docker-misp icon indicating copy to clipboard operation
docker-misp copied to clipboard

Published 20 hours ago verified publisher icon coolacid

Organization logos do not persist after core container rebuilds

Open seanthegeek opened this issue 5 years ago • 11 comments

seanthegeek avatar Feb 26 '20 23:02 seanthegeek

Can you add a bit of description? What kind of rebuild? Do you know where the files are stored?

coolacid avatar Feb 27 '20 20:02 coolacid

https://github.com/MISP/MISP/blob/879c564d0c86f94c4e53b3a2e53243cc1d7a324c/app/Controller/OrganisationsController.php#L122

Looks like the Orgs get stored in ./app/webroot/img/orgs of course, there's existing ones already so a direct volume-mount won't work.

coolacid avatar Mar 21 '20 18:03 coolacid

Mounting the following paths works (fine) for me

  • /var/www/MISP/app/webroot/img/orgs
  • /var/www/MISP/app/webroot/img/custom

Uploading new images for organisations or misp customization is working, but the default PNG files are not created.

garrit-schroeder avatar Dec 09 '20 22:12 garrit-schroeder

Right, when you mount those directories, to "removes" what's already there. I'm hoping MISP fixes how it accesses these images, but I may have todo the same as the data directories - Look for a hidden file, and if it's not there copy from an internal copy.

coolacid avatar Jan 11 '21 15:01 coolacid

FWIW this is yet another reason why the web server should not scribble data into the filesystem. I've tried to argue that MISP should instead store data like organisation images in the MISP database, but with no success, see https://github.com/MISP/MISP/issues/7371

chrisinmtown avatar May 12 '21 20:05 chrisinmtown

Storing blobs in a DB would erk the snot out of my DBAs. It's much easier for us to get large NFS storage then more disk space on a DB.

Scribbling stuff to filesystem is very normal practice.

coolacid avatar May 12 '21 21:05 coolacid

I guess I'm not a database purist :) I definitely seem to be alone in my opinion that all site-specific data should be in one place, and the DB is for me the only reasonable choice. I make this argument to support replication/failover needs. That is complicated today bcos the MISP webapp writes event-attachment files to one folder (those can definitely be large) and reads organisation images from another folder (those are tiny), all in addition to the event/attr data in the DB of course.

chrisinmtown avatar May 12 '21 21:05 chrisinmtown

If it can be volume mounted on a docker image, it can be done on an NFS drive and shared between instances. While I haven't tried it, a little tweaking of configurations these images (aside from Org Images) should just work.

coolacid avatar May 12 '21 21:05 coolacid

@coolacid would you please consider extending the docker-compose.yml with a volume mount for org images:

      - "./orgs/:/var/www/MISP/app/webroot/img/orgs"

And maybe you can add directions to pre-populate the local volume from the git repo, dir ~/git/github/MISP/app/webroot/img/orgs arrives with this content:

ADMIN.png	CERTat.png	MIL.be.png	NATO.png	RISKIQ.png
CERT.at.png	CIRCL.png	MISP.png	NCIRC.png

chrisinmtown avatar May 19 '21 12:05 chrisinmtown

There already is a pull request for this project: https://github.com/coolacid/docker-misp/pull/95

garrit-schroeder avatar May 19 '21 12:05 garrit-schroeder

Thanks @garrit-schroeder for the pointer, I commented there to say you might add a line or two in the README.md about preparing an org images volume. Anyhow I hope @coolacid will accept your PR to close this issue!

chrisinmtown avatar May 19 '21 13:05 chrisinmtown