tulip/compose.yml at main · UlisseLab/tulip · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
# SPDX-FileCopyrightText: 2019 Emiliano Ciavatta <emiliano.ciavatta@studio.unibo.it>
# SPDX-FileCopyrightText: 2022 - 2024 Rick de Jager <rickdejager99@gmail.com>
# SPDX-FileCopyrightText: 2022 moritz <moritsch@student.ethz.ch>
# SPDX-FileCopyrightText: 2023 - 2024 gfelber <34159565+gfelber@users.noreply.github.com>
# SPDX-FileCopyrightText: 2023 liskaant <liskaant@gmail.com>
# SPDX-FileCopyrightText: 2023 meme-lord <meme-lord@users.noreply.github.com>
# SPDX-FileCopyrightText: 2024 Eyad Issa <eyadlorenzo@gmail.com>
#
# SPDX-License-Identifier: GPL-3.0-only

services:
  frontend:
    build: frontend
    image: tulip-frontend:latest
    restart: unless-stopped
    ports:
      - "3000:3000"
    depends_on:
      - mongo
      - api
    environment:
      API_SERVER_ENDPOINT: http://api:5000/

  api:
    build:
      context: services/
      target: api
    restart: unless-stopped
    depends_on:
      - mongo

    volumes:
      - ${TRAFFIC_DIR}:/traffic:ro
    environment:
      TULIP_MONGO: mongo:27017
      TULIP_TRAFFIC_DIR: /traffic
      FLAG_REGEX: ${FLAG_REGEX}
      TICK_START: ${TICK_START}
      TICK_LENGTH: ${TICK_LENGTH}
      VM_IP: ${VM_IP}
      GAME_SERVICES: ${GAME_SERVICES}

  assembler:
    build:
      context: services/
      target: assembler
    volumes:
      - ${TRAFFIC_DIR}:/traffic:ro
    restart: unless-stopped
    depends_on:
      - mongo
    environment:
      TULIP_WATCH_DIR: /traffic
      TULIP_MONGO: mongo:27017
      TULIP_FLAG: ${FLAG_REGEX}
      TULIP_FLUSH_INTERVAL: ${ASSEMBLER_FLUSH_INTERVAL}
      TULIP_CONNECTION_TIMEOUT: ${ASSEMBLER_CONNECTION_TIMEOUT}
      TULIP_TCP_LAZY: ${ASSEMBLER_TCP_LAZY}
      TULIP_EXPERIMENTAL: ${ASSEMBLER_EXPERIMENTAL}
      TULIP_NONSTRICT: ${ASSEMBLER_NONSTRICT}

  ingestor:
    build:
      context: services/
      target: ingestor
    restart: unless-stopped
    ports:
      - "${INGESTOR_ADDR}:9999"
    volumes:
      - ${TRAFFIC_DIR}:/traffic
    environment:
      TULIP_DEST_DIR: /traffic
      TULIP_ROTATE_INTERVAL: "${INGESTOR_ROTATE}"

  enricher:
    build:
      context: services/
      target: enricher
    restart: unless-stopped
    depends_on:
      - mongo
      - redis
    environment:
      TULIP_MONGO: mongo:27017
      TULIP_REDIS: redis://redis:6379

  mcp:
    build:
      context: services/
      target: mcp
    restart: unless-stopped
    depends_on:
      - mongo
    ports:
      - "8080:8080"
    environment:
      MONGO_HOST: mongo:27017

  suricata:
    build: services/suricata
    depends_on:
      - redis
    restart: unless-stopped
    volumes:
      - ./suricata.rules:/var/lib/suricata/rules/suricata.rules:ro
      - ${TRAFFIC_DIR}:/traffic:ro
    environment:
      WATCH_DIR: /traffic
      REDIS_HOST: redis
      REDIS_PORT: 6379

    tty: true

  redis:
    hostname: redis
    image: redis:8
    restart: unless-stopped

  mongo:
    image: mongo:8
    restart: unless-stopped
    ports:
      - "127.0.0.1:27017:27017" # Only expose to localhost
    volumes:
      - mongo_data:/data/db

  flagid:
    build:
      context: services/flagid
    restart: unless-stopped
    depends_on:
      - mongo
    environment:
      MONGO_URI: mongodb://mongo:27017/
      FLAGID_DB: pcap
      FLAGID_COLLECTION: flagids
      FLAGID_URL: ${FLAGID_URL}
      FLAGID_FETCH_INTERVAL: 60

volumes:
  mongo_data: