#0000 - Add Docker setup for MobSF with Traefik integration

Introduce Docker Compose configuration for MobSF, integrated with Traefik for domain management and basic auth. Enhanced documentation with installation and usage instructions, and added a template for environment variables.

.env.dist

@@ -0,0 +1,5 @@
+# Fully Qualified Domain Name for MobSF
+MOBSF_FQDN='example.com'
+
+# Basic Authentication credentials for MobSF in format USERNAME:PASSWORD
+MOBSF_BASIC_AUTH='USERNAME:PASSWORD'

.gitignore

@@ -0,0 +1 @@
+.env

README.md

@@ -1,2 +1,59 @@
-# mobsf
+# MobSF
 
+## Introduction
+Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis, and security assessment framework capable of performing static and dynamic analysis.
+
+## Table of Contents
+
+1. [Introduction](#introduction)
+2. [Prerequisites](#prerequisites)
+3. [Installation](#installation)
+4. [Usage](#usage)
+5. [Post-launch](#post-launch)
+
+## Prerequisites
+
+- **Docker**: Make sure Docker is installed and running on your system.
+- **Docker Compose**: Docker Compose is required to orchestrate the container setup.
+- **Traefik Deployment**:
+    - Deployed [Traefik standalone](https://git.van-hemmen.com/GuillaumeHemmen-DockerCompose-Infra/traefik-standalone) or
+    - Deployed [Traefik Authelia](https://git.van-hemmen.com/GuillaumeHemmen-DockerCompose-Infra/traefik-authelia).
+
+## Installation
+
+1. Clone the repository:
+
+```bash
+git clone https://git.van-hemmen.com/GuillaumeHemmen-DockerCompose-Infra/mobsf.git
+cd mobsf
+```
+
+2. Copy the environment variable template:
+
+```bash
+cp .env.dist .env
+```
+
+3. Customize the `.env` file as necessary for your environment.
+
+**Note**: You **must** define a basic authentication in `MOBSF_BASIC_AUTH` to protect your instance of MobSF.
+
+## Usage
+
+Start the MobSF service with Docker Compose:
+
+```bash
+docker compose up -d
+```
+
+Access MobSF by navigating to `https://<MOBSF_FQDN>` in your web browser. You will need to authenticate using the basic auth setup in your `.env` file.
+
+## Post-launch
+
+MobSF uses a fixed UID for the files persisted. To have the volume approach work, you must change the ownership of the data inside the volume as follows:
+
+```bash
+docker run --rm -v mobsf_data:/vol alpine sh -c "chown --recursive 9901:9901 /vol"
+```
+
+**Note**: The default volume name is assumed to be `mobsf_data`. Please adapt your command if it is different.

docker-compose.yml

@@ -0,0 +1,35 @@
+networks:
+  traefik_network:
+    external: true
+
+volumes:
+  data:
+
+services:
+  website:
+    image: opensecurity/mobile-security-framework-mobsf:latest
+    networks:
+      - traefik_network
+    labels:
+      - "traefik.docker.network=traefik_network"
+      - "traefik.enable=true"
+      - "traefik.http.routers.mobsf.rule=Host(`${MOBSF_FQDN}`)"
+      - "traefik.http.routers.mobsf.entrypoints=websecure"
+      - "traefik.http.routers.mobsf.tls.certresolver=myresolver"
+      - "traefik.http.routers.mobsf.middlewares=mobsf-auth"
+      - "traefik.http.services.mobsf.loadbalancer.server.port=8000"
+      - "traefik.http.middlewares.mobsf-auth.basicauth.users=${MOBSF_BASIC_AUTH}"
+    environment:
+      USE_HOME: /MobSF
+    volumes:
+      - data:/home/mobsf/.MobSF
+    deploy:
+      replicas: 1
+      restart_policy:
+        condition: on-failure
+        delay: 5s
+        max_attempts: 3
+        window: 120s
+      resources:
+        limits:
+          memory: 3G