This guide will help you set up the Trivy Web Scanner application on any system that supports Node.js and Trivy.
This software is licensed under the GNU General Public License v3.0 - see GNU GPL v3.0 for details.
- Any Linux-based OS (Ubuntu, Debian, CentOS, etc.)
- Trivy scanner (installation instructions provided below)
- Node.js and npm (installation instructions provided below)
Follow the official installation guide for your specific OS:
sudo apt-get update
sudo apt-get install wget apt-transport-https gnupg lsb-release
wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list.d/trivy.list
sudo apt-get update
sudo apt-get install trivysudo rpm -ivh https://aquasecurity.github.io/trivy/releases/download/v0.45.1/trivy_0.45.1_Linux-64bit.rpmVisit Trivy's official documentation for installation instructions for your specific system.
Verify the installation:
trivy --versionThere are multiple ways to install Node.js:
sudo apt update
sudo apt install -y nodejs npmsudo dnf install nodejs npmcurl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.5/install.sh | bash
source ~/.bashrc # Or restart your terminal
nvm install node # Installs the latest versionVerify the installation:
node -v
npm -vClone the repository and install dependencies:
git clone https://github.com/soheilsheikh/Trivy_WebUI.git
cd Trivy_WebUI
npm installStart the server:
node server.jsYou should see a message similar to:
Trivy Web Interface running on http://localhost:3000
Simply open your web browser and navigate to http://localhost:3000
If you're running this on a remote server, you can use SSH port forwarding to access it securely:
ssh -L 3000:localhost:3000 username@your-server-ipThen access http://localhost:3000 in your local browser.
Install Nginx (if not already installed):
# Debian/Ubuntu
sudo apt install -y nginx
# RHEL/CentOS
sudo dnf install nginxCreate a new Nginx site configuration:
# For Debian/Ubuntu
sudo nano /etc/nginx/sites-available/trivy-scanner
# OR for RHEL/CentOS
sudo nano /etc/nginx/conf.d/trivy-scanner.confAdd the following configuration:
server {
listen 80;
server_name your-server-domain-or-ip;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}Enable the site (Debian/Ubuntu only):
sudo ln -s /etc/nginx/sites-available/trivy-scanner /etc/nginx/sites-enabled/Test and restart Nginx:
sudo nginx -t
sudo systemctl restart nginxTo keep the application running after closing your terminal or rebooting, you can set it up as a system service:
Create a service file:
sudo nano /etc/systemd/system/trivy-web.serviceAdd the following content:
[Unit]
Description=Trivy Web Scanner
After=network.target
[Service]
Type=simple
User=YOUR_USERNAME
WorkingDirectory=/path/to/trivy-web-scanner
ExecStart=/usr/bin/node server.js
Restart=on-failure
[Install]
WantedBy=multi-user.targetReplace YOUR_USERNAME and /path/to/trivy-web-scanner with your actual username and the absolute path to the project directory.
Enable and start the service:
sudo systemctl enable trivy-web
sudo systemctl start trivy-webCheck the status:
sudo systemctl status trivy-web- Authentication: Consider implementing authentication for the web interface
- HTTPS: Configure SSL/TLS if exposing the service publicly
- Firewall: Ensure your firewall is properly configured to allow only necessary traffic
- Port conflicts: If port 3000 is already in use, change the port in server.js
- Permission issues: Ensure the user running the application has permissions to execute Trivy
- Trivy not found: Make sure Trivy is installed and in your PATH
For additional support, check the Trivy documentation or open an issue on the repository at https://github.com/soheilsheikh/Trivy_WebUI.