telekom-security/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-07-02 01:27:27 -04:00
Code Issues Packages Projects Releases Wiki Activity

tweaking, hardening

Browse Source
This commit is contained in:
Marco Ochse
2018-05-18 15:40:07 +00:00
parent b151397d85
commit 4fde6ac15f
2 changed files with 13 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
docker/glutton/Dockerfile
View File

@ -4,16 +4,14 @@ FROM alpine
ADD dist/ /root/dist/
# Setup apk
RUN apk -U --no-cache add bash \
build-base \
git \
go \
g++ \
iptables-dev \
libnetfilter_queue-dev \
libpcap-dev \
procps \
upx && \
RUN apk -U --no-cache add \
build-base \
git \
go \
g++ \
iptables-dev \
libnetfilter_queue-dev \
libpcap-dev && \
# Setup go, glutton
export GOPATH=/opt/go/ && \
@ -28,11 +26,10 @@ RUN apk -U --no-cache add bash \
mv /opt/go/src/github.com/mushorg/glutton/bin /opt/glutton/ && \
mv /opt/go/src/github.com/mushorg/glutton/config /opt/glutton/ && \
mv /opt/go/src/github.com/mushorg/glutton/rules /opt/glutton/ && \
upx /opt/glutton/bin/server && \
# Setup user, groups and configs
addgroup -g 2000 glutton && \
adduser -S -s /bin/bash -u 2000 -D -g 2000 glutton && \
adduser -S -s /bin/ash -u 2000 -D -g 2000 glutton && \
mkdir -p /var/log/glutton && \
mv /root/dist/rules.yaml /opt/glutton/rules/ && \
@ -40,8 +37,7 @@ RUN apk -U --no-cache add bash \
apk del --purge build-base \
git \
go \
g++ \
upx && \
g++ && \
rm -rf /var/cache/apk/* \
/opt/go \
/root/dist

3
docker/glutton/docker-compose.yml
View File

@ -8,10 +8,13 @@ services:
build: .
container_name: glutton
restart: always
tmpfs:
- /var/lib/glutton:uid=2000,gid=2000
network_mode: "host"
cap_add:
- NET_ADMIN
image: "dtagdevsec/glutton:1804"
read_only: true
volumes:
- /data/glutton/log:/var/log/glutton
- /root/tpotce/docker/glutton/dist/rules.yaml:/opt/glutton/rules/rules.yaml