There are two types of configuration possible:
- Minimal appliance
- Full Appliance
NOTE:
Appliances are built on top of docker but for the moment they do not support Docker in swarm mode.
This setup includes the bare-minimum components for everything to be able to run. There will be no metrics collected and you will have to tail the log from the docker container logs.
This setup includes every single components and all metrics and logging capabilities. Metrics and logs will be gathered inside the same Elasticsearch instance as the processing data and you will have access kibana to view all of those.
For full documentation on how to setup an assemblyline appliance see the documentation page. https://cybercentrecanada.github.io/assemblyline4_docs/
NOTE:
If using the Docker Compose plugin, replace docker-compose
commands with docker compose
.
git clone https://github.com/CybercentreCanada/assemblyline-docker-compose.git
Choose one of the minimal or full deployments. The rest of the commands and paths given will be relative to the directory specific to the deployment type you are doing.
mkdir ~/deployments
cp -R ~/git/assemblyline-docker-compose/minimal_appliance ~/deployments/assemblyline
cd ~/deployments/assemblyline
or
mkdir ~/deployments
cp -R ~/git/assemblyline-docker-compose/full_appliance ~/deployments/assemblyline
cd ~/deployments/assemblyline
5. Copy in an existing or generate a self-signed certificate into the ./config
directory in the cloned repository
source .env
openssl req -nodes -x509 -newkey rsa:4096 -keyout ./config/nginx.key -out ./config/nginx.crt -days 365 -subj "/C=CA/ST=Ontario/L=Ottawa/O=CCCS/CN=$DOMAIN"
Pull the containers.
sudo docker-compose pull
sudo docker-compose build
sudo docker-compose -f bootstrap-compose.yaml pull
Launch the core system.
sudo docker-compose up -d
Perform first time only setup and service initialization.
sudo docker-compose -f bootstrap-compose.yaml up