How to change the server name ?
By default OpenCVE's webserver listens on
127.0.0.1:8000, but you can easily change that.
The first step is to set the
server_name config of the
opencve.cfg file (this setting is used by OpenCVE to correctly construct the URLs in the email templates):
$ cat ~/opencve/opencve.cfg [core] server_name = 0.0.0.0:8080 ...
Then you can use the
-b option of the
webserver command to choose your wanted binding:
$ opencve webserver -b 0.0.0.0:8080 [2021-03-27 11:21:12 +0100]  [INFO] Starting gunicorn 20.0.4 [2021-03-27 11:21:12 +0100]  [INFO] Listening at: http://0.0.0.0:8080 (57622) [2021-03-27 11:21:12 +0100]  [INFO] Using worker: sync [2021-03-27 11:21:12 +0100]  [INFO] Booting worker with pid: 57676
In fact the
webserver command is just a wrapper on top of the
gunicorn command, so you can use all the options provided by this WSGI server.
How to use the disk space for the import-data command ?
OpenCVE has to parse the CPE dictionnary to insert vendors and products in its PostgreSQL database, as well as the CVE and CWE list.
Because the parsing is done in memory, the
import-data command requires 5 GB RAM at least. If
In case you don't have 5 GB RAM available and you have disk space, you can use a swap file to do the initial import of CVEs:
$ fallocate -l 5G /swapfile $ chmod 600 /swapfile $ mkswap /swapfile $ swapon /swapfile
When the import is done, you can clean the swapfile with the following commands:
$ swapoff /swapfile $ rm /swapfile