Create a local .env file cd Leaktopus cp .env.example .env
Edit .env according to your local setup (see the internal comments).
Run Leaktopus docker-compose up -d
Initiate the installation sequence by accessing the installation API. Just open http://{LEAKTOPUS_HOST}:8000/api/install in your browser.
Check that the API is up and running at http://{LEAKTOPUS_HOST}:8000/up
The UI should be available at http://{LEAKTOPUS_HOST}:8080
Using Github App
In addition to the basic personal access token option, Leaktopus supports Github App authentication. Using Github App is recommended due to the increased rate limits.
To use Github App authentication, you need to create a Github App and install it on your organization/account. See Github’s documentation for more details.
After creating the app, you need to set the following environment variables:
GITHUB_APP_PRIVATE_KEY_PATH (defaults to /app/private-key.pem)
Mount the private key file to the container (see docker-compose.yml for an example). ./leaktopus_backend/private-key.pem:/app/private-key.pem
* Note that GITHUB_ACCESS_TOKEN will be ignored if GITHUB_USE_APP is set to True.
Updating Leaktopus
If you wish to update your Leaktopus version (pulling a newer version), just follow the next steps.
Pull the latest version. git pull
Rebuild Docker images (data won’t be deleted). # Force image recreation docker-compose up –force-recreate –build
Run the DB update by calling its API (should be required after some updates). http://{LEAKTOPUS_HOST}/api/updatedb
Results Filtering Heuristic Engine
The built-in heuristic engine is filtering the search results to reduce false positives by:
Content:
More than X emails containing non-organizational domains.
More than X URIs containing non-organizational domains.
Metadata:
More than X stars.
More than X forks.
Sources ignore list.
API Documentation
OpenAPI documentation is available in http://{LEAKTOPUS_HOST}:8000/apidocs.
Leaktopus Services
Service
Port
Mandatory/Optional
Backend (API)
8000
Mandatory
Backend (Worker)
N/A
Mandatory
Redis
6379
Mandatory
Frontend
8080
Optional
Elasticsearch
9200
Optional
Logstash
5000
Optional
Kibana
5601
Optional
The above can be customized by using a custom docker-compose.yml file.
Security Notes
As for now, Leaktopus does not provide any authentication mechanism. Make sure that you are not exposing it to the world, and doing your best to restrict access to your Leaktopus instance(s).