tweaking, hardening

2025-07-02 01:27:27 -04:00 · 2018-05-04 16:29:55 +00:00
parent 915d3f1b89
commit b1fbcd9532
12 changed files with 79 additions and 519 deletions
--- a/docker/elk/docker-compose.yml
+++ b/docker/elk/docker-compose.yml
@ -7,6 +7,7 @@ services:
 # ELK services
 ## Elasticsearch service
  elasticsearch:
+    build: elasticsearch/.
    container_name: elasticsearch
    restart: always
    environment:
@ -30,6 +31,7 @@ services:

 ## Kibana service
  kibana:
+    build: kibana/.
    container_name: kibana
    restart: always
    stop_signal: SIGKILL
@ -42,6 +44,7 @@ services:

 ## Logstash service
  logstash:
+    build: logstash/.
    container_name: logstash
    restart: always
    depends_on:
@ -57,6 +60,7 @@ services:

 ## Elasticsearch-head service
  head:
+    build: head/.
    container_name: head
    restart: always
    depends_on:
--- a/docker/elk/logstash/Dockerfile
+++ b/docker/elk/logstash/Dockerfile
@ -5,17 +5,17 @@ ADD dist/ /root/dist/

 # Setup env and apt
 RUN apk -U upgrade && \
-    apk add bash \
-            curl \
-            git \
-            libc6-compat \
-            libzmq \
-            openjdk8-jre \
-            procps \
-            wget && \
+    apk --no-cache add \
+                    bash \
+                    curl \
+                    git \
+                    libc6-compat \
+                    libzmq \
+                    openjdk8-jre \
+                    wget && \

 # Get and install packages
-    git clone https://github.com/dtag-dev-sec/listbot /etc/listbot && \
+    git clone --depth=1 https://github.com/dtag-dev-sec/listbot /etc/listbot && \
    cd /root/dist/ && \
    mkdir -p /usr/share/logstash/ && \
    wget https://artifacts.elastic.co/downloads/logstash/logstash-6.2.4.tar.gz && \
@ -42,11 +42,13 @@ RUN apk -U upgrade && \

 # Clean up
    apk del --purge wget && \
-    rm -rf /root/*
+    rm -rf /root/* && \
+    rm -rf /var/cache/apk/*

 # Healthcheck
 HEALTHCHECK --retries=10 CMD curl -s -XGET 'http://127.0.0.1:9600'

 # Start logstash
 #USER logstash:logstash
-CMD update.sh && exec /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/logstash.conf
+#CMD update.sh && exec /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/logstash.conf
+CMD exec /usr/share/logstash/bin/logstash -f /etc/logstash/conf.d/logstash.conf
--- a/docker/elk/logstash/dist/update.sh
+++ b/docker/elk/logstash/dist/update.sh
@ -8,5 +8,5 @@ trap fuCLEANUP EXIT

 # Download updated translation maps
 cd /etc/listbot 
-git pull
+git pull --all --depth=1
 cd /
--- a/docker/elk/logstash/docker-compose.yml
+++ b/docker/elk/logstash/docker-compose.yml
@ -1,5 +1,3 @@
-# T-Pot (Standard)
-# For docker-compose ...
 version: '2.2'

 services: