You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: DOCKER.md
+31-15Lines changed: 31 additions & 15 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,8 +1,8 @@
1
1
# Running with Docker Compose
2
2
3
-
Docker composeis not intended for production use.
4
-
If you want to deploy a containerized DefectDojo to a production environment,
5
-
use the [Default installation](setup/README.md)approach.
3
+
The docker-compose.yml in this repo is not intended for production use without first customizing it to fit your specific situation. Please consider the docker-compose.yml files are templates to create on that fits your needs.
4
+
Docker Compose is acceptable if you want to deploy a containerized DefectDojo to a production environment.
5
+
It is one of the supported [Default installation](setup/README.md)methods.
6
6
7
7
# Prerequisites
8
8
* Docker version
@@ -114,7 +114,7 @@ docker-compose up
114
114
115
115
This will run the application based on merged configurations from docker-compose.yml and docker-compose.override.ptvsd.yml.
116
116
117
-
The default configuration assumes port 3000 by default for ptvsd, and you should access the DefectDojo UI on port 8000 instead of port 8080, as the uwsgi container will serve directly.
117
+
The default configuration assumes port 3000 by default for ptvsd.
118
118
119
119
### VS code
120
120
Add the following python debug configuration (You would have to install the `ms-python.python`. Other setup may work.)
@@ -198,26 +198,33 @@ docker-compose down --volumes
198
198
```
199
199
200
200
# Run with docker using https
201
+
## use your own Credentials
201
202
To secure the application by https, follow those steps
202
203
* Generate a private key without password
203
204
* Generate a CSR (Certificate Signing Request)
204
205
* Have the CSR signed by a certificate authority
205
206
* Place the private key and the certificate under the nginx folder
206
-
* Replace nginx/nginx.conf by nginx/nginx_TLS.conf
207
-
* In nginx.conf, update that part:
207
+
* copy your secrets into:
208
208
```
209
209
server_name your.servername.com;
210
-
ssl_certificate /yourCertificate.cer;
211
-
ssl_certificate_key /yourPrivateKey.key;
210
+
ssl_certificate /etc/nginx/ssl/nginx.crt
211
+
ssl_certificate_key /etc/nginx/ssl/nginx.key;
212
212
```
213
+
*set the GENERATE_TLS_CERTIFICATE != True in the docker-compose.override.https.yml
213
214
* Protect your private key from other users:
214
215
```
215
216
chmod 400 nginx/*.key
216
217
```
217
-
* Rebuild the nginx image in order to place the private key and the certificate where nginx will find them (under / in the nginx container):
NB: some third party software may require to change the exposed port in Dockerfile.nginx as they use docker-compose declarations to discover which ports to map when publishing the application.
237
244
238
245
239
-
# Run the unit-tests with docker
240
-
## Introduction
246
+
# Run the tests with docker
241
247
The unit-tests are under `dojo/unittests`
242
248
249
+
The integration-tests are under `tests`
243
250
244
251
245
-
## Running the unit-tests
246
-
This will run all the tests and leave the uwsgi container up:
252
+
## Running the unit-tests
253
+
This will run all unit-tests and leave the uwsgi container up:
0 commit comments