The images published on Docker hub are built from the current
master repository branch (tag latest, will be used by default)
and from the current release (tag vX.Y.Z, use
ivre/<imagename>:vX.Y.Z to use it).
The easiest way, just run:
$ docker compose up
The containers should now be running, with the TCP port 80 of your
host redirected to the ivreweb container.
To get a shell with the CLI tools and Python API, attach to the
ivreclient container:
$ docker attach ivreclient root@fd983ba5e6fd:/#
You can detach from the container (without stopping it) by using
C-p C-q and attach to it again later with the same
docker attach ivreclient command.
To initialize the database and start playing with IVRE, you need to enter some commands described in the related section below.
If you already manage your Docker containers using Vagrant, you can use it to run the containers.
With the Vagrantfile as it is provided, the TCP port 80 of your host
will be used, so you need either to make sure it is not already in use,
or to modify the Vagrantfile after the cp step in the
instructions below to use another port.
To use the Vagrantfile located in the docker/ directory of the
source tree (or the [PREFIX]/share/ivre/docker/ directory when IVRE
has been installed), run (from the folder where you want to store your
data):
$ mkdir -m 1777 var_lib_mongodb ivre-share dokuwiki_data # For people using SELinux enforced, you need to run $ sudo chcon -Rt svirt_sandbox_file_t var_lib_mongodb ivre-share dokuwiki_data $ cp [path to ivre source]/docker/Vagrantfile . $ vagrant up --no-parallel
The --no-parallel option prevents Vagrant from starting the
ivreuwsgi container before the ivredb is ready.
To access the ivreclient container, see the Using Docker Compose since it is similar.
By default, the images will be downloaded from the Docker Hub. But you
also can build the images from the provided Dockerfiles. For
that, from the docker/ directory, run:
$ docker pull debian:12 $ for img in base client agent web web-doku web-uwsgi ; do > docker build -t "ivre/$img" "$img" > done
This might take a long time.
It is also possible to build the ivre/base image without fetching
the tarball from GitHub, by creating it locally and using the
base-local directory instead of base. From the repository root,
run:
$ git archive --format=tar --prefix=ivre/ HEAD -o docker/base-local/ivre.tar $ tmp=`mktemp | sed 's#^/##'`; python setup.py --version | tr -d '\n' > "/$tmp" $ tar rf docker/base-local/ivre.tar --transform="s#$tmp#ivre/ivre/VERSION#" /$tmp $ rm "/$tmp" $ docker pull debian:12 $ docker build -t ivre/base docker/base-local
Another way to create the ivre/base image is to use
pip. From the
docker/ directory, run:
$ docker pull debian:12 $ docker build -t ivre/base base-pip
Attach to the ivreclient container and run the initialization
commands:
user@host:~$ docker attach ivreclient root@ivreclient:/# yes | ivre ipinfo --init root@ivreclient:/# yes | ivre scancli --init root@ivreclient:/# yes | ivre view --init root@ivreclient:/# yes | ivre flowcli --init root@ivreclient:/# yes | ivre runscansagentdb --init root@ivreclient:/# ivre ipdata --download
Then we can integrate the Nmap results to the database
nmap database and create a view from it:
root@ivreclient:/# ivre scan2db -r -s MySource -c MyCategory /ivre-share root@ivreclient:/# ivre db2view nmap
You can then detach from the container (C-p C-q).
root@ivreclient:/# exit
You can start the container again later by issuing:
$ docker start -i ivreclient root@ivreclient:/#
If you do not want to exit the shell but only detach from it, use
C-p C-q. You can attach to it again later by issuing
docker attach ivreclient.