Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-05-04 22:28:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Finish work on new builder, tweaking

Browse source
This commit is contained in:
t3chn0m4g3 2024-09-11 10:42:17 +00:00
parent 4f3edb61b3
commit 29ad2a507d
41 changed files with 307 additions and 235 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
docker/_builder/.env
View file

@ -21,7 +21,3 @@ TPOT_VERSION=testing
# Most docker features are available on linux # Most docker features are available on linux
TPOT_AMD64=linux/amd64 TPOT_AMD64=linux/amd64
TPOT_ARM64=linux/arm64 TPOT_ARM64=linux/arm64
# Proxy
# Set Proxy (i.e. "http://proxy:3128") to improve speed (while caching)
PROXY="http://proxy:3128"

85
docker/_builder/builder.sh
View file

@ -1,13 +1,16 @@
#!/bin/bash #!/usr/bin/env bash
# ANSI color codes for green (OK) and red (FAIL) # ANSI color codes for green (OK) and red (FAIL)
GREEN='\033[0;32m' GREEN='\033[0;32m'
RED='\033[0;31m' RED='\033[0;31m'
NC='\033[0m' # No Color NC='\033[0m' # No Color
# Default flags # Default settings
PUSH_IMAGES=false PUSH_IMAGES=false
NO_CACHE=false NO_CACHE=false
PARALLELBUILDS=8
UPLOAD_BANDWIDTH=40mbit # Set this to max 90% of available upload bandwidth
INTERFACE=$(/sbin/ip address show | /usr/bin/awk '/inet.*brd/{ print $NF; exit }')
# Help message # Help message
usage() { usage() {
@ -37,6 +40,45 @@ while getopts ":pnh" opt; do
esac esac
done done
# Function to apply upload bandwidth limit using tc
apply_bandwidth_limit() {
echo -n "Applying upload bandwidth limit of $UPLOAD_BANDWIDTH on interface $INTERFACE..."
if sudo tc qdisc add dev $INTERFACE root tbf rate $UPLOAD_BANDWIDTH burst 32kbit latency 400ms >/dev/null 2>&1; then
echo -e " [${GREEN}OK${NC}]"
else
echo -e " [${RED}FAIL${NC}]"
remove_bandwidth_limit
# Try to reapply the limit
echo -n "Reapplying upload bandwidth limit of $UPLOAD_BANDWIDTH on interface $INTERFACE..."
if sudo tc qdisc add dev $INTERFACE root tbf rate $UPLOAD_BANDWIDTH burst 32kbit latency 400ms >/dev/null 2>&1; then
echo -e " [${GREEN}OK${NC}]"
else
echo -e " [${RED}FAIL${NC}]"
echo "Failed to apply bandwidth limit on $INTERFACE. Exiting."
echo
exit 1
fi
fi
}
# Function to check if the bandwidth limit is set
is_bandwidth_limit_set() {
sudo tc qdisc show dev $INTERFACE | grep -q 'tbf'
}
# Function to remove the bandwidth limit using tc if it is set
remove_bandwidth_limit() {
if is_bandwidth_limit_set; then
echo -n "Removing upload bandwidth limit on interface $INTERFACE..."
if sudo tc qdisc del dev $INTERFACE root; then
echo -e " [${GREEN}OK${NC}]"
else
echo -e " [${RED}FAIL${NC}]"
fi
fi
}
echo "###########################" echo "###########################"
echo "# T-Pot Image Builder" echo "# T-Pot Image Builder"
echo "###########################" echo "###########################"
@ -86,6 +128,24 @@ else
echo -e " [${RED}FAIL${NC}]" echo -e " [${RED}FAIL${NC}]"
fi fi
# Apply bandwidth limit only if pushing images
if $PUSH_IMAGES; then
echo
echo "########################################"
echo "# Setting Upload Bandwidth limit ..."
echo "########################################"
echo
apply_bandwidth_limit
fi
# Trap to ensure bandwidth limit is removed on script error, exit
trap_cleanup() {
if is_bandwidth_limit_set; then
remove_bandwidth_limit
fi
}
trap trap_cleanup INT ERR EXIT
echo echo
echo "################################" echo "################################"
echo "# Now building images ..." echo "# Now building images ..."
@ -95,11 +155,10 @@ echo
mkdir -p log mkdir -p log
# List of services to build # List of services to build
#services=$(docker compose config --services) services=$(docker compose config --services | sort)
services="tpotinit beelzebub nginx p0f"
# Loop through each service # Loop through each service to build
echo $services | tr ' ' '\n' | xargs -I {} -P 3 bash -c ' echo $services | tr ' ' '\n' | xargs -I {} -P $PARALLELBUILDS bash -c '
echo "Building image: {}" && \ echo "Building image: {}" && \
build_cmd="docker compose build {}" && \ build_cmd="docker compose build {}" && \
if '$PUSH_IMAGES'; then \ if '$PUSH_IMAGES'; then \
@ -109,10 +168,20 @@ echo $services | tr ' ' '\n' | xargs -I {} -P 3 bash -c '
build_cmd="$build_cmd --no-cache"; \ build_cmd="$build_cmd --no-cache"; \
fi && \ fi && \
eval "$build_cmd 2>&1 > log/{}.log" && \ eval "$build_cmd 2>&1 > log/{}.log" && \
echo -e "Service {}: ['$GREEN'OK'$NC']" || \ echo -e "Image {}: ['$GREEN'OK'$NC']" || \
echo -e "Service {}: ['$RED'FAIL'$NC']" echo -e "Image {}: ['$RED'FAIL'$NC']"
' '
# Remove bandwidth limit if it was applied
if is_bandwidth_limit_set; then
echo
echo "########################################"
echo "# Removiong Upload Bandwidth limit ..."
echo "########################################"
echo
remove_bandwidth_limit
fi
echo echo
echo "#######################################################" echo "#######################################################"
echo "# Done." echo "# Done."

