Sun. Dec 22nd, 2024

Cara menginstall Greenbone VA di Ubuntu 22.04 dengan docker compose

<img alt='' src='https://secure.gravatar.com/avatar/142e5268afd8fd7c53e48aaf328773e7?s=150&d=mm&r=g' srcset='https://secure.gravatar.com/avatar/142e5268afd8fd7c53e48aaf328773e7?s=300&d=mm&r=g 2x' class='avatar avatar-150 photo' height='150' width='150' decoding='async'/>

Byadmin web

Dec 9, 2024

root@greenbone-va:~# timedatectl set-timezone Asia/Jakarta
root@greenbone-va:~# timedatectl
               Local time: Mon 2024-12-09 05:48:32 WIB
           Universal time: Sun 2024-12-08 22:48:32 UTC
                 RTC time: Sun 2024-12-08 22:48:32
                Time zone: Asia/Jakarta (WIB, +0700)
System clock synchronized: yes
              NTP service: active
          RTC in local TZ: no
root@greenbone-va:~#

root@greenbone-va:~# mkdir -p /data/docker-data/gvm-va
root@greenbone-va:~#
root@greenbone-va:~# cd /data/docker-data/gvm-va
root@greenbone-va:/data/docker-data/gvm-va#
root@greenbone-va:/data/docker-data/gvm-va#

root@greenbone-va:/data/docker-data/gvm-va# curl -f -L https://greenbone.github.io/docs/latest/_static/docker-compose-22.4.yml -o docker-compose.yml
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  6544  100  6544    0     0   8184      0 --:--:-- --:--:-- --:--:--  8180
root@greenbone-va:/data/docker-data/gvm-va#
root@greenbone-va:/data/docker-data/gvm-va# ls -l
total 8
-rw-r--r-- 1 root root 6544 Dec  8 22:25 docker-compose.yml
root@greenbone-va:/data/docker-data/gvm-va#
root@greenbone-va:/data/docker-data/gvm-va# cat docker-compose.yml
services:
  vulnerability-tests:
    image: registry.community.greenbone.net/community/vulnerability-tests
    environment:
      STORAGE_PATH: /var/lib/openvas/22.04/vt-data/nasl
    volumes:
      - vt_data_vol:/mnt

  notus-data:
    image: registry.community.greenbone.net/community/notus-data
    volumes:
      - notus_data_vol:/mnt

  scap-data:
    image: registry.community.greenbone.net/community/scap-data
    volumes:
      - scap_data_vol:/mnt

  cert-bund-data:
    image: registry.community.greenbone.net/community/cert-bund-data
    volumes:
      - cert_data_vol:/mnt

  dfn-cert-data:
    image: registry.community.greenbone.net/community/dfn-cert-data
    volumes:
      - cert_data_vol:/mnt
    depends_on:
      - cert-bund-data

  data-objects:
    image: registry.community.greenbone.net/community/data-objects
    volumes:
      - data_objects_vol:/mnt

  report-formats:
    image: registry.community.greenbone.net/community/report-formats
    volumes:
      - data_objects_vol:/mnt
    depends_on:
      - data-objects

  gpg-data:
    image: registry.community.greenbone.net/community/gpg-data
    volumes:
      - gpg_data_vol:/mnt

  redis-server:
    image: registry.community.greenbone.net/community/redis-server
    restart: on-failure
    volumes:
      - redis_socket_vol:/run/redis/

  pg-gvm:
    image: registry.community.greenbone.net/community/pg-gvm:stable
    restart: on-failure
    volumes:
      - psql_data_vol:/var/lib/postgresql
      - psql_socket_vol:/var/run/postgresql

