CTF: Instalasi CTFd di Ubuntu 22.04

From OnnoWiki
Jump to navigation Jump to search

Sumber: https://nopresearcher.github.io/Deploying-CTFd/

Spec:

  • VirtualBox
  • Ubuntu 22.04
  • Memory 3G
  • Core 2


Basic

sudo su
apt update
apt install net-tools

Setup user ctfd 

# setup user ctfd
adduser ctfd  # masukan password
usermod -aG sudo ctfd

Aktifkan firewall, 

# UFW Firewall
ufw allow openssh
ufw allow http
ufw allow https
ufw enable

Install python & apps pendukung 

apt update
apt upgrade -y   # optional

apt install -y python3-pip python3-dev build-essential libssl-dev libffi-dev python3-setuptools nginx git
pip3 install pipenv


Install CTFd 

# install CTFd
cd /var/www
git clone https://github.com/CTFd/CTFd.git

su ctfd
sudo chown -R ctfd:www-data /var/www/CTFd
cd /var/www/CTFd

# Create a pipenv to run CTFd in
pipenv install --python 3
pipenv shell
./prepare.sh

Testing

sudo ufw allow 5000
gunicorn --bind 0.0.0.0:5000 'CTFd:create_app()'

Browse 

http://www.yourdomain.com:5000
http://192.168.0.142:5000/setup


Setup enviroment

Contoh

  • single core
  • worker 3
  • keep-alive 2
# identify the pipenv virtual environment for use in unit file
pipenv --venv
/home/ctfd/.local/share/virtualenvs/CTFd-rOJbThUf

Edit ctfd.service 

# Create unit file
sudo vim /etc/systemd/system/ctfd.service

[Unit]
Description=Gunicorn instance to serve ctfd
After=network.target

[Service]
User=ctfd
Group=www-data
WorkingDirectory=/var/www/CTFd
Environment="PATH=/home/ctfd/.local/share/virtualenvs/CTFd-rOJbThUf/bin"
ExecStart=/home/ctfd/.local/share/virtualenvs/CTFd-rOJbThUf/bin/gunicorn --bind unix:app.sock --keep-alive 2 
--workers 3 --worker-class gevent 'CTFd:create_app()' --access-logfile '/var/log/CTFd/CTFd/logs/access.log' 
--error-logfile '/var/log/CTFd/CTFd/logs/error.log'

[Install]
WantedBy=multi-user.target


Operasional

# Create log directories
sudo mkdir -p /var/log/CTFd/CTFd/logs/
sudo chown -R ctfd:www-data /var/log/CTFd/CTFd/logs/

# Start CTFd service
sudo systemctl enable ctfd
sudo systemctl start ctfd
sudo systemctl status ctfd

# Create nginx site, let's encrypt will handle the https later
sudo vim /etc/nginx/sites-available/ctfd

# Nginx config
# the client_max_body_size enables file uploads over the default of 1MB
server {
    listen 80;
    server_name yourdomain.com www.yourdomain.com your.ip.add.ress;
    client_max_body_size 75M;
    location / {
        include proxy_params;
        proxy_pass http://unix:/var/www/CTFd/app.sock; 
    }
}

# Contoh
server {
    listen 80;
    server_name ctf.itts.ac.id 192.168.0.142;
    client_max_body_size 75M;
    location / {
        include proxy_params;
        proxy_pass http://unix:/var/www/CTFd/app.sock; 
    }
}




# Link config file
sudo ln -s /etc/nginx/sites-available/ctfd /etc/nginx/sites-enabled

# Remove defaults
sudo rm /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default

# Test nginx configuration
sudo nginx -t

# Restart nginx if test wasw good
sudo systemctl restart nginx

# For troubleshooting
tail /var/log/CTFd/CTFd/logs/access.log
tail /var/log/CTFd/CTFd/logs/error.log


# SSL Certs
sudo add-apt-repository ppa:certbot/certbot
sudo apt install python-certbot-nginx

sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com youremail@domain.com

# certificate locations
/etc/letsencrypt/live/yourdomain.com/fullchain.pem
/etc/letsencrypt/live/yourdomain.com/privkey.pem

# renew certificates
certbot renew

Referensi

Retrieved from "https://onnocenter.or.id/wiki/index.php?title=CTF:_Instalasi_CTFd_di_Ubuntu_22.04&oldid=67879"