Finish work on new builder, tweaking

docker/_builder/.env

@@ -21,7 +21,3 @@ TPOT_VERSION=testing
 # Most docker features are available on linux
 TPOT_AMD64=linux/amd64
 TPOT_ARM64=linux/arm64
-
-# Proxy
-# Set Proxy (i.e. "http://proxy:3128") to improve speed (while caching)
-PROXY="http://proxy:3128"

docker/_builder/builder.sh

@@ -1,13 +1,16 @@
-#!/bin/bash
+#!/usr/bin/env bash
 
 # ANSI color codes for green (OK) and red (FAIL)
 GREEN='\033[0;32m'
 RED='\033[0;31m'
 NC='\033[0m' # No Color
 
-# Default flags
+# Default settings
 PUSH_IMAGES=false
 NO_CACHE=false
+PARALLELBUILDS=8
+UPLOAD_BANDWIDTH=40mbit # Set this to max 90% of available upload bandwidth
+INTERFACE=$(/sbin/ip address show | /usr/bin/awk '/inet.*brd/{ print $NF; exit }')
 
 # Help message
 usage() {
@@ -37,6 +40,45 @@ while getopts ":pnh" opt; do
     esac
 done
 
+# Function to apply upload bandwidth limit using tc
+apply_bandwidth_limit() {
+    echo -n "Applying upload bandwidth limit of $UPLOAD_BANDWIDTH on interface $INTERFACE..."
+    if sudo tc qdisc add dev $INTERFACE root tbf rate $UPLOAD_BANDWIDTH burst 32kbit latency 400ms >/dev/null 2>&1; then
+        echo -e " [${GREEN}OK${NC}]"
+    else
+        echo -e " [${RED}FAIL${NC}]"
+        remove_bandwidth_limit
+
+        # Try to reapply the limit
+        echo -n "Reapplying upload bandwidth limit of $UPLOAD_BANDWIDTH on interface $INTERFACE..."
+        if sudo tc qdisc add dev $INTERFACE root tbf rate $UPLOAD_BANDWIDTH burst 32kbit latency 400ms >/dev/null 2>&1; then
+            echo -e " [${GREEN}OK${NC}]"
+        else
+            echo -e " [${RED}FAIL${NC}]"
+            echo "Failed to apply bandwidth limit on $INTERFACE. Exiting."
+            echo
+            exit 1
+        fi
+    fi
+}
+
+# Function to check if the bandwidth limit is set
+is_bandwidth_limit_set() {
+    sudo tc qdisc show dev $INTERFACE | grep -q 'tbf'
+}
+
+# Function to remove the bandwidth limit using tc if it is set
+remove_bandwidth_limit() {
+    if is_bandwidth_limit_set; then
+        echo -n "Removing upload bandwidth limit on interface $INTERFACE..."
+        if sudo tc qdisc del dev $INTERFACE root; then
+            echo -e " [${GREEN}OK${NC}]"
+        else
+            echo -e " [${RED}FAIL${NC}]"
+        fi
+    fi
+}
+
 echo "###########################"
 echo "# T-Pot Image Builder"
 echo "###########################"
@@ -86,6 +128,24 @@ else
     echo -e " [${RED}FAIL${NC}]"
 fi
 
+# Apply bandwidth limit only if pushing images
+if $PUSH_IMAGES; then
+    echo
+    echo "########################################"
+    echo "# Setting Upload Bandwidth limit ..."
+    echo "########################################"
+    echo
+    apply_bandwidth_limit
+fi
+
+# Trap to ensure bandwidth limit is removed on script error, exit
+trap_cleanup() {
+    if is_bandwidth_limit_set; then
+        remove_bandwidth_limit
+    fi
+}
+trap trap_cleanup INT ERR EXIT
+
 echo
 echo "################################"
 echo "# Now building images ..."
@@ -95,11 +155,10 @@ echo
 mkdir -p log
 
 # List of services to build
-#services=$(docker compose config --services)
+services=$(docker compose config --services | sort)
-services="tpotinit beelzebub nginx p0f"
 
-# Loop through each service
+# Loop through each service to build
-echo $services | tr ' ' '\n' | xargs -I {} -P 3 bash -c '
+echo $services | tr ' ' '\n' | xargs -I {} -P $PARALLELBUILDS bash -c '
     echo "Building image: {}" && \
     build_cmd="docker compose build {}" && \
     if '$PUSH_IMAGES'; then \
@@ -109,10 +168,20 @@ echo $services | tr ' ' '\n' | xargs -I {} -P 3 bash -c '
         build_cmd="$build_cmd --no-cache"; \
     fi && \
     eval "$build_cmd 2>&1 > log/{}.log" && \
-    echo -e "Service {}: ['$GREEN'OK'$NC']" || \
+    echo -e "Image {}: ['$GREEN'OK'$NC']" || \
-    echo -e "Service {}: ['$RED'FAIL'$NC']"
+    echo -e "Image {}: ['$RED'FAIL'$NC']"
 '
 
+# Remove bandwidth limit if it was applied
+if is_bandwidth_limit_set; then
+    echo
+    echo "########################################"
+    echo "# Removiong Upload Bandwidth limit ..."
+    echo "########################################"
+    echo
+    remove_bandwidth_limit
+fi
+
 echo
 echo "#######################################################"
 echo "# Done."

docker/_builder/docker-compose.yml

@@ -7,8 +7,6 @@
 
 # Common build config
 x-common-build: &common-build
-  args:
-    PROXY: ${PROXY}
   dockerfile: ./Dockerfile
   platforms:
     - ${TPOT_AMD64}

docker/_builder/setup_builder.sh

@@ -1,57 +1,99 @@
 #!/usr/bin/env bash
 
-# Got root?
+# ANSI color codes for green (OK) and red (FAIL)
-myWHOAMI=$(whoami)
+BLUE='\033[0;34m'
-if [ "$myWHOAMI" != "root" ]
+GREEN='\033[0;32m'
-  then
+RED='\033[0;31m'
-    echo "Need to run as root ..."
+NC='\033[0m' # No Color
-    exit
+
+# Check if the user is in the docker group
+if ! groups $(whoami) | grep &>/dev/null '\bdocker\b'; then
+    echo -e "${RED}You need to be in the docker group to run this script without root privileges.${NC}"
+    echo "Please run the following command to add yourself to the docker group:"
+    echo "  sudo usermod -aG docker $(whoami)"
+    echo "Then log out and log back in or run the script with sudo."
+    exit 1
 fi
 
-# Only run with command switch
+# Command-line switch check
 if [ "$1" != "-y" ]; then
-  echo "### Setting up docker for Multi Arch Builds."
+    echo "### Setting up Docker for Multi-Arch Builds."
     echo "### Requires Docker packages from https://get.docker.com/"
     echo "### Use on x64 only!"
     echo "### Run with -y if you fit the requirements!"
-  echo
+    exit 0
-  exit
 fi
 
-# We need to create a new builder as the default one cannot handle multi-arch builds
+# Check if the mybuilder exists and is running
-# https://docs.docker.com/desktop/multi-arch/
+echo -n "Checking if buildx builder 'mybuilder' exists and is running..."
-docker buildx create --name mybuilder
+if ! docker buildx inspect mybuilder --bootstrap >/dev/null 2>&1; then
+    echo
+    echo -n "  Creating and starting buildx builder 'mybuilder'..."
+    if docker buildx create --name mybuilder --driver docker-container --use >/dev/null 2>&1 && \
+       docker buildx inspect mybuilder --bootstrap >/dev/null 2>&1; then
+        echo -e " [${GREEN}OK${NC}]"
+    else
+        echo -e " [${RED}FAIL${NC}]"
+        exit 1
+    fi
+else
+    echo -e " [${GREEN}OK${NC}]"
+fi
 
-# Set as default
+# Ensure QEMU is set up for cross-platform builds
-docker buildx use mybuilder
+echo -n "Ensuring QEMU is configured for cross-platform builds..."
+if docker run --rm --privileged multiarch/qemu-user-static --reset -p yes >/dev/null 2>&1; then
+    echo -e " [${GREEN}OK${NC}]"
+else
+    echo -e " [${RED}FAIL${NC}]"
+    exit 1
+fi
 
-# We need to install emulators, arm64 should be fine for now
+# Ensure arm64 and amd64 platforms are active
-# https://github.com/tonistiigi/binfmt/
+echo -n "Ensuring 'mybuilder' supports linux/arm64 and linux/amd64..."
-docker run --privileged --rm tonistiigi/binfmt --install arm64
+active_platforms=$(docker buildx inspect mybuilder --bootstrap | grep -oP '(?<=Platforms: ).*')
 
-# Check if everything is setup correctly
+if [[ "$active_platforms" == *"linux/arm64"* && "$active_platforms" == *"linux/amd64"* ]]; then
-docker buildx inspect --bootstrap
+    echo -e " [${GREEN}OK${NC}]"
+else
     echo
-echo "### Done."
+    echo -n "  Enabling platforms linux/arm64 and linux/amd64..."
+    if docker buildx create --name mybuilder --driver docker-container --use --platform linux/amd64,linux/arm64 >/dev/null 2>&1 && \
+       docker buildx inspect mybuilder --bootstrap >/dev/null 2>&1; then
+        echo -e " [${GREEN}OK${NC}]"
+    else
+        echo -e " [${RED}FAIL${NC}]"
+        exit 1
+    fi
+fi
+
 echo
-echo "Example (manual build): docker buildx build --platform linux/amd64,linux/arm64 -t username/demo:latest --push ."
+echo -e "${BLUE}### Done.${NC}"
-echo "Docs: https://docs.docker.com/desktop/multi-arch/"
 echo
-echo "Example (build release): docker compose build"
+echo -e "${BLUE}Examples:${NC}"
+echo -e "  ${BLUE}Manual multi-arch build:${NC}"
+echo "    docker buildx build --platform linux/amd64,linux/arm64 -t username/demo:latest --push ."
 echo
-echo "Example (build and push release): docker compose build --push"
+echo -e "  ${BLUE}Documentation:${NC} https://docs.docker.com/desktop/multi-arch/"
 echo
-echo "Example (build single image): docker compose build tpotinit"
+echo -e "  ${BLUE}Build release with Docker Compose:${NC}"
+echo "    docker compose build"
 echo
-echo "Example (build and push single image): docker compose build tpotinit --push"
+echo -e "  ${BLUE}Build and push release with Docker Compose:${NC}"
+echo "    docker compose build --push"
 echo
-echo "Resolve problems running buildx:"
+echo -e "  ${BLUE}Build a single image with Docker Compose:${NC}"
+echo "    docker compose build tpotinit"
+echo
+echo -e "  ${BLUE}Build and push a single image with Docker Compose:${NC}"
+echo "    docker compose build tpotinit --push"
+echo
+echo -e "${BLUE}Resolve buildx issues:${NC}"
 echo "    docker buildx create --use --name mybuilder"
 echo "    docker buildx inspect mybuilder --bootstrap"
 echo "    docker login -u <username>"
-echo "docker login ghcr.io - <username>"
+echo "    docker login ghcr.io -u <username>"
 echo
-echo "Resolve segmentation faults when building arm64 images in qemu on amd64:"
+echo -e "${BLUE}Fix segmentation faults when building arm64 images:${NC}"
 echo "    docker run --rm --privileged multiarch/qemu-user-static --reset -p yes"
 echo
-

docker/adbhoney/Dockerfile

@@ -1,19 +1,10 @@
 FROM alpine:3.19
-ARG PROXY
-ENV http_proxy=${PROXY}
 #
 # Include dist
 COPY dist/ /root/dist/
 #
-# Install packages, use proxy if available and cache using http
+# Install packages
-RUN ash -c 'if [ -n "${http_proxy}" ]; then \
+RUN	apk --no-cache -U add \
-                 sed -i "s/https/http/g" /etc/apk/repositories; \
-                 echo "Using HTTP Proxy at ${http_proxy}"; \
-               else \
-                 echo "HTTP Proxy not configured, proceeding without proxy"; \
-             fi' && \
-# Setup apk
-	apk --no-cache -U add \
 		git \
 		procps \
 		py3-psutil \
@@ -37,9 +28,7 @@ RUN ash -c 'if [ -n "${http_proxy}" ]; then \
 #
 # Clean up
     apk del --purge git && \
-    sed -i "s/http/https/g" /etc/apk/repositories && \
     rm -rf /root/* /opt/adbhoney/.git /var/cache/apk/*
-ENV http_proxy=""
 #
 # Set workdir and start adbhoney
 STOPSIGNAL SIGINT

docker/beelzebub/Dockerfile

@@ -4,7 +4,8 @@ ENV GO111MODULE=on \
     CGO_ENABLED=0 \
     GOOS=linux
 #
-RUN apk add git
+# Install packages
+RUN apk -U add git
 #
 WORKDIR /root
 #

docker/ciscoasa/Dockerfile

@@ -3,9 +3,8 @@ FROM alpine:3.19
 # Include dist
 COPY dist/ /root/dist/
 #
-# Setup env and apt
+# Install packages
-RUN apk --no-cache -U upgrade && \
+RUN apk --no-cache -U add build-base \
-    apk --no-cache add build-base \
 		git \
 		libffi \
 		libffi-dev \
@@ -37,9 +36,9 @@ RUN apk --no-cache -U upgrade && \
                     libffi-dev \
                     openssl-dev \
                     python3-dev && \
-    rm -rf /root/* && \
+    rm -rf /root/* \
-    rm -rf /opt/ciscoasa_honeypot/.git && \
+           /opt/ciscoasa_honeypot/.git \
-    rm -rf /var/cache/apk/*
+           /var/cache/apk/*
 #
 # Start ciscoasa
 STOPSIGNAL SIGINT

docker/citrixhoneypot/Dockerfile

@@ -33,9 +33,9 @@ RUN apk --no-cache -U add \
 # Clean up
     apk del --purge git \
                     openssl && \
-    rm -rf /root/* && \
+    rm -rf /root/* \
-    rm -rf /opt/citrixhoneypot/.git && \
+           /opt/citrixhoneypot/.git \
-    rm -rf /var/cache/apk/*
+           /var/cache/apk/*
 #
 # Set workdir and start citrixhoneypot
 STOPSIGNAL SIGINT

docker/conpot/Dockerfile

@@ -3,9 +3,8 @@ FROM alpine:3.19
 # Include dist
 COPY dist/ /root/dist/
 #
-# Setup apt
+# Install packages
-RUN apk --no-cache -U add \
+RUN apk --no-cache -U add build-base \
-			build-base \
 			cython \
 			file \
 			git \
@@ -88,9 +87,9 @@ RUN apk --no-cache -U add \
             pkgconfig \
             python3-dev \
             wget && \
-    rm -rf /root/* && \
+    rm -rf /root/* \
-    rm -rf /tmp/* && \
+           /tmp/* \
-    rm -rf /var/cache/apk/*
+           /var/cache/apk/*
 #
 # Start conpot
 STOPSIGNAL SIGINT

