STIG Manager is a Docker-based tool for managing Security Technical Implementation Guides (STIGs) with proxy support via NGINX for secure access.
stig manager setup with proxy
This tool is designed for security and compliance teams to automate and manage compliance auditing using STIGs in a containerized environment. It simplifies deployment through Docker and Docker Compose, enabling integration into DevSecOps workflows with secure access via an NGINX reverse proxy.
Ensure Docker and Docker Compose versions are compatible with your OS before installation. Properly configure environment variables in the .env file to tailor the deployment. When setting up NGINX, use valid SSL certificates from a trusted CA for production environments to avoid security warnings. Regularly monitor container status and logs to maintain service health.
Install Docker and Docker Compose on your system (Ubuntu, RHEL, Windows, or Mac)
For Ubuntu: update package index and install prerequisites
Add Docker’s official GPG key and repository
Install Docker CE and start the Docker service
For RHEL: remove old Docker versions, install yum-utils, add Docker repo, install Docker CE, start and enable Docker
Download and install Docker Compose binary and set executable permissions
Clone the stig-manager repository: git clone https://github.com/allamiro/stig-manager.git
Navigate to the cloned directory: cd stig-manager
Update environment variables in the .env file as needed
Start the services using Docker Compose: docker-compose up -dsudo apt update
Update package index on Ubuntu
sudo apt install apt-transport-https ca-certificates curl software-properties-common
Install packages required for Docker repository over HTTPS
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
Add Docker’s official GPG key
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
Add Docker repository to APT sources
sudo apt install docker-ce
Install Docker Community Edition
sudo curl -L "https://github.com/docker/compose/releases/download/v2.5.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
Download Docker Compose binary
sudo chmod +x /usr/local/bin/docker-compose
Make Docker Compose binary executable
git clone https://github.com/allamiro/stig-manager.git
Clone the STIG Manager repository
cd stig-manager
Navigate into the cloned repository directory
docker-compose up -d
Start STIG Manager services in detached mode
docker-compose ps
Verify that Docker containers are running
openssl genrsa -out mydomain.key 2048
Generate a private key for SSL certificate
openssl req -new -key mydomain.key -out mydomain.csr
Generate a Certificate Signing Request (CSR)
openssl req -newkey rsa:2048 -nodes -keyout domain.key -out domain.csr
Generate a private key and CSR without prompt
openssl x509 -signkey domain.key -in domain.csr -req -days 365 -out domain.crt
Create a self-signed SSL certificate