安装前准备
安装python3.9.10
代码语言:javascript复制yum install libffi-devel wget gcc make zlib-devel openssl openssl-devel ncurses-devel openldap-devel gettext bzip2-devel xz-devel
wget "https://www.python.org/ftp/python/3.9.10/Python-3.9.10.tar.xz"
tar -xvJf Python-3.9.10.tar.xz
# 编译
cd Python-3.9.10
./configure prefix=/usr/local/python3
make && make install
ln -fs /usr/local/python3/bin/python3 /usr/bin/python3
ln -fs /usr/local/python3/bin/pip3 /usr/bin/pip3
# virtualenv
pip3 install virtualenv -i https://mirrors.ustc.edu.cn/pypi/web/simple/
ln -fs /usr/local/python3/bin/virtualenv /usr/bin/virtualenv
##安装一些依赖库
pip3 install Django
pip3 install django-environ
pip3 install requests
升级openssl1.1.1
代码语言:javascript复制wget --no-check-certificate https://www.openssl.org/source/openssl-1.1.1t.tar.gz
tar -zxvf openssl-1.1.1t.tar.gz
cd openssl-1.1.1t/
./config --prefix=/usr/local/my_openssl
make
make install
mv /usr/bin/openssl /usr/bin/oldopenssl
ln -s /usr/local/my_openssl/bin/openssl /usr/bin/openssl
ln -s /usr/local/my_openssl/lib/libssl.so.1.1 /usr/lib64/
ln -s /usr/local/my_openssl/lib/libcrypto.so.1.1 /usr/lib64/
下载docker-compose
代码语言:javascript复制curl -L "https://github.com/docker/compose/releases/download/1.24.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
chmod x /usr/local/bin/docker-compose
下载安装包
代码语言:javascript复制下载Archery相关文件:
wget https://github.com/hhyo/Archery/archive/refs/tags/v1.10.0.zip
unzip Archery-1.10.0.zip
mv /opt/Archery-1.10.0 /opt/archery
修改如下配置文件
代码语言:javascript复制[root@test19-server08 docker-compose]# cd /opt/Archery-1.10.0/src/docker-compose
[root@test19-server08 docker-compose]# vim docker-compose.yml 修改了密码和archery的版本
version: '3'
services:
redis:
image: redis:5
container_name: redis
restart: always
command: redis-server --requirepass abcabc
ports:
- "6379:6379"
mysql:
image: mysql:5.7
container_name: mysql
restart: always
ports:
- "3306:3306"
volumes:
- "./mysql/my.cnf:/etc/mysql/my.cnf"
- "./mysql/datadir:/var/lib/mysql"
environment:
MYSQL_DATABASE: archery
MYSQL_ROOT_PASSWORD: abcabc
goinception:
image: hanchuanchuan/goinception
container_name: goinception
restart: always
ports:
- "4000:4000"
volumes:
- "./inception/config.toml:/etc/config.toml"
archery:
image: hhyo/archery:v1.10.0
container_name: archery
restart: always
ports:
- "9123:9123"
volumes:
- "./archery/settings.py:/opt/archery/local_settings.py"
- "./archery/soar.yaml:/etc/soar.yaml"
- "./archery/docs.md:/opt/archery/docs/docs.md"
- "./archery/downloads:/opt/archery/downloads"
- "./archery/sql/migrations:/opt/archery/sql/migrations"
- "./archery/logs:/opt/archery/logs"
- "./archery/keys:/opt/archery/keys"
entrypoint: "dockerize -wait tcp://mysql:3306 -wait tcp://redis:6379 -timeout 60s /opt/archery/src/docker/startup.sh"
env_file:
- .env
代码语言:javascript复制[root@localhost archery]# cp /opt/archery/.env.list .env
[root@test19-server08 docker-compose]# vim .env
NGINX_PORT=9123
# https://django-environ.readthedocs.io/en/latest/quickstart.html#usage
# https://docs.djangoproject.com/zh-hans/4.1/ref/settings/
DEBUG=false
DATABASE_URL=mysql://root:abcabc@mysql:3306/archery
CACHE_URL=redis://redis:6379/0?PASSWORD=abcabc
