From 024d79d0011a2c1c435f3604b11f6b4be04bdbeb Mon Sep 17 00:00:00 2001
From: t3chn0m4g3 <t3chn0m4g3@gmail.com>
Date: Sat, 7 Sep 2024 00:35:04 +0000
Subject: [PATCH] Continue work on builder - add conditional proxy support -
use xargs to parallelize image builds - some tweaking and notes
---
docker/_builder/.env | 6 +++++-
docker/_builder/builder.sh | 19 +++++++++++++++++++
docker/_builder/docker-compose.yml | 2 ++
docker/_builder/setup_builder.sh | 8 ++++++--
docker/adbhoney/Dockerfile | 15 +++++++++++++--
docker/dionaea/Dockerfile | 15 ++++++++++++++-
docker/elk/elasticsearch/Dockerfile | 25 +++++++++++++++++++------
docker/elk/logstash/Dockerfile | 21 ++++++++++++++++-----
docker/honeytrap/Dockerfile | 14 ++++++++++++--
docker/log4pot/Dockerfile | 23 +++++++++++++++++------
10 files changed, 123 insertions(+), 25 deletions(-)
create mode 100755 docker/_builder/builder.sh
diff --git a/docker/_builder/.env b/docker/_builder/.env
index 57ba83de..899bca84 100644
--- a/docker/_builder/.env
+++ b/docker/_builder/.env
@@ -19,6 +19,10 @@ TPOT_GHCR_REPO=ghcr.io/telekom-security
TPOT_VERSION=testing
# T-Pot platforms (architectures)
-# Most docker features are available on linux
+# Most docker features are available on linux
TPOT_AMD64=linux/amd64
TPOT_ARM64=linux/arm64
+
+# Proxy
+# Set Proxy (i.e. "http://proxy:3128") to improve speed (while caching)
+# PROXY="http://proxy:3128"
diff --git a/docker/_builder/builder.sh b/docker/_builder/builder.sh
new file mode 100755
index 00000000..658f3e4d
--- /dev/null
+++ b/docker/_builder/builder.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+# ANSI color codes for green (OK) and red (FAIL)
+GREEN='\033[0;32m'
+RED='\033[0;31m'
+NC='\033[0m' # No Color
+
+# List of services to build
+services="adbhoney nginx map"
+#test=$(docker compose config --services)
+#echo $test
+
+# Loop through each service
+echo $services | tr ' ' '\n' | xargs -I {} -P 3 bash -c '
+ echo "Building service: {}" && \
+ docker compose build {} --no-cache 2>&1 > {}.log && \
+ echo -e "Service {}: [\033[0;32mOK\033[0m]" || \
+ echo -e "Service {}: [\033[0;31mFAIL\033[0m]"
+'
diff --git a/docker/_builder/docker-compose.yml b/docker/_builder/docker-compose.yml
index ef50e777..7523466f 100644
--- a/docker/_builder/docker-compose.yml
+++ b/docker/_builder/docker-compose.yml
@@ -7,6 +7,8 @@
# Common build config
x-common-build: &common-build
+ args:
+ PROXY: ${PROXY}
dockerfile: ./Dockerfile
platforms:
- ${TPOT_AMD64}
diff --git a/docker/_builder/setup_builder.sh b/docker/_builder/setup_builder.sh
index c0609dad..0d431621 100755
--- a/docker/_builder/setup_builder.sh
+++ b/docker/_builder/setup_builder.sh
@@ -39,15 +39,19 @@ echo "Docs: https://docs.docker.com/desktop/multi-arch/"
echo
echo "Example (build release): docker compose build"
echo
-echo "Example (push release): docker compose build --push"
+echo "Example (build and push release): docker compose build --push"
echo
echo "Example (build single image): docker compose build tpotinit"
echo
echo "Example (build and push single image): docker compose build tpotinit --push"
echo
-echo "Resolve problems running ..."
