This is a repository for all the files necessary to have a Docker Stack which can be used for the local development testing of your web application. The Docker Stack is made of 2 services:
- gixy - a tool for testing your nginx.conf file
- testssl - a great tool for testing the SSL implementation of your local or non-local web application
Assuming you have Docker installed and Docker Swarm initialized - do the following.
Build the testssl image.
cd build/testssl
./build-image.shPlace your nginx.conf file here.
./persistance/gixy/conf/nginx.confChange the dummy settings in the ./deploy/docker-compose.yml
x-default-extra_hosts: &default-extra_hosts
- "hostname:hostip"testssl:
image: testssl:latest
command: ["https://hostname"]gixy:
image: yandex/gixy:latest
volumes:
- "/opt/docker-stacks/appscan/persistance/gixy/conf/nginx.conf:/etc/nginx/conf/nginx.conf"Make sure your target web application is running, then deploy the stack.
cd deploy
docker stack deploy appscan -c docker-compose.ymlWhen both images are done with their tasks, the Docker Service will show as stopped. This is intentional due to this setting.
x-default-restart_policy: &default-restart_policy
condition: noneWhen the services stop view the logs of each to see the results of your scan. For instance:
docker logs appscan_gixy.1.1mzk3shd7a3k6twmo9c3r2dnf
docker logs appscan_testssl.1.1mzk3shd7a3k6twmo9c3r2dnf