  gvmd:
    image: registry.community.greenbone.net/community/gvmd:stable
    restart: on-failure
    volumes:
      - gvmd_data_vol:/var/lib/gvm
      - scap_data_vol:/var/lib/gvm/scap-data/
      - cert_data_vol:/var/lib/gvm/cert-data
      - data_objects_vol:/var/lib/gvm/data-objects/gvmd
      - vt_data_vol:/var/lib/openvas/plugins
      - psql_data_vol:/var/lib/postgresql
      - gvmd_socket_vol:/run/gvmd
      - ospd_openvas_socket_vol:/run/ospd
      - psql_socket_vol:/var/run/postgresql
    depends_on:
      pg-gvm:
        condition: service_started
      scap-data:
        condition: service_completed_successfully
      cert-bund-data:
        condition: service_completed_successfully
      dfn-cert-data:
        condition: service_completed_successfully
      data-objects:
        condition: service_completed_successfully
      report-formats:
        condition: service_completed_successfully

  gsa:
    image: registry.community.greenbone.net/community/gsa:stable
    restart: on-failure
    ports:
      - 127.0.0.1:9392:80
    volumes:
      - gvmd_socket_vol:/run/gvmd
    depends_on:
      - gvmd
  # Sets log level of openvas to the set LOG_LEVEL within the env
  # and changes log output to /var/log/openvas instead /var/log/gvm
  # to reduce likelyhood of unwanted log interferences
  configure-openvas:
    image: registry.community.greenbone.net/community/openvas-scanner:stable
    volumes:
      - openvas_data_vol:/mnt
      - openvas_log_data_vol:/var/log/openvas
    command:
      - /bin/sh
      - -c
      - |
        printf "table_driven_lsc = yes\nopenvasd_server = http://openvasd:80\n" > /mnt/openvas.conf
        sed "s/127/128/" /etc/openvas/openvas_log.conf | sed 's/gvm/openvas/' > /mnt/openvas_log.conf
        chmod 644 /mnt/openvas.conf
        chmod 644 /mnt/openvas_log.conf
        touch /var/log/openvas/openvas.log
        chmod 666 /var/log/openvas/openvas.log

  # shows logs of openvas
  openvas:
    image: registry.community.greenbone.net/community/openvas-scanner:stable
    restart: on-failure
    volumes:
      - openvas_data_vol:/etc/openvas
      - openvas_log_data_vol:/var/log/openvas
    command:
      - /bin/sh
      - -c
      - |
        cat /etc/openvas/openvas.conf
        tail -f /var/log/openvas/openvas.log
    depends_on:
      configure-openvas:
        condition: service_completed_successfully

  openvasd:
    image: registry.community.greenbone.net/community/openvas-scanner:stable
    restart: on-failure
    environment:
      # `service_notus` is set to disable everything but notus,
      # if you want to utilize openvasd directly removed `OPENVASD_MODE`
      OPENVASD_MODE: service_notus
      GNUPGHOME: /etc/openvas/gnupg
      LISTENING: 0.0.0.0:80
    volumes:
      - openvas_data_vol:/etc/openvas
      - openvas_log_data_vol:/var/log/openvas
      - gpg_data_vol:/etc/openvas/gnupg
      - notus_data_vol:/var/lib/notus
    # enable port forwarding when you want to use the http api from your host machine
    # ports:
    #   - 127.0.0.1:3000:80
    depends_on:
      vulnerability-tests:
        condition: service_completed_successfully
      configure-openvas:
        condition: service_completed_successfully
      gpg-data:
        condition: service_completed_successfully
    networks:
      default:
        aliases:
          - openvasd

  ospd-openvas:
    image: registry.community.greenbone.net/community/ospd-openvas:stable
    restart: on-failure
    hostname: ospd-openvas.local
    cap_add:
      - NET_ADMIN # for capturing packages in promiscuous mode
      - NET_RAW # for raw sockets e.g. used for the boreas alive detection
    security_opt:
      - seccomp=unconfined
      - apparmor=unconfined
    command:
      [
        "ospd-openvas",
        "-f",
        "--config",
        "/etc/gvm/ospd-openvas.conf",
        "--notus-feed-dir",
        "/var/lib/notus/advisories",
        "-m",
        "666"
      ]
    volumes:
      - gpg_data_vol:/etc/openvas/gnupg
      - vt_data_vol:/var/lib/openvas/plugins
      - notus_data_vol:/var/lib/notus
      - ospd_openvas_socket_vol:/run/ospd
      - redis_socket_vol:/run/redis/
      - openvas_data_vol:/etc/openvas/
      - openvas_log_data_vol:/var/log/openvas
    depends_on:
      redis-server:
        condition: service_started
      gpg-data:
        condition: service_completed_successfully
      vulnerability-tests:
        condition: service_completed_successfully
      configure-openvas:
        condition: service_completed_successfully

