CTF: Instalasi CTFd di Ubuntu 22.04: Difference between revisions
From OnnoCenterWiki
Jump to navigationJump to search
Created page with "Sumber: https://nopresearcher.github.io/Deploying-CTFd/ ==Referensi== * https://nopresearcher.github.io/Deploying-CTFd/" |
|||
| (7 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
Sumber: https://nopresearcher.github.io/Deploying-CTFd/ | Sumber: https://nopresearcher.github.io/Deploying-CTFd/ | ||
Spec: | |||
* VirtualBox | |||
* Ubuntu 22.04 | |||
* Memory 3G | |||
* Core 2 | |||
==Basic== | |||
sudo su | |||
apt update | |||
apt install net-tools | |||
Setup user ctfd | |||
# setup user ctfd | |||
adduser ctfd # masukan password | |||
usermod -aG sudo ctfd | |||
Aktifkan firewall, | |||
# UFW Firewall | |||
ufw allow openssh | |||
ufw allow http | |||
ufw allow https | |||
ufw enable | |||
Install python & apps pendukung | |||
apt update | |||
apt upgrade -y # optional | |||
apt install -y python3-pip python3-dev build-essential libssl-dev libffi-dev python3-setuptools nginx git | |||
pip3 install pipenv | |||
Install CTFd | |||
# install CTFd | |||
cd /var/www | |||
git clone https://github.com/CTFd/CTFd.git | |||
su ctfd | |||
sudo chown -R ctfd:www-data /var/www/CTFd | |||
cd /var/www/CTFd | |||
# Create a pipenv to run CTFd in | |||
pipenv install --python 3 | |||
pipenv shell | |||
./prepare.sh | |||
==Testing== | |||
sudo ufw allow 5000 | |||
gunicorn --bind 0.0.0.0:5000 'CTFd:create_app()' | |||
Browse | |||
http://www.yourdomain.com:5000 | |||
http://192.168.0.142:5000/setup | |||
==Setup enviroment== | |||
Contoh | |||
* single core | |||
* worker 3 | |||
* keep-alive 2 | |||
# identify the pipenv virtual environment for use in unit file | |||
pipenv --venv | |||
/home/ctfd/.local/share/virtualenvs/CTFd-rOJbThUf | |||
Edit ctfd.service | |||
# Create unit file | |||
sudo vim /etc/systemd/system/ctfd.service | |||
[Unit] | |||
Description=Gunicorn instance to serve ctfd | |||
After=network.target | |||
[Service] | |||
User=ctfd | |||
Group=www-data | |||
WorkingDirectory=/var/www/CTFd | |||
Environment="PATH=/home/ctfd/.local/share/virtualenvs/CTFd-rOJbThUf/bin" | |||
ExecStart=/home/ctfd/.local/share/virtualenvs/CTFd-rOJbThUf/bin/gunicorn --bind unix:app.sock --keep-alive 2 | |||
--workers 3 --worker-class gevent 'CTFd:create_app()' --access-logfile '/var/log/CTFd/CTFd/logs/access.log' | |||
--error-logfile '/var/log/CTFd/CTFd/logs/error.log' | |||
[Install] | |||
WantedBy=multi-user.target | |||
==Operasional== | |||
# Create log directories | |||
sudo mkdir -p /var/log/CTFd/CTFd/logs/ | |||
sudo chown -R ctfd:www-data /var/log/CTFd/CTFd/logs/ | |||
# Start CTFd service | |||
sudo systemctl enable ctfd | |||
sudo systemctl start ctfd | |||
sudo systemctl status ctfd | |||
# Create nginx site, let's encrypt will handle the https later | |||
sudo vim /etc/nginx/sites-available/ctfd | |||
# Nginx config | |||
# the client_max_body_size enables file uploads over the default of 1MB | |||
server { | |||
listen 80; | |||
server_name yourdomain.com www.yourdomain.com your.ip.add.ress; | |||
client_max_body_size 75M; | |||
location / { | |||
include proxy_params; | |||
proxy_pass http://unix:/var/www/CTFd/app.sock; | |||
} | |||
} | |||
# Contoh | |||
server { | |||
listen 80; | |||
server_name ctf.itts.ac.id 192.168.0.142; | |||
client_max_body_size 75M; | |||
location / { | |||
include proxy_params; | |||
proxy_pass http://unix:/var/www/CTFd/app.sock; | |||
} | |||
} | |||
# Link config file | |||
sudo ln -s /etc/nginx/sites-available/ctfd /etc/nginx/sites-enabled | |||
# Remove defaults | |||
sudo rm /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default | |||
# Test nginx configuration | |||
sudo nginx -t | |||
# Restart nginx if test wasw good | |||
sudo systemctl restart nginx | |||
# For troubleshooting | |||
tail /var/log/CTFd/CTFd/logs/access.log | |||
tail /var/log/CTFd/CTFd/logs/error.log | |||
# SSL Certs | |||
sudo add-apt-repository ppa:certbot/certbot | |||
sudo apt install python-certbot-nginx | |||
sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com youremail@domain.com | |||
# certificate locations | |||
/etc/letsencrypt/live/yourdomain.com/fullchain.pem | |||
/etc/letsencrypt/live/yourdomain.com/privkey.pem | |||
# renew certificates | |||
certbot renew | |||
==Referensi== | ==Referensi== | ||
* https://nopresearcher.github.io/Deploying-CTFd/ | * https://nopresearcher.github.io/Deploying-CTFd/ | ||
Latest revision as of 04:28, 29 January 2023
Sumber: https://nopresearcher.github.io/Deploying-CTFd/
Spec:
- VirtualBox
- Ubuntu 22.04
- Memory 3G
- Core 2
Basic
sudo su apt update apt install net-tools
Setup user ctfd
# setup user ctfd adduser ctfd # masukan password usermod -aG sudo ctfd
Aktifkan firewall,
# UFW Firewall ufw allow openssh ufw allow http ufw allow https ufw enable
Install python & apps pendukung
apt update apt upgrade -y # optional apt install -y python3-pip python3-dev build-essential libssl-dev libffi-dev python3-setuptools nginx git pip3 install pipenv
Install CTFd
# install CTFd cd /var/www git clone https://github.com/CTFd/CTFd.git su ctfd sudo chown -R ctfd:www-data /var/www/CTFd cd /var/www/CTFd # Create a pipenv to run CTFd in pipenv install --python 3 pipenv shell ./prepare.sh
Testing
sudo ufw allow 5000 gunicorn --bind 0.0.0.0:5000 'CTFd:create_app()'
Browse
http://www.yourdomain.com:5000 http://192.168.0.142:5000/setup
Setup enviroment
Contoh
- single core
- worker 3
- keep-alive 2
# identify the pipenv virtual environment for use in unit file pipenv --venv /home/ctfd/.local/share/virtualenvs/CTFd-rOJbThUf
Edit ctfd.service
# Create unit file sudo vim /etc/systemd/system/ctfd.service [Unit] Description=Gunicorn instance to serve ctfd After=network.target [Service] User=ctfd Group=www-data WorkingDirectory=/var/www/CTFd Environment="PATH=/home/ctfd/.local/share/virtualenvs/CTFd-rOJbThUf/bin" ExecStart=/home/ctfd/.local/share/virtualenvs/CTFd-rOJbThUf/bin/gunicorn --bind unix:app.sock --keep-alive 2 --workers 3 --worker-class gevent 'CTFd:create_app()' --access-logfile '/var/log/CTFd/CTFd/logs/access.log' --error-logfile '/var/log/CTFd/CTFd/logs/error.log' [Install] WantedBy=multi-user.target
Operasional
# Create log directories
sudo mkdir -p /var/log/CTFd/CTFd/logs/
sudo chown -R ctfd:www-data /var/log/CTFd/CTFd/logs/
# Start CTFd service
sudo systemctl enable ctfd
sudo systemctl start ctfd
sudo systemctl status ctfd
# Create nginx site, let's encrypt will handle the https later
sudo vim /etc/nginx/sites-available/ctfd
# Nginx config
# the client_max_body_size enables file uploads over the default of 1MB
server {
listen 80;
server_name yourdomain.com www.yourdomain.com your.ip.add.ress;
client_max_body_size 75M;
location / {
include proxy_params;
proxy_pass http://unix:/var/www/CTFd/app.sock;
}
}
# Contoh
server {
listen 80;
server_name ctf.itts.ac.id 192.168.0.142;
client_max_body_size 75M;
location / {
include proxy_params;
proxy_pass http://unix:/var/www/CTFd/app.sock;
}
}
# Link config file sudo ln -s /etc/nginx/sites-available/ctfd /etc/nginx/sites-enabled # Remove defaults sudo rm /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default # Test nginx configuration sudo nginx -t # Restart nginx if test wasw good sudo systemctl restart nginx # For troubleshooting tail /var/log/CTFd/CTFd/logs/access.log tail /var/log/CTFd/CTFd/logs/error.log # SSL Certs sudo add-apt-repository ppa:certbot/certbot sudo apt install python-certbot-nginx sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com youremail@domain.com # certificate locations /etc/letsencrypt/live/yourdomain.com/fullchain.pem /etc/letsencrypt/live/yourdomain.com/privkey.pem # renew certificates certbot renew