docker/cowrie/Dockerfile

@@ -3,7 +3,7 @@ FROM alpine:3.19
 # Include dist
 COPY dist/ /root/dist/
 #
-# Get and install dependencies & packages
+# Install packages
 RUN apk --no-cache -U add \
 		bash \
 		build-base \
@@ -50,7 +50,6 @@ RUN apk --no-cache -U add \
     pip3 install --break-system-packages -r requirements.txt && \
 #
 # Setup configs
-    #export PYTHON_DIR=$(python3 --version | tr '[A-Z]' '[a-z]' | tr -d ' ' | cut -d '.' -f 1,2 ) && \
     setcap cap_net_bind_service=+ep $(readlink -f $(type -P python3)) && \
     cp /root/dist/cowrie.cfg /home/cowrie/cowrie/cowrie.cfg && \
     chown cowrie:cowrie -R /home/cowrie/* /usr/lib/$(readlink -f $(type -P python3) | cut -f4 -d"/")/site-packages/twisted/plugins && \
@@ -72,12 +71,10 @@ RUN apk --no-cache -U add \
                     openssl-dev \
                     python3-dev \
                     py3-mysqlclient && \
-    rm -rf /root/* /tmp/* && \
+    rm -rf /root/* /tmp/* \
-    rm -rf /var/cache/apk/* && \
+           /var/cache/apk/* \
-    rm -rf /home/cowrie/cowrie/cowrie.pid && \
+           /home/cowrie/cowrie/cowrie.pid \
-    rm -rf /home/cowrie/cowrie/.git && \
+           /home/cowrie/cowrie/.git
-#    ln -s /usr/bin/python3 /usr/bin/python && \
-    unset PYTHON_DIR
 #
 # Start cowrie
 ENV PYTHONPATH /home/cowrie/cowrie:/home/cowrie/cowrie/src

docker/ddospot/Dockerfile

@@ -52,9 +52,9 @@ RUN apk --no-cache -U add \
     apk del --purge build-base \
 			git \
 			python3-dev && \
-    rm -rf /root/* && \
+    rm -rf /root/* \
-    rm -rf /opt/ddospot/.git && \
+            /opt/ddospot/.git \
-    rm -rf /var/cache/apk/*
+            /var/cache/apk/*
 #
 # Start ddospot
 STOPSIGNAL SIGINT

docker/dicompot/Dockerfile

@@ -3,8 +3,8 @@ FROM golang:1.21-alpine AS builder
 # Include dist
 COPY dist/ /root/dist/
 #
-# Setup apk
+# Install packages
-RUN apk -U add --no-cache \
+RUN apk --no-cache -U add \
 		build-base \
 		git \
 		g++ && \

docker/dionaea/Dockerfile

@@ -1,7 +1,5 @@
 FROM ubuntu:22.04
 ENV DEBIAN_FRONTEND noninteractive
-ARG PROXY
-ENV http_proxy=${PROXY}
 #
 # Include dist
 COPY dist/ /root/dist/
@@ -121,8 +119,12 @@ RUN bash -c 'if [ -n "${http_proxy}" ]; then \
 #
     apt-get autoremove --purge -y && \
     apt-get clean && \
-    rm -rf /root/* /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /opt/dionaea/.git
+    rm -rf /root/* \
-ENV http_proxy=""
+           /var/lib/apt/lists/* \
+           /tmp/* \
+           /var/tmp/* \
+           /root/.cache \
+           /opt/dionaea/.git
 #
 # Start dionaea
 STOPSIGNAL SIGINT

docker/elasticpot/Dockerfile

@@ -4,7 +4,7 @@ FROM alpine:3.19
 COPY dist/ /root/dist/
 #
 # Install packages
-RUN apk -U --no-cache add \
+RUN apk --no-cache -U add \
 		build-base \
 		ca-certificates \
 		git \
@@ -48,8 +48,9 @@ RUN apk -U --no-cache add \
 		openssl-dev \
 		postgresql-dev \
 		python3-dev && \
-    rm -rf /root/* && \
+	rm -rf /root/* \
-    rm -rf /var/cache/apk/* /opt/elasticpot/.git
+			/var/cache/apk/* \
+			/opt/elasticpot/.git
 #
 # Start elasticpot
 STOPSIGNAL SIGINT

