{"id":19508850,"url":"https://github.com/rhythmictech/thehive-standalone","last_synced_at":"2025-06-10T20:34:58.119Z","repository":{"id":98717429,"uuid":"169129653","full_name":"rhythmictech/thehive-standalone","owner":"rhythmictech","description":"Terraform module and supporting tools to build and create a fully self-contained instance of TheHive and Cortex","archived":false,"fork":false,"pushed_at":"2020-11-16T14:06:22.000Z","size":16,"stargazers_count":4,"open_issues_count":0,"forks_count":1,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-02-25T22:46:13.636Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rhythmictech.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"security.tf","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-02-04T18:49:03.000Z","updated_at":"2024-08-27T16:08:55.000Z","dependencies_parsed_at":"2023-05-24T22:16:24.389Z","dependency_job_id":null,"html_url":"https://github.com/rhythmictech/thehive-standalone","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rhythmictech%2Fthehive-standalone","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rhythmictech%2Fthehive-standalone/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rhythmictech%2Fthehive-standalone/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rhythmictech%2Fthehive-standalone/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rhythmictech","download_url":"https://codeload.github.com/rhythmictech/thehive-standalone/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rhythmictech%2Fthehive-standalone/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":259146494,"owners_count":22812245,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-10T23:10:06.845Z","updated_at":"2025-06-10T20:34:58.098Z","avatar_url":"https://github.com/rhythmictech.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# thehive-standalone\n\n*This is not maintained. There are a number of better ways to run TheHive, particularly\nthanks to better Docker support than when this was written. Also, there's better ways to\nbuild and run using newer features in Terraform, Ansible, Packer, etc. Keeping this repo\nfor historical purposes, but you probably shouldn't use it.*\n\nA combination of Terraform module, packer builder and ansible modules that\ncreate a standalone installation of TheHive and Cortex in AWS. The intended\nuse is to create your own AMI and then create a deployed instance via\nTerraform. Terraform will preserve the data volume between upgrades.\n\n## Usage\nTo create an AMI, create a local_config.json file that is based on the\nlocal_config.sample.json file. Not all variables are required (for example,\nboth ldap and vouch configs are included for clarity). A minimal config is below:\n\n```json\n{\n\n  \"aws_ami_filter_owner\": \"1234567890\",\n  \"aws_ami_filter_name\": \"centos-7-base-*\",\n  \"aws_ami_ssh_username\": \"ec2-user\",\n  \"aws_ami_build_subnet\": \"subnet-123456\",\n\n  \"cortex_url\": \"cortex.corp\",\n  \"cortex_seed_initial_username\": \"admin\",\n  \"cortex_crypto_secret\": \"...\",\n  \"cortex_api_key\": \"apikey\",\n\n  \"thehive_url\": \"thehive.corp\",\n  \"thehive_seed_initial_username\": \"admin\",\n\n\n  \"thehive_crypto_secret\": \"...\",\n\n  \"thehive_cortex_servers\": {\n    \"cortex\": {\n      \"url\": \"http://127.0.0.1:9001/\",\n      \"key\": \"apikey\"\n    }\n  }\n}\n\n```\n\nNote that the secret keys can be generated as follows:\n\n```cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n 1```\n\nThe API key can be generated similarly:\n\n```cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1```\n\nCreate the AMI by running the Makefile:\n\n```make all```\n\nA very simplified idea of how this would be created in terraform..\n\n```yaml\nmodule \"thehive\" {\n  source    = \"/Users/cdaniluk/dev/rhythmic/thehive-standalone\"\n\n  name = \"thehive\"\n\n  instance_additional_sgs = [\"${local.admin_access_sg_id}\"]\n  instance_image = \"${data.aws_ami.thehive-latest.id}\"\n  instance_subnet = \"${local.subnet}\"\n  instance_type = \"t2.medium\"\n  keypair = \"${local.keypair}\"\n\n  availability_zone = \"${local.availability_zones}\"\n  vpc_id = \"${local.vpc_id}\"\n\n  # Place instance behind an SSL-terminating ALB\n  alb_create = true\n  alb_subnets = [\"subnet-12345678, subnet-23456789, subnect-34567890\"]\n  alb_internal = \"true\"\n  alb_certificate = \"arn:aws:acm:us-east-1:0123456790:certificate/...\"\n\n  # Create Route53 entries for thehive and cortex\n  r53_create  = true\n  r53_zone    = \"Z12345679ASDF\"\n  r53_thehive_name    = \"thehive.corp.local\"\n  r53_cortex_name    = \"cortex.corp.local\"\n}\n\n```\n\n## Vagrant\nVagrant can be used to test the build process. The supplied Vagrantfile in\nthe ansible directory will go through the same process as packer to provision\nthe instance. It can be used for troubleshooting. See the Makefile.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frhythmictech%2Fthehive-standalone","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frhythmictech%2Fthehive-standalone","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frhythmictech%2Fthehive-standalone/lists"}