:
  scap_data_vol:
  cert_data_vol:
  data_objects_vol:
  gvmd_data_vol:
  psql_data_vol:
  vt_data_vol:
  notus_data_vol:
  psql_socket_vol:
  gvmd_socket_vol:
  ospd_openvas_socket_vol:
  redis_socket_vol:
<\/pre>\n","protected":false},"excerpt":{"rendered":"
Contingut del fitxer \/etc\/cron.weekly\/greenbone-update.sh: #!\/bin\/bashcd \/opt\/docker\/greenbonedocker compose pulldocker compose up -ddocker images –format “{{.ID}} {{.Repository}}:{{.Tag}}” | grep “<none>” | awk ‘{print $1}’ | xargs docker rmidocker system prune -A Contingut del ficher docker-compose.yml: services: vulnerability-tests: image: greenbone\/vulnerability-tests environment: STORAGE_PATH: \/var\/lib\/openvas\/22.04\/vt-data\/nasl volumes: – vt_data_vol:\/mnt notus-data: image: greenbone\/notus-data:latest volumes: – notus_data_vol:\/mnt scap-data: image: greenbone\/scap-data:latest volumes: – scap_data_vol:\/mnt […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-49","post","type-post","status-publish","format-standard","hentry","category-general"],"_links":{"self":[{"href":"https:\/\/xavs.cat\/index.php?rest_route=\/wp\/v2\/posts\/49","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/xavs.cat\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xavs.cat\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/xavs.cat\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/xavs.cat\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=49"}],"version-history":[{"count":2,"href":"https:\/\/xavs.cat\/index.php?rest_route=\/wp\/v2\/posts\/49\/revisions"}],"predecessor-version":[{"id":55,"href":"https:\/\/xavs.cat\/index.php?rest_route=\/wp\/v2\/posts\/49\/revisions\/55"}],"wp:attachment":[{"href":"https:\/\/xavs.cat\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=49"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xavs.cat\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=49"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xavs.cat\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=49"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}