Skip to content

Installation

Jump to bottom
tkaixiang edited this page Aug 21, 2021 · 21 revisions

Note: There might be issues when installing sharp (an image processing library for profile pictures in the API) on Windows. You can remove this library if you don't need profile pictures and it will not affect the overall API.

Development Deployment

Dependencies

  • Nodejs
  • MongoDB

Get The Repo

git clone https://github.com/IRS-Cybersec/ctf_platform.git

Install Stuff

cd ctf_platform
cd client && npm i
cd ../api && npm i

Start the API & React dev server

Please make sure that your MongoDB server is running beforehand on localhost:27017 Setting up MongoDB

# Starting the API
cd api
npm install -g nodemon
npm run dev

# Starting the client
cd client
npm start

Start development 😄

Footnotes:

  • You will likely want to change the Sieberrsec CTF logos to your own logos, and window.ipAddress in /client/public/index.html to point to your own API address
  • A variable (window.production) in /client/public/index.html determines whether to use localhost:27017 as the API address, or to use the production ip address specified by you
  • The API will automatically insert Validation & Indexes into MongoDB
  • When in development mode, eruda is activated for easier debugging on Mobile Devices

Manual Production Deployment

Dependencies

  • Nodejs
  • MongoDB
  • A web server (we will be using Nginx here)

Get and Move Stuff To the Right Places

We are going to assume we are on an Ubuntu Server. We will be creating a folder called "ctf_platform" in the web server folder (/var/www) and dump everything there

We will set-up the API first as the client needs to be built manually later on to point to the right API address

mkdir /var/www/ctf_platform && mkdir /var/www/ctf_platform/api && mkdir /var/www/ctf_platform/client

git clone https://github.com/IRS-Cybersec/ctf_platform.git
cd ctf_platform
cp -a api/. /var/www/ctf_platform/api

Setting Up The API

cd /var/www/ctf_platform/api
npm i

We will be using pm2 to run the API. Please ensure that MongoDB Server is running so that the API can connect to itr

npm i pm2 -g
pm2 start api.js

And the api is now running on localhost:20001!

Setting up Nginx Reverse Proxy to the API

cd /etc/nginx/sites-available
nano ctf

You can use the following example config:

upstream ctfx { 
    server 127.0.0.1:20001; keepalive 4;
}
limit_req_zone $binary_remote_addr zone=ctfapilimit:20m rate=5r/s; #To partly prevent people from DDOSing the API
server {
   listen 80;
   listen [::]:80;

    server_name api.YOUR_SERVER_DOMAIN.com; # <--- Replace this with your domain!!!

    location /uploads/profile/ {
        root /var/www/ctf_platform/static;
        try_files $uri /uploads/profile/default.webp; #Replace this path with where you host your default profile picture
    }
    location / {
        limit_req zone=ctfapilimit burst=10;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $http_host;
        proxy_pass http://ctfx;
        proxy_redirect off;

        #To provide websockets support for the live scoreboard
        proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
    }
}

Then link the virutal host config & restart nginx

sudo ln -s /etc/nginx/sites-available/ctf /etc/nginx/sites-enabled/
nginx -t #Make sure there are no errors in the nginx config file
systemctl restart nginx

And now your API will be accessible at api.YOUR_SERVER_DOMAIN.com. Remember this as we have to point the client to it later on.

Setting up the client

  • First, open /client/public/index.html in any editor.
  • Edit window.ipAddress to api.YOUR_SERVER_DOMAIN.com and set window.production to true
  • Change any other thing you want about the client, such as the CTF title to your CTF's name etc.
  • When ready, run the following to build the client:
cd client
npm run build
  • The built static files are placed in /client/build/.
  • We will copy them to where we want to host the files and deliver them using nginx
cp -a build/. /var/www/ctf_platform/client

Setup Nginx to Deliver The Client Files

cd /etc/nginx/sites-available
nano ctf

You can add the following example config to the bottom of your config:

server {
   listen 80;
   listen [::]:80;

    root /var/www/ctf_platform/client;

    server_name YOUR_DOMAIN_NAME; # <--- Replace this with your domain name!!!

    location / {
        try_files $uri $uri/ /index.html;
    }
}

Then link the virutal host config & restart nginx

sudo ln -s /etc/nginx/sites-available/ctf /etc/nginx/sites-enabled/
nginx -t #Make sure there are no errors in the nginx config file
systemctl restart nginx

Congratulations! The platform should now be accessible at YOUR_DOMAIN_NAME which connects to api.YOUR_SERVER_DOMAIN.com for the API. If you want HTTPS , you can consider looking at installing and setting up [Certbot](https://certbot.eff.org/) or [acme.sh](https://github.com/acmesh-official/acme.sh).

In order to get an admin account, you will have to manually use the Mongo shell to set a user's type to 2. Example:

mongo
use ctf
db.users.updateOne({
Clone this wiki locally