Introduction

OpenCTI can be deployed using the docker-compose command.

<aside> 💡 For production deployment, we advise you to deploy ElasticSearch and Redis manually in a dedicated environment and then to start the other components using Docker.

</aside>

1. Pre-requisites

🐧 Linux:

$ sudo apt-get install docker-compose

⌘ MacOS

Download: https://www.docker.com/products/docker-desktop

2. Clone the repository

$ mkdir -p /path/to/your/app && cd /path/to/your/app
$ git clone <https://github.com/OpenCTI-Platform/docker.git>
$ cd docker

3. Configure the environment

Before running the docker-compose command, the docker-compose.yml file must be configured.

There are two ways to do that:

  1. Use environment variables as it is proposed and you have an exemple in the .env.sample file (ie. APP__ADMIN__EMAIL=${OPENCTI_ADMIN_EMAIL}).
  2. Directly set the parameters in the docker-compose.yml.

If setting within the environment, you can reference the methodology in the Environment setup on OpenCTI's Notion page - located below for ease:

🐧 Linux:

sudo apt install -y jq

cd ~/docker
(cat << EOF
OPENCTI_ADMIN_EMAIL=admin@opencti.io
OPENCTI_ADMIN_PASSWORD=CHANGEMEPLEASE
OPENCTI_ADMIN_TOKEN=$(cat /proc/sys/kernel/random/uuid)
MINIO_ROOT_USER=$(cat /proc/sys/kernel/random/uuid)
MINIO_ROOT_PASSWORD=$(cat /proc/sys/kernel/random/uuid)
RABBITMQ_DEFAULT_USER=guest
RABBITMQ_DEFAULT_PASS=guest
CONNECTOR_HISTORY_ID=$(cat /proc/sys/kernel/random/uuid)
CONNECTOR_EXPORT_FILE_STIX_ID=$(cat /proc/sys/kernel/random/uuid)
CONNECTOR_EXPORT_FILE_CSV_ID=$(cat /proc/sys/kernel/random/uuid)
CONNECTOR_IMPORT_FILE_STIX_ID=$(cat /proc/sys/kernel/random/uuid)
CONNECTOR_IMPORT_REPORT_ID=$(cat /proc/sys/kernel/random/uuid)
EOF
 ) > .env

⌘ MacOS

brew install jq
cd ~/docker
 (cat <<EOF
OPENCTI_ADMIN_EMAIL=admin@opencti.io
OPENCTI_ADMIN_PASSWORD=CHANGEMEPLEASE
OPENCTI_ADMIN_TOKEN=$(uuidgen)
MINIO_ROOT_USER=$(uuidgen)
MINIO_ROOT_PASSWORD=$(uuidgen)
RABBITMQ_DEFAULT_USER=guest
RABBITMQ_DEFAULT_PASS=guest
CONNECTOR_HISTORY_ID=$(uuidgen)
CONNECTOR_EXPORT_FILE_STIX_ID=$(uuidgen)
CONNECTOR_EXPORT_FILE_CSV_ID=$(uuidgen)
CONNECTOR_IMPORT_FILE_STIX_ID=$(uuidgen)
CONNECTOR_IMPORT_REPORT_ID=$(uuidgen)
EOF
) > .env
cd ~/docker 
# trick to export the .env 
export $(cat .env | grep -v "#" | xargs)

4. Memory Management Settings

<aside> 💡 For additional memory management information see the Memory configuration notes section

</aside>

As OpenCTI has a dependency on ElasticSearch, you have to set the vm.max_map_count before running the containers, as mentioned in the ElasticSearch documentation.

$ sudo sysctl -w vm.max_map_count=1048575

To make this parameter persistent, add the following to the end of your /etc/sysctl.conf:

$ vm.max_map_count=1048575