Skip to main content
This guide covers building, deploying, and running Osmedeus in various environments.

Prerequisites

  • Go 1.21+ (for local builds)
  • Docker 20.10+ (for containerized deployment)
  • Docker Compose 2.0+ (for distributed mode)

Quick Start

Building

Local Build

Docker Build

Deployment Modes

Single Host

Direct Binary

Docker Container

Distributed Mode (Master/Worker)

Distributed mode allows scaling scan workloads across multiple worker nodes using Redis as a message queue.

Architecture

Docker Compose Setup

Manual Distributed Setup

If not using Docker Compose:

Submitting Distributed Scans

Configuration

Configuration File

Default location: ~/osmedeus-base/osm-settings.yaml

Environment Variables

VariableDescriptionDefault
REDIS_HOSTRedis hostnamelocalhost
REDIS_PORTRedis port6379
OSM_BASE_FOLDERBase folder path~/osmedeus-base

Command Line Overrides

Docker Compose Reference

The included build/docker/docker-compose.yml provides a complete distributed setup:

Services

ServicePurposePorts
redisTask queue and coordination6379
masterAPI server and task distributor8001
workerTask executor (scalable)-

Volumes

VolumePurpose
redis-dataRedis persistence
osmedeus-dataWorkflows and configuration
workspacesScan output data

Scaling

Production Considerations

Security

  1. Authentication: Never use -A (no-auth) in production
  2. JWT Secret: Change the default JWT secret in config
  3. TLS: Use a reverse proxy (nginx, traefik) for HTTPS
  4. Network: Restrict Redis access to internal network only

Resource Limits

Worker resource limits in docker-compose.yml:
Adjust based on workflow requirements.

Health Checks

The Docker image includes built-in health checks:

Logging

Database Options

For production, consider PostgreSQL instead of SQLite:

Backup

Ansible Deployment

Deploy Osmedeus on Ubuntu/Debian servers using Ansible. Uses the official install script, SQLite storage, and no Redis — designed for simple single-host setups.

Prerequisites

  • Control machine: Ansible 2.12+
  • Target server: Ubuntu 20.04+ or Debian 11+
  • SSH access with root or sudo privileges

Quick Start

What It Does

  1. Installs system dependencies (curl, tmux, git, chromium, etc.)
  2. Installs Osmedeus via curl -fsSL https://www.osmedeus.org/install.sh | bash
  3. Deploys osm-settings.yaml configured with SQLite (no Redis)
  4. Runs osmedeus health to verify the installation
  5. Sets up a systemd service for auto-start on boot

Playbook Files

Variables

VariableDefaultDescription
osm_server_port8002API server port
osm_admin_useradminAdmin username
osm_admin_passwordCHANGE_ME_ADMIN_PASSWORDAdmin password
osm_jwt_secretCHANGE_ME_JWT_SECRET_MIN_32_CHARSJWT signing secret
osm_jwt_expiration_minutes1440Token expiry (24h)
osm_threads_aggressive50Aggressive scan threads
osm_threads_default20Default scan threads
osm_threads_gently5Gentle scan threads
osm_enable_servicetrueInstall systemd service
osm_telegram_enabledfalseEnable Telegram notifications
osm_telegram_bot_token""Telegram bot token
osm_telegram_chat_id""Telegram chat ID
osm_global_variables[]Extra env vars for workflows

Customization

Override any variable at deploy time with -e:

Post-Deployment

Troubleshooting

Common Issues

Workers not connecting:
Scans not executing:
Port conflicts:

Useful Commands