mirror of
https://github.com/telekom-security/tpotce.git
synced 2025-05-03 13:48:54 +00:00
be74fc75ca
healthcheck, watch pid not cpu cleanup dockerfiles bump dicompot, heralding, elasticpot, endlessh to alpine 3.19 bump dionaea, heralding to latest master
44 lines
1.4 KiB
Docker
44 lines
1.4 KiB
Docker
FROM alpine:3.19
|
|
#
|
|
# Install packages
|
|
RUN apk --no-cache -U add \
|
|
git \
|
|
libcap \
|
|
openssl \
|
|
py3-pip \
|
|
python3 && \
|
|
#
|
|
pip3 install --break-system-packages --no-cache-dir python-json-logger && \
|
|
#
|
|
# Install CitrixHoneypot from GitHub
|
|
git clone https://github.com/t3chn0m4g3/CitrixHoneypot /opt/citrixhoneypot && \
|
|
cd /opt/citrixhoneypot && \
|
|
git checkout f59ad7320dc5bbb8c23c8baa5f111b52c52fbef3 && \
|
|
#
|
|
# Setup user, groups and configs
|
|
mkdir -p /opt/citrixhoneypot/logs /opt/citrixhoneypot/ssl && \
|
|
openssl req \
|
|
-nodes \
|
|
-x509 \
|
|
-newkey rsa:2048 \
|
|
-keyout "/opt/citrixhoneypot/ssl/key.pem" \
|
|
-out "/opt/citrixhoneypot/ssl/cert.pem" \
|
|
-days 365 \
|
|
-subj '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd' && \
|
|
addgroup -g 2000 citrixhoneypot && \
|
|
adduser -S -H -s /bin/ash -u 2000 -D -g 2000 citrixhoneypot && \
|
|
chown -R citrixhoneypot:citrixhoneypot /opt/citrixhoneypot && \
|
|
setcap cap_net_bind_service=+ep $(readlink -f $(type -P python3)) && \
|
|
#
|
|
# Clean up
|
|
apk del --purge git \
|
|
openssl && \
|
|
rm -rf /root/* && \
|
|
rm -rf /opt/citrixhoneypot/.git && \
|
|
rm -rf /var/cache/apk/*
|
|
#
|
|
# Set workdir and start citrixhoneypot
|
|
STOPSIGNAL SIGINT
|
|
USER citrixhoneypot:citrixhoneypot
|
|
WORKDIR /opt/citrixhoneypot/
|
|
CMD nohup /usr/bin/python3 CitrixHoneypot.py
|