tpotce/docker/ciscoasa/Dockerfile

FROM alpine:3.19
#
# Include dist
COPY dist/ /root/dist/
#
# Setup env and apt
RUN apk --no-cache -U upgrade && \
    apk --no-cache add build-base \
            git \
            libffi \
            libffi-dev \
            openssl \
            openssl-dev \
	    py3-cryptography \
	    py3-pip \
            python3 \
            python3-dev && \
#
# Setup user
    addgroup -g 2000 ciscoasa && \
    adduser -S -s /bin/bash -u 2000 -D -g 2000 ciscoasa && \
#
# Get and install packages
    mkdir -p /opt/ && \
    cd /opt/ && \
    git clone https://github.com/cymmetria/ciscoasa_honeypot && \
    cd ciscoasa_honeypot && \
    git checkout d6e91f1aab7fe6fc01fabf2046e76b68dd6dc9e2 && \
    sed -i "s/git+git/git+https/g" requirements.txt && \
    pip3 install --break-system-packages --no-cache-dir -r requirements.txt && \
    cp /root/dist/asa_server.py /opt/ciscoasa_honeypot && \
    chown -R ciscoasa:ciscoasa /opt/ciscoasa_honeypot && \
#
# Clean up
    apk del --purge build-base \
                    git \
                    libffi-dev \
                    openssl-dev \
                    python3-dev && \
    rm -rf /root/* && \
    rm -rf /opt/ciscoasa_honeypot/.git && \
    rm -rf /var/cache/apk/*
#
# Start ciscoasa
STOPSIGNAL SIGINT
WORKDIR /tmp/ciscoasa/
USER ciscoasa:ciscoasa
CMD cp -R /opt/ciscoasa_honeypot/* /tmp/ciscoasa && exec python3 asa_server.py --ike-port 5000 --enable_ssl --port 8443 --verbose >> /var/log/ciscoasa/ciscoasa.log 2>&1
tweak deploy, add autoheal, start update Dockerfiles - tweak deploy a little further - start with rebuilding Dockerfiles - rework healthcheck for adbhoney CPU issues - bump adbhoney, ciscoasa, citrixhoneypot, conpot, cowriepot, ddospot to alpine 3.19 - fix conpot issue with py 3.11 - bump conpot to latest master - bump cowrie to latest master - add autoheal to tpotinit to restart unhealthy container (if healthcheck enabled) 2024-02-27 19:11:16 +00:00			`FROM alpine:3.19`
prep rebuild for ciscoasa 2019-08-28 13:59:41 +00:00			`#`
ciscoasa, tweaking, hardening, logging, logstash 2018-04-27 23:10:45 +00:00			`# Include dist`
tweaking 2022-03-05 00:50:47 +00:00			`COPY dist/ /root/dist/`
prep rebuild for ciscoasa 2019-08-28 13:59:41 +00:00			`#`
start work on ciscoasa honeypot 2018-02-20 17:40:34 +00:00			`# Setup env and apt`
tweaking 2022-03-05 00:50:47 +00:00			`RUN apk --no-cache -U upgrade && \`
			`apk --no-cache add build-base \`
prep for 18.04 2018-03-25 18:35:32 +00:00			`git \`
tweaking 2018-05-09 14:29:06 +00:00			`libffi \`
prep for 18.04 2018-03-25 18:35:32 +00:00			`libffi-dev \`
tweaking 2018-05-09 14:29:06 +00:00			`openssl \`
prep for 18.04 2018-03-25 18:35:32 +00:00			`openssl-dev \`
rebuild ciscoasa for alpine 3.13 2021-02-15 10:01:03 +00:00			`py3-cryptography \`
cleanup and prepare for docker image rebuilds 2020-06-26 14:34:05 +00:00			`py3-pip \`
tweaking 2018-05-09 14:29:06 +00:00			`python3 \`
