-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathDockerfile
96 lines (77 loc) · 3.15 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
FROM alpine:3.21
ARG TARGETPLATFORM
RUN apk --no-cache add git ca-certificates
ADD --link --chmod=600 crontabs/root /var/spool/cron/crontabs/root
RUN <<EOT
set -e
version=0.4.6
## Install s6-overlay binaries
case "$TARGETPLATFORM" in
"linux/amd64")
url=https://github.com/vulsio/go-exploitdb/releases/download/v${version}/go-exploitdb_${version}_linux_amd64.tar.gz
checksum=b27cd43a1c194bb365c73d6e4bd199911d83aab4bf48a5eca4ecb8838c0daa9c
;;
"linux/arm64")
url=https://github.com/vulsio/go-exploitdb/releases/download/v${version}/go-exploitdb_${version}_linux_arm64.tar.gz
checksum=432a51a12aebcd4350c4d10c1435cb0d7a5720a7a9bb204a109ccd6c10553184
;;
*)
printf "ERROR: %s" "invalid architecture"
exit 1
esac
archive="$(basename ${url})"
wget -q -O "${archive}" "${url}"
printf "%s %s" "${checksum}" "${archive}" | sha256sum -c -
tar xzvf "${archive}" -C /usr/local/bin 'go-exploitdb'
rm -f "${archive}"
chown root:root /usr/local/bin/go-exploitdb
chmod +x /usr/local/bin/go-exploitdb
mkdir -p /etc/go-exploitdb /var/lib/go-exploitdb /var/log/go-exploitdb
EOT
ADD --link --chmod=644 go-exploitdb/go-exploitdb.yaml /etc/go-exploitdb/go-exploitdb.yaml
ADD --link --chmod=755 go-exploitdb/go-exploitdb-update.sh /usr/local/bin/go-exploitdb-update
VOLUME ["/etc/go-exploitdb", "/var/lib/go-exploitdb", "/var/log/go-exploitdb"]
RUN <<EOT
set -e
version=3.1.6.2
url=
checksum=
## Install s6-overlay scripts
url=https://github.com/just-containers/s6-overlay/releases/download/v${version}/s6-overlay-noarch.tar.xz
checksum=05af2536ec4fb23f087a43ce305f8962512890d7c71572ed88852ab91d1434e3
archive="$(basename ${url})"
wget -q -O "${archive}" "${url}"
printf "%s %s" "${checksum}" "${archive}" | sha256sum -c -
tar -C / -Jxpf "${archive}"
rm -f "${archive}"
## Install s6-overlay binaries
case "$TARGETPLATFORM" in
"linux/amd64")
url=https://github.com/just-containers/s6-overlay/releases/download/v${version}/s6-overlay-x86_64.tar.xz
checksum=95081f11c56e5a351e9ccab4e70c2b1c3d7d056d82b72502b942762112c03d1c
;;
"linux/arm64")
url=https://github.com/just-containers/s6-overlay/releases/download/v${version}/s6-overlay-aarch64.tar.xz
checksum=3fc0bae418a0e3811b3deeadfca9cc2f0869fb2f4787ab8a53f6944067d140ee
;;
*)
printf "ERROR: %s" "invalid architecture"
exit 1
esac
archive="$(basename ${url})"
wget -q -O "${archive}" "${url}"
printf "%s %s" "${checksum}" "${archive}" | sha256sum -c -
tar -C / -Jxpf "${archive}"
rm -f "${archive}"
EOT
ADD --link --chmod=755 s6-rc.d/cron /etc/s6-overlay/s6-rc.d/cron
ADD --link --chmod=755 s6-rc.d/go-exploitdb /etc/s6-overlay/s6-rc.d/go-exploitdb
ADD --link --chmod=755 s6-rc.d/go-exploitdb-updater /etc/s6-overlay/s6-rc.d/go-exploitdb-updater
ADD --link --chmod=755 s6-rc.d/user/contents.d/* /etc/s6-overlay/s6-rc.d/user/contents.d/
ENV S6_KEEP_ENV 1
# Stop container if any of the services fail to start at boot.
ENV S6_BEHAVIOUR_IF_STAGE2_FAILS 2
ENV S6_VERBOSITY 1
# Stop container if services are not started in 10 mins.
ENV S6_CMD_WAIT_FOR_SERVICES_MAXTIME 600000
ENTRYPOINT ["/init"]