Ryan Malloy
28b81ff359
Some checks are pending
Build Ghidra Plugin / build (push) Waiting to run
- Add ghydramcp Python package with FastMCP server implementation - Add docker-compose.yml for easy container management - Add Makefile with build/run targets - Add QUICKSTART.md for getting started - Add uv.lock for reproducible dependencies
117 lines
3.7 KiB
YAML
117 lines
3.7 KiB
YAML
# GhydraMCP Docker Compose Configuration
|
|
# Provides both development and production modes for Ghidra + GhydraMCP
|
|
#
|
|
# Usage:
|
|
# Development: docker compose up ghydramcp-dev
|
|
# Production: docker compose up ghydramcp
|
|
#
|
|
# Set MODE in .env file to switch between dev/prod behaviors
|
|
|
|
services:
|
|
# =============================================================================
|
|
# Production Service - Optimized for stability and security
|
|
# =============================================================================
|
|
ghydramcp:
|
|
build:
|
|
context: .
|
|
dockerfile: docker/Dockerfile
|
|
args:
|
|
GHIDRA_VERSION: ${GHIDRA_VERSION:-11.4.2}
|
|
GHIDRA_DATE: ${GHIDRA_DATE:-20250826}
|
|
image: ghydramcp:${GHYDRAMCP_VERSION:-latest}
|
|
container_name: ${COMPOSE_PROJECT_NAME:-ghydramcp}-server
|
|
restart: unless-stopped
|
|
ports:
|
|
- "${GHYDRA_PORT:-8192}:8192"
|
|
volumes:
|
|
# Mount binaries to analyze (read-only in prod)
|
|
- ${BINARIES_PATH:-./binaries}:/binaries:ro
|
|
# Persist Ghidra projects between runs
|
|
- ghydra-projects:/projects
|
|
environment:
|
|
- GHYDRA_MODE=${GHYDRA_MODE:-headless}
|
|
- GHYDRA_PORT=8192
|
|
- GHYDRA_MAXMEM=${GHYDRA_MAXMEM:-2G}
|
|
- PROJECT_NAME=${PROJECT_NAME:-GhydraMCP}
|
|
healthcheck:
|
|
test: ["CMD", "curl", "-f", "http://localhost:8192/"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
start_period: 60s
|
|
retries: 3
|
|
deploy:
|
|
resources:
|
|
limits:
|
|
memory: ${GHYDRA_MAXMEM:-2G}
|
|
profiles:
|
|
- prod
|
|
- default
|
|
|
|
# =============================================================================
|
|
# Development Service - Hot-reload and debugging friendly
|
|
# =============================================================================
|
|
ghydramcp-dev:
|
|
build:
|
|
context: .
|
|
dockerfile: docker/Dockerfile
|
|
args:
|
|
GHIDRA_VERSION: ${GHIDRA_VERSION:-11.4.2}
|
|
GHIDRA_DATE: ${GHIDRA_DATE:-20250826}
|
|
image: ghydramcp:dev
|
|
container_name: ${COMPOSE_PROJECT_NAME:-ghydramcp}-dev
|
|
ports:
|
|
- "${GHYDRA_PORT:-8192}:8192"
|
|
# Additional ports for debugging/multiple instances
|
|
- "8193:8193"
|
|
- "8194:8194"
|
|
volumes:
|
|
# Mount binaries (read-write in dev)
|
|
- ${BINARIES_PATH:-./binaries}:/binaries:rw
|
|
# Persist projects
|
|
- ghydra-projects-dev:/projects
|
|
# Mount scripts for live editing (development only)
|
|
- ./docker/GhydraMCPServer.java:/opt/ghidra/scripts/GhydraMCPServer.java:ro
|
|
- ./docker/entrypoint.sh:/entrypoint.sh:ro
|
|
environment:
|
|
- GHYDRA_MODE=${GHYDRA_MODE:-headless}
|
|
- GHYDRA_PORT=8192
|
|
- GHYDRA_MAXMEM=${GHYDRA_MAXMEM:-4G}
|
|
- PROJECT_NAME=${PROJECT_NAME:-GhydraMCP-Dev}
|
|
healthcheck:
|
|
test: ["CMD", "curl", "-f", "http://localhost:8192/"]
|
|
interval: 15s
|
|
timeout: 5s
|
|
start_period: 120s
|
|
retries: 5
|
|
profiles:
|
|
- dev
|
|
|
|
# =============================================================================
|
|
# Shell Service - Interactive debugging container
|
|
# =============================================================================
|
|
ghydramcp-shell:
|
|
build:
|
|
context: .
|
|
dockerfile: docker/Dockerfile
|
|
image: ghydramcp:${GHYDRAMCP_VERSION:-latest}
|
|
container_name: ${COMPOSE_PROJECT_NAME:-ghydramcp}-shell
|
|
stdin_open: true
|
|
tty: true
|
|
volumes:
|
|
- ${BINARIES_PATH:-./binaries}:/binaries:rw
|
|
- ghydra-projects-dev:/projects
|
|
environment:
|
|
- GHYDRA_MODE=shell
|
|
profiles:
|
|
- debug
|
|
|
|
volumes:
|
|
ghydra-projects:
|
|
name: ${COMPOSE_PROJECT_NAME:-ghydramcp}-projects
|
|
ghydra-projects-dev:
|
|
name: ${COMPOSE_PROJECT_NAME:-ghydramcp}-projects-dev
|
|
|
|
networks:
|
|
default:
|
|
name: ${COMPOSE_PROJECT_NAME:-ghydramcp}-network
|