Docker部署Yapi(ubuntu)

2023-12-19 21:25:42

Docker部署Yapi

docker-compose.yml

$ git clone https://github.com/vulhub/vulhub.git
$ cd vulhub/yapi/mongodb-inj
$ ls
1.png  config.json  docker-compose.yml  initdb.js  poc.py  README.md  README.zh-cn.md
$ cat docker-compose.yml 
version: '2'
services:
  mongo:
    image: mongo:5.0.6
    environment:
      MONGO_INITDB_ROOT_USERNAME: root
      MONGO_INITDB_ROOT_PASSWORD: root
      MONGO_INITDB_DATABASE: yapi
  web:
    image: vulhub/yapi:1.10.2
    ports:
    - "3000:3000"
    volumes:
    - ./config.json:/usr/config.json
    - ./initdb.js:/usr/src/initdb.js
    environment:
    - MONGO_ADDR=mongo:27017
$ cat config.json 
{
    "port": "3000",
    "adminAccount": "admin@admin.com",
    "timeout": 120000,
    "closeRegister": false,
    "db": {
        "servername": "mongo",
        "DATABASE": "yapi",
        "port": 27017,
        "user": "root",
        "pass": "root",
        "authSource": "admin"
    },
    "mail": {
        "enable": true,
        "host": "smtp.163.com",
        "port": 465,
        "from": "***@163.com",
        "auth": {
            "user": "***@163.com",
            "pass": "*****"
        }
    }
}
# root @ liuyuelong-System-Product-Name in ~/workspace/github/vulhub/yapi/mongodb-inj on git:master x [19:34:12] 
$ cat initdb.js 
const { MongoClient } = require("mongodb");

const url = `mongodb://root:root@${process.env.MONGO_ADDR}/?authSource=admin`;
MongoClient.connect(url, async function(err, client) {
    const database = client.db("yapi");

    const user = await database.collection("user").findOne();
    const temp = await database.collection("project").findOne();
    if (temp) {
        console.log("database has already been initialized");
        client.close();
        return
    }

    const baseid = 66;
    await database.collection("group").insertOne({
        "_id": baseid,
        "custom_field1": {
          "enable": false
        },
        "type": "private",
        "uid": user._id,
        "group_name": "User-11",
        "add_time": parseInt(Date.now()/1000),
        "up_time": parseInt(Date.now()/1000),
        "members": [],
        "__v": 0
    });
    await database.collection("project").insertOne({
        "_id": baseid,
        "switch_notice": true,
        "is_mock_open": false,
        "strice": false,
        "is_json5": false,
        "name": "vulhub",
        "basepath": "",
        "members": [],
        "project_type": "private",
        "uid": user._id,
        "group_id": baseid,
        "icon": "code-o",
        "color": "purple",
        "add_time": parseInt(Date.now()/1000),
        "up_time": parseInt(Date.now()/1000),
        "env": [
          {
            "header": [],
            "name": "local",
            "domain": "http://127.0.0.1",
            "global": []
          }
        ],
        "tag": [],
        "__v": 0
    });
    await database.collection("interface_cat").insertOne({
        "_id": baseid,
        "index": 0,
        "name": "公共分类",
        "project_id": baseid,
        "desc": "公共分类",
        "uid": user._id,
        "add_time": parseInt(Date.now()/1000),
        "up_time": parseInt(Date.now()/1000),
        "__v": 0,
    })
    await database.collection("interface_col").insertOne({
        "_id": baseid,
        "checkResponseField": {
          "name": "code",
          "value": "0",
          "enable": false
        },
        "checkScript": {
          "enable": false
        },
        "index": 0,
        "test_report": "{}",
        "checkHttpCodeIs200": false,
        "checkResponseSchema": false,
        "name": "公共测试集",
        "project_id": baseid,
        "desc": "公共测试集",
        "uid": user._id,
        "add_time": parseInt(Date.now()/1000),
        "up_time": parseInt(Date.now()/1000),
        "__v": 0,
    })
    await database.collection("interface").insertOne({
        "_id": baseid,
        "edit_uid": 0,
        "status": "undone",
        "type": "static",
        "req_body_is_json_schema": false,
        "res_body_is_json_schema": false,
        "api_opened": false,
        "index": 0,
        "tag": [],
        "method": "GET",
        "catid": baseid,
        "title": "sample",
        "path": "/",
        "project_id": baseid,
        "req_params": [],
        "res_body_type": "json",
        "query_path": {
          "path": "/",
          "params": []
        },
        "uid": user._id,
        "add_time": parseInt(Date.now()/1000),
        "up_time": parseInt(Date.now()/1000),
        "req_query": [],
        "req_headers": [],
        "req_body_form": [],
        "__v": 0,
    })
    await database.collection("interface_case").insertOne({
        "_id": baseid,
        "index": 0,
        "mock_verify": false,
        "enable_script": false,
        "uid": 11,
        "add_time": parseInt(Date.now()/1000),
        "up_time": parseInt(Date.now()/1000),
        "project_id": baseid,
        "col_id": baseid,
        "interface_id": baseid,
        "casename": "sample",
        "req_params": [],
        "req_headers": [],
        "req_query": [],
        "req_body_form": [],
        "__v": 0
    })
    await database.collection("token").insertOne({
        "_id": baseid,
        "project_id": baseid,
        "token": "1cae15606ea4b223b01a",
        "__v": 0,
    })
    await database.collection("identitycounters").updateMany({field: "_id"}, {$set: {count: baseid}})

    console.log("finish database initialization");
    client.close()
})

看看没有什么要改的,就把配置文件closeRegister设置成false,启动

$ docker-compose up -d

测试

浏览器中输入:3000
默认账号名:“admin@admin.com”,
密码:“ymfe.org”

文章来源:https://blog.csdn.net/yjkhtddx/article/details/115794186
本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。