docker/elk/elasticsearch/Dockerfile

@@ -1,22 +1,12 @@
 FROM ubuntu:22.04
 ENV DEBIAN_FRONTEND noninteractive
-ARG PROXY
 ENV ES_VER=8.14.2
-ENV http_proxy=${PROXY}
 #
 # Include dist
 COPY dist/ /root/dist/
 #
-# Check if APT_PROXY is set and configure apt to use the proxy only if it's available
+# Install packages
-RUN bash -c 'if [ -n "${http_proxy}" ]; then \
+RUN	apt-get update -y && \
-                 echo "Using APT proxy at ${http_proxy}"; \
-                 echo "Acquire::http::Proxy \"${http_proxy}\";" > /etc/apt/apt.conf.d/01proxy; \
-               else \
-                 echo "APT proxy not configured, proceeding without proxy"; \
-             fi' && \
-#    bash -c 'echo "Acquire::http::Proxy::ports.ubuntu.com DIRECT;" > /etc/apt/apt.conf.d/99force-no-proxy' && \
-# Setup apt
-	apt-get update -y && \
     apt-get install -y \
             aria2 \
             curl && \
@@ -48,8 +38,11 @@ RUN bash -c 'if [ -n "${http_proxy}" ]; then \
 # Clean up
     apt-get purge aria2 -y && \
     apt-get autoremove -y --purge && \
-    apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /root/*
+    apt-get clean && \
-ENV http_proxy=""
+    rm -rf /var/lib/apt/lists/* \
+        /tmp/* /var/tmp/* \
+        /root/.cache \
+        /root/*
 #
 # Healthcheck
 HEALTHCHECK --retries=10 CMD curl -s -XGET 'http://127.0.0.1:9200/_cat/health'

docker/elk/kibana/Dockerfile

@@ -1,12 +1,11 @@
 FROM node:20.13.1-alpine3.20
-#
-# VARS
 ENV KB_VER=8.14.2
 #
 # Include dist
 COPY dist/ /root/dist/
 #
-RUN apk -U --no-cache add \
+# Install packages
+RUN apk --no-cache -U add \
             aria2 \
             curl \
             gcompat && \
@@ -44,9 +43,9 @@ RUN apk -U --no-cache add \
 #
 # Clean up
     apk del --purge aria2 && \
-    rm -rf /root/* && \
+    rm -rf /root/* \
-    rm -rf /tmp/* && \
+        /tmp/* \
-    rm -rf /var/cache/apk/*
+        /var/cache/apk/*
 #
 # Healthcheck
 HEALTHCHECK --retries=10 CMD curl -s -XGET 'http://127.0.0.1:5601'

docker/elk/logstash/Dockerfile

@@ -1,22 +1,12 @@
 FROM ubuntu:22.04
 ENV DEBIAN_FRONTEND noninteractive
-ARG PROXY
 ENV LS_VER=8.14.2
-ENV http_proxy=${PROXY}
 #
 # Include dist
 COPY dist/ /root/dist/
 #
-# Check if PROXY is set and configure apt to use the proxy
+# Install packages
-RUN bash -c 'if [ -n "${http_proxy}" ]; then \
+RUN apt-get update -y && \
-                 echo "Using APT proxy at ${http_proxy}"; \
-                 echo "Acquire::http::Proxy \"${http_proxy}\";" > /etc/apt/apt.conf.d/01proxy; \
-               else \
-                 echo "APT proxy not configured, proceeding without proxy"; \
-             fi' && \
-#    bash -c 'echo "Acquire::http::Proxy::ports.ubuntu.com DIRECT;" > /etc/apt/apt.conf.d/99force-no-proxy' && \
-# Setup apt
-    apt-get update -y && \
     apt-get install -y \
              aria2 \
              bash \
@@ -66,8 +56,11 @@ RUN bash -c 'if [ -n "${http_proxy}" ]; then \
 #
 # Clean up
     apt-get autoremove -y --purge && \
-    apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /root/*
+    apt-get clean && \
-ENV http_proxy=""
+        rm -rf /var/lib/apt/lists/* \
+            /tmp/* /var/tmp/* \
+            /root/.cache \
+            /root/*
 #
 # Healthcheck
 HEALTHCHECK --retries=10 CMD curl -s -XGET 'http://127.0.0.1:9600'

docker/elk/map/Dockerfile

@@ -1,7 +1,7 @@
 FROM alpine:3.19
 #
 # Install packages
-RUN apk -U --no-cache add \
+RUN apk --no-cache -U add \
 		build-base \
 		git \
 		libcap \

docker/endlessh/Dockerfile

@@ -1,11 +1,10 @@
 FROM alpine:3.16 AS builder
 #
 # Include dist
-ADD dist/ /root/dist/
+COPY dist/ /root/dist/
 #
 # Install packages
-RUN apk -U add --no-cache \
+RUN build-base \
-		build-base \
 		git \
 		libcap && \
 #
@@ -32,8 +31,8 @@ RUN apk -U add --no-cache \
     #setcap cap_net_bind_service=+ep /usr/bin/python3.8 && \
 #
 # Clean up
-    rm -rf /root/* && \
+    rm -rf /root/* \
-    rm -rf /var/cache/apk/*
+           /var/cache/apk/*
 #
 # Set workdir and start endlessh
 STOPSIGNAL SIGINT

