Mira - Risk Management Platform - Community Edition
MIRA is your streamlined one-stop shop for risk assessment and management. What makes it special is the fact that it is based on field knowledge and inputs from security experts.
Read the full article about the community editions on our blog.
Join our open Discord community to interact with the team and other GRC experts.
The fastest and easiest way to get started is through the free trial of cloud instance available here.
This part is divided in two sections, the quick start if you simply want to run MIRA to see what it's made of, and the development setup if you want to go further.
To install gettext and pango, do sudo apt update && sudo apt install gettext libpangocairo-1.0-0 -y
There are two methods to run MIRA locally: using Python or using Docker.
By default, Django secret key is generated randomly at each start of Mira. This is convenient for quick test, but not recommended for production, as it can break the sessions (see this topic for more information). To set a fixed secret key, use the environment variable DJANGO_SECRET_KEY
.
git clone [email protected]:intuitem/mira-community.git
cd mira-community
💡 Advice: run everything inside a virtual environment. It is a good practice concerning python projects!
Choose the tool of your choice, either python-venv or virtualenv. For example:
# Install python-venv
sudo apt install python-venv # or python3-venv
# Create the virtual environment venv
python -m venv venv # or python3 -m venv venv
# To enter inside the virtual environment
source venv/bin/activate
# If you want to exit the virtual environment once finished
deactivate
pip install -r requirements.txt
python manage.py migrate
python manage.py collectstatic
python manage.py createsuperuser
python manage.py runserver
You can then reach MIRA using your web brower at http://127.0.0.1:8000/
Upgrade or install docker and if you don't have it. Read the official docs for your own OS/distro.
Build the image with an appropriate tag (e.g. mira:version), for example:
docker build . -t mira:3.0.2
docker run --rm -it --env CREATE_SUPERUSER=true -p 8000:8000 -v ./db:/code/db mira:3.0.2
When asked for, enter your email and password for your superuser.
You can then reach MIRA using your web brower at http://127.0.0.1:8000/
For the following executions, simply run:
docker run --rm -p 8000:8000 -v ./db:/code/db mira:3.0.2
⚠️ WARNING: If you're using WSL you'll need to activate Systemd. Check out this topic to do it.
git clone [email protected]:intuitem/mira-community.git
cd mira-community
../myvars
) and store your environment variables within it by copying and modifying the following code and replace "<XXX>"
by your private values. Take car not to commit this file in your git repo.Recommended variables
export DJANGO_SECRET_KEY=<XXX>
export DJANGO_DEBUG=True
# Default url is set to http://127.0.0.1:8000 but you can change it, e.g. to use https with a caddy proxy
export MIRA_URL=https://localhost:8443
# You can define the email of the first superuser
export MIRA_SUPERUSER_EMAIL=<XXX>
# Setup a development mailer with Mailhog for example
export EMAIL_HOST_USER=''
export EMAIL_HOST_PASSWORD=''
export [email protected]
export EMAIL_HOST=localhost
export EMAIL_PORT=1025
As said in the quickstart section, MIRA generates a random Django secret key if not specified. To avoid broken sessions, it is preferable to set a fixed random value using the
DJANGO_SECRET_KEY
environment variable.
Optional variables
# MIRA will use SQLite by default, but you can setup PostgreSQL by declaring these variables
export POSTGRES_NAME=mira
export POSTGRES_USER=mirauser
export POSTGRES_PASSWORD=<XXX>
export DB_HOST=localhost
export DB_PORT=5432 # optional, default value is 5432
# Captcha, if you want to disable it just put empty strings
export RECAPTCHA_PUBLIC_KEY=<XXX>
export RECAPTCHA_PRIVATE_KEY=<XXX>
# Add a second backup mailer
export EMAIL_HOST_RESCUE=<XXX>
export EMAIL_PORT_RESCUE=587
export EMAIL_HOST_USER_RESCUE=<XXX>
export EMAIL_HOST_PASSWORD_RESCUE=<XXX>
export EMAIL_USE_TLS_RESCUE=True
# Idle session timeout management
export SESSION_COOKIE_AGE=900 # in seconds, (default 900, i.e. 15 minutes)
export SESSION_EXPIRE_AT_BROWSER_CLOSE=True # (default True)
export SESSION_SAVE_EVERY_REQUEST=True # (default True)
# Install python-venv
sudo apt install python-venv # or python3-venv
# Create the virtual environment venv
python -m venv venv # or python3 -m venv venv
# To enter inside the virtual environment
source venv/bin/activate
# If you want to exit the virtual environment once finished
deactivate
pip install -r requirements.txt
psql as superadmin
sudo su postgres
psql
create database mira;
create user mirauser with password '<POSTGRES_PASSWORD>';
grant all privileges on database mira to mirauser;
python manage.py makemigrations
python manage.py migrate
If you have set a mailer and
MIRA_SUPERUSER_EMAIL
variables, there's no need to create a Django superuser withcreatesuperuser
, as it will be created automatically on first start. You should receive an email with a link to setup your password.
python manage.py createsuperuser
npm install tailwindcss postcss postcss-import
python manage.py tailwind install
python manage.py makemessages -i venv -l fr
python manage.py compilemessages -i venv -l fr
python manage.py runserver
🆘 HELP: If you have the error "unsupported locale setting"
when loading the /calendar/
page, run:
export LC_ALL="fr_FR.UTF-8" & export LC_CTYPE="fr_FR.UTF-8" & sudo dpkg-reconfigure locales
cd .git/hooks
ln -fs ../../git_hooks/post-commit .
ln -fs ../../git_hooks/post-merge .
Django - Python Web Development Framework
Gunicorn - Python WSGI HTTP Server for UNIX
PostgreSQL - Open Source RDBMS
SQLite - Open Source RDBMS
Tailwind CSS - CSS Framework
AlpineJS - Minimalist JS framework
Docker - Container Engine
Great care has been taken to follow security best practices. Please report any issue to [email protected].