2
docker/_builder/docker-compose.yml
View file

@ -7,8 +7,6 @@
# Common build config # Common build config
x-common-build: &common-build x-common-build: &common-build
args:
PROXY: ${PROXY}
dockerfile: ./Dockerfile dockerfile: ./Dockerfile
platforms: platforms:
- ${TPOT_AMD64} - ${TPOT_AMD64}

128
docker/_builder/setup_builder.sh
View file

@ -1,57 +1,99 @@
#!/usr/bin/env bash #!/usr/bin/env bash
# Got root? # ANSI color codes for green (OK) and red (FAIL)
myWHOAMI=$(whoami) BLUE='\033[0;34m'
if [ "$myWHOAMI" != "root" ] GREEN='\033[0;32m'
then RED='\033[0;31m'
echo "Need to run as root ..." NC='\033[0m' # No Color
exit
# Check if the user is in the docker group
if ! groups $(whoami) | grep &>/dev/null '\bdocker\b'; then
echo -e "${RED}You need to be in the docker group to run this script without root privileges.${NC}"
echo "Please run the following command to add yourself to the docker group:"
echo " sudo usermod -aG docker $(whoami)"
echo "Then log out and log back in or run the script with sudo."
exit 1
fi fi
# Only run with command switch # Command-line switch check
if [ "$1" != "-y" ]; then if [ "$1" != "-y" ]; then
echo "### Setting up docker for Multi Arch Builds." echo "### Setting up Docker for Multi-Arch Builds."
echo "### Requires Docker packages from https://get.docker.com/" echo "### Requires Docker packages from https://get.docker.com/"
echo "### Use on x64 only!" echo "### Use on x64 only!"
echo "### Run with -y if you fit the requirements!" echo "### Run with -y if you fit the requirements!"
echo exit 0
exit
fi fi
# We need to create a new builder as the default one cannot handle multi-arch builds # Check if the mybuilder exists and is running
# https://docs.docker.com/desktop/multi-arch/ echo -n "Checking if buildx builder 'mybuilder' exists and is running..."
docker buildx create --name mybuilder if ! docker buildx inspect mybuilder --bootstrap >/dev/null 2>&1; then
echo
echo -n " Creating and starting buildx builder 'mybuilder'..."
if docker buildx create --name mybuilder --driver docker-container --use >/dev/null 2>&1 && \
docker buildx inspect mybuilder --bootstrap >/dev/null 2>&1; then
echo -e " [${GREEN}OK${NC}]"
else
echo -e " [${RED}FAIL${NC}]"
exit 1
fi
else
echo -e " [${GREEN}OK${NC}]"
fi
# Set as default # Ensure QEMU is set up for cross-platform builds
docker buildx use mybuilder echo -n "Ensuring QEMU is configured for cross-platform builds..."
if docker run --rm --privileged multiarch/qemu-user-static --reset -p yes >/dev/null 2>&1; then
echo -e " [${GREEN}OK${NC}]"
else
echo -e " [${RED}FAIL${NC}]"
exit 1
fi
# We need to install emulators, arm64 should be fine for now # Ensure arm64 and amd64 platforms are active
# https://github.com/tonistiigi/binfmt/ echo -n "Ensuring 'mybuilder' supports linux/arm64 and linux/amd64..."
docker run --privileged --rm tonistiigi/binfmt --install arm64 active_platforms=$(docker buildx inspect mybuilder --bootstrap | grep -oP '(?<=Platforms: ).*')
# Check if everything is setup correctly if [[ "$active_platforms" == *"linux/arm64"* && "$active_platforms" == *"linux/amd64"* ]]; then
docker buildx inspect --bootstrap echo -e " [${GREEN}OK${NC}]"
echo else
echo "### Done." echo
echo echo -n " Enabling platforms linux/arm64 and linux/amd64..."
echo "Example (manual build): docker buildx build --platform linux/amd64,linux/arm64 -t username/demo:latest --push ." if docker buildx create --name mybuilder --driver docker-container --use --platform linux/amd64,linux/arm64 >/dev/null 2>&1 && \
echo "Docs: https://docs.docker.com/desktop/multi-arch/" docker buildx inspect mybuilder --bootstrap >/dev/null 2>&1; then
echo echo -e " [${GREEN}OK${NC}]"
echo "Example (build release): docker compose build" else
echo echo -e " [${RED}FAIL${NC}]"
echo "Example (build and push release): docker compose build --push" exit 1
echo fi
echo "Example (build single image): docker compose build tpotinit" fi
echo
echo "Example (build and push single image): docker compose build tpotinit --push"
echo
echo "Resolve problems running buildx:"
echo "docker buildx create --use --name mybuilder"
echo "docker buildx inspect mybuilder --bootstrap"
echo "docker login -u <username>"
echo "docker login ghcr.io - <username>"
echo
echo "Resolve segmentation faults when building arm64 images in qemu on amd64:"
echo "docker run --rm --privileged multiarch/qemu-user-static --reset -p yes"
echo
echo
echo -e "${BLUE}### Done.${NC}"
echo
echo -e "${BLUE}Examples:${NC}"
echo -e " ${BLUE}Manual multi-arch build:${NC}"
echo " docker buildx build --platform linux/amd64,linux/arm64 -t username/demo:latest --push ."
echo
echo -e " ${BLUE}Documentation:${NC} https://docs.docker.com/desktop/multi-arch/"
echo
echo -e " ${BLUE}Build release with Docker Compose:${NC}"
echo " docker compose build"
echo
echo -e " ${BLUE}Build and push release with Docker Compose:${NC}"
echo " docker compose build --push"
echo
echo -e " ${BLUE}Build a single image with Docker Compose:${NC}"
echo " docker compose build tpotinit"
echo
echo -e " ${BLUE}Build and push a single image with Docker Compose:${NC}"
echo " docker compose build tpotinit --push"
echo
echo -e "${BLUE}Resolve buildx issues:${NC}"
echo " docker buildx create --use --name mybuilder"
echo " docker buildx inspect mybuilder --bootstrap"
echo " docker login -u <username>"
echo " docker login ghcr.io -u <username>"
echo
echo -e "${BLUE}Fix segmentation faults when building arm64 images:${NC}"
echo " docker run --rm --privileged multiarch/qemu-user-static --reset -p yes"
echo