docker/ewsposter/Dockerfile

@@ -4,7 +4,7 @@ FROM alpine:3.19
 COPY dist/ /root/dist/
 #
 # Install packages
-RUN apk -U --no-cache add \
+RUN apk --no-cache -U add \
 		build-base \
 		git \
 		libffi-dev \
@@ -25,7 +25,6 @@ RUN apk -U --no-cache add \
 	pip3 install --break-system-packages --upgrade pip && \
 	pip3 install --break-system-packages --no-cache-dir configparser hpfeeds3 influxdb influxdb-client xmljson && \
 #
-#
 # Setup ewsposter
     git clone https://github.com/telekom-security/ewsposter -b v1.25.0 /opt/ewsposter && \
     mkdir -p /opt/ewsposter/spool /opt/ewsposter/log && \

docker/fatt/Dockerfile

@@ -1,7 +1,7 @@
 FROM alpine:3.19
 #
-# Get and install dependencies & packages
+# Install packages
-RUN apk -U --no-cache add \
+RUN apk --no-cache -U add \
 		git \
 		libcap \
 		py3-libxml2 \
@@ -35,7 +35,9 @@ RUN apk -U --no-cache add \
 # Clean up
     apk del --purge git \
                     python3-dev && \
-    rm -rf /root/* /var/cache/apk/* /opt/fatt/.git
+    rm -rf /root/* \
+            /var/cache/apk/* \
+            /opt/fatt/.git
 #
 # Start fatt
 STOPSIGNAL SIGINT

docker/hellpot/Dockerfile

@@ -3,8 +3,8 @@ FROM golang:1.21-alpine AS builder
 # Include dist
 COPY dist/ /root/dist/
 #
-# Setup apk
+# Install packages
-RUN apk -U --no-cache add \
+RUN apk --no-cache -U add \
 		build-base \
 		git \
 		g++ && \

docker/heralding/Dockerfile

@@ -4,7 +4,7 @@ FROM alpine:3.19
 COPY dist/ /root/dist/
 #
 # Install packages
-RUN apk -U --no-cache add \
+RUN apk --no-cache -U add \
 		build-base \
 		git \
 		libcap \

docker/honeypots/Dockerfile

@@ -4,7 +4,7 @@ FROM alpine:3.19
 COPY dist/ /root/dist/
 #
 # Install packages
-RUN apk -U --no-cache add \
+RUN apk --no-cache -U add \
 		build-base \
 		freetds \
 		freetds-dev \
@@ -78,8 +78,9 @@ RUN apk -U --no-cache add \
 		postgresql-dev \
 		python3-dev \
 		zlib-dev && \
-    rm -rf /root/* /var/cache/apk/* /opt/honeypots/.git
+	rm -rf /root/* \
-
+			/var/cache/apk/* \
+			/opt/honeypots/.git
 #
 # Start honeypots 
 STOPSIGNAL SIGINT

docker/honeytrap/Dockerfile

@@ -1,21 +1,11 @@
 FROM ubuntu:22.04
 ENV DEBIAN_FRONTEND noninteractive
-ARG PROXY
-ENV http_proxy=${PROXY}
 #
 # Include dist
 COPY dist/ /root/dist/
 #
-# Check if APT_PROXY is set and configure apt to use the proxy only if it's available
+# Install packages
-RUN bash -c 'if [ -n "${http_proxy}" ]; then \
+RUN apt-get update && \
-                 echo "Using APT proxy at ${http_proxy}"; \
-                 echo "Acquire::http::Proxy \"${http_proxy}\";" > /etc/apt/apt.conf.d/01proxy; \
-               else \
-                 echo "APT proxy not configured, proceeding without proxy"; \
-             fi' && \
-#    bash -c 'echo "Acquire::http::Proxy::ports.ubuntu.com DIRECT;" > /etc/apt/apt.conf.d/99force-no-proxy' && \
-# Setup apt
-    apt-get update && \
 #
 # Install packages
     apt-get install -y autoconf \
@@ -64,8 +54,12 @@ RUN bash -c 'if [ -n "${http_proxy}" ]; then \
                      libnetfilter-queue-dev \
                      libpq-dev && \
     apt-get autoremove -y --purge && \
-    apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /root/* /opt/honeytrap/.git
+    apt-get clean && \
-ENV http_proxy=""
+        rm -rf /var/lib/apt/lists/* \
+            /tmp/* /var/tmp/* \
+            /root/.cache \
+            /root/* \
+            /opt/honeytrap/.git
 #
 # Start honeytrap
 USER honeytrap:honeytrap

docker/ipphoney/Dockerfile

@@ -4,7 +4,7 @@ FROM alpine:3.19
 COPY dist/ /root/dist/
 #
 # Install packages
-RUN apk -U --no-cache add \
+RUN apk --no-cache -U add \
 		build-base \
 		ca-certificates \
 		git \

