Introduction
The Maltego Standard Transforms On-premise server is available as a Docker image. Your Electronic Delivery document contains a link to the Docker Compose YAML file (mst_onprem.yml) that should be downloaded and will be used to pull the required Docker images from Paterva's Docker registry and Docker Hub, provision volumes, and start the containers in the default network.
These instructions were tested on an Ubuntu 20.04 LTS host using IPv4. Instructions may differ slightly depending on your preferred host operating system and network configuration.
Note: The instructions below should be executed from the host server through console or a SSH session. Commands have to be executed with elevated user privileges (e.g. “sudo” or with the “root” user) if the logged in user is not in `docker` group.
Software Requirements
The host machine running the Docker containers will need to have the following dependencies installed:
- Docker Daemon (CE or EE) - Read more: https://docs.docker.com/get-started/overview/
- Docker Compose - Read more: https://docs.docker.com/compose/
Changing the Default Password
Note: Changes to the default Postgres password must be made before starting the server for the first time.
Changes to the default Postgres password must be made in the mst_onprem.yml file. Change the environmental variable POSTGRES_PASSWORD in the ctasdispatcher to a unique password. Set the same password postgres service.
An example of where these changes need to be made is shown (commented in green) in the image below:
Starting the Server
After you have installed Docker and Docker Compose on your Host machine, follow the steps below:
Step 1: Login to Paterva's Docker registry
To download the latest Docker images you first need to log into our Docker registry using the following command:
docker login registry.paterva.com
Enter the CTAS Docker Registry username and password as specified in the Delivery document.
Note: If the delivery document contains multiple server licenses, the password is different per server license.
Step 2: Downloading Docker Compose YAML file
Your delivery document includes a link to a Docker Compose YAML file (mst_onprem.yml) that can be used to deploy CTAS. You will need to either copy the Docker Compose YAML file or directly download it onto the machine that will be running the Docker containers.
Note: It is recommended that you always run the docker-compose commands from the same directory as the docker-compose YAML file. Please copy the docker-compose YAML file to it’s own directory (e.g. /var/maltego/ or /home/maltego/), and run all future commands from this directory.
You can use either of the following commands to download the YAML file directly on to the host machine (you may need "write permissions" if downloading to a system directory).
wget https://dolores.paterva.com/customers/docker/download_compose/11/ -O mst_onprem.yml
Or
curl https://dolores.paterva.com/customers/docker/download_compose/11/ -o mst_onprem.yml
Step 3: Start the server
From the directory containing the Docker Compose YAML file (e.g. /home/maltego/), pull and start the containers using ‘docker-compose’:
Docker Compose Version: 20.10.15 and above. Reference: https://docs.docker.com/compose/
docker compose -f <filename> up -d
Docker Compose Version: 20.10.14 and below. Reference: https://docs.docker.com/engine/release-notes/#201015
docker-compose -f mst_onprem.yml up -d
The CTAS Docker images will be pulled and from Paterva's Docker Registry. Once the images have been pulled, the containers will start running automatically in Detached mode (-d). You can now access the CTAS web interface using the host machine's IPv4 address or DNS Name. e.g., https://{{ Server IPv4 or DNS Name }}/
If there is a need to change the default docker-compose YAML file, then please refer to this article: Customizing the Docker-Compose file
Deploying Previous Versions of the Server
Should you wish to deploy an older version of the Maltego Standard Transforms On-premise server, please refer to our GitHub repository for Docker compose file history and downloads.