  gvm-tools:
    image: registry.community.greenbone.net/community/gvm-tools
    volumes:
      - gvmd_socket_vol:/run/gvmd
      - ospd_openvas_socket_vol:/run/ospd
    depends_on:
      - gvmd
      - ospd-openvas

volumes:
  gpg_data_vol:
  scap_data_vol:
  cert_data_vol:
  data_objects_vol:
  gvmd_data_vol:
  psql_data_vol:
  vt_data_vol:
  notus_data_vol:
  psql_socket_vol:
  gvmd_socket_vol:
  ospd_openvas_socket_vol:
  redis_socket_vol:
  openvas_data_vol:
  openvas_log_data_vol:
root@greenbone-va:/data/docker-data/gvm-va#

  gsa:
    image: registry.community.greenbone.net/community/gsa:stable
    restart: on-failure
    ports:
      - 127.0.0.1:9392:80
    volumes:
      - gvmd_socket_vol:/run/gvmd
    depends_on:
      - gvmd

  gsa:
    image: registry.community.greenbone.net/community/gsa:stable
    restart: on-failure
    ports:
      - 9392:80
    volumes:
      - gvmd_socket_vol:/run/gvmd
    depends_on:
      - gvmd

root@greenbone-va:/data/docker-data/gvm-va# nano docker-compose.yml
root@greenbone-va:/data/docker-data/gvm-va#
root@greenbone-va:/data/docker-data/gvm-va# cat docker-compose.yml
services:
  vulnerability-tests:
    image: registry.community.greenbone.net/community/vulnerability-tests
    environment:
      STORAGE_PATH: /var/lib/openvas/22.04/vt-data/nasl
    volumes:
      - vt_data_vol:/mnt

  notus-data:
    image: registry.community.greenbone.net/community/notus-data
    volumes:
      - notus_data_vol:/mnt

  scap-data:
    image: registry.community.greenbone.net/community/scap-data
    volumes:
      - scap_data_vol:/mnt

  cert-bund-data:
    image: registry.community.greenbone.net/community/cert-bund-data
    volumes:
      - cert_data_vol:/mnt

  dfn-cert-data:
    image: registry.community.greenbone.net/community/dfn-cert-data
    volumes:
      - cert_data_vol:/mnt
    depends_on:
      - cert-bund-data

  data-objects:
    image: registry.community.greenbone.net/community/data-objects
    volumes:
      - data_objects_vol:/mnt

  report-formats:
    image: registry.community.greenbone.net/community/report-formats
    volumes:
      - data_objects_vol:/mnt
    depends_on:
      - data-objects

  gpg-data:
    image: registry.community.greenbone.net/community/gpg-data
    volumes:
      - gpg_data_vol:/mnt

  redis-server:
    image: registry.community.greenbone.net/community/redis-server
    restart: on-failure
    volumes:
      - redis_socket_vol:/run/redis/

  pg-gvm:
    image: registry.community.greenbone.net/community/pg-gvm:stable
    restart: on-failure
    volumes:
      - psql_data_vol:/var/lib/postgresql
      - psql_socket_vol:/var/run/postgresql

