include docker repos

... skip emobility since it is a dev repo

docker/elasticpot/Dockerfile

@@ -0,0 +1,30 @@
+FROM alpine
+MAINTAINER MS/MO
+
+# Include dist
+ADD dist/ /root/dist/
+
+# Install packages
+RUN apk -U upgrade && \ 
+    apk add bash python3 git && \
+    pip3 install --upgrade pip && \
+    pip3 install bottle requests configparser datetime && \
+    mkdir -p /opt && \
+    cd /opt/ && \
+    git clone https://github.com/schmalle/ElasticpotPY.git && \
+
+# Setup user, groups and configs
+    addgroup -g 2000 elasticpot && \
+    adduser -S -H -s /bin/bash -u 2000 -D -g 2000 elasticpot && \
+    mv /root/dist/elasticpot.cfg /opt/ElasticpotPY/ && \
+    mkdir /opt/ElasticpotPY/log && \
+
+# Clean up
+    apk del git && \
+    rm -rf /root/* && \
+    rm -rf /var/cache/apk/*
+
+# Start elasticpot
+USER elasticpot
+WORKDIR /opt/ElasticpotPY/
+CMD ["/usr/bin/python3","main.py"]

docker/elasticpot/README.md

@@ -0,0 +1,27 @@
+# dockerized elasticpot
+
+
+[elasticpot](https://github.com/schmalle/ElasticPot) elasticpot is a simple elastic search honeypot.
+
+This repository contains the necessary files to create a *dockerized* version of elasticpot.
+
+This dockerized version is part of the **[T-Pot community honeypot](http://dtag-dev-sec.github.io/)** of Deutsche Telekom AG.
+
+The `Dockerfile` contains the blueprint for the dockerized elasticpot and will be used to setup the docker image.  
+
+The `supervisord.conf` is used to start elasticpot under supervision of supervisord.
+
+Using systemd, copy the `systemd/elasticpot.service` to `/etc/systemd/system/elasticpot.service` and start using
+
+```
+systemctl enable elasticpot
+systemctl start elasticpot
+```
+
+This will make sure that the docker container is started with the appropriate permissions and port mappings. Further, it autostarts during boot.
+
+By default all data will be stored in `/data/elasticpot/` until the honeypot service will be restarted which is by default every 24 hours. If you want to keep data persistently simply edit the ``service`` file, find the line that contains ``clean.sh`` and set the option from ``off`` to ``on``. Be advised to establish some sort of log management if you wish to do so.
+
+# ElasticPot Dashboard
+
+![ElasticPot Dashboard](https://raw.githubusercontent.com/dtag-dev-sec/elasticpot/master/doc/dashboard.png)

docker/elasticpot/dist/elasticpot.cfg

@@ -0,0 +1,31 @@
+# ElasticPot Config
+
+[MAIN]
+# Manually set the externally accessible IP of the honeypot
+ip = 192.168.1.1 
+
+
+[ELASTICPOT]
+# ID pf the elasticpot instance
+nodeid = elasticpot-community-01
+
+# Location of the json logfile
+logfile = log/elasticpot.log
+
+# Set elasticpot = False to disable json logging and enable automatic attack submission to ews backend (soap)
+elasticpot = True
+
+
+[EWS]
+# Note: Only relevant if "elasticpot = False"
+# Username for ews submission
+username = community-01-user
+
+# Token for ews submission
+token = foth{a5maiCee8fineu7
+
+# API endpoint for ews submission
+rhost_first = https://community.sicherheitstacho.eu/ews-0.1/alert/postSimpleMessage
+
+# Ignore certificate warnings
+ignorecert = false

docker/elasticpot/docker-compose.yml

@@ -0,0 +1,18 @@
+version: '2.1'
+
+networks:
+  elasticpot_local:
+
+services:
+
+# Elasticpot service
+  elasticpot:
+    container_name: elasticpot
+    restart: always
+    networks:
+     - elasticpot_local
+    ports:
+     - "9200:9200"
+    image: "dtagdevsec/elasticpot:1706"
+    volumes:
+     - /data/elasticpot/log:/opt/ElasticpotPY/log