【CTFd】靶场安装与配置(Docker一键配置版)
【CTFd】靶场安装与配置这由于上一次的配置有点小问题,主要是Whale插件不再支持CTFd3.x版本,于是找了个新的插件使用 并且找到了更好的解决方式,不用那么麻烦配环境了 CTFd-Whale最新维护仓库 这次我采用Docker一键部署,并且稍加改动添加了中文包 成果图
file
正汰踩坑修改后的版本
Github-CTFd-docker 虽然还是建议大家自己安装,别直接脚本,以免出现配置不正确 请在root权限下执行
apt-get install git docker docker-compose -y
git clone https://github.com/huangzheng2016/CTFd-docker CTFd
docker swarm init
docker node update --label-add='name=linux-1' $(docker node ls -q)
docker-compose -f CTFd/docker-compose.yml up -d
docker-compose -f CTFd/docker-compose.yml exec ctfd python manage.py set_config whale auto_connect_network需要修改较多的版本
apt-get install docker docker-compose -y
docker swarm init
docker node update --label-add='name=linux-1' $(docker node ls -q)
git clone https://github.com/CTFd/CTFd --depth=1
git clone https://github.com/frankli0324/ctfd-whale CTFd/CTFd/plugins/ctfd-whale --depth=1
rm -r /CTFd/CTFd
git clone https://github.com/Gu-f/CTFd_chinese_CN/tree/master/V3.4.1/CTFd-3.4.1/CTFd CTFd修改你的CTFd/docker-compose.yml,以下是我的示例
version: '3.7'
services:
ctfd:
build: .
user: root
restart: always
ports:
- "8000:8000"
environment:
- UPLOAD_FOLDER=/var/uploads
- DATABASE_URL=mysql+pymysql://ctfd:ctfd@db/ctfd
- REDIS_URL=redis://cache:6379
- WORKERS=1
- LOG_FOLDER=/var/log/CTFd
- ACCESS_LOG=-
- ERROR_LOG=-
- REVERSE_PROXY=true
volumes:
- .data/CTFd/logs:/var/log/CTFd
- .data/CTFd/uploads:/var/uploads
- .:/opt/CTFd:ro
- /var/run/docker.sock:/var/run/docker.sock
depends_on:
- db
networks:
default:
internal:
# nginx:
# image: nginx:1.17
# restart: always
# volumes:
# - ./conf/nginx/http.conf:/etc/nginx/nginx.conf
# ports:
# - 80:80
# depends_on:
# - ctfd
#如需nginx反代可以修改/conf/nginx/http.conf并取消上面的注释
db:
image: mariadb:10.4.12
restart: always
environment:
- MYSQL_ROOT_PASSWORD=ctfd
- MYSQL_USER=ctfd
- MYSQL_PASSWORD=ctfd
- MYSQL_DATABASE=ctfd
volumes:
- .data/mysql:/var/lib/mysql
networks:
internal:
# This command is required to set important mariadb defaults
command: [mysqld, --character-set-server=utf8mb4, --collation-server=utf8mb4_unicode_ci, --wait_timeout=28800, --log-warnings=0]
cache:
image: redis:4
restart: always
volumes:
- .data/redis:/data
networks:
internal:
frpc:
image: frankli0324/frp:frpc
restart: always
command: [
"--server_addr=frps",
"--server_port=7000",
"--token=YOUR_TOKEN",
"--admin_addr=0.0.0.0",
"--admin_port=7400",
#此处除了YOUR_TOKEN最好跟我保持一致,除非你准确知道你想做什么
]
networks:
frp:
internal:
containers:
frps:
image: frankli0324/frp:frps
restart: always
command: [
"--bind_addr=0.0.0.0",
"--bind_port=7000",
"--token=YOUR_TOKEN",#与上面YOUR_TOKEN保持一直
"--subdomain_host=ctfd-node.hz2016.cn",#此处填写你的域名,记得解析*和@
"--vhost_http_port=8009",#根据自己的需求开放端口
]
ports:
- 8009:8009 #根据自己的需求开放端口
networks:
frp:
default:
networks:
default:
internal:
internal: true
frp:
internal: true
containers:
internal: true
driver: overlay
attachable: true在创建CTFd/sources.list文件方便换源
#CTFd/sources.list
deb http://mirrors.ustc.edu.cn/debian/ buster main
deb-src http://mirrors.ustc.edu.cn/debian/ buster main
deb http://security.debian.org/debian-security buster/updates main
deb-src http://security.debian.org/debian-security buster/updates main
deb http://mirrors.ustc.edu.cn/debian/ buster-updates main
deb-src http://mirrors.ustc.edu.cn/debian/ buster-updates main
deb http://mirrors.ustc.edu.cn/debian/ buster-backports main non-free contrib
deb-src http://mirrors.ustc.edu.cn/debian/ buster-backports main non-free contribDockerfile也有一定更改,否则国内安装速度极慢
文件CTFd/Dokerfile,注意三条中文注释处
FROM python:3.7-slim-buster
#更换国内源
ADD sources.list /etc/apt/
WORKDIR /opt/CTFd
RUN mkdir -p /opt/CTFd /var/log/CTFd /var/uploads
# hadolint ignore=DL3008
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
build-essential \
python3-dev \
libffi-dev \
libssl-dev \
git \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
COPY requirements.txt /opt/CTFd/
RUN pip install -r requirements.txt -i https://pypi.mirrors.ustc.edu.cn/simple/ --no-cache-dir
#改动添加了 -i https://pypi.mirrors.ustc.edu.cn/simple/
COPY . /opt/CTFd
# hadolint ignore=SC2086
RUN for d in CTFd/plugins/*; do \
if [ -f "$d/requirements.txt" ]; then \
pip install -r $d/requirements.txt -i https://pypi.mirrors.ustc.edu.cn/simple/ --no-cache-dir; \
#改动添加了 -i https://pypi.mirrors.ustc.edu.cn/simple/
fi; \
done;
RUN adduser \
--disabled-login \
-u 1001 \
--gecos "" \
--shell /bin/bash \
ctfd
RUN chmod +x /opt/CTFd/docker-entrypoint.sh \
&& chown -R 1001:1001 /opt/CTFd /var/log/CTFd /var/uploads
USER 1001
EXPOSE 8000
ENTRYPOINT ["/opt/CTFd/docker-entrypoint.sh"]最后build,等一会基本上
访问http://localhost:8000即可
docker-compose -f CTFd/docker-compose.yml up -d
docker-compose -f CTFd/docker-compose.yml exec ctfd python manage.py set_config whale auto_connect_network如果你需要nginx反代服务,详见上方docker 进入Whale管理界面,有如下需要更改改成对应信息
file
上图网络如果不知道是哪个可以有如下指令查询
docker network ls -f " label=com.docker.compose.project=ctfd " --format " {{.Name}} "
file
简单添加一道强网杯的题目,记得选择动态容器
file
file
最后成果
file
最后的最后,记得给Docker换源,不然下镜像慢死,参考脚本如下 【脚本】Linux换源汇总
本文参与 腾讯云自媒体同步曝光计划,分享自作者个人站点/博客。
原始发表:2022-3-24,如有侵权请联系 cloudcommunity@tencent.com 删除
评论
登录后参与评论
推荐阅读