15
docker/adbhoney/Dockerfile
View file

@ -1,19 +1,10 @@
FROM alpine:3.19 FROM alpine:3.19
ARG PROXY
ENV http_proxy=${PROXY}
# #
# Include dist # Include dist
COPY dist/ /root/dist/ COPY dist/ /root/dist/
# #
# Install packages, use proxy if available and cache using http # Install packages
RUN ash -c 'if [ -n "${http_proxy}" ]; then \ RUN apk --no-cache -U add \
sed -i "s/https/http/g" /etc/apk/repositories; \
echo "Using HTTP Proxy at ${http_proxy}"; \
else \
echo "HTTP Proxy not configured, proceeding without proxy"; \
fi' && \
# Setup apk
apk --no-cache -U add \
git \ git \
procps \ procps \
py3-psutil \ py3-psutil \
@ -37,9 +28,7 @@ RUN ash -c 'if [ -n "${http_proxy}" ]; then \
# #
# Clean up # Clean up
apk del --purge git && \ apk del --purge git && \
sed -i "s/http/https/g" /etc/apk/repositories && \
rm -rf /root/* /opt/adbhoney/.git /var/cache/apk/* rm -rf /root/* /opt/adbhoney/.git /var/cache/apk/*
ENV http_proxy=""
# #
# Set workdir and start adbhoney # Set workdir and start adbhoney
STOPSIGNAL SIGINT STOPSIGNAL SIGINT

3
docker/beelzebub/Dockerfile
View file

@ -4,7 +4,8 @@ ENV GO111MODULE=on \
CGO_ENABLED=0 \ CGO_ENABLED=0 \
GOOS=linux GOOS=linux
# #
RUN apk add git # Install packages
RUN apk -U add git
# #
WORKDIR /root WORKDIR /root
# #

11
docker/ciscoasa/Dockerfile
View file

@ -3,9 +3,8 @@ FROM alpine:3.19
# Include dist # Include dist
COPY dist/ /root/dist/ COPY dist/ /root/dist/
# #
# Setup env and apt # Install packages
RUN apk --no-cache -U upgrade && \ RUN apk --no-cache -U add build-base \
apk --no-cache add build-base \
git \ git \
libffi \ libffi \
libffi-dev \ libffi-dev \
@ -37,9 +36,9 @@ RUN apk --no-cache -U upgrade && \
libffi-dev \ libffi-dev \
openssl-dev \ openssl-dev \
python3-dev && \ python3-dev && \
rm -rf /root/* && \ rm -rf /root/* \
rm -rf /opt/ciscoasa_honeypot/.git && \ /opt/ciscoasa_honeypot/.git \
rm -rf /var/cache/apk/* /var/cache/apk/*
# #
# Start ciscoasa # Start ciscoasa
STOPSIGNAL SIGINT STOPSIGNAL SIGINT

6
docker/citrixhoneypot/Dockerfile
View file

@ -33,9 +33,9 @@ RUN apk --no-cache -U add \
# Clean up # Clean up
apk del --purge git \ apk del --purge git \
openssl && \ openssl && \
rm -rf /root/* && \ rm -rf /root/* \
rm -rf /opt/citrixhoneypot/.git && \ /opt/citrixhoneypot/.git \
rm -rf /var/cache/apk/* /var/cache/apk/*
# #
# Set workdir and start citrixhoneypot # Set workdir and start citrixhoneypot
STOPSIGNAL SIGINT STOPSIGNAL SIGINT

11
docker/conpot/Dockerfile
View file

@ -3,9 +3,8 @@ FROM alpine:3.19
# Include dist # Include dist
COPY dist/ /root/dist/ COPY dist/ /root/dist/
# #
# Setup apt # Install packages
RUN apk --no-cache -U add \ RUN apk --no-cache -U add build-base \
build-base \
cython \ cython \
file \ file \
git \ git \
@ -88,9 +87,9 @@ RUN apk --no-cache -U add \
pkgconfig \ pkgconfig \
python3-dev \ python3-dev \
wget && \ wget && \
rm -rf /root/* && \ rm -rf /root/* \
rm -rf /tmp/* && \ /tmp/* \
rm -rf /var/cache/apk/* /var/cache/apk/*
# #
# Start conpot # Start conpot
STOPSIGNAL SIGINT STOPSIGNAL SIGINT

