forked from vulhub/vulhub
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
104 lines (96 loc) · 5.14 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
FROM phusion/baseimage:jammy-1.0.1
LABEL maintainer="phithon <root@leavesongs.com>"
ARG BASEDIR=/opt/jumpserver
RUN set -ex \
&& apt-get update \
&& apt-get install -y --no-install-recommends ca-certificates wget \
&& savedAptMark="$(apt-mark showmanual)" \
&& apt-get install -y --no-install-recommends libcairo2-dev libjpeg-turbo8-dev libpng-dev libtool-bin libossp-uuid-dev \
libavcodec-dev libavformat-dev libavutil-dev libswscale-dev freerdp2-dev libpango1.0-dev libssh2-1-dev libtelnet-dev \
libvncserver-dev libwebsockets-dev libpulse-dev libvorbis-dev libwebp-dev libssl-dev gcc make \
&& mkdir -p ${BASEDIR}/guacd \
&& wget -qO- https://archive.apache.org/dist/guacamole/1.5.2/source/guacamole-server-1.5.2.tar.gz | \
tar xz --strip-components 1 -C ${BASEDIR}/guacd \
&& cd ${BASEDIR}/guacd \
&& ./configure --prefix=/usr/local \
&& make \
&& make install \
# remove unused libraries
&& apt-mark auto '.*' > /dev/null \
&& [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark \
&& apt-mark manual $savedAptMark \
&& find /usr/local -type f -executable -exec ldd '{}' 2>/dev/null ';' \
| awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1 || index(so, "/") == 0) { next }; \
gsub("^/(usr/)?", "", so); print so }' \
| sort -u \
| xargs -r dpkg-query --search \
| cut -d: -f1 \
| sort -u \
| xargs -r apt-mark manual \
\
&& apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \
&& ldconfig /usr \
&& rm -rf /var/lib/apt/lists/* ${BASEDIR}/guacd
RUN set -ex \
&& apt-get update \
&& apt-get install -y --no-install-recommends gcc g++ make wget ca-certificates openjdk-17-jre-headless nginx sshpass \
python3 python3-dev python3-pip pkg-config libxmlsec1-dev libpq-dev libffi-dev libxml2-dev libxslt-dev libldap2-dev \
libsasl2-dev bash-completion libmariadb-dev wait-for-it gettext
COPY requirements.txt /tmp/requirements.txt
WORKDIR ${BASEDIR}
ARG VERSION=3.6.3
RUN set -ex \
# download jumpserver core
&& mkdir -p ${BASEDIR}/core \
&& cd ${BASEDIR}/core \
&& wget -qO- https://github.com/jumpserver/jumpserver/releases/download/v${VERSION}/jumpserver-v${VERSION}.tar.gz | \
tar xz --strip-components 1 \
&& touch config.yml \
&& pip install -r /tmp/requirements.txt \
&& rm -f apps/locale/zh/LC_MESSAGES/django.mo apps/locale/zh/LC_MESSAGES/djangojs.mo \
&& SECRET_KEY=example python3 apps/manage.py compilemessages \
&& rm -rf /tmp/requirements.txt
RUN set -ex \
# download jumpserver frontend (lina)
&& mkdir -p ${BASEDIR}/lina \
&& wget -qO- https://github.com/jumpserver/lina/releases/download/v${VERSION}/lina-v${VERSION}.tar.gz | \
tar xz --strip-components 1 -C ${BASEDIR}/lina \
# download jumpserver terminal frontend (luna)
&& mkdir -p ${BASEDIR}/luna \
&& wget -qO- https://github.com/jumpserver/luna/releases/download/v${VERSION}/luna-v${VERSION}.tar.gz | \
tar xz --strip-components 1 -C ${BASEDIR}/luna \
# download jumpserver SSH/SFTP Web Terminal (koko)
&& mkdir -p ${BASEDIR}/koko \
&& wget -qO- https://github.com/jumpserver/koko/releases/download/v${VERSION}/koko-v${VERSION}-linux-amd64.tar.gz | \
tar xz --strip-components 1 -C ${BASEDIR}/koko \
&& touch config.yml \
# download jumpserver RDP/VNC client (lion)
&& mkdir -p ${BASEDIR}/lion \
&& wget -qO- https://github.com/jumpserver/lion-release/releases/download/v${VERSION}/lion-v${VERSION}-linux-amd64.tar.gz | \
tar xz --strip-components 1 -C ${BASEDIR}/lion \
&& touch config.yml \
# download jumpserver wisp
&& mkdir -p ${BASEDIR}/wisp \
&& wget -qO- https://github.com/jumpserver/wisp/releases/download/v0.1.16/wisp-v0.1.16-linux-amd64.tar.gz | \
tar xz --strip-components 1 -C ${BASEDIR}/wisp \
# download jumpserver database connector (magnus)
&& mkdir -p ${BASEDIR}/magnus \
&& wget -qO- https://github.com/jumpserver/magnus-release/releases/download/v${VERSION}/magnus-v${VERSION}-linux-amd64.tar.gz | \
tar xz --strip-components 1 -C ${BASEDIR}/magnus \
&& touch config.yml \
# download jumpserver Web DB (chen)
&& mkdir -p ${BASEDIR}/chen \
&& wget -qO- https://github.com/jumpserver/chen-release/releases/download/v${VERSION}/chen-${VERSION}.tar.gz | \
tar xz --strip-components 1 -C ${BASEDIR}/chen \
&& mkdir -p /etc/service/chen /etc/service/core /etc/service/guacd /etc/service/koko /etc/service/lion /etc/service/magnus /etc/service/nginx /etc/service/celery
COPY ./chen/run /etc/service/chen/run
COPY ./core/run /etc/service/core/run
COPY ./guacd/run /etc/service/guacd/run
COPY ./koko/run /etc/service/koko/run
COPY ./lion/run /etc/service/lion/run
COPY ./magnus/run /etc/service/magnus/run
COPY ./celery/run /etc/service/celery/run
COPY ./nginx/run /etc/service/nginx/run
COPY ./nginx/default.conf /etc/nginx/sites-enabled/default
RUN set -ex \
&& chmod +x /etc/service/chen/run /etc/service/core/run /etc/service/guacd/run /etc/service/koko/run /etc/service/lion/run /etc/service/magnus/run /etc/service/nginx/run /etc/service/celery/run