docker/log4pot/Dockerfile

@@ -1,18 +1,8 @@
 FROM ubuntu:22.04
 ENV DEBIAN_FRONTEND noninteractive
-ARG PROXY
-ENV http_proxy=${PROXY}
 #
-# Check if APT_PROXY is set and configure apt to use the proxy
+# Install packages
-RUN bash -c 'if [ -n "${http_proxy}" ]; then \
+RUN apt-get update -y && \
-                 echo "Using APT proxy at ${http_proxy}"; \
-                 echo "Acquire::http::Proxy \"${http_proxy}\";" > /etc/apt/apt.conf.d/01proxy; \
-               else \
-                 echo "APT proxy not configured, proceeding without proxy"; \
-             fi' && \
-#    bash -c 'echo "Acquire::http::Proxy::ports.ubuntu.com DIRECT;" > /etc/apt/apt.conf.d/99force-no-proxy' && \
-# Setup apt
-    apt-get update -y && \
     apt-get install -y \
 		build-essential \
 		cargo \
@@ -57,8 +47,12 @@ RUN bash -c 'if [ -n "${http_proxy}" ]; then \
 		python3-dev \
 		rust-all && \
     apt-get autoremove -y --purge && \
-    apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /opt/Log4Pot/.git
+    apt-get clean && \
-ENV http_proxy=""
+	rm -rf /var/lib/apt/lists/* \
+		/tmp/* \
+		/var/tmp/* \
+		/root/.cache \
+		/opt/Log4Pot/.git
 #
 # Start log4pot
 STOPSIGNAL SIGINT

docker/mailoney/Dockerfile

@@ -1,7 +1,7 @@
 FROM alpine:3.19
 #
 # Install packages
-RUN apk -U --no-cache add \
+RUN apk --no-cache -U add \
 		git \
 		libcap \
 		py3-pip \

docker/medpot/Dockerfile

@@ -1,7 +1,7 @@
 FROM golang:1.21-alpine AS builder
 #
-# Setup apk
+# Install packages
-RUN apk -U --no-cache add \
+RUN apk --no-cache -U add \
 		build-base \
 		git \
 		go \

docker/nginx/Dockerfile

@@ -3,8 +3,8 @@ FROM alpine:3.19
 # Include dist
 COPY dist/ /root/dist/
 #
-# Get and install dependencies & packages
+# Install packages
-RUN apk -U --no-cache add \
+RUN apk --no-cache -U add \
       nginx \
       nginx-mod-http-brotli \
       nginx-mod-http-headers-more \
@@ -32,8 +32,8 @@ RUN apk -U --no-cache add \
     cp /root/dist/conf/lsweb.conf /etc/nginx/conf.d/ && \
 #
 # Clean up
-    rm -rf /root/* && \
+    rm -rf /root/* \
-    rm -rf /var/cache/apk/*
+           /var/cache/apk/*
 #
 # Start nginx
 CMD ["nginx", "-g", "daemon off;"]

docker/p0f/Dockerfile

@@ -1,12 +1,10 @@
-# In case of problems Alpine 3.13 needs to be used:
-# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.14.0#faccessat2
 FROM alpine:3.19
 #
 # Add source
 COPY . /opt/p0f
 #
 # Install packages
-RUN apk -U --no-cache add \
+RUN apk --no-cache -U add \
 		bash \
 		build-base \
 		jansson \
@@ -28,8 +26,8 @@ RUN apk -U --no-cache add \
     apk del --purge build-base \
                     jansson-dev \
                     libpcap-dev && \
-    rm -rf /root/* && \
+    rm -rf /root/* \
-    rm -rf /var/cache/apk/*
+           /var/cache/apk/*
 #
 # Start p0f
 WORKDIR /opt/p0f

docker/redishoneypot/Dockerfile

@@ -3,14 +3,14 @@ FROM golang:1.21-alpine as builder
 # Include dist
 COPY dist/ /root/dist/
 #
-# Setup apk
+# Install packages
-RUN apk -U --no-cache add \
+RUN apk --no-cache -U add \
 		build-base \
 		git \
 		go \
 		g++ && \
 #
-# Setup go, hellpot
+# Setup go, redishoneypot
     cd /root && \
     export GOPATH=/opt/go/ && \
     mkdir -p /opt/go && \ 

docker/sentrypeer/Dockerfile

@@ -11,8 +11,8 @@ RUN apk -U add --no-cache -X http://dl-cdn.alpinelinux.org/alpine/edge/testing \
     chown -R sentrypeer:sentrypeer /usr/bin/sentrypeer && \
 #
 # Clean up
-    rm -rf /root/* && \
+    rm -rf /root/* \
-    rm -rf /var/cache/apk/*
+           /var/cache/apk/*
 #
 # Set workdir and start sentrypeer
 STOPSIGNAL SIGKILL

docker/spiderfoot/Dockerfile

@@ -3,8 +3,8 @@ FROM alpine:3.19
 # Include dist
 COPY dist/ /root/dist/
 #
-# Get and install dependencies & packages
+# Install packages
-RUN apk -U --no-cache add \
+RUN apk --no-cache -U add \
 		build-base \
 		curl \
 		git \

