osect_sensor/docker-compose.yml

version: '3'
services:
  edge_cron:
    image: cron:revxxx
    build: "./Infrastructure/edge_cron/"
    volumes:
      - ./Application/edge_cron:/opt/edge_cron
      - pcap-logs-volume:/opt/edge_cron/paper/sc_src/input/pcap/complete/
      - logs-volume:/var/log/ot_tools/
      - ./keys/client.pem:/etc/ssl/private/client.pem
      - ./conf/suricata_update.conf:/etc/suricata_update.conf
      - ./conf/suricata.yaml:/opt/ot_tools/suricata.yaml       # suricata realtime
      - ./conf/crontab:/root/crontab
      - ./conf/zeekctl.cfg:/usr/local/zeek/etc/zeekctl.cfg           # zeek realtime
      - ./conf/node.cfg:/usr/local/zeek/etc/node.cfg                 # zeek realtime
      - ./conf/local.zeek:/usr/local/zeek/share/zeek/site/local.zeek # zeek realtime
    network_mode: host
    ulimits:
      memlock: -1
    cap_add:
      - SYS_ADMIN # Suricata
      - NET_ADMIN # Suricata eBPF
    command: >
      sh -c '
        crontab /root/crontab
        /usr/bin/supervisord --configuration=/etc/supervisor/conf.d/supervisord.conf
      '
    restart: always
volumes:
  pcap-logs-volume:
      driver_opts:
        type: local
        device: ./logs/pcap-logs
        o: bind
  logs-volume:
      driver_opts:
        type: local
        device: ./logs/ottools
        o: bind