Skip to content

Latest commit

 

History

History
129 lines (87 loc) · 3.13 KB

INSTALL.md

File metadata and controls

129 lines (87 loc) · 3.13 KB
Raw

Install guide

System dependencies

You need poetry installed, see the install guide.

Prerequisites

You need to have redis cloned and installed in the same directory you clone this template in: this repoitory and and redis must be in the same directory, and not redis cloned in this directory. See this guide.

Redis

Redis: Redis is source-available software, available under both the Redis Source Available License v2 (RSALv2) and the Server Side Public License v1 (SSPLv1), in-memory data structure store, used as a database, cache and message broker.

NOTE: Redis should be installed from the source, and the repository must be in one directory up as the one you will be cloning vulnerability-lookup into.

In order to compile and test redis, you will need a few packages:

sudo apt-get update
sudo apt install build-essential tcl
git clone https://github.com/redis/redis.git
cd redis
git checkout 7.2
make
# Optionally, you can run the tests:
make test
cd ..

Kvrocks

Kvrocks is a distributed key value NoSQL database that uses RocksDB as storage engine and is compatible with Redis protocol. Kvrocks intends to decrease the cost of memory and increase the capability while compared to Redis.

NOTE: Kvrocks should be installed from the source, and the repository must be in one directory up as the one you will be cloning vulnerability-lookup into.

In order to compile kvrocks, you will need a few packages:

sudo apt-get update
sudo apt install git gcc g++ make cmake autoconf automake libtool python3 libssl-dev
git clone --recursive https://github.com/apache/incubator-kvrocks.git kvrocks
cd kvrocks
git checkout v2.5.1
./x.py build
cd ..

Clone vulnerability lookup with the submodules

git clone --recursive https://github.com/cve-search/vulnerability-lookup.git

Installation

From the directory you just cloned, run:

poetry install

Initialize the .env file:

echo VULNERABILITYLOOKUP_HOME="`pwd`" >> .env

Note: VULNERABILITYLOOKUP_HOME is the name you set in vulnerability-lookup/default/__init__.py

Initialize the submodules (as the repositories are quite large, it can take sometime):

git submodule update --init

Configuration

Copy the config file:

cp config/generic.json.sample config/generic.json

And configure it accordingly to your needs.

Copy the module file:

cp config/modules.cfg.sample config/modules.cfg

And configure the feeder configuration such as the NVD API key.

cp config/logging.json.sample config/logging.json

Usage

Start the tool (as usual, from the directory):

poetry run start

You can stop it with

poetry run stop

With the default configuration, you can access the web interface on http://0.0.0.0:10001, where you will find the API and can start playing with it.

Update

poetry run update