- Install Postgresql database and create database e.g. taranisdb
- Install Python 3.13 or later
- In taranis-ng-common, taranis-ng-collectors and taranis-ng-core install and activate python virtual environment:
virtualenv -p python3.7 venv
source venv/bin/activate
pip3 install -r requirements.txt
- Set environment variables for taranis-ng-core: DB_URL=;DB_DATABASE=taranisdb;DB_USER=
- Set secrets (passwords) for taranis-ng-core: api_key.txt, jwt_secret_key.txt, postgres_password.txt
- Before first run uncomment line with
import test.py
in app.py to create set of test data. After first run comment this line again. - Run taranis-ng-core:
python3 run.py
- Set environment variables for taranis-ng-collectors: FLASK_RUN_PORT=5001;API_KEY=12345;TARANIS_NG_CORE_URL=;SSL_VERIFICATION=False
- Run taranis-ng-collectors:
python3 run.py
and it should collect first set of RSS news items from preconfigured test osint source
- Install Node.js from https://nodejs.org/en/
- Install all required packages:
npm install
- Run application inside taranis-ng-gui:
npm run serve
- In Browser go to:
- Test accounts are user with password user and admin with password admin
Keycloak in Docker:
You can use the existing docker-compose-keycloak-serv.yml
for creating keycloak server inside docker container.
Manual install:
This quick setup guide demonstrates installation for early test purposes running on localhost and default ports. Everything in Keycloak can be reconfigured to specific needs as well as Login screen template. Keycloak is not needed to run test version of TaranisNG at the moment. You can use default TestAuthenticator instead.
- Requires JAVA 8 to run so download and install JDK from Oracle or OpenJDK e.g.
apt install openjdk-8-jdk
- Download keycloak from https://www.keycloak.org/downloads.html
- In keycloak-8.0.2/standalone/configuration/standalone.xml change http listener port to 8081:
<socket-binding name="http" port="${jboss.http.port:8081}"/>
- Run keycloak in keycloak-8.0.2/bin:
sudo ./standalone.sh
- In browser go to
- Create first admin account and log in to Master Realm
- Choose ADD REALM to create realm with the name taranisng
- In taranis-ng realm choose IMPORT and import file realm-export.json from taranis-ng-core root
- In CLIENTS choose taranis-ng and regenerate secret in CREDENTIALS -> REGENERATE SECRET and put secret it into client_secrets.json inside taranis-ng-core root (NOTE: this will be properly configurable inside admin interface in the future)
- Create 2 users user and admin in USERS -> ADD USER. These are test users in TaranisNG at the moment.
- In taranis-ng-core add environment variable TARANIS_NG_AUTHENTICATOR=openid (just for sign in) or TARANIS_NG_AUTHENTICATOR=keycloak (for identy management)
- In taranis-ng-core add environment variable OPENID_LOGOUT_URL and set it according to your Keycloak installation
- In taranis-ng-gui add these environment variables VUE_APP_TARANIS_NG_LOGIN_URL, VUE_APP_TARANIS_NG_LOGOUT_URL to activate external login:
taranis-ng-core section:
TARANIS_NG_KEYCLOAK_URL: "https://keycloak.example.com"
TARANIS_NG_KEYCLOAK_INTERNAL_URL: "https://keycloak.int.example.com"
OPENID_LOGOUT_URL: "${TARANIS_NG_KEYCLOAK_URL}/realms/taranis-ng/protocol/openid-connect/logout?redirect_uri=GOTO_URL"
If you configure keycloak in client mode check this secret definition:
- keycloak_admin_password
and update key inside file:
If you configure keycloak also for administration check this secret definition:
- keycloak_admin_password
and update password inside file:
taranis-ng-gui section:
VUE_APP_TARANIS_NG_LOGIN_URL: "${TARANIS_NG_KEYCLOAK_URL}/realms/taranis-ng/protocol/openid-connect/auth?response_type=code&client_id=taranis-ng&redirect_uri=TARANIS_GUI_URI"
VUE_APP_TARANIS_NG_LOGOUT_URL: "${TARANIS_NG_KEYCLOAK_URL}/realms/taranis-ng/protocol/openid-connect/logout"
You can use and modify the existing docker-compose-keycloak.yml
example in the repository and
run with docker-compose -f docker-compose.yml -f docker-compose-keycloak.yml
If you prefer to authenticate users with LDAP, you need to set environment variables similarly to this:
LDAP_SERVER: "ldaps://ldap.example.com"
LDAP_BASE_DN: "ou=people,dc=example,dc=com"
LDAP_CA_CERT_PATH: "auth/ldap_ca.pem"