13
docker/cowrie/Dockerfile
View file

@ -3,7 +3,7 @@ FROM alpine:3.19
# Include dist # Include dist
COPY dist/ /root/dist/ COPY dist/ /root/dist/
# #
# Get and install dependencies & packages # Install packages
RUN apk --no-cache -U add \ RUN apk --no-cache -U add \
bash \ bash \
build-base \ build-base \
@ -50,7 +50,6 @@ RUN apk --no-cache -U add \
pip3 install --break-system-packages -r requirements.txt && \ pip3 install --break-system-packages -r requirements.txt && \
# #
# Setup configs # Setup configs
#export PYTHON_DIR=$(python3 --version | tr '[A-Z]' '[a-z]' | tr -d ' ' | cut -d '.' -f 1,2 ) && \
setcap cap_net_bind_service=+ep $(readlink -f $(type -P python3)) && \ setcap cap_net_bind_service=+ep $(readlink -f $(type -P python3)) && \
cp /root/dist/cowrie.cfg /home/cowrie/cowrie/cowrie.cfg && \ cp /root/dist/cowrie.cfg /home/cowrie/cowrie/cowrie.cfg && \
chown cowrie:cowrie -R /home/cowrie/* /usr/lib/$(readlink -f $(type -P python3) | cut -f4 -d"/")/site-packages/twisted/plugins && \ chown cowrie:cowrie -R /home/cowrie/* /usr/lib/$(readlink -f $(type -P python3) | cut -f4 -d"/")/site-packages/twisted/plugins && \
@ -72,12 +71,10 @@ RUN apk --no-cache -U add \
openssl-dev \ openssl-dev \
python3-dev \ python3-dev \
py3-mysqlclient && \ py3-mysqlclient && \
rm -rf /root/* /tmp/* && \ rm -rf /root/* /tmp/* \
rm -rf /var/cache/apk/* && \ /var/cache/apk/* \
rm -rf /home/cowrie/cowrie/cowrie.pid && \ /home/cowrie/cowrie/cowrie.pid \
rm -rf /home/cowrie/cowrie/.git && \ /home/cowrie/cowrie/.git
# ln -s /usr/bin/python3 /usr/bin/python && \
unset PYTHON_DIR
# #
# Start cowrie # Start cowrie
ENV PYTHONPATH /home/cowrie/cowrie:/home/cowrie/cowrie/src ENV PYTHONPATH /home/cowrie/cowrie:/home/cowrie/cowrie/src

6
docker/ddospot/Dockerfile
View file

@ -52,9 +52,9 @@ RUN apk --no-cache -U add \
apk del --purge build-base \ apk del --purge build-base \
git \ git \
python3-dev && \ python3-dev && \
rm -rf /root/* && \ rm -rf /root/* \
rm -rf /opt/ddospot/.git && \ /opt/ddospot/.git \
rm -rf /var/cache/apk/* /var/cache/apk/*
# #
# Start ddospot # Start ddospot
STOPSIGNAL SIGINT STOPSIGNAL SIGINT

4
docker/dicompot/Dockerfile
View file

@ -3,8 +3,8 @@ FROM golang:1.21-alpine AS builder
# Include dist # Include dist
COPY dist/ /root/dist/ COPY dist/ /root/dist/
# #
# Setup apk # Install packages
RUN apk -U add --no-cache \ RUN apk --no-cache -U add \
build-base \ build-base \
git \ git \
g++ && \ g++ && \

10
docker/dionaea/Dockerfile
View file

@ -1,7 +1,5 @@
FROM ubuntu:22.04 FROM ubuntu:22.04
ENV DEBIAN_FRONTEND noninteractive ENV DEBIAN_FRONTEND noninteractive
ARG PROXY
ENV http_proxy=${PROXY}
# #
# Include dist # Include dist
COPY dist/ /root/dist/ COPY dist/ /root/dist/
@ -121,8 +119,12 @@ RUN bash -c 'if [ -n "${http_proxy}" ]; then \
# #
apt-get autoremove --purge -y && \ apt-get autoremove --purge -y && \
apt-get clean && \ apt-get clean && \
rm -rf /root/* /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /opt/dionaea/.git rm -rf /root/* \
ENV http_proxy="" /var/lib/apt/lists/* \
/tmp/* \
/var/tmp/* \
/root/.cache \
/opt/dionaea/.git
# #
# Start dionaea # Start dionaea
STOPSIGNAL SIGINT STOPSIGNAL SIGINT

7
docker/elasticpot/Dockerfile
View file

@ -4,7 +4,7 @@ FROM alpine:3.19
COPY dist/ /root/dist/ COPY dist/ /root/dist/
# #
# Install packages # Install packages
RUN apk -U --no-cache add \ RUN apk --no-cache -U add \
build-base \ build-base \
ca-certificates \ ca-certificates \
git \ git \
@ -48,8 +48,9 @@ RUN apk -U --no-cache add \
openssl-dev \ openssl-dev \
postgresql-dev \ postgresql-dev \
python3-dev && \ python3-dev && \
rm -rf /root/* && \ rm -rf /root/* \
rm -rf /var/cache/apk/* /opt/elasticpot/.git /var/cache/apk/* \
/opt/elasticpot/.git
# #
# Start elasticpot # Start elasticpot
STOPSIGNAL SIGINT STOPSIGNAL SIGINT

21
docker/elk/elasticsearch/Dockerfile
View file

@ -1,22 +1,12 @@
FROM ubuntu:22.04 FROM ubuntu:22.04
ENV DEBIAN_FRONTEND noninteractive ENV DEBIAN_FRONTEND noninteractive
ARG PROXY
ENV ES_VER=8.14.2 ENV ES_VER=8.14.2
ENV http_proxy=${PROXY}
# #
# Include dist # Include dist
COPY dist/ /root/dist/ COPY dist/ /root/dist/
# #
# Check if APT_PROXY is set and configure apt to use the proxy only if it's available # Install packages
RUN bash -c 'if [ -n "${http_proxy}" ]; then \ RUN apt-get update -y && \
echo "Using APT proxy at ${http_proxy}"; \
echo "Acquire::http::Proxy \"${http_proxy}\";" > /etc/apt/apt.conf.d/01proxy; \
else \
echo "APT proxy not configured, proceeding without proxy"; \
fi' && \
# bash -c 'echo "Acquire::http::Proxy::ports.ubuntu.com DIRECT;" > /etc/apt/apt.conf.d/99force-no-proxy' && \
# Setup apt
apt-get update -y && \
apt-get install -y \ apt-get install -y \
aria2 \ aria2 \
curl && \ curl && \
@ -48,8 +38,11 @@ RUN bash -c 'if [ -n "${http_proxy}" ]; then \
# Clean up # Clean up
apt-get purge aria2 -y && \ apt-get purge aria2 -y && \
apt-get autoremove -y --purge && \ apt-get autoremove -y --purge && \
apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /root/* apt-get clean && \
ENV http_proxy="" rm -rf /var/lib/apt/lists/* \
/tmp/* /var/tmp/* \
/root/.cache \
/root/*
# #
# Healthcheck # Healthcheck
HEALTHCHECK --retries=10 CMD curl -s -XGET 'http://127.0.0.1:9200/_cat/health' HEALTHCHECK --retries=10 CMD curl -s -XGET 'http://127.0.0.1:9200/_cat/health'

