Installing YETI with Portainer on Ubuntu 22.04

 Another day, another project.  I have been playing with some open-source Intelligence Platforms (I installed OpenCTI, and MISP recently with Portainer).  I recently found another project called YETI 'Your Everyday Threat Intelligence'

 For background, I already have a VM setup running Portainer (It is probably overworked, but it's only for testing, so not too concerned about overloading).    One change on the VM was to create a folder: 

/tmp/docker-yeti-exports 

In hindsight I would have changed the location in the docker-compose but missed it (needs to be rebuit upon reboot).

The setup of Yeti inside of Portainer took a little more than the previous builds as it could not build the image from the docker-compose.  I am new to this, so not entirely sure, but I think they don't host the image on GitHub or docker for it to build from.  

I had to download a few files from the Yeti GitHub

•     requirements.txt
•     dockerfile
•     docker-entrypoint.sh

Because I will be updating the requirements.txt and I had issues with the original docker-entrypoint I had added updated the Dockerfile with the following: 

RUN git clone https://github.com/yeti-platform/yeti.git /opt/yeti;
COPY requirements.txt /opt/yeti
COPY docker-entrypoint.sh /docker-entrypoint.sh

In the requirements.txt, I added a new application and added forced version.  This is due to an issue with flask and werkzeug

flask=2.1.2
werkzeug=2.12

Next, I created a .tar file with those three files.  Those files were included in the tar because Portainer will consider the files part of the default path (not needing to include local paths in your script).  I found that information somewhere else (I think it was on Reddit). The tar file was used to create an image called yeti:latest as shown below: 

The image took a few minutes to create, after that it was time to add a new stack to Portainer.

First things first, I had to update the docker-compose for the new image. I changed out yeti1:master to yeti:latest as below

version: '3.3'
services:

  yeti:
    image: yeti:latest
    ports:
      - "5000:5000"
    command: ['webserver']
    depends_on:
      - redis
      - mongodb
    volumes:
      - /tmp/docker-yeti-exports:/opt/yeti/exports

  feeds:
    image: yeti:latest
    command: ['feeds']
    depends_on:
      - redis
      - mongodb
      - yeti
    environment:
      - TLDEXTRACT_CACHE=/tmp/tldextract.cache

  analytics:
    image: yeti:latest
    command: ['analytics']
    depends_on:
      - redis
      - mongodb
      - yeti
    environment:
      - TLDEXTRACT_CACHE=/tmp/tldextract.cache

  beat:
    image: yeti:latest
    command: ['beat']
    depends_on:
      - redis
      - mongodb
      - yeti
      - feeds
      - analytics
      - exports

  exports:
    image: yeti:latest
    command: ['exports']
    depends_on:
      - redis
      - mongodb
      - yeti
    volumes:
      - /tmp/docker-yeti-exports:/opt/yeti/exports

  oneshot:
    image: yeti:latest
    command: ['oneshot']
    depends_on:
      - redis
      - mongodb
      - yeti

  redis:
    image: redis:latest

  mongodb:
    image: mongo:4.0.12
    environment:
      - MONGO_LOG_DIR=/dev/null
    command: mongod

I created a new stack (called yeti) and deployed it. 

And the screen for YETI (Which I noticed did not have a login screen).  Not sure if that is normal btw as it's my first time using it.