CodeForAfrica · VinneyJ · Mar 10, 2025 · Mar 13, 2025 · Mar 13, 2025 · Mar 25, 2025
diff --git a/Makefile b/Makefile
@@ -1,12 +1,12 @@
 .PHONY: deploy remove build
 
-STACK_NAME ?= cfa_opencti
-COMPOSE_FILE?= docker-compose.yml
-NGINX_VERSION?=1.26.0 #based off Nginx docker  version
+STACK_NAME?=nginx-opencti
+COMPOSE_FILE?=docker-compose.yml
+NGINX_VERSION?=1.27.0 #based off Nginx docker  version
 
 # build Nginx image & push to dockerhub
 build:
-	docker buildx build --platform linux/amd64 -t codeforafrica/cfa-opencti-nginx:$(NGINX_VERSION) --file nginx/Dockerfile nginx/ --push
+	docker buildx build -t codeforafrica/$(STACK_NAME):$(NGINX_VERSION) --file nginx/Dockerfile nginx/ --push
 
 # deploy openCTI stack
 deploy:

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -1,43 +1,42 @@
 version: '3'
 
+x-restart-policy: &default_restart_policy
+  condition: on-failure
+  delay: 3s
+  max_attempts: 5
+  window: 60s
+
 services:
   redis:
     deploy:
       replicas: 1
       placement:
         constraints:
           - node.labels.role == opencti-core
-      restart_policy: &default_restart_policy
-        condition: on-failure
-        delay: 3s
-        max_attempts: 5
-        window: 60s
-    image: redis:7.2.4
-
+      restart_policy: *default_restart_policy
+    image: redis:7.4.2
     volumes:
       - redisdata:/data
-
+      
   nginx:
-    image: codeforafrica/cfa-opencti:0.0.6
+    image: codeforafrica/nginx-opencti:0.0.7
     deploy:
       replicas: 1
       placement:
         constraints:
           - node.labels.role == manager
-      restart_policy: *default_restart_policy
     ports:
       - "80:80"
     depends_on:
       - opencti
 
   rabbitmq:
-    image: rabbitmq:3.13-management
     deploy:
-      replicas: 1
       placement:
         constraints:
           - node.labels.role == opencti-core
       restart_policy: *default_restart_policy
+    image: rabbitmq:4.0-management
     environment:
       - RABBITMQ_DEFAULT_USER=${RABBITMQ_DEFAULT_USER}
       - RABBITMQ_DEFAULT_PASS=${RABBITMQ_DEFAULT_PASS}
@@ -52,7 +51,7 @@ services:
         constraints:
           - node.labels.role == opencti-core
       restart_policy: *default_restart_policy
-    image: opencti/platform:6.1.1
+    image: opencti/platform:6.5.3
     environment:
       - NODE_OPTIONS=--max-old-space-size=8096
       - APP__PORT=8080
@@ -87,34 +86,33 @@ services:
       - "8080:8080"
     depends_on:
       - redis
-      - rabbitmq
-
+      - rabbitmq 
 
   worker:
-    image: opencti/worker:6.1.1
-    environment:
-      - OPENCTI_URL=${OPENCTI_CONNECT_URL}
-      - OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}
-      - OPENCTI_JSON_LOGGING=true # Enable / disable JSON logging
-      - WORKER_LOG_LEVEL=error
-    depends_on:
-      - opencti
     deploy:
       mode: replicated
       replicas: 3
       placement:
         constraints:
           - node.labels.role == opencti-core
       restart_policy: *default_restart_policy
-
+    image: opencti/worker:6.5.3
+    environment:
+      - OPENCTI_URL=${OPENCTI_CONNECT_URL}
+      - OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}
+      - OPENCTI_JSON_LOGGING=true # Enable / disable JSON logging
+      - WORKER_LOG_LEVEL=error
+    depends_on:
+      - opencti 
+
   connector-export-file-stix:
     deploy:
       replicas: 1
       placement:
         constraints:
           - node.labels.role == opencti-core
       restart_policy: *default_restart_policy
-    image: opencti/connector-export-file-stix:6.1.1
+    image: opencti/connector-export-file-stix:6.5.3
     environment:
       - OPENCTI_URL=${OPENCTI_CONNECT_URL}
       - OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}
@@ -124,9 +122,9 @@ services:
       - CONNECTOR_SCOPE=application/json
       - CONNECTOR_CONFIDENCE_LEVEL=15 # From 0 (Unknown) to 100 (Fully trusted)
       - OPENCTI_JSON_LOGGING=true # Enable / disable JSON logging
-      - CONNECTOR_LOG_LEVEL=info=error
+      - CONNECTOR_LOG_LEVEL=error
     depends_on:
-      - opencti
+      - opencti 
 
