...
Info |
---|
Note: availability and installation of `docker compose` may vary by OS |
The configuration provided in installation requires User ID 1000 and Group ID 1000 to perform the following
sudo mkdir /opt/zilla && sudo chown 1000:1000 /opt/zilla && sudo chmod 700 /opt/zilla && mkdir /opt/zilla/zinc-config /opt/zilla/zinc-output
Info |
---|
Alternatively the docker-compose.yaml can be modified to use alternate directories. |
...
Region | Hosts |
---|---|
Americas and Canada (Production) | app.zillasecurity.com/* |
Americas and Canada (Dev/Sandboxes) | qa.zsec.io/* |
Europe and UK | |
Asia Pacific and Australia | |
UK |
email support@zillasecurity.com and request a PO Box API Token, along with the link to download the PO Box image and the Docker Yaml file that will be needed for installation
Installation
Info |
---|
Note: if there are brackets inside of a code snippet, you will need to replace it with a value. For instance, If there is code that says to enter |
...
Info |
---|
If you would like to put these directories in a different directory, you can adjust docker-config.yaml file with the new directory paths. We will outline this below |
Create a file in the directory
zilla-config
calledZilla_API_Key
. This is where the API Key we are using to connect to the Zilla Mothership will be stored. This will be provided to you by Zilla support. On Linux, you can run the following to create the file:
Code Block |
---|
cat > /opt/zilla/zinc-config/Zilla_API_Key |
Next, open the
Zilla_API_Key
file with an editing tool like nano, vim, or vscode. Copy the API Token given to you by support and paste it into theZilla_API_Key
file you created. The API Key should have the following structure in the file:
Code Block |
---|
{"access_token": "token string", "refresh_token": "token string"} |
Navigate back to the
po-box
directory and load the image using this command:
Code Block |
---|
sudo docker image load -i {NAME OF IMAGE FILE} |
...
Code Block |
---|
sudo docker image ls |
Next, open the
docker-compose.yml
file with Nano or VScode. This is the file that stores global configuration parameters for the container. In this file, you will need to add your tenant domain to the variableTENANT_DOMAIN
. This is the domain corresponding to your Zilla tenant. You can find this inside of the global settings of your Zilla tenant. It will be the first domain listed under Your Domains. In the screenshot below, my tenant domain would bemp.access-ventures.com
...
You will also need to update the image
parameter to match the image that you loaded. To get this value, run sudo docker image ls
on terminal. You should see something like this:
...
Code Block |
---|
image: 508384223771.dkr.ecr.us-east-1.amazonaws.com/zinc:hotfix-S-1-HF1-2024-04-11-04-47-57-d5de0f99432be0c66e38c9b2ba4518bc208eaaee |
If you did not use the default folder names for zinc-config and zinc-output, you will also need to adjust these 2 parameters in the YAML file as well:
Code Block |
---|
SECRETS_DIRECTORY_PATH={FILEPATH FOR THE zinc-config DIRECTORY} STORAGE_DIRECTORY_PATH={FILEPATH FOR THE zinc-output DIRECTORY} |
...
Code Block |
---|
volumes: - /opt/zilla:/home/zilla-security |
Once you have made these edits, save the YAML file
compose and run the docker container by running the following command in the po-box folder:
Code Block |
---|
docker compose up -d |
Confirm with your technical resource or support@zillasecurity.com to ensure that the container is successfully calling home to Zilla.
Next Steps
Once PO Box is installed, you can move onto configuring service accounts on the systems that you are going to be pulling user information for. Please see Creating Service Accounts For PO Box for more info.