Skip to content

Commit

Permalink
Add aws logging (#163)
Browse files Browse the repository at this point in the history
* Make v3 standard operation

* Added compose extends for aws logging

* Reorganise compose files

* Add missing file
  • Loading branch information
jayjb authored Dec 12, 2023
1 parent 2ff2c6a commit 952b48b
Show file tree
Hide file tree
Showing 6 changed files with 196 additions and 103 deletions.
2 changes: 2 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -41,8 +41,10 @@ to github@thinkst.com.
* And correspondingly: `docker compose -f docker-compose.yml up -d`
or `docker compose -f docker-compose-letsencrypt.yml up -d`


NB: The updated `canarytokens-docker` repo no longer has the Dockerfile for Canarytokens v2, so running that requires using the tagged image `thinkst/canarytokens:v2_latest`. We highly recommend moving to v3. Please contact us if you're battling with the migration.


## Setup (in Ubuntu)

* Boot your Docker host, and take note of the public IP.
Expand Down
76 changes: 76 additions & 0 deletions common-services.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
version: '3'
services:
redis_common:
restart: always
image: redis:7.0.10
volumes:
- ./data:/data/
container_name: redis
command: redis-server --appendonly yes --protected-mode no --save 60 1
frontend_common:
restart: always
image: thinkst/canarytokens
build: ./canarytokens
ports:
- "8082:8082"
env_file:
- frontend.env
volumes:
- ./frontend.env:/srv/frontend/frontend.env:ro
- ./switchboard.env:/srv/switchboard/switchboard.env:ro
- ./uploads:/uploads/
- log-volume:/logs
container_name: frontend
command: bash -c "cd frontend; poetry run python -m uvicorn app:app --host 0.0.0.0 --port 8082"
switchboard_common:
restart: always
image: thinkst/canarytokens
build: ./canarytokens
ports:
- "25:2500"
- "3306:3306"
- "53:5354"
- "53:5354/udp"
- "6443:6443"
- "8083:8083"
- "51820:51820/udp"
env_file:
- switchboard.env
volumes:
- ./frontend.env:/srv/frontend/frontend.env:ro
- ./switchboard.env:/srv/switchboard/switchboard.env:ro
- ./uploads:/uploads/
- log-volume:/logs
container_name: switchboard
command: bash -c "cd switchboard; rm -f switchboard.pid; poetry run twistd -noy switchboard.tac --pidfile=switchboard.pid"
nginx_common_certbot:
restart: always
image: thinkst/certbot-nginx
build: ./certbot-nginx
ports:
- "80:80"
- "443:443"
depends_on:
- "frontend"
- "switchboard"
container_name: nginx
env_file:
- certbot.env
volumes:
- /etc/letsencrypt/:/etc/letsencrypt/
- ./nginx/conf.d:/etc/nginx/conf.d/
nginx_common:
restart: always
image: thinkst/canarytokens_nginx
build: ./nginx
ports:
- "80:80"
depends_on:
- "frontend"
- "switchboard"
volumes:
- ./nginx/conf.d:/etc/nginx/conf.d/
container_name: nginx
command: /usr/sbin/nginx -c /etc/nginx/nginx.conf -g "daemon off;"
volumes:
log-volume:
48 changes: 48 additions & 0 deletions docker-compose-aws-logging-letsencrypt.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
version: '3'
services:
redis:
extends:
file: common-services.yml
service: redis_common
logging:
driver: awslogs
options:
awslogs-region: eu-west-1
awslogs-group: canarytokens-dev
awslogs-stream: redis
frontend:
extends:
file: common-services.yml
service: frontend_common
container_name: frontend
logging:
driver: awslogs
options:
awslogs-region: eu-west-1
awslogs-group: canarytokens-dev
awslogs-stream: frontend
switchboard:
extends:
file: common-services.yml
service: switchboard_common
container_name: switchboard
logging:
driver: awslogs
options:
awslogs-region: eu-west-1
awslogs-group: canarytokens-dev
awslogs-stream: switchboard
nginx:
extends:
file: common-services.yml
service: nginx_common_certbot
volumes:
- ./nginx/conf.d:/etc/nginx/conf.d/
logging:
driver: awslogs
options:
awslogs-region: eu-west-1
awslogs-group: canarytokens-dev
awslogs-stream: nginx
volumes:
log-volume:
46 changes: 46 additions & 0 deletions docker-compose-aws-logging.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
version: '3'
services:
redis:
extends:
file: common-services.yml
service: redis_common
logging:
driver: awslogs
options:
awslogs-region: eu-west-1
awslogs-group: canarytokens-dev
awslogs-stream: redis
frontend:
extends:
file: common-services.yml
