How to do OPENVAS migration (Docker Volume + Domain + SSL)

How to do OPENVAS migration (Docker Volume + Domain + SSL) - Printable Version

+- DevOps Discussion Forum (https://forums.geekssolutions.io)
+-- Forum: Cloud Computing (https://forums.geekssolutions.io/forumdisplay.php?fid=10)
+--- Forum: DevOps (https://forums.geekssolutions.io/forumdisplay.php?fid=14)
+--- Thread: How to do OPENVAS migration (Docker Volume + Domain + SSL) (/showthread.php?tid=17)

How to do OPENVAS migration (Docker Volume + Domain + SSL) - rishi - 04-07-2026

Environment

Source Server: Old server where OpenVAS container existed Destination Server: sadad-centralized-logging (Public IP: 20.21.137.88) Domain: online-openvas.sadadqa.com Container Image: immauss/openvas:latest Ports: 9392 (Web UI), 9390 (GMP)

Goal

1) Migrate OpenVAS Docker volume data from old server to new server 2) Run OpenVAS container on destination using same volume 3) Configure domain access via Nginx reverse proxy 4) Enable SSL using Let's Encrypt (Certbot) on Nginx 5) Validate OpenVAS users and reset passwords if needed

PART A — SOURCE SERVER (Backup OpenVAS Volume)

1) Check OpenVAS container docker ps -a | grep openvas
2) Confirm Docker volume docker volume ls | grep openvas
3) Inspect volume path docker volume inspect openvas
4) Create backup cd /var/lib/docker/volumes tar -czvf /root/openvas-volume-backup.tar.gz openvas
5) Transfer backup scp /root/openvas-volume-backup.tar.gz root@DESTINATION_IP:/home/rishi/

PART B — DESTINATION SERVER (Restore Volume)

1) Stop old container docker stop openvas
2) Rename old container docker rename openvas openvas-old
3) Remove old container docker rm openvas-old
4) Remove old volume docker volume rm openvas
5) Create new volume docker volume create openvas
6) Restore volume data cd /var/lib/docker/volumes tar -xzvf /home/rishi/openvas-volume-backup.tar.gz
7) Verify data ls -lah /var/lib/docker/volumes/openvas/_data

PART C — Start OpenVAS Container

docker run -d --name openvas --restart unless-stopped --ipc=host -p 9392:9392 -p 9390:9390 -e GMP=9390 -v openvas:/data immauss/openvas:latest
Verify container: docker ps
Check logs: docker logs -f openvas
Verify ports: ss -tulpn | grep 939

PART D — Nginx Reverse Proxy Setup

Create config: /etc/nginx/sites-available/online-openvas.sadadqa.com.conf
server {
listen 80;
server_name online-openvas.sadadqa.com;
location / {
proxy_pass http://127.0.0.1:9392;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
client_max_body_size 50M;
}
}
Enable site: ln -s /etc/nginx/sites-available/online-openvas.sadadqa.com.conf /etc/nginx/sites-enabled/
Reload Nginx: nginx -t systemctl reload nginx

PART E — DNS Setup

Create DNS A record: online-openvas.sadadqa.com -> 20.21.137.88
Verify: nslookup online-openvas.sadadqa.com

PART F — SSL Setup using Certbot

certbot --nginx -d online-openvas.sadadqa.com
Certificate paths: /etc/letsencrypt/live/online-openvas.sadadqa.com/fullchain.pem /etc/letsencrypt/live/online-openvas.sadadqa.com/privkey.pem
Test renewal: certbot renew --dry-run

PART G — OpenVAS User Management

Enter container: docker exec -it openvas bash
List users: sudo -u gvm gvmd --get-users
Example users: admin rana akshay faisal sameer santosh harshal.kamble
Reset password: sudo -u gvm gvmd --user=admin --new-password='StrongPassword123'
Login URL: https://online-openvas.sadadqa.com/login

PART H — Security Recommendations

1) Do not expose port 9392 publicly. 2) Allow only Nginx (80/443) to internet. 3) Restrict portal access by office/VPN IP if required. 4) Enable firewall rules in Azure NSG accordingly.