added Malcolm

2021-08-06 10:35:01 +02:00
parent f043730066
commit 70f1922e80
751 changed files with 195277 additions and 0 deletions
--- a/Vagrant/resources/malcolm/Dockerfiles/htadmin.Dockerfile
+++ b/Vagrant/resources/malcolm/Dockerfiles/htadmin.Dockerfile
@@ -0,0 +1,99 @@
+FROM debian:buster-slim
+
+# Copyright (c) 2021 Battelle Energy Alliance, LLC.  All rights reserved.
+LABEL maintainer="malcolm.netsec@gmail.com"
+LABEL org.opencontainers.image.authors='malcolm.netsec@gmail.com'
+LABEL org.opencontainers.image.url='https://github.com/cisagov/Malcolm'
+LABEL org.opencontainers.image.documentation='https://github.com/cisagov/Malcolm/blob/master/README.md'
+LABEL org.opencontainers.image.source='https://github.com/cisagov/Malcolm'
+LABEL org.opencontainers.image.vendor='Cybersecurity and Infrastructure Security Agency'
+LABEL org.opencontainers.image.title='malcolmnetsec/htadmin'
+LABEL org.opencontainers.image.description='Malcolm container providing htadmin for managing login accounts in an htpasswd file'
+
+ARG DEFAULT_UID=33
+ARG DEFAULT_GID=33
+ENV DEFAULT_UID $DEFAULT_UID
+ENV DEFAULT_GID $DEFAULT_GID
+ENV PUSER "www-data"
+ENV PGROUP "www-data"
+# not dropping privileges globally so nginx can bind privileged ports internally.
+# nginx and php-fpm will drop privileges to "www-data" user for worker processes
+ENV PUSER_PRIV_DROP false
+
+ENV DEBIAN_FRONTEND noninteractive
+ENV TERM xterm
+
+ARG PHP_VERSION=7.3
+ARG MCRYPT_VERSION=1.0.2
+ARG BOOTSTRAP_VERSION=3.3.6
+
+ENV PHP_VERSION $PHP_VERSION
+ENV MCRYPT_VERSION $MCRYPT_VERSION
+ENV BOOTSTRAP_VERSION $BOOTSTRAP_VERSION
+
+ENV HTADMIN_URL "https://codeload.github.com/mmguero-dev/htadmin/tar.gz/master"
+
+RUN apt-get update && \
+    apt-get -y -q --allow-downgrades --allow-remove-essential --allow-change-held-packages --no-install-recommends install \
+      bcrypt \
+      ca-certificates \
+      curl \
+      libmcrypt-dev \
+      libmcrypt4 \
+      make \
+      mcrypt \
+      nginx-light \
+      php-dev \
+      php-pear \
+      php$PHP_VERSION-apcu \
+      php$PHP_VERSION-cli \
+      php$PHP_VERSION-curl \
+      php$PHP_VERSION-fpm \
+      php$PHP_VERSION-gd \
+      procps \
+      supervisor && \
+    ( yes '' | pecl channel-update pecl.php.net ) && \
+    ( yes '' | pecl install mcrypt-$MCRYPT_VERSION ) && \
+    ln -s -r /usr/lib/php/20??????/*.so /usr/lib/php/$PHP_VERSION/ && \
+    mkdir -p /run/php && \
+  cd /tmp && \
+    mkdir -p ./htadmin && \
+    curl -sSL "$HTADMIN_URL" | tar xzvf - -C ./htadmin --strip-components 1 && \
+    mv /tmp/htadmin/sites/html/htadmin /var/www/htadmin && \
+    cd /var/www/htadmin && \
+    ( grep -rhoPi "(src|href)=['\"]https?://.+?['\"]" ./includes/* | sed "s/^[a-zA-Z]*=['\"]*//" | sed "s/['\"]$//" | xargs -r -l curl -s -S -L -J -O ) && \
+    sed -i "s@http[^'\"]*/@@gI" ./includes/* && \
+    mkdir fonts && cd fonts && \
+    curl -s -S -L -J -O "https://maxcdn.bootstrapcdn.com/bootstrap/$BOOTSTRAP_VERSION/fonts/glyphicons-halflings-regular.ttf" && \
+    curl -s -S -L -J -O "https://maxcdn.bootstrapcdn.com/bootstrap/$BOOTSTRAP_VERSION/fonts/glyphicons-halflings-regular.woff" && \
+    curl -s -S -L -J -O "https://maxcdn.bootstrapcdn.com/bootstrap/$BOOTSTRAP_VERSION/fonts/glyphicons-halflings-regular.woff2" && \
+  chown -R ${PUSER}:${PGROUP} /var/www && \
+  apt-get -y -q --allow-downgrades --allow-remove-essential --allow-change-held-packages --purge remove \
+    make libmcrypt-dev php-pear php-dev && \
+  apt-get autoremove -y -q && \
+  apt-get clean -y -q && \
+  rm -rf /var/lib/apt/lists/* /var/cache/* /tmp/* /var/tmp/* /var/www/html
+
+ADD shared/bin/docker-uid-gid-setup.sh /usr/local/bin/
+ADD docs/images/favicon/favicon.ico /var/www/htadmin/
+ADD htadmin/supervisord.conf /supervisord.conf
+ADD htadmin/htadmin.sh /usr/local/bin/
+ADD htadmin/src /var/www/htadmin/
+ADD htadmin/php/php.ini /etc/php/$PHP_VERSION/fpm/php.ini
+ADD htadmin/nginx/sites-available/default /etc/nginx/sites-available/default
+
+EXPOSE 80
+
+ENTRYPOINT ["/usr/local/bin/docker-uid-gid-setup.sh"]
+
+CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf", "-u", "root", "-n"]
+
+
+# to be populated at build-time:
+ARG BUILD_DATE
+ARG MALCOLM_VERSION
+ARG VCS_REVISION
+
+LABEL org.opencontainers.image.created=$BUILD_DATE
+LABEL org.opencontainers.image.version=$MALCOLM_VERSION
+LABEL org.opencontainers.image.revision=$VCS_REVISION