Docker

OpenTAXII can also be run using docker. This guide assumes that you have access to a local or remote docker server, and won’t go into the setup of docker.

To get a default (development) instance using docker:

$ docker run -d -p 9000:9000 eclecticiq/opentaxii

To have the instance preloaded with example data, see Volumes

Note

OpenTAXII is now accessible through port 9000, with data stored locally in a SQLite database.

Configuration

Configuration is done through environment variables.

Common configuration parameters are:

OPENTAXII_DOMAIN(optional)

This specifies under which domain the OpenTAXII server is available, default: localhost:9000


Setting up authentication is done with the following two variables:

OPENTAXII_SECRET(optional)

This is the secret with which the generated token is encoded.


If you want to use a PostgreSQL database, instead of the included SQLite database, you can use the following environment variables for configuration:

DATABASE_HOST(required)

This is the database host to connect to

DATABASE_PORT(optional)

Default is 5432

DATABASE_NAME(optional)

The database to use, by default uses postgres

If you would like to use a different Database for authentication, you can also set the following variables (any variable not set, will use it’s regular DB counterpart):

AUTH_DATABASE_HOST(required)

This is the database host to connect to

AUTH_DATABASE_PORT(optional)

Default is 5432

AUTH_DATABASE_USER(optional)

If not set, the default postgres is used.

AUTH_DATABASE_PASS(optional)

If not set, the database can be accessed by all containers on the same host!

AUTH_DATABASE_NAME(optional)

The database to use, by default uses postgres

Volumes

This docker container exposes two volumes, which can be attached to a running instance:

/data

This volume will contain the SQLite databases used by the default instance.

/input

If you want to pre-load the running instance with services/collections/accounts, put provided data-configuration.yml or custom configuration file in /input folder.

$ pwd
/some/path/examples
$ ls /some/path/examples
data-configuration.yml
$ docker run -d -p 9000:9000 -v /some/path/examples:/input eclecticiq/opentaxii

Note

Make sure your naming is correct. It will only execute actions when files data-configuration.yml or opentaxii.yml are present.

Extending

If you need custom configuration, and installation of extra/custom code, it is better to extend the OpenTAXII docker image. For example, adding mysql (instead of PostgreSQL), and adding custom code, which is configured in a custom opentaxii.yml. The Dockerfile used will then look something like:

FROM eclecticiq/opentaxii:latest
MAINTAINER EclecticIQ <opentaxii@eclecticiq.com>

RUN pip install mysql-python \
  && pip install custom-package

COPY opentaxii.yml /input/opentaxii.yml

And building the image is then done using:

$ docker build -t eclecticiq/opentaxii-mysql .

Full Example with Compose

To see a full example of running OpenTAXII against a “real” database, using the docker-compose tool, checkout the configuration at: examples/docker-compose.yml.

db:
  image: postgres:9.4
  environment:
    POSTGRES_USER: user
    POSTGRES_PASSWORD: password
    POSTGRES_DB: opentaxii

opentaxii:
  image: eclecticiq/opentaxii
  environment:
    OPENTAXII_AUTH_SECRET: secret
    OPENTAXII_DOMAIN: 192.168.59.103:9000
    DATABASE_HOST: db
    DATABASE_NAME: opentaxii
    DATABASE_USER: user
    DATABASE_PASS: password
  volumes:
    - ./:/input:ro
  ports:
    - 9000:9000
  links:
    - db:db

This configuration starts two containers: opentaxii and db, and creates the given services/collections/accounts.

Next steps

Continue to Authentication page to learn how OpenTAXII authentication process works.