  gvmd:
    image: registry.community.greenbone.net/community/gvmd:stable
    restart: on-failure
    volumes:
      - gvmd_data_vol:/var/lib/gvm
      - scap_data_vol:/var/lib/gvm/scap-data/
      - cert_data_vol:/var/lib/gvm/cert-data
      - data_objects_vol:/var/lib/gvm/data-objects/gvmd
      - vt_data_vol:/var/lib/openvas/plugins
      - psql_data_vol:/var/lib/postgresql
      - gvmd_socket_vol:/run/gvmd
      - ospd_openvas_socket_vol:/run/ospd
      - psql_socket_vol:/var/run/postgresql
    depends_on:
      pg-gvm:
        condition: service_started
      scap-data:
        condition: service_completed_successfully
      cert-bund-data:
        condition: service_completed_successfully
      dfn-cert-data:
        condition: service_completed_successfully
      data-objects:
        condition: service_completed_successfully
      report-formats:
        condition: service_completed_successfully

  gsa:
    image: registry.community.greenbone.net/community/gsa:stable
    restart: on-failure
    ports:
      - 9392:80
    volumes:
      - gvmd_socket_vol:/run/gvmd
    depends_on:
      - gvmd
  # Sets log level of openvas to the set LOG_LEVEL within the env
  # and changes log output to /var/log/openvas instead /var/log/gvm
  # to reduce likelyhood of unwanted log interferences
  configure-openvas:
    image: registry.community.greenbone.net/community/openvas-scanner:stable
    volumes:
      - openvas_data_vol:/mnt
      - openvas_log_data_vol:/var/log/openvas
    command:
      - /bin/sh
      - -c
      - |
        printf "table_driven_lsc = yes\nopenvasd_server = http://openvasd:80\n" > /mnt/openvas.conf
        sed "s/127/128/" /etc/openvas/openvas_log.conf | sed 's/gvm/openvas/' > /mnt/openvas_log.conf
        chmod 644 /mnt/openvas.conf
        chmod 644 /mnt/openvas_log.conf
        touch /var/log/openvas/openvas.log
        chmod 666 /var/log/openvas/openvas.log

  # shows logs of openvas
  openvas:
    image: registry.community.greenbone.net/community/openvas-scanner:stable
    restart: on-failure
    volumes:
      - openvas_data_vol:/etc/openvas
      - openvas_log_data_vol:/var/log/openvas
    command:
      - /bin/sh
      - -c
      - |
        cat /etc/openvas/openvas.conf
        tail -f /var/log/openvas/openvas.log
    depends_on:
      configure-openvas:
        condition: service_completed_successfully

  openvasd:
    image: registry.community.greenbone.net/community/openvas-scanner:stable
    restart: on-failure
    environment:
      # `service_notus` is set to disable everything but notus,
      # if you want to utilize openvasd directly removed `OPENVASD_MODE`
      OPENVASD_MODE: service_notus
      GNUPGHOME: /etc/openvas/gnupg
      LISTENING: 0.0.0.0:80
    volumes:
      - openvas_data_vol:/etc/openvas
      - openvas_log_data_vol:/var/log/openvas
      - gpg_data_vol:/etc/openvas/gnupg
      - notus_data_vol:/var/lib/notus
    # enable port forwarding when you want to use the http api from your host machine
    # ports:
    #   - 127.0.0.1:3000:80
    depends_on:
      vulnerability-tests:
        condition: service_completed_successfully
      configure-openvas:
        condition: service_completed_successfully
      gpg-data:
        condition: service_completed_successfully
    networks:
      default:
        aliases:
          - openvasd

  ospd-openvas:
    image: registry.community.greenbone.net/community/ospd-openvas:stable
    restart: on-failure
    hostname: ospd-openvas.local
    cap_add:
      - NET_ADMIN # for capturing packages in promiscuous mode
      - NET_RAW # for raw sockets e.g. used for the boreas alive detection
    security_opt:
      - seccomp=unconfined
      - apparmor=unconfined
    command:
      [
        "ospd-openvas",
        "-f",
        "--config",
        "/etc/gvm/ospd-openvas.conf",
        "--notus-feed-dir",
        "/var/lib/notus/advisories",
        "-m",
        "666"
      ]
    volumes:
      - gpg_data_vol:/etc/openvas/gnupg
      - vt_data_vol:/var/lib/openvas/plugins
      - notus_data_vol:/var/lib/notus
      - ospd_openvas_socket_vol:/run/ospd
      - redis_socket_vol:/run/redis/
      - openvas_data_vol:/etc/openvas/
      - openvas_log_data_vol:/var/log/openvas
    depends_on:
      redis-server:
        condition: service_started
      gpg-data:
        condition: service_completed_successfully
      vulnerability-tests:
        condition: service_completed_successfully
      configure-openvas:
        condition: service_completed_successfully

