type
Post
status
Published
date
Apr 7, 2023
slug
ctfd-deployment
summary
由于准备开始竞赛,所以搭建个CTFd试试看
tags
学习
category
学习思考
icon
password
尝试
克隆ctfd仓库
git clone https://github.com/CTFd/CTFd --depth=1 cd CTFd # 注:以下全部内容的cwd均为此目录
创建docker swarm
启动docker-compose
由于CTFd-Whale必须要用Docker Swarm,所以就用吧。
然后直接 docker-compose up -d
配置frp
创建文件夹
./conf/frp 编辑文件
./conf/frp/frps.ini,添加以下内容,原教程内容有#,注意新版的frp不能带注释(官方这里两个端口号写的不一样,是小彩蛋?)因为docker-compose上的ipv4_address好像不是很好用,所以干脆把admin_addr改成0.0.0.0了。[common] bind_port = 7987 vhost_http_port = 8001 token = your_token subdomain_host = ctf.guo.moe
编辑文件
./conf/frp/frpc.ini[common] token = your_token server_addr = frps server_port = 7987 admin_addr = 0.0.0.0 admin_port = 7400
再次编辑 docker-compose
version: '2' services: ctfd: build: . user: root restart: always ports: - "8000:8000" environment: - UPLOAD_FOLDER=/var/uploads - DATABASE_URL=mysql+pymysql://ctfd:ctfd@db/ctfd - REDIS_URL=redis://cache:6379 - WORKERS=1 - LOG_FOLDER=/var/log/CTFd - ACCESS_LOG=- - ERROR_LOG=- - REVERSE_PROXY=true volumes: - .data/CTFd/logs:/var/log/CTFd - .data/CTFd/uploads:/var/uploads - .:/opt/CTFd:ro - /var/run/docker.sock:/var/run/docker.sock depends_on: - frpc - db networks: default: internal: frp_connect: nginx: image: nginx:stable restart: always volumes: - ./conf/nginx/http.conf:/etc/nginx/nginx.conf ports: - 80:80 depends_on: - ctfd db: image: mariadb:10.4.12 restart: always environment: - MYSQL_ROOT_PASSWORD=ctfd - MYSQL_USER=ctfd - MYSQL_PASSWORD=ctfd - MYSQL_DATABASE=ctfd volumes: - .data/mysql:/var/lib/mysql networks: internal: # This command is required to set important mariadb defaults command: [mysqld, --character-set-server=utf8mb4, --collation-server=utf8mb4_unicode_ci, --wait_timeout=28800, --log-warnings=0] cache: image: redis:4 restart: always volumes: - .data/redis:/data networks: internal: frps: image: glzjin/frp restart: always volumes: - ./conf/frp:/conf entrypoint: - /usr/local/bin/frps - -c - /conf/frps.ini ports: - 10000-10100:10000-10100 # 映射direct类型题目的端口 - 8001:8001 # 映射http类型题目的端口 networks: default: # 需要将frps暴露到公网以正常访问题目容器 frp_connect: frpc: image: glzjin/frp:latest restart: always volumes: - ./conf/frp:/conf/ entrypoint: - /usr/local/bin/frpc - -c - /conf/frpc.ini depends_on: - frps #frps需要先成功运行 networks: frp_containers: # 供frpc访问题目容器 frp_connect: # 供frpc访问frps, CTFd访问frpc #ipv4_address: 172.1.0.3 networks: default: frp_connect: internal: true ipam: config: - subnet: 172.1.0.0/16 frp_containers: internal: true # 如果允许题目容器访问外网,则可以去掉 attachable: true ipam: config: - subnet: 172.2.0.0/16 internal: internal: true
安装&配置ctfd-whale插件
在目录下,执行下面的代码(有时候可能会报超时,多执行几次就行了)
git clone https://github.com/frankli0324/CTFd-Whale CTFd/plugins/ctfd-whale --depth=1 docker-compose build # 需要安装依赖 docker-compose up -d
将它的内容和frp对应
