GZCTF比赛平台搭建——单Docker部署

GZCTF是一个开源的网络安全竞赛平台,采用微服务架构,提供React.js前端和Django后端,支持用户通过解决实际安全问题提升技能。平台具有权限控制、加密通信和自定义赛事等功能,适用于初学者、教育机构和企业培训等场景。

首先放出GZCTF官方文档,有一定基础的可以前往查看。

GZCTF官方文档

由于官方文档的教程,对于新手极其不友好,本帕鲁之前也因此踩了许多坑,于是决定出一期傻瓜式教程

本次教程使用 ubuntu-22.04.4-live-server 作为教程使用的系统,以下命令建议切换到root执行,使用vmware workstation创建虚拟机并安装系统

su root

1. 配置apt源

1.1 备份默认apt源文件:
cp /etc/apt/sources.list /etc/apt/sources.list.bak
1.2 编辑sources.list:
vim /etc/apt/sources.list
1.3 复制以下代码(清华镜像源),替换原先的内容并保存:
# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.
deb http://cn.archive.ubuntu.com/ubuntu/ jammy main restricted
# deb-src http://cn.archive.ubuntu.com/ubuntu/ jammy main restricted

## Major bug fix updates produced after the final release of the
## distribution.
deb http://cn.archive.ubuntu.com/ubuntu/ jammy-updates main restricted
# deb-src http://cn.archive.ubuntu.com/ubuntu/ jammy-updates main restricted

## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team. Also, please note that software in universe WILL NOT receive any
## review or updates from the Ubuntu security team.
deb http://cn.archive.ubuntu.com/ubuntu/ jammy universe
# deb-src http://cn.archive.ubuntu.com/ubuntu/ jammy universe
deb http://cn.archive.ubuntu.com/ubuntu/ jammy-updates universe
# deb-src http://cn.archive.ubuntu.com/ubuntu/ jammy-updates universe

## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team, and may not be under a free licence. Please satisfy yourself as to
## your rights to use the software. Also, please note that software in
## multiverse WILL NOT receive any review or updates from the Ubuntu
## security team.
deb http://cn.archive.ubuntu.com/ubuntu/ jammy multiverse
# deb-src http://cn.archive.ubuntu.com/ubuntu/ jammy multiverse
deb http://cn.archive.ubuntu.com/ubuntu/ jammy-updates multiverse
# deb-src http://cn.archive.ubuntu.com/ubuntu/ jammy-updates multiverse

## N.B. software from this repository may not have been tested as
## extensively as that contained in the main release, although it includes
## newer versions of some applications which may provide useful features.
## Also, please note that software in backports WILL NOT receive any review
## or updates from the Ubuntu security team.
deb http://cn.archive.ubuntu.com/ubuntu/ jammy-backports main restricted universe multiverse
# deb-src http://cn.archive.ubuntu.com/ubuntu/ jammy-backports main restricted universe multiverse

deb http://security.ubuntu.com/ubuntu/ jammy-security main restricted
# deb-src http://security.ubuntu.com/ubuntu/ jammy-security main restricted
deb http://security.ubuntu.com/ubuntu/ jammy-security universe
# deb-src http://security.ubuntu.com/ubuntu/ jammy-security universe
deb http://security.ubuntu.com/ubuntu/ jammy-security multiverse
# deb-src http://security.ubuntu.com/ubuntu/ jammy-security multiverse
1.4 更新apt源:
apt update

2.安装Docker

网上大部分安装教程都是使用的官方的镜像下载地址download.docker.com,就会导致卡在这一步网络连接超时问题。本教程使用阿里云代理下载

2.1 更新系统软件包:
sudo apt update
2.2 安装依赖包【用于通过HTTPS来获取仓库】:
apt install apt-transport-https ca-certificates curl software-properties-common
2.3 添加Docker官方GPG密钥:
curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/trusted.gpg.d/docker-ce.gpg
2.4 验证0EBFCD88 是公钥的指纹。执行这个命令后,系统会显示与该指纹相关的公钥信息:
sudo apt-key fingerprint 0EBFCD88
显示如下信息代表验证通过

图片

2.5 添加Docker阿里稳定版软件源:
sudo add-apt-repository "deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
2.6 再次更新软件包:
apt update
2.7 安装默认最新版:
apt install docker-ce docker-ce-cli containerd.io
2.8 配置docker镜像加速器地址为阿里云。打开阿里云容器镜像服务页面,按照操作文档进行操作:

容器镜像服务 (aliyun.com)