+echo "Resolve problems running buildx:"
echo "docker buildx create --use --name mybuilder"
echo "docker buildx inspect mybuilder --bootstrap"
echo "docker login -u <username>"
echo "docker login ghcr.io - <username>"
echo
+echo "Resolve segmentation faults when building arm64 images in qemu on amd64:"
+echo "docker run --rm --privileged multiarch/qemu-user-static --reset -p yes"
+echo
+
diff --git a/docker/adbhoney/Dockerfile b/docker/adbhoney/Dockerfile
index bdd1aab2..834acf1a 100644
--- a/docker/adbhoney/Dockerfile
+++ b/docker/adbhoney/Dockerfile
@@ -1,10 +1,19 @@
FROM alpine:3.19
+ARG PROXY
+ENV http_proxy=${PROXY}
#
# Include dist
COPY dist/ /root/dist/
#
-# Install packages
-RUN apk --no-cache -U add \
+# Install packages, use proxy if available and cache using http
+RUN ash -c 'if [ -n "${http_proxy}" ]; then \
+ sed -i "s/https/http/g" /etc/apk/repositories; \
+ echo "Using HTTP Proxy at ${http_proxy}"; \
+ else \
+ echo "HTTP Proxy not configured, proceeding without proxy"; \
+ fi' && \
+# Setup apk
+ apk --no-cache -U add \
git \
procps \
py3-psutil \
@@ -28,7 +37,9 @@ RUN apk --no-cache -U add \
#
# Clean up
apk del --purge git && \
+ sed -i "s/http/https/g" /etc/apk/repositories && \
rm -rf /root/* /opt/adbhoney/.git /var/cache/apk/*
+ENV http_proxy=""
#
# Set workdir and start adbhoney
STOPSIGNAL SIGINT
diff --git a/docker/dionaea/Dockerfile b/docker/dionaea/Dockerfile
index e2c64d94..481426be 100644
--- a/docker/dionaea/Dockerfile
+++ b/docker/dionaea/Dockerfile
@@ -1,15 +1,27 @@
FROM ubuntu:22.04
ENV DEBIAN_FRONTEND noninteractive
+ARG PROXY
+ENV http_proxy=${PROXY}
#
# Include dist
COPY dist/ /root/dist/
#
+# Check if APT_PROXY is set and configure apt to use the proxy
+RUN bash -c 'if [ -n "${http_proxy}" ]; then \
+ echo "Using APT proxy at ${http_proxy}"; \
+ echo "Acquire::http::Proxy \"${http_proxy}\";" > /etc/apt/apt.conf.d/01proxy; \
+ else \
+ echo "APT proxy not configured, proceeding without proxy"; \
+ fi' && \
+# bash -c 'echo "Acquire::http::Proxy::ports.ubuntu.com DIRECT;" > /etc/apt/apt.conf.d/99force-no-proxy' && \
+#
# Determine arch, get and install packages
-RUN ARCH=$(arch) && \
+ ARCH=$(arch) && \
if [ "$ARCH" = "x86_64" ]; then ARCH="amd64"; fi && \
if [ "$ARCH" = "aarch64" ]; then ARCH="arm64"; fi && \
echo "$ARCH" && \
cd /root/dist/ && \
+# Setup apt
apt-get update -y && \
apt-get install wget -y && \
wget http://ftp.us.debian.org/debian/pool/main/libe/libemu/libemu2_0.2.0+git20120122-1.2+b1_$ARCH.deb \
@@ -110,6 +122,7 @@ RUN ARCH=$(arch) && \
apt-get autoremove --purge -y && \
apt-get clean && \
rm -rf /root/* /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /opt/dionaea/.git
+ENV http_proxy=""
#
# Start dionaea
STOPSIGNAL SIGINT
diff --git a/docker/elk/elasticsearch/Dockerfile b/docker/elk/elasticsearch/Dockerfile
index 6d83c75b..6430899b 100644
--- a/docker/elk/elasticsearch/Dockerfile
