Add a Caldera service to the Docker setup

COSSAS · Jan 15, 2025 · 7b2fce4 · 7b2fce4
1 parent fe560ac
commit 7b2fce4
Show file tree

Hide file tree

Showing 2 changed files with 64 additions and 8 deletions.
diff --git a/deployments/docker/soarca/docker-compose.yml b/deployments/docker/soarca/docker-compose.yml
@@ -1,4 +1,3 @@
-version: '3.7'
 services:
   mongodb_container:
     image: docker.io/mongo:latest
@@ -13,6 +12,23 @@ services:
         source: mongodb_data_container
         target: /data/db
 
+  caldera:
+    image: soarca-caldera
+    build: https://github.com/mitre/caldera.git
+    networks:
+      - caldera-net
+    ports:
+      - "8888:8888"
+      - "8443:8443"
+      - "7010:7010"
+      - "7011:7011/udp"
+      - "7012:7012"
+      - "8853:8853"
+      - "8022:8022"
+      - "2222:2222"
+    profiles:
+      - caldera
+
   mosquitto:
     image: docker.io/eclipse-mosquitto
     container_name: mosquitto
@@ -64,9 +80,13 @@ services:
       THEHIVE_ACTIVATE: false
       THEHIVE_API_TOKEN: your_token
       THEHIVE_API_BASE_URL: http://localhost:9000/api/v1/
+      CALDERA_HOST: "calera"
+      CALDERA_PORT: "8888"
+      CALDERA_API_KEY: "ADMIN123"
     networks:
       - db-net
       - mqtt-net
+      - caldera-net
     ports:
       - 127.0.0.1:8080:8080
     depends_on:
@@ -76,7 +96,7 @@ services:
 networks:
   db-net:
   mqtt-net:
-
+  caldera-net:
 
 volumes:
   mongodb_data_container:
@@ -88,5 +108,3 @@ volumes:
       o: bind
   mosquitto_data:
   mosquitto_log:
-
-
diff --git a/docs/content/en/docs/getting-started/_index.md b/docs/content/en/docs/getting-started/_index.md
@@ -30,7 +30,7 @@ make build && ./build/soarca
 wget https://github.com/COSSAS/SOARCA/releases/download/SOARCA_1.0.0/SOARCA_1.0.0_linux_amd64.tar.gz  && tar -xvf SOARCA* && ./SOARCA
 {{< /tab >}}
 {{< tab header="Docker Compose" lang="sh" >}}
-cd docker/soarca && sudo docker compose up -d
+cd docker/soarca && docker compose up -d
 {{< /tab >}}
 {{< /tabpane >}}
 
@@ -72,6 +72,30 @@ curl -X POST -H "Content-Type: application/json" -d @./example/openc2-playbook.j
 {{< /tab >}}
 {{< /tabpane >}}
 
+### Caldera setup
+
+SOARCA optionally comes packaged together with Caldera. To use the
+[Caldera capability](/docs/soarca-extensions/native-capabilities#caldera-capability), simply make
+sure you use the right Compose file when running:
+
+```diff
+- cd docker/soarca && docker compose up -d
++ cd docker/soarca && docker compose --profile caldera up -d
+```
+
+{{% alert title="Warning" %}}
+This only works when using Docker Compose to run SOARCA. When building SOARCA from scratch,
+you should supply your own Caldera instance and [configure](#configuration) its URL manually.
+{{% /alert %}}
+
+{{% alert title="Warning" %}}
+Note that Caldera in this mode operates with default credentials and settings. This is dangerous
+for a public-facing setup and therefore not production-ready out of the box. You probably want
+to consult the
+[Caldera documentation on configuration](https://caldera.readthedocs.io/en/latest/Server-Configuration.html#configuration-file)
+before deploying to production.
+{{% /alert %}}
+
 ## Configuration
 
 SOARCA reads its configuration from the environment variables or a `.env` file. An example of a `.env` is given below:
@@ -98,17 +122,31 @@ ENABLE_FINS: false
 MQTT_BROKER: "localhost"
 MQTT_PORT: 1883
 
+CALDERA_HOST: "http://caldera.mydomain.com"
+CALDERA_PORT: "8888"
+CALDERA_API_KEY: "ADMIN123"
+
 HTTP_SKIP_CERT_VALIDATION: false
 {{< /tab >}}
 {{< /tabpane >}}
 
 
 For more custom and advanced deployment instructions go [here](/docs/installation-configuration/_index.md).
-### Docker hub
 
-`docker pull cossas/soarca`
+## Obtaining
+
+There are several ways to obtain a copy of the SOARCA software.
+
+### Docker Hub 
+
+A prebuilt image can be pulled from the
+[Docker Hub](https://hub.docker.com/r/cossas/soarca):
+
+```bash
+docker pull cossas/soarca
+```
 
-### Building from Source
+### Building from source
 
 ```bash
 git clone https://github.com/COSSAS/SOARCA.git