Nemesis Helm Chart
The nemesis Helm chart deploys Nemesis's services. You can run the chart with its default configuration using the following command:
helm install --repo https://specterops.github.io/Nemesis/ nemesis nemesis --timeout '45m' --set operation.nemesisHttpServer="https://192.168.6.9:443/"
Set operation.nemesisHttpServer to the IP you'll be accessing the server from. You can delete the --set parameter if you want to use the default value of https://127.0.0.1:443/ for local deployments.
Note: You can change Nemesis's listening port following these instructions.
Verify Installation
Use the following bash oneliner to get the basic auth secrets and ensure the Nemesis home page is reachable:
$ export NEMESIS_HOSTNAME=https://127.0.0.1
$ curl -u $(kubectl get secret basic-auth -o jsonpath='{.data.username}' | base64 -d):$(kubectl get secret basic-auth -o jsonpath='{.data.password}' | base64 -d) $NEMESIS_HOSTNAME
<html>
<head>
<title>Nemesis Services</title>
</head>
<body>
<h1>Nemesis Services</h1>
<h2>Main Services</h2>
<a href="/dashboard/" target="_blank"">Dashboard</a><br>
...
Customizing the Deployment
If you want customize the deployment (e.g., HTTP server URI, pod CPU/memory resources, Minio disk size), you need to download the nemesis chart's values.yaml file, edit it, and then run the nemesis chart using the customize values. You can do so with the following commands:
-
Download the Nemesis chart's
values.yaml:helm show values --repo https://specterops.github.io/Nemesis/ nemesis > nemesis-values.yaml -
Edit
nemesis-values.yamlas you need (e.g., usingvim) -
Run the Nemesis chart using the customized values:
helm install --repo https://specterops.github.io/Nemesis/ nemesis nemesis --timeout '45m' -f nemesis-values.yaml
Note: If you want to change any of the nemesis chart's configuration after everything is deployed, make the modification(s) and then run helm upgrade nemesis ./helm/nemesis --reset-values to apply the changes.