Skip to main content

Create a controller

The controller node is the central node in a cluster deployment. All workers are configured from here, and all data is fed into this node.

System Requirements

This entirely depends on the size of your cluster, and how many worker nodes you have deployed. As a starting point, these should be your minimum requirements:

  • CPU: Any modern (2022+) dual-core CPU
  • RAM: 1GB
  • HDD: 32GB
  • OS: x86 or ARM system capable of hosting Docker, ideally Linux (Debian)

The instructions below assume you're on a Linux distribution, specifically Debian.

System Setup

We generally recommend using /opt to hold your container data.

After installing Docker following their setup guide, create /opt/docker-compose.yml with the following contents:

services:
  controller:
    image: ghcr.io/globalcyberalliance/proxypot:latest
    container_name: controller
    environment:
      - PORT=8080
      - ROLE=controller
    ports:
      - 8080:8080
    volumes:
      - /opt/proxypot:/app
    restart: unless-stopped

You can then bring the container from the /opt directory by running docker compose up -d.

Note the /opt/proxypot directory. This will hold all of your system's data. You should have backups in-place for this directory.

User Credentials

Once the container is online, inspect the logs for it via docker logs controller. You should see logs resembling the following:

{"level":"info","email":"proxypot@globalcyberalliance.org","password":"ab70a613-144f-45f6-984d-f911e5069941","time":"2024-09-23T20:25:43+01:00","message":"Default admin user created!"}
{"level":"info","time":"2024-09-23T20:25:43+01:00","message":"Background jobs disabled"}
{"level":"info","time":"2024-09-23T20:25:43+01:00","message":"Starting api server on port 8080"}

The user password will be automatically generated at startup. With these credentials in-hand, follow the installation's API docs (you can find your installation's own docs by visiting http://your.server.ip:8080/api/docs), specifically you want the POST /api/auth/login endpoint. Submit your credentials, and you'll receive back an API key which you can use for your next requests.

With your API key in hand and applied as your authorization header, you'll want to create a worker node. Looking at the POST /api/nodes endpoint, you can either supply an empty body, or you can pre-specify the node's name field. If you don't supply a name, it'll default to the worker node's hostname.

You should receive back something like this:

{
  "$schema": "http://localhost:8080/schemas/CreateNodeResponseBody.json",
  "key": {
    "created": "2024-09-22T20:19:28.11365+01:00",
    "id": "a64ef71c-1c07-49f6-8595-2aeb698d3ba1",
    "description": "Worker key",
    "expiry": "9999-01-01T00:00:00Z",
    "nodeId": 2
  },
  "node": {
    "created": "2024-09-22T20:19:28.113543+01:00",
    "id": 2,
    "cpuCores": 1,
    "ipAddress": "127.0.0.1",
    "name": "pending",
    "role": "worker",
    "status": "pending",
    "version": "pending"
  }
}

You can ignore most of this, the part we're interested in is key.id, as this is the API key we'll need to supply to the worker node.