mirror of
https://github.com/telekom-security/tpotce.git
synced 2025-04-19 21:52:27 +00:00
f9a9c8c4bf
- tweak deploy a little further - start with rebuilding Dockerfiles - rework healthcheck for adbhoney CPU issues - bump adbhoney, ciscoasa, citrixhoneypot, conpot, cowriepot, ddospot to alpine 3.19 - fix conpot issue with py 3.11 - bump conpot to latest master - bump cowrie to latest master - add autoheal to tpotinit to restart unhealthy container (if healthcheck enabled)
48 lines
1.4 KiB
Docker
48 lines
1.4 KiB
Docker
FROM alpine:3.19
|
|
#
|
|
# Include dist
|
|
COPY dist/ /root/dist/
|
|
#
|
|
# Setup env and apt
|
|
RUN apk --no-cache -U upgrade && \
|
|
apk --no-cache add build-base \
|
|
git \
|
|
libffi \
|
|
libffi-dev \
|
|
openssl \
|
|
openssl-dev \
|
|
py3-cryptography \
|
|
py3-pip \
|
|
python3 \
|
|
python3-dev && \
|
|
#
|
|
# Setup user
|
|
addgroup -g 2000 ciscoasa && \
|
|
adduser -S -s /bin/bash -u 2000 -D -g 2000 ciscoasa && \
|
|
#
|
|
# Get and install packages
|
|
mkdir -p /opt/ && \
|
|
cd /opt/ && \
|
|
git clone https://github.com/cymmetria/ciscoasa_honeypot && \
|
|
cd ciscoasa_honeypot && \
|
|
git checkout d6e91f1aab7fe6fc01fabf2046e76b68dd6dc9e2 && \
|
|
sed -i "s/git+git/git+https/g" requirements.txt && \
|
|
pip3 install --break-system-packages --no-cache-dir -r requirements.txt && \
|
|
cp /root/dist/asa_server.py /opt/ciscoasa_honeypot && \
|
|
chown -R ciscoasa:ciscoasa /opt/ciscoasa_honeypot && \
|
|
#
|
|
# Clean up
|
|
apk del --purge build-base \
|
|
git \
|
|
libffi-dev \
|
|
openssl-dev \
|
|
python3-dev && \
|
|
rm -rf /root/* && \
|
|
rm -rf /opt/ciscoasa_honeypot/.git && \
|
|
rm -rf /var/cache/apk/*
|
|
#
|
|
# Start ciscoasa
|
|
STOPSIGNAL SIGINT
|
|
WORKDIR /tmp/ciscoasa/
|
|
USER ciscoasa:ciscoasa
|
|
CMD cp -R /opt/ciscoasa_honeypot/* /tmp/ciscoasa && exec python3 asa_server.py --ike-port 5000 --enable_ssl --port 8443 --verbose >> /var/log/ciscoasa/ciscoasa.log 2>&1
|