Creates a Docker container with an installation of the gophish phishing framework.
To run the cisagov/gophish image via Docker:
docker run cisagov/gophish:0.1.0-
Create a
compose.ymlfile similar to the one below to use Docker Compose.--- name: gophish services: gophish: image: cisagov/gophish:0.1.0 ports: - mode: host protocol: tcp published: 3333 target: 3333 - mode: host protocol: tcp published: 3380 target: 8080
-
Start the container and detach:
docker compose up --detach
This container also supports passing sensitive values via Docker secrets. Passing sensitive values like your credentials can be more secure using secrets than using environment variables. See the secrets section below for a table of all supported secret files.
-
To use secrets, create a file or files containing the values you want set.
-
Then add the secret or secrets to your
docker-compose.ymlfile:--- name: gophish secrets: config_json: file: ./src/secrets/config.json admin_fullchain_pem: file: ./src/secrets/admin_fullchain.pem admin_privkey_pem: file: ./src/secrets/admin_privkey.pem phish_fullchain_pem: file: ./src/secrets/phish_fullchain.pem phish_privkey_pem: file: ./src/secrets/phish_privkey.pem services: gophish: image: cisagov/gophish:0.1.0 ports: - mode: host protocol: tcp published: 3333 target: 3333 - mode: host protocol: tcp published: 3380 target: 8080 secrets: - source: config_json target: config.json - source: admin_fullchain_pem target: admin_fullchain.pem - source: admin_privkey_pem target: admin_privkey.pem - source: phish_fullchain_pem target: phish_fullchain.pem - source: phish_privkey_pem target: phish_privkey.pem
-
Pull the new image from Docker Hub:
docker compose pull -
Recreate the running container by following the previous instructions:
docker compose up --detach
-
Stop the running container:
docker stop <container_id> -
Pull the new image:
docker pull cisagov/gophish:0.1.0 -
Recreate and run the container by following the previous instructions.
This image uses Pipenv to manage Python dependencies using a Pipfile.
Both updating dependencies and changing the Pipenv configuration in src/Pipfile
will result in a modified src/Pipfile.lock file that should be committed to the
repository.
Warning
The src/Pipfile.lock as generated will fail pre-commit checks due to JSON formatting.
If you want to update existing dependencies you would run the following command
in the src/ subdirectory:
pipenv lockIf you want to add or remove dependencies you would update the src/Pipfile file
and then update dependencies as you would above.
Note
You should only specify packages that are direct requirements of your Docker configuration. Allow Pipenv to manage the dependencies of the specified packages.
The images of this container are tagged with semantic
versions of the underlying gophish project that they
containerize. It is recommended that most users use a version tag (e.g.
:0.1.0).
| Image:tag | Description |
|---|---|
cisagov/gophish:0.1.0 |
An exact release version. |
cisagov/gophish:0.1 |
The most recent release matching the major and minor version numbers. |
cisagov/gophish:0 |
The most recent release matching the major version number. |
cisagov/gophish:edge |
The most recent image built from a merge into the develop branch of this repository. |
cisagov/gophish:nightly |
A nightly build of the develop branch of this repository. |
cisagov/gophish:latest |
The most recent release image pushed to a container registry. Pulling an image using the :latest tag should be avoided. |
See the tags tab on Docker Hub for a list of all the supported tags.
There are no volumes.
The following ports are exposed by this container:
| Port | Purpose |
|---|---|
| 3333 | Admin server |
| 8080 | Phishing server |
The sample Docker composition publishes the exposed ports at 3333 and 3380, respectively.
There are no required environment variables.
There are no optional environment variables.
| Filename | Purpose |
|---|---|
config.json |
Gophish configuration file |
admin_fullchain.pem |
public key for admin port |
admin_privkey.pem |
private key for admin port |
phish_fullchain.pem |
public key for phishing port |
phish_privkey.pem |
private key for phishing port |
Build the image locally using this git repository as the build context:
docker build \
--build-arg VERSION=0.1.0 \
--tag cisagov/gophish:0.1.0 \
https://github.com/cisagov/gophish-docker.git#developTo create images that are compatible with other platforms, you can use the
buildx feature of
Docker:
-
Copy the project to your machine using the
Codebutton above or the command line:git clone https://github.com/cisagov/gophish-docker.git cd gophish-docker
-
Create the
Dockerfile-xfile withbuildxplatform support:./buildx-dockerfile.sh -
Build the image using
buildx:docker buildx build \ --file Dockerfile-x \ --platform linux/amd64 \ --build-arg VERSION=0.1.0 \ --output type=docker \ --tag cisagov/gophish:0.1.0 .
We welcome contributions! Please see CONTRIBUTING.md for
details.
This project is in the worldwide public domain.
This project is in the public domain within the United States, and copyright and related rights in the work worldwide are waived through the CC0 1.0 Universal public domain dedication.
All contributions to this project will be released under the CC0 dedication. By submitting a pull request, you are agreeing to comply with this waiver of copyright interest.