  gvm-tools:
    image: registry.community.greenbone.net/community/gvm-tools
    volumes:
      - gvmd_socket_vol:/run/gvmd
      - ospd_openvas_socket_vol:/run/ospd
    depends_on:
      - gvmd
      - ospd-openvas

volumes:
  gpg_data_vol:
  scap_data_vol:
  cert_data_vol:
  data_objects_vol:
  gvmd_data_vol:
  psql_data_vol:
  vt_data_vol:
  notus_data_vol:
  psql_socket_vol:
  gvmd_socket_vol:
  ospd_openvas_socket_vol:
  redis_socket_vol:
  openvas_data_vol:
  openvas_log_data_vol:
root@greenbone-va:/data/docker-data/gvm-va#

root@greenbone-va:/data/docker-data/gvm-va# docker compose up -d
[+] Running 126/33
 ✔ scap-data Pulled                                                                                     216.7s
 ✔ cert-bund-data Pulled                                                                                147.9s
 ✔ vulnerability-tests Pulled                                                                           214.4s
 ✔ gpg-data Pulled                                                                                      161.4s
 ✔ ospd-openvas Pulled                                                                                   93.8s
 ✔ gvmd Pulled                                                                                          196.6s
 ✔ pg-gvm Pulled                                                                                        151.2s
 ✔ data-objects Pulled                                                                                  159.4s
 ✔ dfn-cert-data Pulled                                                                                 164.5s
 ✔ openvas Pulled                                                                                        33.0s
 ✔ report-formats Pulled                                                                                196.7s
 ✔ configure-openvas Pulled                                                                              33.0s
 ✔ notus-data Pulled                                                                                    159.5s
 ✔ redis-server Pulled                                                                                  123.6s
 ✔ gsa Pulled                                                                                           100.8s
 ✔ gvm-tools Pulled                                                                                     198.5s
 ✔ openvasd Pulled                                                                                       33.0s
















[+] Running 32/32
 ✔ Network gvm-va_default                   Created                                                       0.2s
 ✔ Volume "gvm-va_psql_socket_vol"          Created                                                       0.0s
 ✔ Volume "gvm-va_redis_socket_vol"         Created                                                       0.0s
 ✔ Volume "gvm-va_scap_data_vol"            Created                                                       0.0s
 ✔ Volume "gvm-va_openvas_log_data_vol"     Created                                                       0.0s
 ✔ Volume "gvm-va_notus_data_vol"           Created                                                       0.0s
 ✔ Volume "gvm-va_cert_data_vol"            Created                                                       0.0s
 ✔ Volume "gvm-va_psql_data_vol"            Created                                                       0.0s
 ✔ Volume "gvm-va_openvas_data_vol"         Created                                                       0.0s
 ✔ Volume "gvm-va_vt_data_vol"              Created                                                       0.0s
 ✔ Volume "gvm-va_data_objects_vol"         Created                                                       0.0s
 ✔ Volume "gvm-va_ospd_openvas_socket_vol"  Created                                                       0.0s
 ✔ Volume "gvm-va_gvmd_data_vol"            Created                                                       0.0s
 ✔ Volume "gvm-va_gpg_data_vol"             Created                                                       0.0s
 ✔ Volume "gvm-va_gvmd_socket_vol"          Created                                                       0.0s
 ✔ Container gvm-va-data-objects-1          Exited                                                        3.4s
 ✔ Container gvm-va-configure-openvas-1     Exited                                                        2.7s
 ✔ Container gvm-va-notus-data-1            Started                                                       1.8s
 ✔ Container gvm-va-pg-gvm-1                Started                                                       1.6s
 ✔ Container gvm-va-vulnerability-tests-1   Exited                                                       36.6s
 ✔ Container gvm-va-redis-server-1          Started                                                       2.1s
 ✔ Container gvm-va-cert-bund-data-1        Exited                                                        3.4s
 ✔ Container gvm-va-scap-data-1             Exited                                                       13.4s
 ✔ Container gvm-va-gpg-data-1              Exited                                                        2.7s
 ✔ Container gvm-va-dfn-cert-data-1         Exited                                                        3.2s
 ✔ Container gvm-va-openvas-1               Started                                                       3.2s
 ✔ Container gvm-va-report-formats-1        Exited                                                        3.2s
 ✔ Container gvm-va-ospd-openvas-1          Started                                                      36.7s
 ✔ Container gvm-va-openvasd-1              Started                                                      36.8s
 ✔ Container gvm-va-gvmd-1                  Started                                                      13.0s
 ✔ Container gvm-va-gsa-1                   Started                                                      13.2s
 ✔ Container gvm-va-gvm-tools-1             Started                                                      36.5s
root@greenbone-va:/data/docker-data/gvm-va#

