ThreatZone OnPremise Installation Guide

If you want to test & use our OnPremise version, contact us through [email protected]

ThreatZone On-Premise Installation Manual

Prerequisites

  • Ubuntu 22.04 LTS server

  • Root or sudo access

  • Internet connectivity to

    • https://hub.malwation.com - for Docker & Kubernetes images

    • https://u424762-sub1.your-storagebox.de - for Threat.Zones necessary files for OS Images & Snapshots.

    • APT Repositories - need some packages for installation - E.g rpcsvc-proto, libunbound8 etc. - from official Ubuntu mirrors.

    • Pip repositories - need some packages for installation - E.g fastapi uvicorn python-multipart etc.

Installation Steps

1. Run Installation Script

sudo ./start.sh

2. User Inputs Required

Proxy Configuration (Optional)

Do you want to configure proxy settings? (y/n):

  • y: Continue to proxy setup

  • n: Skip proxy configuration

If y selected:

Enter proxy host/IP: [IP_ADDRESS]
Enter proxy port: [PORT_NUMBER]
Is this correct? (y/n):

  • Enter proxy server IP/hostname (e.g., 192.168.1.100 or proxy.company.com)

  • Enter proxy port (1-65535, e.g., 3128, 8080)

  • Confirm configuration

Example:

Enter proxy host/IP: 116.203.244.19
Enter proxy port: 3128
Is this correct? (y/n): y

File Replacement Confirmations

During proxy configuration, the script may find existing configuration files. You'll see prompts like:

File /etc/apt/apt.conf.d/99proxy already exists!
Current content:
----------------------------------------
Acquire::http::Proxy "http://old.proxy.com:8080/";
Acquire::https::Proxy "http://old.proxy.com:8080/";
----------------------------------------

New content to be replaced:
----------------------------------------
Acquire::http::Proxy "http://proxy.company.com:3128/";
Acquire::https::Proxy "http://proxy.company.com:3128/";
----------------------------------------

Do you want to replace this file? (y/n):

Recommendations:

  • y: Replace with new proxy settings (recommended for new installations)

  • n: Keep existing configuration (use if you have custom settings)

Note: Original files are automatically backed up with timestamps (e.g., 99proxy.backup.20250804_143022)

Server IP Address

IP Address you want to server Threat.Zone: [EXTERNAL_IP]

  • Enter the external IP address where ThreatZone will be accessible

  • This IP will be used for SSL certificates and service configuration

Examples:

  • Public IP: 203.0.113.45

  • Private network IP: 192.168.1.100

  • Domain name: threatzone.company.com (if DNS is configured)

Important: Use the IP/domain that users will access ThreatZone from

SSL Certificate Configuration

Do you want to use your own certificate? (y/n):

If y selected:

TLS key file path: [PATH_TO_KEY]
TLS crt file path: [PATH_TO_CRT]

  • Provide full path to your private key file

  • Provide full path to your certificate file

Examples:

TLS key file path: /home/admin/ssl/server.key
TLS crt file path: /home/admin/ssl/server.crt

Requirements:

  • Files must exist and be readable

  • Key file should be unencrypted

  • Certificate should match the server IP/domain entered earlier

If n selected:

  • Self-signed certificate will be generated automatically using the provided IP address

  • Certificate will be valid for 365 days

  • Browser will show security warnings (normal for self-signed certificates)

Installation Process

After user inputs, the script will:

  1. Configure system proxy settings (if enabled)

  2. Install Docker and configure proxy

  3. Install K3s Kubernetes

  4. Deploy all ThreatZone services

  5. Configure networking and certificates

  6. Start all required components

Post-Installation

  • Reboot server when installation completes

  • Access ThreatZone via: https://[EXTERNAL_IP]

Notes

  • Installation takes 30-60 minutes depending on network speed

  • All services will auto-start after reboot

  • Proxy settings apply system-wide if configured

Troubleshooting

Common Issues

Invalid Proxy Port

[ERROR] Invalid port number. Please enter a valid port (1-65535).

Solution: Enter a numeric port between 1-65535 (common ports: 3128, 8080, 1080)

Missing Certificate Files

cp: cannot stat '/path/to/cert.crt': No such file or directory

Solution: Verify certificate file paths exist and are accessible

File Permission Errors

Solution: Ensure running script with sudo for system file modifications

Configuration File Locations

After installation, proxy settings are stored in:

  • /etc/apt/apt.conf.d/99proxy - APT package manager

  • /etc/profile.d/proxy.sh - Shell environment

  • /etc/systemd/system/docker.service.d/http-proxy.conf - Docker daemon

  • /etc/systemd/system/containerd.service.d/http-proxy.conf - Containerd daemon

  • /etc/systemd/system/k3s.service.env - Kubernetes

  • /etc/environment - System-wide environment variables

  • /threatzone/threatzone_proxy_config - Passed proxy host & port is stored here

Backup Files

All replaced configuration files are backed up with timestamps:

  • Format: filename.backup.YYYYMMDD_HHMMSS

  • Location: Same directory as original file

  • Use these to restore previous settings if needed

PreviousThreatZone Onpremise Usage Guide

Last updated

Was this helpful?