VulnServer/.env.example at main · bashSunny101/VulnServer · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
# ========================================
# HoneyNet Intelligence Platform
# Environment Configuration
# ========================================

# ----- GENERAL -----
PROJECT_NAME=honeynet-platform
ENVIRONMENT=development  # development, staging, production
LOG_LEVEL=INFO
TIMEZONE=UTC

# ----- NETWORK -----
# Public IP where honeypots will listen (use your server's public IP in production)
PUBLIC_IP=0.0.0.0

# ----- HONEYPOT CONFIGURATION -----
# Cowrie (SSH/Telnet Honeypot)
COWRIE_SSH_PORT=2222
COWRIE_TELNET_PORT=2223
COWRIE_HOSTNAME=server01
COWRIE_OUTPUT_PATH=./data/cowrie

# Dionaea (Malware Capture Honeypot)
DIONAEA_OUTPUT_PATH=./data/dionaea

# ----- ELASTICSEARCH -----
ELASTIC_VERSION=8.11.0
ELASTIC_PASSWORD=changeme_elastic_password
ELASTIC_MEM_LIMIT=2g
ELASTIC_HOST=elasticsearch
ELASTIC_PORT=9200

# ----- KIBANA -----
KIBANA_PORT=5601
KIBANA_ENCRYPTION_KEY=changeme_32_character_encryption_key_here

# ----- LOGSTASH -----
LOGSTASH_MEM_LIMIT=1g

# ----- POSTGRESQL -----
POSTGRES_VERSION=15-alpine
POSTGRES_USER=honeynet
POSTGRES_PASSWORD=changeme_postgres_password
POSTGRES_DB=honeynet_db
POSTGRES_PORT=5432

# ----- MONGODB -----
MONGO_VERSION=7.0
MONGO_INITDB_ROOT_USERNAME=admin
MONGO_INITDB_ROOT_PASSWORD=changeme_mongo_password
MONGO_DB=honeynet_logs
MONGO_PORT=27017

# ----- REDIS -----
REDIS_VERSION=7-alpine
REDIS_PASSWORD=changeme_redis_password
REDIS_PORT=6379

# ----- BACKEND (FastAPI) -----
BACKEND_PORT=8000
BACKEND_RELOAD=true  # Auto-reload on code changes (dev only)
API_SECRET_KEY=changeme_secret_key_for_jwt_tokens_min_32_chars
JWT_ALGORITHM=HS256
JWT_EXPIRE_MINUTES=1440  # 24 hours

# ----- FRONTEND (React) -----
FRONTEND_PORT=3000
REACT_APP_API_URL=http://localhost:8000

# ----- NGINX -----
NGINX_PORT=80
NGINX_SSL_PORT=443

# ----- ALERTING -----
# Email Alerts
SMTP_HOST=smtp.gmail.com
SMTP_PORT=587
SMTP_USER=your-email@gmail.com
SMTP_PASSWORD=your-app-specific-password
ALERT_FROM_EMAIL=alerts@honeynet.local
ALERT_TO_EMAIL=security-team@yourdomain.com

# Telegram Alerts
TELEGRAM_BOT_TOKEN=your_telegram_bot_token
TELEGRAM_CHAT_ID=your_chat_id

# Slack Alerts
SLACK_WEBHOOK_URL=https://hooks.slack.com/services/YOUR/WEBHOOK/URL

# ----- THREAT INTELLIGENCE -----
# AbuseIPDB API (for IP reputation checking)
ABUSEIPDB_API_KEY=your_abuseipdb_api_key

# VirusTotal API (for malware analysis)
VIRUSTOTAL_API_KEY=your_virustotal_api_key

# MaxMind GeoIP Database
GEOIP_DB_PATH=./data/geoip/GeoLite2-City.mmdb
GEOIP_LICENSE_KEY=your_maxmind_license_key

# ----- SECURITY -----
# Enable/disable internet access from honeypots (should be false in production)
HONEYPOT_INTERNET_ACCESS=false

# Rate limiting
RATE_LIMIT_PER_MINUTE=60

# ----- BACKUP -----
BACKUP_PATH=./backups
BACKUP_RETENTION_DAYS=30

# ----- MONITORING -----
HEALTH_CHECK_INTERVAL=60  # seconds