switched docker to debian
This commit is contained in:
Domingo Dirutigliano
19
Dockerfile
19
Dockerfile
@@ -9,27 +9,24 @@ RUN yarn build
|
|||||||
|
|
||||||
|
|
||||||
#Building main conteiner
|
#Building main conteiner
|
||||||
FROM python:alpine AS base
|
FROM debian:bookworm-slim as base
|
||||||
|
RUN apt-get update -qq && apt-get upgrade -qq
|
||||||
RUN apk update
|
RUN apt-get install -qq python3-pip build-essential
|
||||||
RUN apk add g++ git pcre2-dev libnetfilter_queue-dev libpcap-dev\
|
RUN apt-get install -qq git libpcre2-dev libnetfilter-queue-dev
|
||||||
libcrypto1.1 libnfnetlink-dev libmnl-dev make cmake nftables maturin\
|
RUN apt-get install -qq libssl-dev libnfnetlink-dev libmnl-dev libcap2-bin
|
||||||
boost-dev libcap autoconf automake bash rust cargo openssl-dev libffi-dev
|
RUN apt-get install -qq make cmake nftables libboost-all-dev autoconf
|
||||||
|
RUN apt-get install -qq automake cargo libffi-dev libtins-dev #python3-nftables
|
||||||
|
|
||||||
WORKDIR /tmp/
|
WORKDIR /tmp/
|
||||||
RUN git clone --single-branch --branch release https://github.com/jpcre2/jpcre2
|
RUN git clone --single-branch --branch release https://github.com/jpcre2/jpcre2
|
||||||
RUN git clone --single-branch https://github.com/mfontanini/libtins.git
|
|
||||||
WORKDIR /tmp/jpcre2
|
WORKDIR /tmp/jpcre2
|
||||||
RUN ./configure; make -j`nproc`; make install
|
RUN ./configure; make -j`nproc`; make install
|
||||||
WORKDIR /tmp/libtins
|
|
||||||
RUN mkdir build; cd build; cmake ../ -DLIBTINS_ENABLE_CXX11=1; make -j`nproc`; make install
|
|
||||||
|
|
||||||
RUN mkdir -p /execute/modules
|
RUN mkdir -p /execute/modules
|
||||||
WORKDIR /execute
|
WORKDIR /execute
|
||||||
|
|
||||||
ADD ./backend/requirements.txt /execute/requirements.txt
|
ADD ./backend/requirements.txt /execute/requirements.txt
|
||||||
RUN pip3 install --upgrade pip
|
RUN pip3 install --no-cache-dir --break-system-packages -r /execute/requirements.txt --no-warn-script-location
|
||||||
RUN pip3 install --no-cache-dir -r /execute/requirements.txt --no-warn-script-location
|
|
||||||
|
|
||||||
COPY ./backend/binsrc /execute/binsrc
|
COPY ./backend/binsrc /execute/binsrc
|
||||||
RUN g++ binsrc/nfqueue.cpp -o modules/cppqueue -O3 -lnetfilter_queue -pthread -lpcre2-8 -ltins -lmnl -lnfnetlink
|
RUN g++ binsrc/nfqueue.cpp -o modules/cppqueue -O3 -lnetfilter_queue -pthread -lpcre2-8 -ltins -lmnl -lnfnetlink
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
|
||||||
chown nobody:nobody -R /execute/
|
chown nobody -R /execute/
|
||||||
|
|
||||||
exec capsh --caps="cap_net_admin+eip cap_setpcap,cap_setuid,cap_setgid+ep" \
|
exec capsh --caps="cap_net_admin+eip cap_setpcap,cap_setuid,cap_setgid+ep" \
|
||||||
--keep=1 --user=nobody --addamb=cap_net_admin -- -c "python3 /execute/app.py DOCKER"
|
--keep=1 --user=nobody --addamb=cap_net_admin -- -c "python3 /execute/app.py DOCKER"
|
||||||
|
|||||||
21
firegex-compose.yml
Normal file
21
firegex-compose.yml
Normal file
@@ -0,0 +1,21 @@
|
|||||||
|
|
||||||
|
version: '3.9'
|
||||||
|
|
||||||
|
services:
|
||||||
|
firewall:
|
||||||
|
restart: unless-stopped
|
||||||
|
container_name: firegex
|
||||||
|
build: .
|
||||||
|
ports:
|
||||||
|
- 4444:4444
|
||||||
|
environment:
|
||||||
|
- PORT=4444
|
||||||
|
- NTHREADS=8
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
- firegex_data:/execute/db
|
||||||
|
- /execute/db
|
||||||
|
cap_add:
|
||||||
|
- NET_ADMIN
|
||||||
|
volumes:
|
||||||
|
firegex_data:
|
||||||
Reference in New Issue
Block a user