   connector-export-file-csv:
     deploy:
@@ -135,7 +133,7 @@ services:
         constraints:
           - node.labels.role == opencti-core
       restart_policy: *default_restart_policy
-    image: opencti/connector-export-file-csv:6.1.1
+    image: opencti/connector-export-file-csv:6.5.3
     environment:
       - OPENCTI_URL=${OPENCTI_CONNECT_URL}
       - OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}
@@ -145,7 +143,7 @@ services:
       - CONNECTOR_SCOPE=text/csv
       - CONNECTOR_CONFIDENCE_LEVEL=15 # From 0 (Unknown) to 100 (Fully trusted)
       - OPENCTI_JSON_LOGGING=true # Enable / disable JSON logging
-      - CONNECTOR_LOG_LEVEL=info=error
+      - CONNECTOR_LOG_LEVEL=error
     depends_on:
       - opencti
 
@@ -156,20 +154,20 @@ services:
         constraints:
           - node.labels.role == opencti-core
       restart_policy: *default_restart_policy
-    image: opencti/connector-export-file-txt:6.1.1
+    image: opencti/connector-export-file-txt:6.5.3
     environment:
       - OPENCTI_URL=${OPENCTI_CONNECT_URL}
       - OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}
       - CONNECTOR_ID=${CONNECTOR_EXPORT_FILE_TXT_ID} # Valid UUIDv4
       - CONNECTOR_TYPE=INTERNAL_EXPORT_FILE
       - CONNECTOR_NAME=ExportFileTxt
       - CONNECTOR_SCOPE=text/plain
-
       - CONNECTOR_CONFIDENCE_LEVEL=15 # From 0 (Unknown) to 100 (Fully trusted)
       - OPENCTI_JSON_LOGGING=true # Enable / disable JSON logging
-      - CONNECTOR_LOG_LEVEL=info=error
+      - CONNECTOR_LOG_LEVEL=error
     depends_on:
       - opencti
+
 