tweaking, hardening 2018-05-04 16:29:55 +00:00			`python3-dev && \`
prep rebuild for ciscoasa 2019-08-28 13:59:41 +00:00			`#`
start work on ciscoasa honeypot 2018-02-20 17:40:34 +00:00			`# Setup user`
			`addgroup -g 2000 ciscoasa && \`
			`adduser -S -s /bin/bash -u 2000 -D -g 2000 ciscoasa && \`
prep rebuild for ciscoasa 2019-08-28 13:59:41 +00:00			`#`
start work on ciscoasa honeypot 2018-02-20 17:40:34 +00:00			`# Get and install packages`
			`mkdir -p /opt/ && \`
			`cd /opt/ && \`
begin prep for move to GitHub Container Registry Start pinning Dockerfiles to specific releases / commits 2020-09-02 15:18:32 +00:00			`git clone https://github.com/cymmetria/ciscoasa_honeypot && \`
start work on ciscoasa honeypot 2018-02-20 17:40:34 +00:00			`cd ciscoasa_honeypot && \`
begin prep for move to GitHub Container Registry Start pinning Dockerfiles to specific releases / commits 2020-09-02 15:18:32 +00:00			`git checkout d6e91f1aab7fe6fc01fabf2046e76b68dd6dc9e2 && \`
image builder, tweaking 2022-03-24 17:54:56 +00:00			`sed -i "s/git+git/git+https/g" requirements.txt && \`
tweak deploy, add autoheal, start update Dockerfiles - tweak deploy a little further - start with rebuilding Dockerfiles - rework healthcheck for adbhoney CPU issues - bump adbhoney, ciscoasa, citrixhoneypot, conpot, cowriepot, ddospot to alpine 3.19 - fix conpot issue with py 3.11 - bump conpot to latest master - bump cowrie to latest master - add autoheal to tpotinit to restart unhealthy container (if healthcheck enabled) 2024-02-27 19:11:16 +00:00			`pip3 install --break-system-packages --no-cache-dir -r requirements.txt && \`
ciscoasa, tweaking, hardening, logging, logstash 2018-04-27 23:10:45 +00:00			`cp /root/dist/asa_server.py /opt/ciscoasa_honeypot && \`
finetuning nginx 2018-02-26 17:55:56 +00:00			`chown -R ciscoasa:ciscoasa /opt/ciscoasa_honeypot && \`
prep rebuild for ciscoasa 2019-08-28 13:59:41 +00:00			`#`
start work on ciscoasa honeypot 2018-02-20 17:40:34 +00:00			`# Clean up`
tweaking 2018-03-30 21:47:59 +00:00			`apk del --purge build-base \`
			`git \`
			`libffi-dev \`
			`openssl-dev \`
			`python3-dev && \`
tweaking, hardening 2018-05-04 16:29:55 +00:00			`rm -rf /root/* && \`
tweaking 2022-03-05 00:50:47 +00:00			`rm -rf /opt/ciscoasa_honeypot/.git && \`
tweaking, hardening 2018-05-04 16:29:55 +00:00			`rm -rf /var/cache/apk/*`
prep rebuild for ciscoasa 2019-08-28 13:59:41 +00:00			`#`
tweaking, hardening 2018-05-04 16:29:55 +00:00			`# Start ciscoasa`
tweaking 2018-09-11 12:19:26 +00:00			`STOPSIGNAL SIGINT`
ciscoasa, tweaking, hardening, logging, logstash 2018-04-27 23:10:45 +00:00			`WORKDIR /tmp/ciscoasa/`
tweaking 2018-03-30 21:47:59 +00:00			`USER ciscoasa:ciscoasa`
tweaking 2018-05-09 16:43:37 +00:00			`CMD cp -R /opt/ciscoasa_honeypot/* /tmp/ciscoasa && exec python3 asa_server.py --ike-port 5000 --enable_ssl --port 8443 --verbose >> /var/log/ciscoasa/ciscoasa.log 2>&1`