forked from smicallef/spiderfoot
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
85 lines (75 loc) · 2.71 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
#
# Spiderfoot Dockerfile
#
# http://www.spiderfoot.net
#
# Written by: Michael Pellon <[email protected]>
# Updated by: Chandrapal <[email protected]>
# Updated by: Steve Micallef <[email protected]>
# Updated by: Steve Bate <[email protected]>
# -> Inspired by https://github.com/combro2k/dockerfiles/tree/master/alpine-spiderfoot
#
# Usage:
#
# sudo docker build -t spiderfoot .
# sudo docker run -p 5001:5001 --security-opt no-new-privileges spiderfoot
#
# Using Docker volume for spiderfoot data
#
# sudo docker run -p 5001:5001 -v /mydir/spiderfoot:/var/lib/spiderfoot spiderfoot
#
# Using SpiderFoot remote command line with web server
#
# docker run --rm -it spiderfoot sfcli.py -s http://my.spiderfoot.host:5001/
#
# Running spiderfoot commands without web server (can optionally specify volume)
#
# sudo docker run --rm spiderfoot sf.py -h
#
# Running a shell in the container for maintenance
# sudo docker run -it --entrypoint /bin/sh spiderfoot
#
# Running spiderfoot unit tests in container
#
# sudo docker build -t spiderfoot-test --build-arg REQUIREMENTS=test/requirements.txt .
# sudo docker run --rm spiderfoot-test -m pytest --flake8 .
FROM alpine:3.12.4 AS build
ARG REQUIREMENTS=requirements.txt
RUN apk add --no-cache gcc git curl python3 python3-dev py3-pip swig tinyxml-dev \
python3-dev musl-dev openssl-dev libffi-dev libxslt-dev libxml2-dev jpeg-dev \
openjpeg-dev zlib-dev cargo rust
RUN python3 -m venv /opt/venv
ENV PATH="/opt/venv/bin":$PATH
COPY $REQUIREMENTS requirements.txt ./
RUN ls
RUN echo "$REQUIREMENTS"
RUN pip3 install -U pip
RUN pip3 install -r "$REQUIREMENTS"
FROM alpine:3.13.0
WORKDIR /home/spiderfoot
# Place database and logs outside installation directory
ENV SPIDERFOOT_DATA /var/lib/spiderfoot
ENV SPIDERFOOT_LOGS /var/lib/spiderfoot/log
ENV SPIDERFOOT_CACHE /var/lib/spiderfoot/cache
# Run everything as one command so that only one layer is created
RUN apk --update --no-cache add python3 musl openssl libxslt tinyxml libxml2 jpeg zlib openjpeg \
&& addgroup spiderfoot \
&& adduser -G spiderfoot -h /home/spiderfoot -s /sbin/nologin \
-g "SpiderFoot User" -D spiderfoot \
&& rm -rf /var/cache/apk/* \
&& rm -rf /lib/apk/db \
&& rm -rf /root/.cache \
&& mkdir -p $SPIDERFOOT_DATA || true \
&& mkdir -p $SPIDERFOOT_LOGS || true \
&& mkdir -p $SPIDERFOOT_CACHE || true \
&& chown spiderfoot:spiderfoot $SPIDERFOOT_DATA \
&& chown spiderfoot:spiderfoot $SPIDERFOOT_LOGS \
&& chown spiderfoot:spiderfoot $SPIDERFOOT_CACHE
COPY . .
COPY --from=build /opt/venv /opt/venv
ENV PATH="/opt/venv/bin:$PATH"
USER spiderfoot
EXPOSE 5001
# Run the application.
ENTRYPOINT ["/opt/venv/bin/python"]
CMD ["sf.py", "-l", "0.0.0.0:5001"]