   connector-import-file-stix:
     deploy:
@@ -178,30 +176,30 @@ services:
         constraints:
           - node.labels.role == opencti-core
       restart_policy: *default_restart_policy
-    image: opencti/connector-import-file-stix:6.1.1
+    image: opencti/connector-import-file-stix:6.5.3
     environment:
       - OPENCTI_URL=${OPENCTI_CONNECT_URL}
       - OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}
       - CONNECTOR_ID=${CONNECTOR_IMPORT_FILE_STIX_ID} # Valid UUIDv4
       - CONNECTOR_TYPE=INTERNAL_IMPORT_FILE
       - CONNECTOR_NAME=ImportFileStix
-      - CONNECTOR_VALIDATE_BEFORE_IMPORT=false # Validate any bundle before import
+      - CONNECTOR_VALIDATE_BEFORE_IMPORT=true # Validate any bundle before import
       - CONNECTOR_SCOPE=application/json,text/xml
       - CONNECTOR_AUTO=true # Enable/disable auto-import of file
       - CONNECTOR_CONFIDENCE_LEVEL=15 # From 0 (Unknown) to 100 (Fully trusted)
       - OPENCTI_JSON_LOGGING=true # Enable / disable JSON logging
-      - CONNECTOR_LOG_LEVEL=info=error
+      - CONNECTOR_LOG_LEVEL=error
     depends_on:
-      - opencti
-
+      - opencti  
+      
   connector-import-document:
     deploy:
       replicas: 1
       placement:
         constraints:
           - node.labels.role == opencti-core
       restart_policy: *default_restart_policy
-    image: opencti/connector-import-document:6.1.1
+    image: opencti/connector-import-document:6.5.3
     environment:
       - OPENCTI_URL=${OPENCTI_CONNECT_URL}
       - OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}
@@ -213,20 +211,19 @@ services:
       - CONNECTOR_AUTO=true # Enable/disable auto-import of file
       - CONNECTOR_ONLY_CONTEXTUAL=false # Only extract data related to an entity (a report, a threat actor, etc.)
       - CONNECTOR_CONFIDENCE_LEVEL=15 # From 0 (Unknown) to 100 (Fully trusted)
-      - OPENCTI_JSON_LOGGING=true # Enable / disable JSON logging
-      - CONNECTOR_LOG_LEVEL=info=error
+      - CONNECTOR_LOG_LEVEL=error
       - IMPORT_DOCUMENT_CREATE_INDICATOR=true
     depends_on:
       - opencti
-
+    
   connector-disarm-framework:
     deploy:
       replicas: 1
       placement:
         constraints:
           - node.labels.role == opencti-core
       restart_policy: *default_restart_policy
-    image: opencti/connector-disarm-framework:6.1.1
+    image: opencti/connector-disarm-framework:6.5.3
     environment:
       - OPENCTI_URL=${OPENCTI_CONNECT_URL}
       - OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}
@@ -236,46 +233,17 @@ services:
       - CONNECTOR_CONFIDENCE_LEVEL=75 # From 0 (Unknown) to 100 (Fully trusted)
       - CONNECTOR_RUN_AND_TERMINATE=false
       - OPENCTI_JSON_LOGGING=true # Enable / disable JSON logging
-      - CONNECTOR_LOG_LEVEL=info=error
+      - CONNECTOR_LOG_LEVEL=error
       - DISARM_FRAMEWORK_URL=https://raw.githubusercontent.com/DISARMFoundation/DISARMframeworks/main/generated_files/DISARM_STIX/DISARM.json
       - DISARM_FRAMEWORK_INTERVAL=7 # In days, must be strictly greater than 1
     depends_on:
       - opencti
-    networks:
-      - cfa_opencti_network
-
-  portainer-agent:
-    image: portainer/agent
-    environment:
-      - AGENT_CLUSTER_ADDR=tasks.portainer-agent
-    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock
-      - /var/lib/docker/volumes:/var/lib/docker/volumes
-    deploy:
-      mode: global
-    networks:
-      - cfa_opencti_network
-
-  portainer:
-    image: portainer/portainer
-    command: >
-      -H tcp://tasks.portainer-agent:9001 --tlsskipverify
-      --admin-password=${PORTAINER_ADMIN_PASSWORD}
-    environment:
-      - PORTAINER_ADMIN_PASSWORD=${PORTAINER_ADMIN_PASSWORD}
-    ports:
-      - "9010:9000"
-      - "8000:8000"
-    volumes:
-      - portainer_data:/data
-    deploy:
-      replicas: 1
-      placement:
-        constraints:
-          - node.role == manager
-    networks:
-      - cfa_opencti_network
 
+# volumes:
+#    esdata:
+#    s3data:
+#    redisdata:
+#    amqpdata:
 
 volumes:
   s3data:

diff --git a/nginx/templates/nginx.conf.template b/nginx/templates/nginx.conf.template
@@ -2,6 +2,7 @@
 server {
     listen ${NGINX_PORT};
     server_name ${NGINX_OPENCTI_SERVER_NAME};
+    client_max_body_size 50M;
 
     location / {
         proxy_pass http://opencti:8080;