service: frontend_common
container_name: frontend
logging:
driver: awslogs
options:
awslogs-region: eu-west-1
awslogs-group: canarytokens-dev
awslogs-stream: frontend
switchboard:
extends:
file: common-services.yml
service: switchboard_common
container_name: switchboard
logging:
driver: awslogs
options:
awslogs-region: eu-west-1
awslogs-group: canarytokens-dev
awslogs-stream: switchboard
nginx:
extends:
file: common-services.yml
service: nginx_common
logging:
driver: awslogs
options:
awslogs-region: eu-west-1
awslogs-group: canarytokens-dev
awslogs-stream: nginx
volumes:
log-volume:
65 changes: 12 additions & 53 deletions docker-compose-letsencrypt.yml
Original file line number Diff line number Diff line change
@@ -1,63 +1,22 @@
version: '3'
services:
redis:
restart: always
image: redis:7.0.10
volumes:
- ./data:/data/
container_name: redis
command: redis-server --appendonly yes --protected-mode no --save 60 1
extends:
file: common-services.yml
service: redis_common
frontend:
restart: always
image: thinkst/canarytokens
build: ./canarytokens
ports:
- "8082:8082"
env_file:
- frontend.env
volumes:
- ./frontend.env:/srv/frontend/frontend.env:ro
- ./switchboard.env:/srv/switchboard/switchboard.env:ro
- ./uploads:/uploads/
- log-volume:/logs
extends:
file: common-services.yml
service: frontend_common
container_name: frontend
command: bash -c "cd frontend; poetry run python -m uvicorn app:app --host 0.0.0.0 --port 8082"
switchboard:
restart: always
image: thinkst/canarytokens
build: ./canarytokens
ports:
- "25:2500"
- "3306:3306"
- "53:5354"
- "53:5354/udp"
- "6443:6443"
- "8083:8083"
- "51820:51820/udp"
env_file:
- switchboard.env
volumes:
- ./frontend.env:/srv/frontend/frontend.env:ro
- ./switchboard.env:/srv/switchboard/switchboard.env:ro
- ./uploads:/uploads/
- log-volume:/logs
extends:
file: common-services.yml
service: switchboard_common
container_name: switchboard
command: bash -c "cd switchboard; rm -f switchboard.pid; poetry run twistd -noy switchboard.tac --pidfile=switchboard.pid"
nginx:
restart: always
image: thinkst/certbot-nginx
build: ./certbot-nginx
ports:
- "80:80"
- "443:443"
depends_on:
- "frontend"
- "switchboard"
container_name: nginx
env_file:
- certbot.env
volumes:
- /etc/letsencrypt/:/etc/letsencrypt/
- ./nginx/conf.d:/etc/nginx/conf.d/
extends:
file: common-services.yml
service: nginx_common_certbot
volumes:
log-volume:
62 changes: 12 additions & 50 deletions docker-compose.yml
Original file line number Diff line number Diff line change
@@ -1,60 +1,22 @@
version: '3'
services:
redis:
restart: always
image: redis:7.0.10
volumes:
- ./data:/data/
container_name: redis
command: redis-server --appendonly yes --protected-mode no --save 60 1
extends:
file: common-services.yml
service: redis_common
frontend:
restart: always
image: thinkst/canarytokens
build: ./canarytokens
ports:
- "8082:8082"
env_file:
- frontend.env
volumes:
- ./frontend.env:/srv/frontend/frontend.env:ro
- ./switchboard.env:/srv/switchboard/switchboard.env:ro
- ./uploads:/uploads/
- log-volume:/logs
extends:
file: common-services.yml
service: frontend_common
container_name: frontend
command: bash -c "cd frontend; poetry run python -m uvicorn app:app --host 0.0.0.0 --port 8082 --log-config log.ini"
switchboard:
restart: always
image: thinkst/canarytokens
build: ./canarytokens
ports:
- "25:25"
- "3306:3306"
- "53:5354"
- "53:5354/udp"
- "6443:6443"
- "8083:8083"
- "51820:51820/udp"
env_file:
- switchboard.env
volumes:
- ./frontend.env:/srv/frontend/frontend.env:ro
- ./switchboard.env:/srv/switchboard/switchboard.env:ro
- ./uploads:/uploads/
- log-volume:/logs
extends:
file: common-services.yml
service: switchboard_common
container_name: switchboard
command: bash -c "cd switchboard; rm -f switchboard.pid; poetry run twistd -noy switchboard.tac --pidfile=switchboard.pid"
nginx:
restart: always
image: thinkst/canarytokens_nginx
build: ./nginx
ports:
- "80:80"
depends_on:
- "frontend"
- "switchboard"
volumes:
- ./nginx/conf.d:/etc/nginx/conf.d/
container_name: nginx
command: /usr/sbin/nginx -c /etc/nginx/nginx.conf -g "daemon off;"
extends:
file: common-services.yml
service: nginx_common
volumes:
log-volume:

0 comments on commit 952b48b

Please sign in to comment.