Copy the examples in the
.envs_template directory into a new
.envs directory within the Ghostwriter directory.
mkdir .envs && cp .envs_template/.* .envs
.envs directory contains
.production directories. Each of these directories contains the same two files,
.postgres. These files manage the environment variables for the Docker containers. Edit the
.django file to add API keys and manage other options.
One action Ghostwriter can perform is looking-up domain names and servers in VirusTotal. This uses web requests and a VirusTotal API key. If you do not have one, get a free API key from VirusTotal. Once you have your key, set
If you desire to use Slack with Ghostwriter, set
True and then configure a Slack Incoming WebHook.
You can also specify a username and emoji for the bot. Emojis must be set using Slack syntax like
:sheep:. You can use any emoji available in your Slack team – including custom emojis.
The username can be anything you could use for a Slack username. The emoji will appear as the bot's avatar alongside the username.
The alert target is the message target. You can set this to a blank string, e.g.
'', but it's useful for targeting users, aliases, or @here/@channel.
Finally, set the target channel. This might be your
#general or some other channel. This is the global value that will be used for all messages unless a project-specific channel is supplied. When a new project is created, users have an option to provide a Slack channel to be used for project-related notifications instead of the global channel.
Other notification options may be added in the future. Email and services such as Pushover are being considered. That said, you can add your own notification mediums and tasks in tasks.py. See Background Tasks for more information.
If you use Namecheap to register domain names, Ghostwriter can use Namecheap's API to sync your domain library with the domain library in Ghostwriter. You can setup this synchronization task to run on a schedule and execute it manually. On the first run, the task will populate your domain library. Subsequent runs will update records and automatically add new domain purchases.
True and fill-in the other values in accordance with your API configuration. All of the relevant details are in your Namecheap dashboard.
Ghostwriter can track cloud servers used for specific projects. If you provide access tokens for Amazon Web Services (AWS) and Digital Ocean (DO), Ghostwriter has a task that will collect all running server instances and check if any of them are attached to a completed project.
To use this task, set
True and then add the necessary access tokens for the cloud services you use.
At the bottom of of the settings you will find some values for your company/team. Fill these in to customize reporting. You need to provide at least a company name. Set values to blanks if you do not want to use them (e.g.
COMPANY_TWITTER = '').
Configured a Slack Incoming Webhook (if desired)
VIRUSTOTAL_API_KEY for domain health check-ups (if desired)
Configured Amazon Web Services access keys (if desired)
Configured a Digital Ocean API key (if desired)
Configured Namecheap API options (if desired)
Once you have
.envs setup, check Docker to make sure it is running. Then start the Docker container using the
docker-compose -f local.yml up -d
If you have already built Ghostwriter before and have made custom changes or pulled down new code, update and rebuild the container using these four commands:
docker-compose -f local.yml stop; docker-compose -f local.yml rm -f; docker-compose -f local.yml build; docker-compose -f local.yml up -d
Proceed to Database Setup.