图片

2.9 测试是否安装完毕:
systemctl docker status

图片

3. 安装Docker Compose

3.1 运行以下命令以下载 Docker Compose 的当前稳定版本:
sudo curl -L "https://github.com/docker/compose/releases/download/v2.2.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
3.2 将可执行权限应用于二进制文件:
chmod +x /usr/local/bin/docker-compose
3.3 创建软链:
sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
3.4 测试是否安装成功:
docker-compose version

图片

4. GZCTF的安装

4.1 在当前文件夹下,创建 appsettings.json
vim appsettings.json
4.2 将以下内容保存为 appsettings.json 文件,并替换为你的初始化参数(注释保存后需删除,否则可能会报错):

{
    "AllowedHosts": "*",
    "ConnectionStrings": {
        "Database": "Host=db:5432;Database=gzctf;Username=postgres;Password=GzctfAuto233",    // 此处Password内容可以自定义(安全起见,至少包含数字及字母大小写)
        "RedisCache": "cache:6379,abortConnect=false"
    },
    "EmailConfig": {
        "SendMailAddress": "SMTP_SENDER",
        "UserName": "SMTP_USERNAME",
        "Password": "SMTP_PASSWORD",
        "Smtp": {
            "Host": "SMTP_SERVER",
            "Port": 1
        }
    },
    "XorKey": "GzctfAuto233",          // 此处XorKey可以自定义
    "ContainerProvider": {
        "Type": "Docker",
        "PortMappingType": "Default",
        "EnableTrafficCapture": false,
        "PublicEntry": "XXX.XXX.XXX.XXX",      // 域名或IP配置,用于容器生成,域名不带http/https
        "DockerConfig": {
            "SwarmMode": false,
            "Uri": "unix:///var/run/docker.sock"
        }
    },
    "RequestLogging": false,
    "DisableRateLimit": true,
    "RegistryConfig": {
        "UserName": "DOCKER_USERNAME",
        "Password": "DOCKER_PASSWORD",
        "ServerAddress": "DOCKER_ADDRESS"
    },
    "CaptchaConfig": {
        "Provider": "None",
        "SiteKey": "",
        "SecretKey": "",
        "GoogleRecaptcha": {
            "VerifyAPIAddress": "https://www.recaptcha.net/recaptcha/api/siteverify",
            "RecaptchaThreshold": "0.5"
        }
    },
    "ForwardedOptions": {
        "ForwardedHeaders": 5,
        "ForwardLimit": 1,
        "ForwardedForHeaderName": "X-Forwarded-For",
        "TrustedNetworks": [
            "0.0.0.0/0"
        ]
    }
}

保存并退出。

4.3 在当前文件夹下,创建 docker-compose.yml
vim docker-compose.yml
4.4 将以下内容保存为 docker-compose.yml 文件,并替换为你的初始化参数(注释保存后需删除,否则可能会报错):

version: "3.7"
services:
  gzctf:
    image: registry.cn-shanghai.aliyuncs.com/gztime/gzctf:latest
    restart: always
    environment:
      - "GZCTF_ADMIN_PASSWORD=<Password>"          # <Password>换成账户管理员密码,管理员账户为admin
      # choose your backend language `en_US` / `zh_CN` / `ja_JP`
      - "LC_ALL=zh_CN.UTF-8"
    ports:
      - "80:8080"
    volumes:
      - "./data/files:/app/files"
      - "./appsettings.json:/app/appsettings.json:ro"
      # - "./kube-config.yaml:/app/kube-config.yaml:ro"
      - "/var/run/docker.sock:/var/run/docker.sock"
    depends_on:
      - db
      - cache

  cache:
    image: redis:alpine
    restart: always

  db:
    image: postgres:alpine
    restart: always
    environment:
      - "POSTGRES_PASSWORD=GzctfAuto233"          # 数据库密码,务必要和appsettings.json中的配置一致
    volumes:
      - "./data/db:/var/lib/postgresql/data"

保存并退出。

4.5 在当前文件夹执行命令,构建并启动GZCTF:
docker compose up -d

图片

4.6 查看正在运行的镜像
docker ps

图片

4.7 查看镜像NAME,并查看日志是否运行成功:
docker logs ubuntu-gzctf-1

图片

4.8 打开网址查看是否显示:

图片

至此,GZCTF的单Docker部署就完成啦!

关注我们


剑芸信息安全团队:

剑芸安全团队于2022年9月正式成立,以互联网攻防技术研究为目标的安全团队,目前聚集了十多位专业的安全攻防技术研究人员,重点关注网络攻防、Web安全、移动终端、安全开发、IoT/物联网/工控安全等方向。
想了解更多剑芸安全团队。

评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值