docker/suricata/Dockerfile

@@ -4,7 +4,7 @@ FROM alpine:edge
 COPY dist/ /root/dist/
 #
 # Install packages
-RUN apk -U --no-cache add \
+RUN apk --no-cache -U add \
 		ca-certificates \
 		curl \
 		file \
@@ -30,9 +30,9 @@ RUN apk -U --no-cache add \
     suricata-update --no-test --no-reload && \
 #
 # Clean up
-    rm -rf /root/* && \
+    rm -rf /root/* \
-    rm -rf /tmp/* && \
+           /tmp/* \
-    rm -rf /var/cache/apk/*
+           /var/cache/apk/*
 #
 # Start suricata
 STOPSIGNAL SIGINT

docker/tanner/phpox/Dockerfile

@@ -1,7 +1,7 @@
 FROM alpine:3.19
 #
 # Install packages
-RUN apk -U --no-cache add \
+RUN apk --no-cache -U add \
 		build-base \
 		file \
 		git \

docker/tanner/redis/Dockerfile

@@ -3,8 +3,8 @@ FROM alpine:3.19
 # Include dist
 COPY dist/ /root/dist/
 #
-# Setup apk and redis
+# Install packages
-RUN apk -U --no-cache add redis shadow && \
+RUN apk --no-cache -U add redis shadow && \
     cp /root/dist/redis.conf /etc && \
 #
 # Setup user and group
@@ -14,9 +14,10 @@ RUN apk -U --no-cache add redis shadow && \
 # Clean up
     apk del --purge \ 
             shadow && \
-    rm -rf /root/* && \
+    rm -rf /root/* \
-    rm -rf /tmp/* /var/tmp/* && \
+           /tmp/* \
-    rm -rf /var/cache/apk/*
+           /var/tmp/* \
+           /var/cache/apk/*
 #
 # Start redis
 STOPSIGNAL SIGKILL

docker/tanner/snare/Dockerfile

@@ -3,8 +3,8 @@ FROM alpine:3.19
 # Include dist
 COPY dist/ /root/dist/
 #
-# Setup apt
+# Install packages
-RUN apk -U --no-cache add \
+RUN apk --no-cache -U add \
 		build-base \
 		git \
 		linux-headers \
@@ -45,9 +45,9 @@ RUN apk -U --no-cache add \
             build-base \
             linux-headers \
             python3-dev && \
-    rm -rf /root/* && \
+    rm -rf /root/* \
-    rm -rf /tmp/* /var/tmp/* && \
+           /tmp/* /var/tmp/* \
-    rm -rf /var/cache/apk/*
+           /var/cache/apk/*
 #
 # Start snare
 STOPSIGNAL SIGKILL

docker/tanner/tanner/Dockerfile

@@ -3,8 +3,8 @@ FROM alpine:3.17
 # Include dist
 COPY dist/ /root/dist/
 #
-# Setup apt
+# Install packages
-RUN apk -U --no-cache add \
+RUN apk --no-cache -U add \
 		build-base \
 		git \
 		libcap \
@@ -67,8 +67,11 @@ RUN apk -U --no-cache add \
 #            libressl-dev \
             linux-headers \
             python3-dev && \
-    rm -rf /root/* && \
+    rm -rf /root/* \
-    rm -rf /tmp/* /var/tmp/* /var/cache/apk/* /opt/tanner/.git
+           /tmp/* \
+           /var/tmp/* \
+           /var/cache/apk/* \
+           /opt/tanner/.git
 #
 # Start tanner
 STOPSIGNAL SIGKILL

docker/tpotinit/Dockerfile

@@ -3,7 +3,7 @@ FROM alpine:edge
 # Include dist
 COPY dist/ /opt/tpot/
 #
-# Get and install dependencies & packages
+# Install packages
 RUN apk --no-cache -U add \
         aria2 \
         apache2-utils \
@@ -36,9 +36,10 @@ RUN apk --no-cache -U add \
 #
 # Clean up
     apk del --purge git && \
-    rm -rf /root/* /tmp/* && \
+    rm -rf /root/* /tmp/* \
-    rm -rf /root/.cache /opt/tpot/.git && \
+           /root/.cache \
-    rm -rf /var/cache/apk/*
+           /opt/tpot/.git \
+           /var/cache/apk/*
 #
 # Run tpotinit
 WORKDIR /opt/tpot

docker/wordpot/Dockerfile

@@ -4,7 +4,7 @@ FROM alpine:3.19
 COPY dist/ /root/dist/
 #
 # Install packages
-RUN apk -U --no-cache add \
+RUN apk --no-cache -U add \
 		build-base \
 		git \
 		libcap \
@@ -39,7 +39,9 @@ RUN apk -U --no-cache add \
     apk del --purge build-base \
 		git \
 		python3-dev && \
-    rm -rf /root/* /var/cache/apk/* /opt/wordpot/.git
+    rm -rf /root/* \
+			/var/cache/apk/* \
+			/opt/wordpot/.git
 #
 # Start wordpot
 STOPSIGNAL SIGINT