11
docker/elk/kibana/Dockerfile
View file

@ -1,12 +1,11 @@
FROM node:20.13.1-alpine3.20 FROM node:20.13.1-alpine3.20
#
# VARS
ENV KB_VER=8.14.2 ENV KB_VER=8.14.2
# #
# Include dist # Include dist
COPY dist/ /root/dist/ COPY dist/ /root/dist/
# #
RUN apk -U --no-cache add \ # Install packages
RUN apk --no-cache -U add \
aria2 \ aria2 \
curl \ curl \
gcompat && \ gcompat && \
@ -44,9 +43,9 @@ RUN apk -U --no-cache add \
# #
# Clean up # Clean up
apk del --purge aria2 && \ apk del --purge aria2 && \
rm -rf /root/* && \ rm -rf /root/* \
rm -rf /tmp/* && \ /tmp/* \
rm -rf /var/cache/apk/* /var/cache/apk/*
# #
# Healthcheck # Healthcheck
HEALTHCHECK --retries=10 CMD curl -s -XGET 'http://127.0.0.1:5601' HEALTHCHECK --retries=10 CMD curl -s -XGET 'http://127.0.0.1:5601'

21
docker/elk/logstash/Dockerfile
View file

@ -1,22 +1,12 @@
FROM ubuntu:22.04 FROM ubuntu:22.04
ENV DEBIAN_FRONTEND noninteractive ENV DEBIAN_FRONTEND noninteractive
ARG PROXY
ENV LS_VER=8.14.2 ENV LS_VER=8.14.2
ENV http_proxy=${PROXY}
# #
# Include dist # Include dist
COPY dist/ /root/dist/ COPY dist/ /root/dist/
# #
# Check if PROXY is set and configure apt to use the proxy # Install packages
RUN bash -c 'if [ -n "${http_proxy}" ]; then \ RUN apt-get update -y && \
echo "Using APT proxy at ${http_proxy}"; \
echo "Acquire::http::Proxy \"${http_proxy}\";" > /etc/apt/apt.conf.d/01proxy; \
else \
echo "APT proxy not configured, proceeding without proxy"; \
fi' && \
# bash -c 'echo "Acquire::http::Proxy::ports.ubuntu.com DIRECT;" > /etc/apt/apt.conf.d/99force-no-proxy' && \
# Setup apt
apt-get update -y && \
apt-get install -y \ apt-get install -y \
aria2 \ aria2 \
bash \ bash \
@ -66,8 +56,11 @@ RUN bash -c 'if [ -n "${http_proxy}" ]; then \
# #
# Clean up # Clean up
apt-get autoremove -y --purge && \ apt-get autoremove -y --purge && \
apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /root/* apt-get clean && \
ENV http_proxy="" rm -rf /var/lib/apt/lists/* \
/tmp/* /var/tmp/* \
/root/.cache \
/root/*
# #
# Healthcheck # Healthcheck
HEALTHCHECK --retries=10 CMD curl -s -XGET 'http://127.0.0.1:9600' HEALTHCHECK --retries=10 CMD curl -s -XGET 'http://127.0.0.1:9600'

2
docker/elk/map/Dockerfile
View file

@ -1,7 +1,7 @@
FROM alpine:3.19 FROM alpine:3.19
# #
# Install packages # Install packages
RUN apk -U --no-cache add \ RUN apk --no-cache -U add \
build-base \ build-base \
git \ git \
libcap \ libcap \

9
docker/endlessh/Dockerfile
View file

@ -1,11 +1,10 @@
FROM alpine:3.16 AS builder FROM alpine:3.16 AS builder
# #
# Include dist # Include dist
ADD dist/ /root/dist/ COPY dist/ /root/dist/
# #
# Install packages # Install packages
RUN apk -U add --no-cache \ RUN build-base \
build-base \
git \ git \
libcap && \ libcap && \
# #
@ -32,8 +31,8 @@ RUN apk -U add --no-cache \
#setcap cap_net_bind_service=+ep /usr/bin/python3.8 && \ #setcap cap_net_bind_service=+ep /usr/bin/python3.8 && \
# #
# Clean up # Clean up
rm -rf /root/* && \ rm -rf /root/* \
rm -rf /var/cache/apk/* /var/cache/apk/*
# #
# Set workdir and start endlessh # Set workdir and start endlessh
STOPSIGNAL SIGINT STOPSIGNAL SIGINT

3
docker/ewsposter/Dockerfile
View file

@ -4,7 +4,7 @@ FROM alpine:3.19
COPY dist/ /root/dist/ COPY dist/ /root/dist/
# #
# Install packages # Install packages
RUN apk -U --no-cache add \ RUN apk --no-cache -U add \
build-base \ build-base \
git \ git \
libffi-dev \ libffi-dev \
@ -25,7 +25,6 @@ RUN apk -U --no-cache add \
pip3 install --break-system-packages --upgrade pip && \ pip3 install --break-system-packages --upgrade pip && \
pip3 install --break-system-packages --no-cache-dir configparser hpfeeds3 influxdb influxdb-client xmljson && \ pip3 install --break-system-packages --no-cache-dir configparser hpfeeds3 influxdb influxdb-client xmljson && \
# #
#
# Setup ewsposter # Setup ewsposter
git clone https://github.com/telekom-security/ewsposter -b v1.25.0 /opt/ewsposter && \ git clone https://github.com/telekom-security/ewsposter -b v1.25.0 /opt/ewsposter && \
mkdir -p /opt/ewsposter/spool /opt/ewsposter/log && \ mkdir -p /opt/ewsposter/spool /opt/ewsposter/log && \

