Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-07-01 12:32:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

tweak cyberchef image for better security, prep citrixhoneypot for rebuild

Browse source
This commit is contained in:
t3chn0m4g3 2021-09-20 14:29:42 +00:00
parent e9c03e512c
commit ed224215a4
3 changed files with 23 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
docker/citrixhoneypot/Dockerfile
View file

@ -1,4 +1,4 @@
FROM alpine:3.13 FROM alpine:3.14
# #
# Install packages # Install packages
RUN apk -U add \ RUN apk -U add \
@ -29,7 +29,7 @@ RUN apk -U add \
addgroup -g 2000 citrixhoneypot && \ addgroup -g 2000 citrixhoneypot && \
adduser -S -H -s /bin/ash -u 2000 -D -g 2000 citrixhoneypot && \ adduser -S -H -s /bin/ash -u 2000 -D -g 2000 citrixhoneypot && \
chown -R citrixhoneypot:citrixhoneypot /opt/citrixhoneypot && \ chown -R citrixhoneypot:citrixhoneypot /opt/citrixhoneypot && \
setcap cap_net_bind_service=+ep /usr/bin/python3.8 && \ setcap cap_net_bind_service=+ep /usr/bin/python3.9 && \
# #
# Clean up # Clean up
apk del --purge git \ apk del --purge git \

2
docker/citrixhoneypot/docker-compose.yml
View file

@ -14,7 +14,7 @@ services:
- citrixhoneypot_local - citrixhoneypot_local
ports: ports:
- "443:443" - "443:443"
image: "ghcr.io/telekom-security/citrixhoneypot:2006" image: "dtagdevsec/citrixhoneypot:2006"
read_only: true read_only: true
volumes: volumes:
- /data/citrixhoneypot/logs:/opt/citrixhoneypot/logs - /data/citrixhoneypot/logs:/opt/citrixhoneypot/logs

40
docker/cyberchef/Dockerfile
View file

@ -1,30 +1,30 @@
FROM alpine:3.10 FROM node:10.24.1-alpine3.11 as builder
#
# Get and install dependencies & packages
RUN apk -U --no-cache add \
curl \
git \
npm \
nodejs && \
npm install npm@latest -g && \
npm install -g grunt-cli http-server && \
# #
# Install CyberChef # Install CyberChef
cd /root && \ RUN apk -U --no-cache add git
git clone https://github.com/gchq/cyberchef -b v9.32.3 && \ RUN chown -R node:node /srv
cd cyberchef && \ RUN npm install -g grunt-cli
npm install && \ WORKDIR /srv
grunt prod && \ USER node
mkdir -p /opt/cyberchef && \ RUN git clone https://github.com/gchq/cyberchef -b v9.32.3 .
mv build/prod/* /opt/cyberchef && \ ENV NODE_OPTIONS=--max_old_space_size=2048
cd / && \ RUN npm install
RUN grunt prod
#
# Move from builder
FROM alpine:3.14
#
RUN apk -U --no-cache add \
curl \
npm && \
npm install -g http-server && \
# #
# Clean up # Clean up
apk del --purge git \
npm && \
rm -rf /root/* && \ rm -rf /root/* && \
rm -rf /var/cache/apk/* rm -rf /var/cache/apk/*
# #
COPY --from=builder /srv/build/prod /opt/cyberchef
#
# Healthcheck # Healthcheck
HEALTHCHECK --retries=10 CMD curl -s -XGET 'http://127.0.0.1:8000' HEALTHCHECK --retries=10 CMD curl -s -XGET 'http://127.0.0.1:8000'
# #