mirror of https://github.com/cowrie/cowrie.git
123 lines
4.1 KiB
Docker
123 lines
4.1 KiB
Docker
# This Dockerfile contains two images, `builder` and `runtime`.
|
|
# `builder` contains all necessary code to build
|
|
# `runtime` is stripped down.
|
|
|
|
ARG ARCH=
|
|
ARG BUILD_DATE
|
|
ARG TAG
|
|
FROM ${ARCH}debian:bullseye-slim as builder
|
|
|
|
WORKDIR /
|
|
|
|
# This is a temporary workaround, see https://github.com/cowrie/docker-cowrie/issues/26
|
|
ENV CRYPTOGRAPHY_DONT_BUILD_RUST=1
|
|
|
|
ENV COWRIE_GROUP=cowrie \
|
|
COWRIE_USER=cowrie \
|
|
COWRIE_HOME=/cowrie
|
|
|
|
# Set locale to UTF-8, otherwise upstream libraries have bytes/string conversion issues
|
|
ENV LC_ALL=en_US.UTF-8 \
|
|
LANG=en_US.UTF-8 \
|
|
LANGUAGE=en_US.UTF-8
|
|
|
|
RUN groupadd -r ${COWRIE_GROUP} && \
|
|
useradd -r -d ${COWRIE_HOME} -m -g ${COWRIE_GROUP} ${COWRIE_USER}
|
|
|
|
# Set up Debian prereqs
|
|
RUN export DEBIAN_FRONTEND=noninteractive; \
|
|
apt-get update && \
|
|
apt-get install -y \
|
|
-o APT::Install-Suggests=false \
|
|
-o APT::Install-Recommends=false \
|
|
python3-pip \
|
|
ca-certificates \
|
|
libffi-dev \
|
|
libssl-dev \
|
|
python3-dev \
|
|
python3-venv \
|
|
python3 \
|
|
rustc \
|
|
cargo \
|
|
git \
|
|
build-essential \
|
|
python3-virtualenv \
|
|
libsnappy-dev && \
|
|
rm -rf /var/lib/apt/lists/*
|
|
|
|
USER ${COWRIE_USER}
|
|
WORKDIR ${COWRIE_HOME}
|
|
|
|
# Copy requirements first to use Docker caching better
|
|
RUN mkdir -p ${COWRIE_HOME}/cowrie-git
|
|
COPY --chown=${COWRIE_USER}:${COWRIE_GROUP} requirements.txt requirements-output.txt ${COWRIE_HOME}/cowrie-git/
|
|
|
|
RUN python3 -m venv cowrie-env && \
|
|
. cowrie-env/bin/activate && \
|
|
pip install --no-cache-dir --upgrade pip wheel setuptools && \
|
|
pip install --no-cache-dir --upgrade cffi && \
|
|
pip install --no-cache-dir --upgrade -r ${COWRIE_HOME}/cowrie-git/requirements.txt && \
|
|
pip install --no-cache-dir --upgrade -r ${COWRIE_HOME}/cowrie-git/requirements-output.txt
|
|
|
|
COPY --chown=${COWRIE_USER}:${COWRIE_GROUP} . ${COWRIE_HOME}/cowrie-git
|
|
|
|
|
|
FROM gcr.io/distroless/python3-debian11 AS runtime
|
|
#FROM gcr.io/distroless/python3-debian11:debug AS runtime
|
|
|
|
LABEL org.opencontainers.image.created=${BUILD_DATE}
|
|
LABEL org.opencontainers.image.authors="Michel Oosterhof <michel@oosterhof.net>"
|
|
LABEL org.opencontainers.image.url="https://cowrie.org/"
|
|
LABEL org.opencontainers.image.documentation="https://cowrie.readthedocs.io"
|
|
LABEL org.opencontainers.image.source="https://github.com/cowrie/cowrie"
|
|
LABEL org.opencontainers.image.version=${TAG}
|
|
LABEL org.opencontainers.image.revision="Source control revision identifier for the packaged software."
|
|
LABEL org.opencontainers.image.vendor="Cowrie"
|
|
LABEL org.opencontainers.image.licenses="BSD-3-Clause"
|
|
LABEL org.opencontainers.image.ref.name=${TAG}
|
|
LABEL org.opencontainers.image.title="Cowrie SSH/Telnet Honeypot"
|
|
LABEL org.opencontainers.image.description="Cowrie SSH/Telnet Honeypot"
|
|
#LABEL org.opencontainers.image.base.digest="7beb0248fd81"
|
|
LABEL org.opencontainers.image.base.name="gcr.io/distroless/python3-debian11"
|
|
|
|
ENV COWRIE_GROUP=cowrie \
|
|
COWRIE_USER=cowrie \
|
|
COWRIE_HOME=/cowrie
|
|
|
|
#RUN groupadd -r ${COWRIE_GROUP} && \
|
|
# useradd -r -d ${COWRIE_HOME} -m -g ${COWRIE_GROUP} ${COWRIE_USER}
|
|
COPY --from=builder --chown=0:0 /etc/passwd /etc/passwd
|
|
COPY --from=builder --chown=0:0 /etc/group /etc/group
|
|
|
|
#RUN export DEBIAN_FRONTEND=noninteractive; \
|
|
# apt-get update && \
|
|
# apt-get install -y \
|
|
# -o APT::Install-Suggests=false \
|
|
# -o APT::Install-Recommends=false \
|
|
# libssl1.1 \
|
|
# ca-certificates \
|
|
# libffi7 \
|
|
# procps \
|
|
# python3 \
|
|
# python3-distutils && \
|
|
# rm -rf /var/lib/apt/lists/* && \
|
|
# ln -s /usr/bin/python3 /usr/local/bin/python
|
|
|
|
COPY --from=builder --chown=${COWRIE_USER}:${COWRIE_GROUP} ${COWRIE_HOME} ${COWRIE_HOME}
|
|
|
|
RUN python3 -m compileall ${COWRIE_HOME} /usr/lib/python3.9
|
|
|
|
VOLUME [ "/cowrie/cowrie-git/var", "/cowrie/cowrie-git/etc" ]
|
|
|
|
USER ${COWRIE_USER}
|
|
WORKDIR ${COWRIE_HOME}/cowrie-git
|
|
|
|
ENV PATH=${COWRIE_HOME}/cowrie-env/bin:${PATH}
|
|
ENV PYTHONPATH=${COWRIE_HOME}/cowrie-git/src
|
|
ENV PYTHONUNBUFFERED=1
|
|
|
|
ENTRYPOINT [ "/cowrie/cowrie-env/bin/python3" ]
|
|
CMD [ "/cowrie/cowrie-env/bin/twistd", "-n", "--umask=0022", "--pidfile=", "cowrie" ]
|
|
|
|
EXPOSE 2222 2223
|