+++ b/docker/elk/elasticsearch/Dockerfile
@@ -1,12 +1,22 @@
FROM ubuntu:22.04
-#
-# VARS
+ENV DEBIAN_FRONTEND noninteractive
+ARG PROXY
ENV ES_VER=8.14.2
+ENV http_proxy=${PROXY}
#
# Include dist
COPY dist/ /root/dist/
#
-RUN apt-get update -y && \
+# Check if APT_PROXY is set and configure apt to use the proxy only if it's available
+RUN bash -c 'if [ -n "${http_proxy}" ]; then \
+ echo "Using APT proxy at ${http_proxy}"; \
+ echo "Acquire::http::Proxy \"${http_proxy}\";" > /etc/apt/apt.conf.d/01proxy; \
+ else \
+ echo "APT proxy not configured, proceeding without proxy"; \
+ fi' && \
+# bash -c 'echo "Acquire::http::Proxy::ports.ubuntu.com DIRECT;" > /etc/apt/apt.conf.d/99force-no-proxy' && \
+# Setup apt
+ apt-get update -y && \
apt-get install -y \
aria2 \
curl && \
@@ -17,13 +27,15 @@ RUN apt-get update -y && \
if [ "$ARCH" = "aarch64" ]; then ES_ARCH="arm64"; fi && \
echo "$ARCH" && \
cd /root/dist/ && \
+ mkdir -p /usr/share/elasticsearch/config /etc/elasticsearch && \
+ cp elasticsearch.yml /etc/elasticsearch/ && \
aria2c -s 16 -x 16 https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-$ES_VER-$ES_ARCH.deb && \
- dpkg -i elasticsearch-$ES_VER-$ES_ARCH.deb && \
+ dpkg --force-confold -i elasticsearch-$ES_VER-$ES_ARCH.deb && \
#
# Add and move files
# rm -rf /usr/share/elasticsearch/modules/x-pack-ml && \
- mkdir -p /usr/share/elasticsearch/config && \
- cp elasticsearch.yml /etc/elasticsearch/ && \
+# mkdir -p /usr/share/elasticsearch/config && \
+# cp elasticsearch.yml /etc/elasticsearch/ && \
#
# Setup user, groups and configs
groupmod -g 2000 elasticsearch && \
@@ -37,6 +49,7 @@ RUN apt-get update -y && \
apt-get purge aria2 -y && \
apt-get autoremove -y --purge && \
apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /root/*
+ENV http_proxy=""
#
# Healthcheck
HEALTHCHECK --retries=10 CMD curl -s -XGET 'http://127.0.0.1:9200/_cat/health'
diff --git a/docker/elk/logstash/Dockerfile b/docker/elk/logstash/Dockerfile
index 89224fe7..bb698d2d 100644
--- a/docker/elk/logstash/Dockerfile
+++ b/docker/elk/logstash/Dockerfile
@@ -1,12 +1,22 @@
FROM ubuntu:22.04
-#
-# VARS
+ENV DEBIAN_FRONTEND noninteractive
+ARG PROXY
ENV LS_VER=8.14.2
+ENV http_proxy=${PROXY}
+#
# Include dist
COPY dist/ /root/dist/
#
-# Setup env and apt
-RUN apt-get update -y && \
+# Check if PROXY is set and configure apt to use the proxy
+RUN bash -c 'if [ -n "${http_proxy}" ]; then \
+ echo "Using APT proxy at ${http_proxy}"; \
+ echo "Acquire::http::Proxy \"${http_proxy}\";" > /etc/apt/apt.conf.d/01proxy; \
+ else \
+ echo "APT proxy not configured, proceeding without proxy"; \
+ fi' && \
+# bash -c 'echo "Acquire::http::Proxy::ports.ubuntu.com DIRECT;" > /etc/apt/apt.conf.d/99force-no-proxy' && \
+# Setup apt
+ apt-get update -y && \
apt-get install -y \
aria2 \
bash \
@@ -57,10 +67,11 @@ RUN apt-get update -y && \
# Clean up
apt-get autoremove -y --purge && \
apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /root/*
+ENV http_proxy=""
#
# Healthcheck
HEALTHCHECK --retries=10 CMD curl -s -XGET 'http://127.0.0.1:9600'
#
# Start logstash
USER logstash:logstash
-CMD ["./entrypoint.sh"]
+CMD ["entrypoint.sh"]
diff --git a/docker/honeytrap/Dockerfile b/docker/honeytrap/Dockerfile
index 05f96218..b2b85be9 100644
--- a/docker/honeytrap/Dockerfile
+++ b/docker/honeytrap/Dockerfile
@@ -1,12 +1,21 @@
FROM ubuntu:22.04
ENV DEBIAN_FRONTEND noninteractive
+ARG PROXY
+ENV http_proxy=${PROXY}
#
# Include dist
COPY dist/ /root/dist/
#
+# Check if APT_PROXY is set and configure apt to use the proxy only if it's available
+RUN bash -c 'if [ -n "${http_proxy}" ]; then \
+ echo "Using APT proxy at ${http_proxy}"; \
+ echo "Acquire::http::Proxy \"${http_proxy}\";" > /etc/apt/apt.conf.d/01proxy; \
+ else \
+ echo "APT proxy not configured, proceeding without proxy"; \
+ fi' && \
+# bash -c 'echo "Acquire::http::Proxy::ports.ubuntu.com DIRECT;" > /etc/apt/apt.conf.d/99force-no-proxy' && \
# Setup apt
-RUN apt-get update && \
- apt-get update -y && \
+ apt-get update && \
#
# Install packages
apt-get install -y autoconf \
@@ -56,6 +65,7 @@ RUN apt-get update && \
libpq-dev && \
apt-get autoremove -y --purge && \
apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /root/* /opt/honeytrap/.git
+ENV http_proxy=""
#
# Start honeytrap
USER honeytrap:honeytrap
diff --git a/docker/log4pot/Dockerfile b/docker/log4pot/Dockerfile
index 0e8880fa..1f4b6066 100644
--- a/docker/log4pot/Dockerfile
+++ b/docker/log4pot/Dockerfile
@@ -1,8 +1,18 @@
FROM ubuntu:22.04
ENV DEBIAN_FRONTEND noninteractive
+ARG PROXY
+ENV http_proxy=${PROXY}
#
-# Install packages
-RUN apt-get update -y && \
+# Check if APT_PROXY is set and configure apt to use the proxy
+RUN bash -c 'if [ -n "${http_proxy}" ]; then \
+ echo "Using APT proxy at ${http_proxy}"; \
+ echo "Acquire::http::Proxy \"${http_proxy}\";" > /etc/apt/apt.conf.d/01proxy; \
+ else \
+ echo "APT proxy not configured, proceeding without proxy"; \
+ fi' && \
+# bash -c 'echo "Acquire::http::Proxy::ports.ubuntu.com DIRECT;" > /etc/apt/apt.conf.d/99force-no-proxy' && \
+# Setup apt
+ apt-get update -y && \
apt-get install -y \
build-essential \
cargo \
@@ -19,8 +29,8 @@ RUN apt-get update -y && \
python3 \
python3-dev \
rust-all && \
- pip3 install --upgrade pip && \
- pip3 install poetry pycurl && \
+ pip3 install --upgrade pip && \
+ pip3 install poetry pycurl && \
#
# Install log4pot from GitHub and setup
mkdir -p /opt /var/log/log4pot && \
@@ -46,8 +56,9 @@ RUN apt-get update -y && \
libssl-dev \
python3-dev \
rust-all && \
- apt-get autoremove -y --purge && \
- apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /opt/Log4Pot/.git
+ apt-get autoremove -y --purge && \
+ apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /opt/Log4Pot/.git
+ENV http_proxy=""
#
# Start log4pot
STOPSIGNAL SIGINT