Skip to content

mfd2007/secvisogram_demonstrator

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
config
config
 
 
docker
docker
 
 
.gitignore
.gitignore
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
docker-compose.yaml
docker-compose.yaml
 
 
template.env
template.env
 
 

Repository files navigation

Secvisogram CSAF Demonstration Environment

About the project

This is a test and demontration environment to use all available tools around CSAF.

It demonstrates the use of

(back to top)

Getting started

Assure that you have Docker and **docker-compose ** installed.

Check out the repository and navigate to the working directory.

git clone git@github.com:secvisogram/secvisogram_demonstrator
cd secvisogram_demonstrator

Create a .env from template.env. The following values must be changed:

  • KEYCLOAK_DATABASE_PASSWORD
  • KEYCLOAK_ADMIN_PASSWORD
  • KEYCLOAK_MANAGEMENT_PASSWORD
  • CSAF_CLIENT_SECRET
  • CSAF_COOKIE_SECRET
  • CSAF_COUCHDB_PASSWORD

Now you can start a development server as follows:

docker-compose up

The containers will try to start. Some container need some additional configuration. This can be done as follows:

docker compose -f docker-compose.yaml up init-keycloak
docker compose -f docker-compose.yaml up init-cms-backend-db

The application is now running and accessible at http://localhost

(back to top)

Deploying to Production

When deploying this environment to production Keycloak, Couchdb and postgresql container need to be configured for production use. Please refer to the guides provided by these projects:

There is template file config/keycloak/csaf-realm.json for keycloak can be used as a starting point. This file contains all relevant informations for the realm, but no default user. You could also use config/keycloak/csaf-realm-demo.json, remove the demo users and create new users by your own.

The config file config/reverse-proxy/nginx.conf for the reverse proxy contains some URL to access couchdb and keycloak. These lines have to be removed.

(back to top)

How to use

More information about the usage of Secvisogram can be found at the project page of Secvisogram.

(back to top)

Contributing

Please refer to CONTRIBUTING.md for details about how to contribute to the development of Secvisogram Demonstrator.

(back to top)

Developer Guide, Architecture and Technical Design

   C4Component
    title Component diagram for CSAF CMS Backend

    Person(user,"User")
    Container(reverseproxy, "Reverse-Proxy", "nginx")
    
    Container_Boundary(c4, "Internal") {
        Container(secvisogram, "Secvisogram", "nginx + javascript", "Provides secvisogramm via their web browser.")

        Container_Boundary(c2, "Keycloak") {
            Container(keycloak, "Keycloak", "keycloak")
            ContainerDb(keycloak-db, "PostGreSQL", "Keycloak-Database")
        }

        Container_Boundary(c3, "Oauth") {
            Container(oauth, "OAuth2-Proxy", "Authentication for REST-API")
            Container(validator, "CSAF validator service", "node")

            Container_Boundary(c1, "Backend") {
                Container(backend, "CSAF-CMS-Backend", "Spring Boot")
                ContainerDb(backend-db, "CouchDB", "CMS-Backend-Database")
            }
        }
    }

    Rel(user, reverseproxy,"","HTTPS")
    Rel(reverseproxy, secvisogram,"/")
    Rel(reverseproxy, oauth,"/api/*")
    Rel(reverseproxy, keycloak,"/realm/csaf/")
    Rel(oauth, validator, "/api/v1/test")
    Rel(oauth, validator, "/api/v1/validate")
    Rel(oauth, backend, "/api/v1/advisories/*")
    Rel(backend, backend-db,"")
    Rel(backend, keycloak,"")
    Rel(keycloak, keycloak-db,"")
Loading

(back to top)

About

No description, website, or topics provided.

Resources

Readme

License

MIT license

Contributing

Contributing
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages