GitHub - zajinx/parsedmarc: parsedmarc docker-compose version

Branches Tags

Name		Name	Last commit message	Last commit date
Latest commit History 7 Commits
parsedmarc		parsedmarc
ParceDMARC-Sample.png		ParceDMARC-Sample.png
README		README
docker-compose.yml		docker-compose.yml
docker-compose.yml.bak		docker-compose.yml.bak
export.ndjson		export.ndjson
parsedmarc.ini		parsedmarc.ini
requirements.txt		requirements.txt

Repository files navigation

This stack includes:
- [ParseDMARC](https://domainaware.github.io/parsedmarc/) image to analizing reports (builded from Dockerfile, use pypy image)
- [Elasticsearch & Kibana](https://www.elastic.co/guide/index.html) to store and visualize parsed data
- [Nginx](https://docs.nginx.com/) to handle basic authorization and SSL offloading

## 🛡️ Security note

You yourself are responsible for your actions.

The project is delivered as is without any warranty.

To update parsedmarc:
```
docker-compose build --no-cache --pull parsedmarc
docker-compose pull
docker-compose up -d
```

## ⚙️ How-to deploy from scratch
First of all you need to have 🐳 Docker and  Docker Compose.

1. Learn how to install [Docker](https://docs.docker.com/install/) and [Docker Compose](https://docs.docker.com/compose/install/).
Quick installation for most operation systems:
- Docker
```
curl -sSL https://get.docker.com/ | CHANNEL=stable sh
# After the installation process is finished, you may need to enable the service and make sure it is started (e.g. CentOS 7)
systemctl enable docker.service
systemctl start docker.service
```
- Docker-Compose
```
curl -L https://github.com/docker/compose/releases/download/1.29.2/docker-compose-Linux-x86_64 > /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
```

2. Clone the master branch of the repository.
```
git clone https://github.com/zajinx/parsedmarc.git
cd parsedmarc
```

3. Change `[imap]` configuration and tweak `parsedmarc/parsedmarc.ini` to your needs.
Syntax and description avaible [here](https://domainaware.github.io/parsedmarc/index.html#configuration-file)
```
[imap]
host = imap.example.com
user = [email protected]
password = somepassword
```

4. Enable IP geolocation by installing [GeoIP Update software](https://github.com/maxmind/geoipupdate). And edit `docker-compose.yml` to enable access to the MaxMind databases on your host system.
```
volumes:
  - ./parsedmarc/parsedmarc.ini:/etc/parsedmarc.ini:z
  - /path/to/GeoIP:/usr/share/GeoIP
```

5. Tune `vm.max_map_count` on your OS, original how-to avaible [here](https://www.elastic.co/guide/en/elasticsearch/reference/current/vm-max-map-count.html).

6. Start stack.
```
docker-compose -up d
```

7. Download & Import Kibana Saved Objects [export.ndjson](https://raw.githubusercontent.com/domainaware/parsedmarc/master/kibana/export.ndjson).

Go to `https://parsedmarc.example.com/app/management/kibana/objects` click on `Import`.

Import downloaded export.ndjson with override.

## Dashboard Sample
![ParceDMARC-Sample](https://github.com/zajinx/parsedmarc/raw/master/ParceDMARC-Sample.png)

## Credits to
- https://github.com/dragoangel/parsedmarc-dockerized
- https://github.com/domainaware/parsedmarc