From 5287224015f741e429fa809cb65946f4959c0d02 Mon Sep 17 00:00:00 2001 From: t3chn0m4g3 Date: Thu, 5 Sep 2024 19:49:52 +0000 Subject: [PATCH] continue work on builder --- docker/_builder/.env | 3 +- docker/_builder/docker-compose.yml | 358 +++++++++++++++++++++++++++-- docker/adbhoney/Dockerfile | 2 +- docker/dicompot/Dockerfile | 2 +- docker/elk/kibana/Dockerfile | 2 +- docker/elk/logstash/Dockerfile | 2 +- docker/endlessh/Dockerfile | 2 +- docker/ewsposter/Dockerfile | 4 +- docker/hellpot/Dockerfile | 2 +- docker/medpot/Dockerfile | 2 +- docker/nginx/Dockerfile | 2 +- docker/tanner/redis/Dockerfile | 2 +- 12 files changed, 351 insertions(+), 32 deletions(-) diff --git a/docker/_builder/.env b/docker/_builder/.env index f65ca398..57ba83de 100644 --- a/docker/_builder/.env +++ b/docker/_builder/.env @@ -15,7 +15,8 @@ TPOT_DOCKER_REPO=dtagdevsec TPOT_GHCR_REPO=ghcr.io/telekom-security # T-Pot Version Tag -TPOT_VERSION=24.04 +#TPOT_VERSION=24.04 +TPOT_VERSION=testing # T-Pot platforms (architectures) # Most docker features are available on linux diff --git a/docker/_builder/docker-compose.yml b/docker/_builder/docker-compose.yml index 3f65495b..ef50e777 100644 --- a/docker/_builder/docker-compose.yml +++ b/docker/_builder/docker-compose.yml @@ -1,58 +1,376 @@ +# T-Pot Docker Compose Image Builder (use only for building docker images) +# Settings in .env + +################## +#### Anchors +################## + +# Common build config +x-common-build: &common-build + dockerfile: ./Dockerfile + platforms: + - ${TPOT_AMD64} + - ${TPOT_ARM64} + services: ################## #### Honeypots ################## -# Beelzebub service +# Adbhoney + adbhoney: + image: ${TPOT_DOCKER_REPO}/adbhoney:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/adbhoney:${TPOT_VERSION} + context: ../adbhoney/ + <<: *common-build + +# Beelzebub beelzebub: image: ${TPOT_DOCKER_REPO}/beelzebub:${TPOT_VERSION} build: tags: - ${TPOT_GHCR_REPO}/beelzebub:${TPOT_VERSION} context: ../beelzebub/ - dockerfile: ./Dockerfile - platforms: - - ${TPOT_AMD64} - - ${TPOT_ARM64} + <<: *common-build + +# Ciscoasa + ciscoasa: + image: ${TPOT_DOCKER_REPO}/ciscoasa:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/ciscoasa:${TPOT_VERSION} + context: ../ciscoasa/ + <<: *common-build + +# Citrixhoneypot + citrixhoneypot: + image: ${TPOT_DOCKER_REPO}/citrixhoneypot:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/citrixhoneypot:${TPOT_VERSION} + context: ../citrixhoneypot/ + <<: *common-build + +# Conpot + conpot: + image: ${TPOT_DOCKER_REPO}/conpot:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/conpot:${TPOT_VERSION} + context: ../conpot/ + <<: *common-build + +# Cowrie + cowrie: + image: ${TPOT_DOCKER_REPO}/cowrie:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/cowrie:${TPOT_VERSION} + context: ../cowrie/ + <<: *common-build + +# Ddospot + ddospot: + image: ${TPOT_DOCKER_REPO}/ddospot:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/ddospot:${TPOT_VERSION} + context: ../ddospot/ + <<: *common-build + +# Dicompot + dicompot: + image: ${TPOT_DOCKER_REPO}/dicompot:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/dicompot:${TPOT_VERSION} + context: ../dicompot/ + <<: *common-build + +# Dionaea + dionaea: + image: ${TPOT_DOCKER_REPO}/dionaea:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/dionaea:${TPOT_VERSION} + context: ../dionaea/ + <<: *common-build + +# Elasticpot + elasticpot: + image: ${TPOT_DOCKER_REPO}/elasticpot:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/elasticpot:${TPOT_VERSION} + context: ../elasticpot/ + <<: *common-build + +# Endlessh + endlessh: + image: ${TPOT_DOCKER_REPO}/endlessh:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/endlessh:${TPOT_VERSION} + context: ../endlessh/ + <<: *common-build + +# Glutton +# glutton: +# image: ${TPOT_DOCKER_REPO}/glutton:${TPOT_VERSION} +## build: +# tags: +# - ${TPOT_GHCR_REPO}/glutton:${TPOT_VERSION} +# context: ../glutton/ +# <<: *common-build + +# Hellpot + hellpot: + image: ${TPOT_DOCKER_REPO}/hellpot:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/hellpot:${TPOT_VERSION} + context: ../hellpot/ + <<: *common-build + +# Herlading + heralding: + image: ${TPOT_DOCKER_REPO}/heralding:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/heralding:${TPOT_VERSION} + context: ../heralding/ + <<: *common-build + +# Honeypots + honeypots: + image: ${TPOT_DOCKER_REPO}/honeypots:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/honeypots:${TPOT_VERSION} + context: ../honeypots/ + <<: *common-build + +# Honeytrap + honeytrap: + image: ${TPOT_DOCKER_REPO}/honeytrap:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/honeytrap:${TPOT_VERSION} + context: ../honeytrap/ + <<: *common-build + +# Ipphoney + ipphoney: + image: ${TPOT_DOCKER_REPO}/ipphoney:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/ipphoney:${TPOT_VERSION} + context: ../ipphoney/ + <<: *common-build + +# Log4pot + log4pot: + image: ${TPOT_DOCKER_REPO}/log4pot:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/log4pot:${TPOT_VERSION} + context: ../log4pot/ + <<: *common-build + +# Mailoney + mailoney: + image: ${TPOT_DOCKER_REPO}/mailoney:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/mailoney:${TPOT_VERSION} + context: ../mailoney/ + <<: *common-build + +# Medpot + medpot: + image: ${TPOT_DOCKER_REPO}/medpot:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/medpot:${TPOT_VERSION} + context: ../medpot/ + <<: *common-build + +# Redishoneypot + redishoneypot: + image: ${TPOT_DOCKER_REPO}/redishoneypot:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/redishoneypot:${TPOT_VERSION} + context: ../redishoneypot/ + <<: *common-build + +# Sentrypeer + sentrypeer: + image: ${TPOT_DOCKER_REPO}/sentrypeer:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/sentrypeer:${TPOT_VERSION} + context: ../sentrypeer/ + <<: *common-build + +#### Snare / Tanner +## Tanner Redis + redis: + image: ${TPOT_DOCKER_REPO}/redis:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/redis:${TPOT_VERSION} + context: ../tanner/redis/ + <<: *common-build + +## PHP Sandbox + phpox: + image: ${TPOT_DOCKER_REPO}/phpox:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/phpox:${TPOT_VERSION} + context: ../tanner/phpox/ + <<: *common-build + +## Tanner + tanner: + image: ${TPOT_DOCKER_REPO}/tanner:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/tanner:${TPOT_VERSION} + context: ../tanner/tanner/ + <<: *common-build + +## Snare + snare: + image: ${TPOT_DOCKER_REPO}/snare:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/snare:${TPOT_VERSION} + context: ../tanner/snare/ + <<: *common-build +#### + +# Wordpot + wordpot: + image: ${TPOT_DOCKER_REPO}/wordpot:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/wordpot:${TPOT_VERSION} + context: ../wordpot/ + <<: *common-build + + +################## +#### NSM +################## + +# Fatt + fatt: + image: ${TPOT_DOCKER_REPO}/fatt:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/fatt:${TPOT_VERSION} + context: ../fatt/ + <<: *common-build + +# P0f + p0f: + image: ${TPOT_DOCKER_REPO}/p0f:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/p0f:${TPOT_VERSION} + context: ../p0f/ + <<: *common-build + +# Suricata + suricata: + image: ${TPOT_DOCKER_REPO}/suricata:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/suricata:${TPOT_VERSION} + context: ../suricata/ + <<: *common-build + ################## #### Tools ################## -# T-Pot Init Service +# T-Pot Init tpotinit: image: ${TPOT_DOCKER_REPO}/tpotinit:${TPOT_VERSION} build: tags: - ${TPOT_GHCR_REPO}/tpotinit:${TPOT_VERSION} context: ../tpotinit/ - dockerfile: ./Dockerfile - platforms: - - ${TPOT_AMD64} - - ${TPOT_ARM64} + <<: *common-build #### ELK -## Logstash service +## Elasticsearch + elasticsearch: + image: ${TPOT_DOCKER_REPO}/elasticsearch:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/elasticsearch:${TPOT_VERSION} + context: ../elk/elasticsearch/ + <<: *common-build + +## Kibana + kibana: + image: ${TPOT_DOCKER_REPO}/kibana:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/kibana:${TPOT_VERSION} + context: ../elk/kibana/ + <<: *common-build + +## Logstash logstash: image: ${TPOT_DOCKER_REPO}/logstash:${TPOT_VERSION} build: tags: - ${TPOT_GHCR_REPO}/logstash:${TPOT_VERSION} context: ../elk/logstash/ - dockerfile: ./Dockerfile - platforms: - - ${TPOT_AMD64} - - ${TPOT_ARM64} + <<: *common-build -# Map Web Service +## Map Web map: image: ${TPOT_DOCKER_REPO}/map:${TPOT_VERSION} build: tags: - ${TPOT_GHCR_REPO}/map:${TPOT_VERSION} context: ../elk/map/ - dockerfile: ./Dockerfile - platforms: - - ${TPOT_AMD64} - - ${TPOT_ARM64} + <<: *common-build +#### + +# Ewsposter + ewsposter: + image: ${TPOT_DOCKER_REPO}/ewsposter:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/ewsposter:${TPOT_VERSION} + context: ../ewsposter/ + <<: *common-build + +# Nginx + nginx: + image: ${TPOT_DOCKER_REPO}/nginx:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/nginx:${TPOT_VERSION} + context: ../nginx/ + <<: *common-build + +# Spiderfoot + spiderfoot: + image: ${TPOT_DOCKER_REPO}/spiderfoot:${TPOT_VERSION} + build: + tags: + - ${TPOT_GHCR_REPO}/spiderfoot:${TPOT_VERSION} + context: ../spiderfoot/ + <<: *common-build + diff --git a/docker/adbhoney/Dockerfile b/docker/adbhoney/Dockerfile index 36ac7924..bdd1aab2 100644 --- a/docker/adbhoney/Dockerfile +++ b/docker/adbhoney/Dockerfile @@ -36,4 +36,4 @@ STOPSIGNAL SIGINT HEALTHCHECK --interval=5m --timeout=30s --retries=3 CMD python3 /cpu_check.py $(pgrep -of run.py) 99 USER adbhoney:adbhoney WORKDIR /opt/adbhoney/ -CMD /usr/bin/python3 run.py +CMD ["/usr/bin/python3", "run.py"] diff --git a/docker/dicompot/Dockerfile