Purpose
This article outlines the configuration files of BloodHound Community Edition (BHCE) installed with Docker Compose and how to configure them.
For a more advanced walkthrough of the deployment process, read our deployment README.MD in GitHub.
NOTE: Do not follow this guide if you intend to expose the databases outside of Docker. Use the instructions in README.MD to make sure you change the default database passwords accordingly.
Prerequisites
Running the example Docker Compose project requires the following:
- A Docker-compatible container runtime, for example, Docker Desktop or Podman (with Docker compatibility enabled)
- Docker Compose (automatically included with Docker Desktop)
The simplest way to get started is to install Docker Desktop, as it will provide both prerequisites and require no additional configuration.
Process
Optional: One-line command for Steps 1 & 2
curl -L https://ghst.ly/getbhce | docker compose -f - up
On Windows, execute the command in CMD, or use "curl.exe" instead of "curl" in PowerShell.
- Download the Docker Compose YAML file and save it to a directory where you'd like to run BHCE.
- On Linux/Mac:
curl -L https://ghst.ly/getbhce > .\docker-compose.yml
- On Windows, from CMD:
curl -L https://ghst.ly/getbhce > .\docker-compose.yml
- On Windows, from PowerShell:
Invoke-WebRequest -Uri https://ghst.ly/getbhce -OutFile .\docker-compose.yaml
- On Linux/Mac:
- Navigate to the folder with the saved
docker-compose.yaml
file and rundocker compose pull && docker compose up
.- To run BHCE without the need to maintain the terminal interface, use
docker compose up -d
, and thendocker compose logs
to see the most recent logs from the environment.
- To run BHCE without the need to maintain the terminal interface, use
- Locate the randomly generated password in the terminal output of Docker Compose.
- The password cannot be regenerated. If you lost the password, simply run
docker compose down -v
and thendocker compose up
to reset your databases.
- The password cannot be regenerated. If you lost the password, simply run
- In a browser, navigate to http://localhost:8080/ui/login. Login with the username
admin
and the randomly generated password from the logs.
Note: The default docker-compose.yml
example binds only to localhost (127.0.0.1). If you want to access BHCE outside of localhost, you'll need to follow the instructions in examples/docker-compose/README.md to configure the host binding for the container.
Outcome
At the completion of this process, users will be logged into a locally hosted BHCE tenant running with Docker Compose.
Updated