Skip to content

4. Advanced options for deployment

Jump to bottom
stanfrbd edited this page Feb 6, 2025 · 4 revisions

Advanced options for deployment

All variables from secrets.json can be converted to environment variables (uppercase):

Note

You can add these environment variables in a custom docker-compose.yml. If you don't specify proxy, no proxy will be used.

export PROXY_URL="http://127.0.0.1:9000"
export VIRUSTOTAL="api_key_here"
export ABUSEIPDB="api_key_here"
export IPINFO="api_key_here"
export GOOGLE_SAFE_BROWSING="api_key_here"
export MDE_TENANT_ID="api_key_here"
export MDE_CLIENT_ID="api_key_here"
export MDE_CLIENT_SECRET="api_key_here"
export SHODAN="api_key_here"
export OPENCTI_API_KEY="api_key_here"
export OPENCTI_URL="https://demo.opencti.io"

Supervisord options (for docker only)

This options will be applied only if the script prod/advanced_config.py is run (automatic in docker)

In secrets.json:

  • Adding "supervisord_workers_count": 1 in secrets.json will set -w 1 in supervisord.conf
  • Adding "supervisord_threads_count": 1 in secrets.json will set -t 1 in supervisord.conf

Or using environment variables:

export SUPERVISORD_WORKERS_COUNT=1
export SUPERVISORD_THREADS_COUNT=1

Note

These variables are optional, so if they don't exist in secrets.json, the original config (in prod/supervisord.conf) will be applied by default.

API prefix in app.py and index.html options

In secrets.json:

  • Adding "api_prefix": "my_api" in secrets.json will set all the original prefix /api/ endpoints to be renamed by prefix /my_api/ endpoints in the files app.py and index.html

Or using environment variables:

export API_PREFIX="my_api"

Note

This variable is optional, so if it doesn't exist in secrets.json, the API will be accessible at /api/ by default.

Selected engines in the GUI (index.html only)

In secrets.json:

  • Adding "gui_enabled_engines": ["reverse_dns", "rdap"] in secrets.json will restrict usage of these two engines in the GUI.

Or using environment variables:

export GUI_ENABLED_ENGINES="reverse_dns,rdap"

Note

This variable is optional, so if it doesn't exist in secrets.json, all engines will be displayed in the GUI.

Tip

Example: for the demo instance of cyberbro, only these engines are used: "gui_enabled_engines": ["reverse_dns", "rdap", "ipquery", "abuseipdb", "virustotal", "spur", "google_safe_browsing", "shodan", "phishtank", "threatfox", "urlscan", "google", "github", "opencti", "abusix", "hudsonrock"]
With environment variable: GUI_ENABLED_ENGINES="reverse_dns,rdap,ipquery,abuseipdb,virustotal,spur,google_safe_browsing,shodan,phishtank,threatfox,urlscan,google,github,opencti,abusix,hudsonrock"

Config page in the GUI (config.html) http://cyberbro.local:5000/config

Caution

This is unsecure so it is disabled by default.

You can add it using the following:

In secrets.json:

Adding "config_page_enabled": true in secrets.json will enable the config page in the GUI at http://cyberbro.local:5000/config

Or using environment variables:

export CONFIG_PAGE_ENABLED="true"

Note

This variable is optional, so if it doesn't exist in secrets.json, it will be disabled by default.

Any questions? Raise an issue or contact @cyberbro_cti on X / @cyberbro on Mastodon (infosec.exchange).

Clone this wiki locally