GitDeployHub

telekom-security/tpotce

github.com/telekom-security/tpotce ↗
Unknown stack
20 environment variables found in env.example

Set these on your host before deploying. Each platform has an “Environment Variables” section in the deploy flow.

  • WEB_USER Set Web usernames and passwords here. This section will be used to create / update the Nginx password file nginxpasswd. <empty>: This is…
  • LS_WEB_USER Set Logstash Web usernames and passwords here. This section will be used to create / update the Nginx password file lswebpasswd. The…
  • TPOT_BLACKHOLE T-Pot Blackhole ENABLED: T-Pot will download a db of known mass scanners and nullroute them. Be aware, this will put T-Pot off the map for…
  • TPOT_PERSISTENCE T-Pot Persistence on: This is the default. T-Pot will keep the honeypot logfiles and rotate with logrotate for 30 days. off: This is…
  • TPOT_PERSISTENCE_CYCLES T-Pot Persistence Cycles <1-999>: Set the number of T-Pot restart cycles for logrotate. Be mindful of this setting as the logs will use up…
  • TPOT_TYPE T-Pot Type HIVE: This is the default and offers everything to connect T-Pot sensors. SENSOR: This needs to be used when running a sensor.…
  • TPOT_HIVE_USER T-Pot Hive User (only relevant for SENSOR deployment) <empty>: This is empty by default. <base64 encoded string>: Provide a base64 encoded…
  • LS_SSL_VERIFICATION Logstash Sensor SSL verfication (only relevant on SENSOR hosts) full: This is the default. Logstash, by default, verifies the complete…
  • TPOT_HIVE_IP T-Pot Hive IP (only relevant for SENSOR deployment) <empty>: This is empty by default. <IP, FQDN>: This can be either a IP (i.e.…
  • TPOT_ATTACKMAP_TEXT T-Pot AttackMap Text Output ENABLED: This is the default and the docker container map_data will print events to the console. DISABLED:…
  • TPOT_ATTACKMAP_TEXT_TIMEZONE T-Pot AttackMap Text Output Timezone UTC: (T-Pot default) This is usually the best option. Continent/City: In Linux you can check our…
  • OINKCODE Suricata ET Pro ruleset OPEN: This is the default and will the ET Open ruleset OINKCODE: Replace OPEN with your Oinkcode to use the ET Pro…
  • TPOT_DOCKER_SOCK docker.sock Path
  • TPOT_DOCKER_ENV docker compose .env
  • TPOT_DOCKER_COMPOSE Docker-Compose file
  • TPOT_REPO T-Pot Docker Repo Depending on where you are located you may choose between DockerHub and GHCR dtagdevsec: This will use the DockerHub…
  • TPOT_VERSION T-Pot Version Tag
  • TPOT_PULL_POLICY T-Pot Pull Policy always: (T-Pot default) Compose implementations SHOULD always pull the image from the registry. never: Compose…
  • TPOT_DATA_PATH T-Pot Data Path
  • TPOT_OSTYPE OSType (linux, mac, win) Most docker features are available on linux
Best match Fly.io Anything Dockerized — requires the Fly CLI.
macOS
brew install flyctl && fly launch --from https://github.com/telekom-security/tpotce
Linux
curl -L https://fly.io/install.sh | sh && fly launch --from https://github.com/telekom-security/tpotce
Windows (PowerShell)
iwr https://fly.io/install.ps1 -useb | iex; fly launch --from https://github.com/telekom-security/tpotce
Or deploy to a different host
← Try another repo