8
docker/fatt/Dockerfile
View file

@ -1,7 +1,7 @@
FROM alpine:3.19 FROM alpine:3.19
# #
# Get and install dependencies & packages # Install packages
RUN apk -U --no-cache add \ RUN apk --no-cache -U add \
git \ git \
libcap \ libcap \
py3-libxml2 \ py3-libxml2 \
@ -35,7 +35,9 @@ RUN apk -U --no-cache add \
# Clean up # Clean up
apk del --purge git \ apk del --purge git \
python3-dev && \ python3-dev && \
rm -rf /root/* /var/cache/apk/* /opt/fatt/.git rm -rf /root/* \
/var/cache/apk/* \
/opt/fatt/.git
# #
# Start fatt # Start fatt
STOPSIGNAL SIGINT STOPSIGNAL SIGINT

4
docker/hellpot/Dockerfile
View file

@ -3,8 +3,8 @@ FROM golang:1.21-alpine AS builder
# Include dist # Include dist
COPY dist/ /root/dist/ COPY dist/ /root/dist/
# #
# Setup apk # Install packages
RUN apk -U --no-cache add \ RUN apk --no-cache -U add \
build-base \ build-base \
git \ git \
g++ && \ g++ && \

2
docker/heralding/Dockerfile
View file

@ -4,7 +4,7 @@ FROM alpine:3.19
COPY dist/ /root/dist/ COPY dist/ /root/dist/
# #
# Install packages # Install packages
RUN apk -U --no-cache add \ RUN apk --no-cache -U add \
build-base \ build-base \
git \ git \
libcap \ libcap \

7
docker/honeypots/Dockerfile
View file

@ -4,7 +4,7 @@ FROM alpine:3.19
COPY dist/ /root/dist/ COPY dist/ /root/dist/
# #
# Install packages # Install packages
RUN apk -U --no-cache add \ RUN apk --no-cache -U add \
build-base \ build-base \
freetds \ freetds \
freetds-dev \ freetds-dev \
@ -78,8 +78,9 @@ RUN apk -U --no-cache add \
postgresql-dev \ postgresql-dev \
python3-dev \ python3-dev \
zlib-dev && \ zlib-dev && \
rm -rf /root/* /var/cache/apk/* /opt/honeypots/.git rm -rf /root/* \
/var/cache/apk/* \
/opt/honeypots/.git
# #
# Start honeypots # Start honeypots
STOPSIGNAL SIGINT STOPSIGNAL SIGINT

22
docker/honeytrap/Dockerfile
View file

@ -1,21 +1,11 @@
FROM ubuntu:22.04 FROM ubuntu:22.04
ENV DEBIAN_FRONTEND noninteractive ENV DEBIAN_FRONTEND noninteractive
ARG PROXY
ENV http_proxy=${PROXY}
# #
# Include dist # Include dist
COPY dist/ /root/dist/ COPY dist/ /root/dist/
# #
# Check if APT_PROXY is set and configure apt to use the proxy only if it's available # Install packages
RUN bash -c 'if [ -n "${http_proxy}" ]; then \ RUN apt-get update && \
echo "Using APT proxy at ${http_proxy}"; \
echo "Acquire::http::Proxy \"${http_proxy}\";" > /etc/apt/apt.conf.d/01proxy; \
else \
echo "APT proxy not configured, proceeding without proxy"; \
fi' && \
# bash -c 'echo "Acquire::http::Proxy::ports.ubuntu.com DIRECT;" > /etc/apt/apt.conf.d/99force-no-proxy' && \
# Setup apt
apt-get update && \
# #
# Install packages # Install packages
apt-get install -y autoconf \ apt-get install -y autoconf \
@ -64,8 +54,12 @@ RUN bash -c 'if [ -n "${http_proxy}" ]; then \
libnetfilter-queue-dev \ libnetfilter-queue-dev \
libpq-dev && \ libpq-dev && \
apt-get autoremove -y --purge && \ apt-get autoremove -y --purge && \
apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /root/* /opt/honeytrap/.git apt-get clean && \
ENV http_proxy="" rm -rf /var/lib/apt/lists/* \
/tmp/* /var/tmp/* \
/root/.cache \
/root/* \
/opt/honeytrap/.git
# #
# Start honeytrap # Start honeytrap
USER honeytrap:honeytrap USER honeytrap:honeytrap

2
docker/ipphoney/Dockerfile
View file

@ -4,7 +4,7 @@ FROM alpine:3.19
COPY dist/ /root/dist/ COPY dist/ /root/dist/
# #
# Install packages # Install packages
RUN apk -U --no-cache add \ RUN apk --no-cache -U add \
build-base \ build-base \
ca-certificates \ ca-certificates \
git \ git \