root@greenbone-va:/data/docker-data/gvm-va# cd ~
root@greenbone-va:~# docker ps
CONTAINER ID   IMAGE                                                               COMMAND                  CREATED         STATUS         PORTS                                     NAMES
a21108375226   registry.community.greenbone.net/community/gsa:stable               "/usr/local/bin/entr…"   3 minutes ago   Up 3 minutes   0.0.0.0:9392->80/tcp, [::]:9392->80/tcp   gvm-va-gsa-1
78c4f7e97187   registry.community.greenbone.net/community/gvmd:stable              "/usr/local/bin/entr…"   3 minutes ago   Up 3 minutes                                             gvm-va-gvmd-1
2d8d5da0071f   registry.community.greenbone.net/community/ospd-openvas:stable      "/usr/bin/tini -- /u…"   3 minutes ago   Up 2 minutes                                             gvm-va-ospd-openvas-1
852f7670ed47   registry.community.greenbone.net/community/openvas-scanner:stable   "/bin/sh -c 'cat /et…"   3 minutes ago   Up 3 minutes                                             gvm-va-openvas-1
d0ec6f4161c0   registry.community.greenbone.net/community/openvas-scanner:stable   "/bin/sh -c /usr/loc…"   3 minutes ago   Up 2 minutes                                             gvm-va-openvasd-1
615e3de1d3b7   registry.community.greenbone.net/community/redis-server             "/bin/sh -c 'rm -f /…"   3 minutes ago   Up 3 minutes                                             gvm-va-redis-server-1
197aa2f1ba85   registry.community.greenbone.net/community/pg-gvm:stable            "/usr/local/bin/entr…"   3 minutes ago   Up 3 minutes                                             gvm-va-pg-gvm-1
root@greenbone-va:~#
root@greenbone-va:~#

<img alt='' src='https://secure.gravatar.com/avatar/142e5268afd8fd7c53e48aaf328773e7?s=150&d=mm&r=g' srcset='https://secure.gravatar.com/avatar/142e5268afd8fd7c53e48aaf328773e7?s=300&d=mm&r=g 2x' class='avatar avatar-150 photo' height='150' width='150' decoding='async'/>

By admin web

Related Post

Cara menginstall GNS3 pada Virtualisasi Proxmox

Dec 22, 2024 admin web

Cara mengupdate hostname pada Windows Server

Dec 13, 2024 admin web

Cara menginstall PHP 8.3 di Ubuntu 24.04 LTS

Dec 9, 2024 admin web

Leave a Reply Cancel reply

You missed

Cara menginstall GNS3 pada Virtualisasi Proxmox

December 22, 2024 admin web

Cara mengupdate hostname pada Windows Server

December 13, 2024 admin web

Cara menginstall PHP 8.3 di Ubuntu 24.04 LTS

December 9, 2024 admin web

Cara menginstall Greenbone VA di Ubuntu 22.04 dengan docker compose

December 9, 2024 admin web