# https://docs.djangoproject.com/en/4.0/ref/settings/#csrf-trusted-origins
CSRF_TRUSTED_ORIGINS=http://127.0.0.1:9123
# https://django-auth-ldap.readthedocs.io/en/latest/
ENABLE_LDAP=false
AUTH_LDAP_ALWAYS_UPDATE_USER=true
AUTH_LDAP_USER_ATTR_MAP=username=cn,display=displayname,email=email
# https://django-q.readthedocs.io/en/latest/configure.html#
Q_CLUISTER_WORKERS=4
Q_CLUISTER_TIMEOUT=60
Q_CLUISTER_SYNC=false
修改好的文件拷贝到另一个目录
[root@localhost archery]# cp /opt/archery/.env /opt/archery/src/docker-compose/
代码语言:javascript复制[root@test19-server08 inception]# vim config.toml
backup_host = "127.0.0.1"
backup_port = 3306
backup_user = "archery_bak"
backup_password = "abcabc"
[osc]
osc_print_none = false
osc_print_sql = false
osc_on = true
osc_min_table_size = 300
osc_alter_foreign_keys_method = "none"
osc_recursion_method = "processlist"
osc_max_lag = 600
osc_max_flow_ctl = -1
osc_sleep = 0.1
osc_lock_wait_timeout = 60
osc_check_alter = true
osc_check_replication_filters = true
osc_check_unique_key_change = true
osc_drop_old_table = true
osc_drop_new_table = true
osc_max_thread_running = 80
osc_max_thread_connected = 20000
osc_critical_thread_running = 80
osc_critical_thread_connected = 20000
osc_chunk_time = 1.0
osc_chunk_size_limit = 4
osc_chunk_size = 1000
osc_check_interval = 5
osc_bin_dir = "/usr/local/bin"
代码语言:javascript复制[root@localhost ~]# vim /opt/archery/src/docker-compose/mysql/my.cnf
[mysqld]
skip-host-cache
skip-name-resolve
datadir=/var/lib/mysql
socket=/var/run/mysqld/mysqld.sock
secure-file-priv=/var/lib/mysql-files
user=mysql
default-time_zone = ' 8:00'
log_bin = /var/lib/mysql/mysql-bin
server_id = 2
binlog_format = row
symbolic-links=0
innodb_buffer_pool_size = 512M
max_connections = 2000
innodb_file_per_table = 1
character-set-server = utf8mb4
collation-server = utf8mb4_general_ci
pid-file=/var/run/mysqld/mysqld.pid
[client]
socket=/var/run/mysqld/mysqld.sock
default-character-set=utf8mb4
!includedir /etc/mysql/conf.d/
!includedir /etc/mysql/mysql.conf.d/
初始化配置
代码语言:javascript复制[root@centos7Demo docker-compose]# cd /opt/archery/src/docker-compose
#启动
docker-compose -f docker-compose.yml up -d
#表结构初始化
[root@centos7Demo docker-compose]#docker exec -ti archery /bin/bash
[root@19d718745ad9 archery]#cd /opt/archery
[root@19d718745ad9 archery]#source /opt/venv4archery/bin/activate
[root@19d718745ad9 archery]#python3 manage.py makemigrations sql
[root@19d718745ad9 archery]#python3 manage.py migrate
#数据初始化
python3 manage.py dbshell<sql fixtures="" auth_group.sql="" python3="" manage.py="" dbshellinception show variables;
代码语言:javascript复制[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
13a38e2c45fa redis:5 "docker-entrypoint.s…" 4 hours ago Up 4 hours 0.0.0.0:6379->6379/tcp, :::6379->6379/tcp redis
409d193e601d hhyo/archery:v1.10.0 "dockerize -wait tcp…" 4 hours ago Up 3 hours 0.0.0.0:9123->9123/tcp, :::9123->9123/tcp archery
105ff841b097 mysql:5.7 "docker-entrypoint.s…" 4 hours ago Up 4 hours 0.0.0.0:3306->3306/tcp, :::3306->3306/tcp, 33060/tcp mysql
fddcd111f063 hanchuanchuan/goinception "/usr/local/bin/dumb…" 4 hours ago Up 4 hours 0.0.0.0:4000->4000/tcp, :::4000->4000/tcp
代码语言:javascript复制