22
docker/log4pot/Dockerfile
View file

@ -1,18 +1,8 @@
FROM ubuntu:22.04 FROM ubuntu:22.04
ENV DEBIAN_FRONTEND noninteractive ENV DEBIAN_FRONTEND noninteractive
ARG PROXY
ENV http_proxy=${PROXY}
# #
# Check if APT_PROXY is set and configure apt to use the proxy # Install packages
RUN bash -c 'if [ -n "${http_proxy}" ]; then \ RUN apt-get update -y && \
echo "Using APT proxy at ${http_proxy}"; \
echo "Acquire::http::Proxy \"${http_proxy}\";" > /etc/apt/apt.conf.d/01proxy; \
else \
echo "APT proxy not configured, proceeding without proxy"; \
fi' && \
# bash -c 'echo "Acquire::http::Proxy::ports.ubuntu.com DIRECT;" > /etc/apt/apt.conf.d/99force-no-proxy' && \
# Setup apt
apt-get update -y && \
apt-get install -y \ apt-get install -y \
build-essential \ build-essential \
cargo \ cargo \
@ -57,8 +47,12 @@ RUN bash -c 'if [ -n "${http_proxy}" ]; then \
python3-dev \ python3-dev \
rust-all && \ rust-all && \
apt-get autoremove -y --purge && \ apt-get autoremove -y --purge && \
apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /opt/Log4Pot/.git apt-get clean && \
ENV http_proxy="" rm -rf /var/lib/apt/lists/* \
/tmp/* \
/var/tmp/* \
/root/.cache \
/opt/Log4Pot/.git
# #
# Start log4pot # Start log4pot
STOPSIGNAL SIGINT STOPSIGNAL SIGINT

2
docker/mailoney/Dockerfile
View file

@ -1,7 +1,7 @@
FROM alpine:3.19 FROM alpine:3.19
# #
# Install packages # Install packages
RUN apk -U --no-cache add \ RUN apk --no-cache -U add \
git \ git \
libcap \ libcap \
py3-pip \ py3-pip \

4
docker/medpot/Dockerfile
View file

@ -1,7 +1,7 @@
FROM golang:1.21-alpine AS builder FROM golang:1.21-alpine AS builder
# #
# Setup apk # Install packages
RUN apk -U --no-cache add \ RUN apk --no-cache -U add \
build-base \ build-base \
git \ git \
go \ go \

8
docker/nginx/Dockerfile
View file

@ -3,8 +3,8 @@ FROM alpine:3.19
# Include dist # Include dist
COPY dist/ /root/dist/ COPY dist/ /root/dist/
# #
# Get and install dependencies & packages # Install packages
RUN apk -U --no-cache add \ RUN apk --no-cache -U add \
nginx \ nginx \
nginx-mod-http-brotli \ nginx-mod-http-brotli \
nginx-mod-http-headers-more \ nginx-mod-http-headers-more \
@ -32,8 +32,8 @@ RUN apk -U --no-cache add \
cp /root/dist/conf/lsweb.conf /etc/nginx/conf.d/ && \ cp /root/dist/conf/lsweb.conf /etc/nginx/conf.d/ && \
# #
# Clean up # Clean up
rm -rf /root/* && \ rm -rf /root/* \
rm -rf /var/cache/apk/* /var/cache/apk/*
# #
# Start nginx # Start nginx
CMD ["nginx", "-g", "daemon off;"] CMD ["nginx", "-g", "daemon off;"]

8
docker/p0f/Dockerfile
View file

@ -1,12 +1,10 @@
# In case of problems Alpine 3.13 needs to be used:
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.14.0#faccessat2
FROM alpine:3.19 FROM alpine:3.19
# #
# Add source # Add source
COPY . /opt/p0f COPY . /opt/p0f
# #
# Install packages # Install packages
RUN apk -U --no-cache add \ RUN apk --no-cache -U add \
bash \ bash \
build-base \ build-base \
jansson \ jansson \
@ -28,8 +26,8 @@ RUN apk -U --no-cache add \
apk del --purge build-base \ apk del --purge build-base \
jansson-dev \ jansson-dev \
libpcap-dev && \ libpcap-dev && \
rm -rf /root/* && \ rm -rf /root/* \
rm -rf /var/cache/apk/* /var/cache/apk/*
# #
# Start p0f # Start p0f
WORKDIR /opt/p0f WORKDIR /opt/p0f

6
docker/redishoneypot/Dockerfile
View file

@ -3,14 +3,14 @@ FROM golang:1.21-alpine as builder
# Include dist # Include dist
COPY dist/ /root/dist/ COPY dist/ /root/dist/
# #
# Setup apk # Install packages
RUN apk -U --no-cache add \ RUN apk --no-cache -U add \
build-base \ build-base \
git \ git \
go \ go \
g++ && \ g++ && \
# #
# Setup go, hellpot # Setup go, redishoneypot
cd /root && \ cd /root && \
export GOPATH=/opt/go/ && \ export GOPATH=/opt/go/ && \
mkdir -p /opt/go && \ mkdir -p /opt/go && \

4
docker/sentrypeer/Dockerfile
View file

@ -11,8 +11,8 @@ RUN apk -U add --no-cache -X http://dl-cdn.alpinelinux.org/alpine/edge/testing \
chown -R sentrypeer:sentrypeer /usr/bin/sentrypeer && \ chown -R sentrypeer:sentrypeer /usr/bin/sentrypeer && \
# #
# Clean up # Clean up
rm -rf /root/* && \ rm -rf /root/* \
rm -rf /var/cache/apk/* /var/cache/apk/*
# #
# Set workdir and start sentrypeer # Set workdir and start sentrypeer
STOPSIGNAL SIGKILL STOPSIGNAL SIGKILL

4
docker/spiderfoot/Dockerfile
View file

@ -3,8 +3,8 @@ FROM alpine:3.19
# Include dist # Include dist
COPY dist/ /root/dist/ COPY dist/ /root/dist/
# #
# Get and install dependencies & packages # Install packages
RUN apk -U --no-cache add \ RUN apk --no-cache -U add \
build-base \ build-base \
curl \ curl \
git \ git \

