search

olacabs / jackhammer

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
https://jch.olacabs.com/userguide
Other
718 stars 162 forks source link

For those looking to get this working currently... docker-compose.yml replacement #102

Open alistar79 opened 6 years ago

alistar79 commented 6 years ago 
version: '3'
volumes:
  # We'll define a volume that will store the data from the mysql databases:
  mysql-data:
    driver: local
services:
 mysqldb:
   image: mysql:5.7
   container_name: jackhammer-db
   environment:
     MYSQL_ROOT_PASSWORD: root
     MYSQL_USER: jackhammer
     MYSQL_PASSWORD: jackhammer
     MYSQL_DATABASE: jackhammer_production
   ports:
     - "3306:3306"
   volumes: 
      - mysql-data:/usr/local/bin/mysql
   restart: always
   #healthcheck:
   #  test: "nc -z localhost 3306"
   #  interval: 1s
   #  retries: 120
 web:
   build: ./web
   volumes:
     - '.:/jackhammer'
   ports:
     - "5000:3000"
   command: bash -c "mkdir -p tmp/pids && RAILS_ENV=production bundle exec rake db:migrate && RAILS_ENV=production bundle exec sidekiq -C config/sidekiq.yml -d && bundle exec puma -e production -b tcp://0.0.0.0:3000"
   environment:
     - REDIS_URL=redis://redis:6379
     - SECRET_KEY_BASE=454ab84a2554a5e715db90c7560a06d8a20811d614e7313de05495ecdeac9614c4c3d263df1a5892b92d6c32ea06d4defbd2492c598e8295f89b8b316db25842
     - RAILS_SERVE_STATIC_FILES=true
     - RAILS_ENV=production
     - MYSQL_DB=jackhammer_production
     - MYSQL_HOST=mysqldb
     - MYSQL_USER=jackhammer
     - MYSQL_PASSWORD=jackhammer
   links:
     - mysqldb:mysqldb
     - redis:redis
   depends_on:
     - mysqldb
     - redis
 redis:
   image: redis
   ports:
     - "6379"
alistar79 commented 6 years ago

As this depends on mysql 5.7 but someone forgot to pin it in docker-compose and due to the root password already being set and jackhammer web suffering to use it these are the changes:

image: mysql:5.7

     MYSQL_USER: jackhammer
     MYSQL_PASSWORD: jackhammer
alistar79 commented 6 years ago

@shadsidd can you roll these in to save others from pain. Also your website is down Ta!

alistar79 commented 6 years ago

I also had to run inside the container:

bundle exec rake db:seed

there was a number of gem installs prior to this too as I was trying a rake db:seed which failed and suggested I gem install a package or 5

dkogue commented 6 years ago

did you manage to add any tools? I am trying to add Zap may be you can have a look at my logs. Thanks in advance.

alistar79 commented 6 years ago

not as yet! happy to see what i can spot if you have output tho?

dkogue commented 6 years ago

100

you can check all logs there.

alistar79 commented 6 years ago

sorry dood looks like their ruby env is all messed up but how and how to fix not sure im not a ruby dev

dkogue commented 6 years ago

Thanks @alistar79 for your feedback. It is so unfortunate that I spent the past one month and half trying to make this framework work. Maybe you want to have look at SecureCodeBox.

alistar79 commented 6 years ago

id try openvas @dkogue never let me down in the past