CTFd Enterprise
This document covers installation instructions for self-hosted CTFd Enterprise. Unless you have a specific need to self-host CTFd Enterprise, we generally recommend that you use Hosted CTFd.
CTFd Enterprise is a tier of Hosted CTFd as well as a self-hosted software package allowing customers to self host the majority of features and functionality used to run the Hosted CTFd environment.
For self-hosted users, CTFd Enterprise is distributed as a set of Docker images along with a docker-compose.yml file. The docker-compose file represents an example of how to setup CTFd Enterprise but you are free to change how you deploy CTFd Enterprise provided you use the provided Docker images.
Components
The CTFd Enterprise stack is comprised of a few applications each with their own distinct purpose.
- CTFd Enterprise - CTFd with Enterprise focused improvements and features
- Playground - Application responsible for executing arbitrary code submitted by users
- Deploybot - Application responsible for deploying challenge servers
For more detail about each application, refer to their specific pages in the sidebar.
Installation
1. Install Docker
CTFd-Enterprise is deployed using Docker. While this installer provides a Docker-Compose based setup flow, you are free to use any flow that deploys CTFd-Enterprise using it's Docker image.
The install instructions for Docker can be found online at https://docs.docker.com/install/linux/docker-ce/ubuntu/
2. Login to the Docker Registry
You should have registered an account at https://cloud.ctfd.io/. This account will be used to access the CTFd-Enterprise Docker images from the CTFd Docker Registry.
Login to registry.ctfd.io with:
docker login -u [email]@cloud.ctfd.io registry.ctfd.io
Password: [TYPE IN PASSWORD]
Login Succeeded
For example:
docker login -u [email protected]@cloud.ctfd.io registry.ctfd.io
Password: [TYPE IN PASSWORD]
Login Succeeded
Note that it is required to append @cloud.ctfd.io to your email address.
3. Provide License and Secret Key
The docker-compose.yml file provided in this installer will load two values from environment variables:
- The CTFd
SECRET_KEY - Your
LICENSEkey
Neither of these values should be shared externally or anyone untrusted.
You can insert these by either:
- Exporting them as environment variables
export SECRET_KEY=[some secret unguessable value]
export LICENSE=[the license you were provided]
- Hardcoding them in
docker-compose.yml
Replace ${SECRET_KEY} with your SECRET_KEY value and the same with ${LICENSE} and your LICENSE value.
4. Install any plugins/themes
Plugins and themes that are installed in their respective folders (plugins/ and themes/) will be loaded by the created CTFd instance. Any requirements.txt based dependencies in plugins will automatically be installed before CTFd is loaded.
5. Run CTFd
If you are using docker-compose, at this point you should be able to do docker-compose up to enable CTFd running locally on localhost:80. You can install an HTTPS certificate by modifying the nginx.conf and providing SSL certificates in the nginx folder which is mounted at /mnt/nginx by the nginx container.
Recommendations
Servers
Resources
The resource needs of CTFd and its other applications will scale depending on how many users are expected to use the infrastructure.
For most uses cases, you can use a 4GB/2CPU or 4GB/4CPU server for every server. We strongly recommend putting Redis and MySQL on their own seperate servers instead of on a single server.
If you need to scale, we recommend either increasing the resources of your individual servers or horizontally scaling CTFd by creaing duplicate servers that use the same MySQL and Redis settings.
Domains
We recommend having two domains allocated specifically for CTFd Enterprise. One domain will be used for CTFd itself and the other domain will be used for accessing challenges.
If you only have one domain available to you, you can still use a subdomain to deploy challenges. For example you can use ctf.examplectf.com for CTFd and *.challenges.examplectf.com for challenges deployed on top of deploybot.
Operating System
We generally recommend that you use Ubuntu or a similar Debian based distro as your base OS. While CTFd Enterprise is distributed as a Docker image and should run anywhere that Docker runs, CTFd Enterprise receives the most usage on Ubuntu.