b/docker/dicompot/Dockerfile index f5e03836..ea130040 100644 --- a/docker/dicompot/Dockerfile +++ b/docker/dicompot/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.21-alpine as builder +FROM golang:1.21-alpine AS builder # # Include dist COPY dist/ /root/dist/ diff --git a/docker/elk/kibana/Dockerfile b/docker/elk/kibana/Dockerfile index 78c4219d..37b9215c 100644 --- a/docker/elk/kibana/Dockerfile +++ b/docker/elk/kibana/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:22.04 +FROM debian:12 # # VARS ENV KB_VER=8.14.2 diff --git a/docker/elk/logstash/Dockerfile b/docker/elk/logstash/Dockerfile index d8be86d9..89224fe7 100644 --- a/docker/elk/logstash/Dockerfile +++ b/docker/elk/logstash/Dockerfile @@ -63,4 +63,4 @@ HEALTHCHECK --retries=10 CMD curl -s -XGET 'http://127.0.0.1:9600' # # Start logstash USER logstash:logstash -CMD entrypoint.sh +CMD ["./entrypoint.sh"] diff --git a/docker/endlessh/Dockerfile b/docker/endlessh/Dockerfile index 3a576074..2dc20db8 100644 --- a/docker/endlessh/Dockerfile +++ b/docker/endlessh/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.16 as builder +FROM alpine:3.16 AS builder # # Include dist ADD dist/ /root/dist/ diff --git a/docker/ewsposter/Dockerfile b/docker/ewsposter/Dockerfile index d35d919b..2fe92d59 100644 --- a/docker/ewsposter/Dockerfile +++ b/docker/ewsposter/Dockerfile @@ -24,7 +24,7 @@ RUN apk -U --no-cache add \ py3-wheel && \ pip3 install --break-system-packages --upgrade pip && \ pip3 install --break-system-packages --no-cache-dir configparser hpfeeds3 influxdb influxdb-client xmljson && \ - +# # # Setup ewsposter git clone https://github.com/telekom-security/ewsposter -b v1.25.0 /opt/ewsposter && \ @@ -46,7 +46,7 @@ RUN apk -U --no-cache add \ openssl-dev \ python3-dev \ py-setuptools && \ - rm -rf /root/* /var/cache/apk/* /opt/ewsposter/.git + rm -rf /root/* /var/cache/apk/* /opt/ewsposter/.git # # Run ewsposter STOPSIGNAL SIGINT diff --git a/docker/hellpot/Dockerfile b/docker/hellpot/Dockerfile index 9ffbdafb..ad4e1cf1 100644 --- a/docker/hellpot/Dockerfile +++ b/docker/hellpot/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.21-alpine as builder +FROM golang:1.21-alpine AS builder # # Include dist COPY dist/ /root/dist/ diff --git a/docker/medpot/Dockerfile b/docker/medpot/Dockerfile index 8c7086f7..0b5968a2 100644 --- a/docker/medpot/Dockerfile +++ b/docker/medpot/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.21-alpine as builder +FROM golang:1.21-alpine AS builder # # Setup apk RUN apk -U --no-cache add \ diff --git a/docker/nginx/Dockerfile b/docker/nginx/Dockerfile index 6b8b6ce1..fe724c66 100644 --- a/docker/nginx/Dockerfile +++ b/docker/nginx/Dockerfile @@ -36,4 +36,4 @@ RUN apk -U --no-cache add \ rm -rf /var/cache/apk/* # # Start nginx -CMD nginx -g 'daemon off;' +CMD ["nginx", "-g", "daemon off;"] diff --git a/docker/tanner/redis/Dockerfile b/docker/tanner/redis/Dockerfile index 5c85d4cd..4d05379b 100644 --- a/docker/tanner/redis/Dockerfile +++ b/docker/tanner/redis/Dockerfile @@ -21,4 +21,4 @@ RUN apk -U --no-cache add redis shadow && \ # Start redis STOPSIGNAL SIGKILL USER redis:redis -CMD redis-server /etc/redis.conf +CMD ["redis-server", "/etc/redis.conf"]