mirror of
https://github.com/telekom-security/tpotce.git
synced 2025-04-29 03:38:51 +00:00
f11ad6b523
ELK 7.6.0 is not ready for production, however it works if APM is enabled (disabled in config, so image wont build as precaution) Remove SISSDEN from ewsposter, suricata Bump suricata to 5.0.1 Alpine now support suricata incl. enabled JA3 support, move back to Alpine install
49 lines
1.2 KiB
Docker
49 lines
1.2 KiB
Docker
FROM alpine
|
|
#
|
|
# Include dist
|
|
ADD dist/ /root/dist/
|
|
#
|
|
# Install packages
|
|
RUN apk -U --no-cache add \
|
|
build-base \
|
|
git \
|
|
libffi-dev \
|
|
libssl1.1 \
|
|
openssl-dev \
|
|
python3 \
|
|
python3-dev \
|
|
py3-cffi \
|
|
py3-ipaddress \
|
|
py3-lxml \
|
|
py3-mysqlclient \
|
|
py3-requests \
|
|
py3-setuptools && \
|
|
pip3 install --no-cache-dir -U pip && \
|
|
pip3 install --no-cache-dir configparser hpfeeds3 pyOpenSSL xmljson && \
|
|
#
|
|
# Setup ewsposter
|
|
git clone --depth=1 https://github.com/dtag-dev-sec/ewsposter /opt/ewsposter && \
|
|
mkdir -p /opt/ewsposter/spool /opt/ewsposter/log && \
|
|
#
|
|
# Setup user and groups
|
|
addgroup -g 2000 ews && \
|
|
adduser -S -H -u 2000 -D -g 2000 ews && \
|
|
chown -R ews:ews /opt/ewsposter && \
|
|
#
|
|
# Supply configs
|
|
mv /root/dist/ews.cfg /opt/ewsposter/ && \
|
|
# mv /root/dist/*.pem /opt/ewsposter/ && \
|
|
#
|
|
# Clean up
|
|
apk del build-base \
|
|
git \
|
|
openssl-dev \
|
|
python3-dev \
|
|
py-setuptools && \
|
|
rm -rf /root/* && \
|
|
rm -rf /var/cache/apk/*
|
|
#
|
|
# Run ewsposter
|
|
STOPSIGNAL SIGINT
|
|
USER ews:ews
|
|
CMD sleep 10 && exec /usr/bin/python3 -u /opt/ewsposter/ews.py -l $(shuf -i 10-60 -n 1)
|