8
docker/suricata/Dockerfile
View file

@ -4,7 +4,7 @@ FROM alpine:edge
COPY dist/ /root/dist/ COPY dist/ /root/dist/
# #
# Install packages # Install packages
RUN apk -U --no-cache add \ RUN apk --no-cache -U add \
ca-certificates \ ca-certificates \
curl \ curl \
file \ file \
@ -30,9 +30,9 @@ RUN apk -U --no-cache add \
suricata-update --no-test --no-reload && \ suricata-update --no-test --no-reload && \
# #
# Clean up # Clean up
rm -rf /root/* && \ rm -rf /root/* \
rm -rf /tmp/* && \ /tmp/* \
rm -rf /var/cache/apk/* /var/cache/apk/*
# #
# Start suricata # Start suricata
STOPSIGNAL SIGINT STOPSIGNAL SIGINT

2
docker/tanner/phpox/Dockerfile
View file

@ -1,7 +1,7 @@
FROM alpine:3.19 FROM alpine:3.19
# #
# Install packages # Install packages
RUN apk -U --no-cache add \ RUN apk --no-cache -U add \
build-base \ build-base \
file \ file \
git \ git \

11
docker/tanner/redis/Dockerfile
View file

@ -3,8 +3,8 @@ FROM alpine:3.19
# Include dist # Include dist
COPY dist/ /root/dist/ COPY dist/ /root/dist/
# #
# Setup apk and redis # Install packages
RUN apk -U --no-cache add redis shadow && \ RUN apk --no-cache -U add redis shadow && \
cp /root/dist/redis.conf /etc && \ cp /root/dist/redis.conf /etc && \
# #
# Setup user and group # Setup user and group
@ -14,9 +14,10 @@ RUN apk -U --no-cache add redis shadow && \
# Clean up # Clean up
apk del --purge \ apk del --purge \
shadow && \ shadow && \
rm -rf /root/* && \ rm -rf /root/* \
rm -rf /tmp/* /var/tmp/* && \ /tmp/* \
rm -rf /var/cache/apk/* /var/tmp/* \
/var/cache/apk/*
# #
# Start redis # Start redis
STOPSIGNAL SIGKILL STOPSIGNAL SIGKILL

10
docker/tanner/snare/Dockerfile
View file

@ -3,8 +3,8 @@ FROM alpine:3.19
# Include dist # Include dist
COPY dist/ /root/dist/ COPY dist/ /root/dist/
# #
# Setup apt # Install packages
RUN apk -U --no-cache add \ RUN apk --no-cache -U add \
build-base \ build-base \
git \ git \
linux-headers \ linux-headers \
@ -45,9 +45,9 @@ RUN apk -U --no-cache add \
build-base \ build-base \
linux-headers \ linux-headers \
python3-dev && \ python3-dev && \
rm -rf /root/* && \ rm -rf /root/* \
rm -rf /tmp/* /var/tmp/* && \ /tmp/* /var/tmp/* \
rm -rf /var/cache/apk/* /var/cache/apk/*
# #
# Start snare # Start snare
STOPSIGNAL SIGKILL STOPSIGNAL SIGKILL

11
docker/tanner/tanner/Dockerfile
View file

@ -3,8 +3,8 @@ FROM alpine:3.17
# Include dist # Include dist
COPY dist/ /root/dist/ COPY dist/ /root/dist/
# #
# Setup apt # Install packages
RUN apk -U --no-cache add \ RUN apk --no-cache -U add \
build-base \ build-base \
git \ git \
libcap \ libcap \
@ -67,8 +67,11 @@ RUN apk -U --no-cache add \
# libressl-dev \ # libressl-dev \
linux-headers \ linux-headers \
python3-dev && \ python3-dev && \
rm -rf /root/* && \ rm -rf /root/* \
rm -rf /tmp/* /var/tmp/* /var/cache/apk/* /opt/tanner/.git /tmp/* \
/var/tmp/* \
/var/cache/apk/* \
/opt/tanner/.git
# #
# Start tanner # Start tanner
STOPSIGNAL SIGKILL STOPSIGNAL SIGKILL

9
docker/tpotinit/Dockerfile
View file

@ -3,7 +3,7 @@ FROM alpine:edge
# Include dist # Include dist
COPY dist/ /opt/tpot/ COPY dist/ /opt/tpot/
# #
# Get and install dependencies & packages # Install packages
RUN apk --no-cache -U add \ RUN apk --no-cache -U add \
aria2 \ aria2 \
apache2-utils \ apache2-utils \
@ -36,9 +36,10 @@ RUN apk --no-cache -U add \
# #
# Clean up # Clean up
apk del --purge git && \ apk del --purge git && \
rm -rf /root/* /tmp/* && \ rm -rf /root/* /tmp/* \
rm -rf /root/.cache /opt/tpot/.git && \ /root/.cache \
rm -rf /var/cache/apk/* /opt/tpot/.git \
/var/cache/apk/*
# #
# Run tpotinit # Run tpotinit
WORKDIR /opt/tpot WORKDIR /opt/tpot

6
docker/wordpot/Dockerfile
View file

@ -4,7 +4,7 @@ FROM alpine:3.19
COPY dist/ /root/dist/ COPY dist/ /root/dist/
# #
# Install packages # Install packages
RUN apk -U --no-cache add \ RUN apk --no-cache -U add \
build-base \ build-base \
git \ git \
libcap \ libcap \
@ -39,7 +39,9 @@ RUN apk -U --no-cache add \
apk del --purge build-base \ apk del --purge build-base \
git \ git \
python3-dev && \ python3-dev && \
rm -rf /root/* /var/cache/apk/* /opt/wordpot/.git rm -rf /root/* \
/var/cache/apk/* \
/opt/wordpot/.git
# #
# Start wordpot # Start wordpot
STOPSIGNAL SIGINT STOPSIGNAL SIGINT