【CTFd】靶场安装与配置(Docker一键配置版)

【CTFd】靶场安装与配置这由于上一次的配置有点小问题,主要是Whale插件不再支持CTFd3.x版本,于是找了个新的插件使用
并且找到了更好的解决方式,不用那么麻烦配环境了
CTFd-Whale最新维护仓库
这次我采用Docker一键部署,并且稍加改动添加了中文包
成果图
file

正汰踩坑修改后的版本

Github-CTFd-docker
虽然还是建议大家自己安装,别直接脚本,以免出现配置不正确
请在root权限下执行

apt-get install git docker docker-compose -y
git clone https://github.com/huangzheng2016/CTFd-docker CTFd
docker swarm init
docker node update --label-add='name=linux-1' $(docker node ls -q)
docker-compose -f CTFd/docker-compose.yml up -d
docker-compose -f CTFd/docker-compose.yml exec ctfd python manage.py set_config whale auto_connect_network

需要修改较多的版本

apt-get install docker docker-compose -y
docker swarm init
docker node update --label-add='name=linux-1' $(docker node ls -q)
git clone https://github.com/CTFd/CTFd --depth=1
git clone https://github.com/frankli0324/ctfd-whale CTFd/CTFd/plugins/ctfd-whale --depth=1
rm -r /CTFd/CTFd
git clone https://github.com/Gu-f/CTFd_chinese_CN/tree/master/V3.4.1/CTFd-3.4.1/CTFd CTFd

修改你的CTFd/docker-compose.yml,以下是我的示例

version: '3.7'
services:
  ctfd:
    build: .
    user: root
    restart: always
    ports:
      - "8000:8000"
    environment:
      - UPLOAD_FOLDER=/var/uploads
      - DATABASE_URL=mysql+pymysql://ctfd:ctfd@db/ctfd
      - REDIS_URL=redis://cache:6379
      - WORKERS=1
      - LOG_FOLDER=/var/log/CTFd
      - ACCESS_LOG=-
      - ERROR_LOG=-
      - REVERSE_PROXY=true
    volumes:
      - .data/CTFd/logs:/var/log/CTFd
      - .data/CTFd/uploads:/var/uploads
      - .:/opt/CTFd:ro
      - /var/run/docker.sock:/var/run/docker.sock
    depends_on:
      - db
    networks:
        default:
        internal:

#  nginx:
#    image: nginx:1.17
#    restart: always
#    volumes:
#      - ./conf/nginx/http.conf:/etc/nginx/nginx.conf
#    ports:
#      - 80:80
#    depends_on:
#      - ctfd
#如需nginx反代可以修改/conf/nginx/http.conf并取消上面的注释
  db:
    image: mariadb:10.4.12
    restart: always
    environment:
      - MYSQL_ROOT_PASSWORD=ctfd
      - MYSQL_USER=ctfd
      - MYSQL_PASSWORD=ctfd
      - MYSQL_DATABASE=ctfd
    volumes:
      - .data/mysql:/var/lib/mysql
    networks:
        internal:
    # This command is required to set important mariadb defaults
    command: [mysqld, --character-set-server=utf8mb4, --collation-server=utf8mb4_unicode_ci, --wait_timeout=28800, --log-warnings=0]

  cache:
    image: redis:4
    restart: always
    volumes:
    - .data/redis:/data
    networks:
        internal:

  frpc:
    image: frankli0324/frp:frpc
    restart: always
    command: [
      "--server_addr=frps",
      "--server_port=7000",
      "--token=YOUR_TOKEN",
      "--admin_addr=0.0.0.0",
      "--admin_port=7400",
      #此处除了YOUR_TOKEN最好跟我保持一致,除非你准确知道你想做什么
    ]
    networks:
      frp:
      internal:
      containers:

  frps:
    image: frankli0324/frp:frps
    restart: always
    command: [
      "--bind_addr=0.0.0.0",
      "--bind_port=7000",
      "--token=YOUR_TOKEN",#与上面YOUR_TOKEN保持一直
      "--subdomain_host=ctfd-node.hz2016.cn",#此处填写你的域名,记得解析*和@
      "--vhost_http_port=8009",#根据自己的需求开放端口
    ]
    ports:
      - 8009:8009 #根据自己的需求开放端口
    networks:
      frp:
      default:

networks:
    default:
    internal:
        internal: true
    frp:
        internal: true
    containers:
        internal: true
        driver: overlay
        attachable: true

在创建CTFd/sources.list文件方便换源

#CTFd/sources.list
deb http://mirrors.ustc.edu.cn/debian/ buster main
deb-src http://mirrors.ustc.edu.cn/debian/ buster main
deb http://security.debian.org/debian-security buster/updates main
deb-src http://security.debian.org/debian-security buster/updates main
deb http://mirrors.ustc.edu.cn/debian/ buster-updates main
deb-src http://mirrors.ustc.edu.cn/debian/ buster-updates main
deb http://mirrors.ustc.edu.cn/debian/ buster-backports main non-free contrib
deb-src http://mirrors.ustc.edu.cn/debian/ buster-backports main non-free contrib

Dockerfile也有一定更改,否则国内安装速度极慢
文件CTFd/Dokerfile,注意三条中文注释处

FROM python:3.7-slim-buster
#更换国内源
ADD sources.list /etc/apt/ 

WORKDIR /opt/CTFd
RUN mkdir -p /opt/CTFd /var/log/CTFd /var/uploads
# hadolint ignore=DL3008
RUN apt-get update \
    && apt-get install -y --no-install-recommends \
        build-essential \
        python3-dev \
        libffi-dev \
        libssl-dev \
        git \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/*

COPY requirements.txt /opt/CTFd/

RUN pip install -r requirements.txt -i https://pypi.mirrors.ustc.edu.cn/simple/ --no-cache-dir
#改动添加了 -i https://pypi.mirrors.ustc.edu.cn/simple/

COPY . /opt/CTFd

# hadolint ignore=SC2086
RUN for d in CTFd/plugins/*; do \
        if [ -f "$d/requirements.txt" ]; then \
            pip install -r $d/requirements.txt -i https://pypi.mirrors.ustc.edu.cn/simple/ --no-cache-dir; \
            #改动添加了 -i https://pypi.mirrors.ustc.edu.cn/simple/
        fi; \
    done;

RUN adduser \
    --disabled-login \
    -u 1001 \
    --gecos "" \
    --shell /bin/bash \
    ctfd
RUN chmod +x /opt/CTFd/docker-entrypoint.sh \
    && chown -R 1001:1001 /opt/CTFd /var/log/CTFd /var/uploads

USER 1001
EXPOSE 8000
ENTRYPOINT ["/opt/CTFd/docker-entrypoint.sh"]

最后build,等一会基本上
访问http://localhost:8000即可

docker-compose -f CTFd/docker-compose.yml up -d
docker-compose -f CTFd/docker-compose.yml exec ctfd python manage.py set_config whale auto_connect_network

如果你需要nginx反代服务,详见上方docker
进入Whale管理界面,有如下需要更改改成对应信息
file
上图网络如果不知道是哪个可以有如下指令查询

docker network ls -f " label=com.docker.compose.project=ctfd " --format " {{.Name}} "

file
简单添加一道强网杯的题目,记得选择动态容器
file
file
最后成果
file
最后的最后,记得给Docker换源,不然下镜像慢死,参考脚本如下
【脚本】Linux换源汇总

发布者

正汰

永远是这样,山前面是山,天空上面是天空,道路前面还是道路,迷茫之后还有迷茫。

发表回复

您的电子邮箱地址不会被公开。 必填项已用*标注