forked from google/grr
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
81 lines (66 loc) · 2.13 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
# A Docker image capable of running all GRR components.
#
# See https://hub.docker.com/r/grrdocker/grr/
#
# We have configured Travis to trigger an image build every time a new server
# deb is been uploaded to GCS.
#
# Run the container with:
#
# docker run \
# -e EXTERNAL_HOSTNAME="localhost" \
# -e ADMIN_PASSWORD="demo" \
# -p 0.0.0.0:8000:8000 \
# -p 0.0.0.0:8080:8080 \
# grrdocker/grr
#
# TODO(ogaro): Implement support for using an external MySQL instance.
FROM ubuntu:xenial
LABEL maintainer="[email protected]"
ENV GRR_VENV /usr/share/grr-server
ENV PROTOC /usr/share/protobuf/bin/protoc
ENV DEBIAN_FRONTEND noninteractive
# Buffering output (sometimes indefinitely if a thread is stuck in
# a loop) makes for a non-optimal user experience when containers
# are run in the foreground, so we disable that.
ENV PYTHONUNBUFFERED=0
SHELL ["/bin/bash", "-c"]
RUN apt-get update && \
apt-get install -y \
debhelper \
default-jre \
dpkg-dev \
git \
libffi-dev \
libssl-dev \
python-dev \
python-pip \
rpm \
wget \
zip \
mysql-server \
python-mysqldb
RUN pip install --upgrade --no-cache-dir pip virtualenv && \
virtualenv --system-site-packages $GRR_VENV
# Install proto compiler
RUN mkdir -p /usr/share/protobuf && \
cd /usr/share/protobuf && \
wget --quiet "https://github.com/google/protobuf/releases/download/v3.3.0/protoc-3.3.0-linux-x86_64.zip" && \
unzip protoc-3.3.0-linux-x86_64.zip && \
rm protoc-3.3.0-linux-x86_64.zip
RUN $GRR_VENV/bin/pip install --upgrade --no-cache-dir wheel six setuptools nodeenv && \
$GRR_VENV/bin/nodeenv -p --prebuilt --node=10.12.0 && \
echo '{ "allow_root": true }' > /root/.bowerrc
# Copy the GRR code over.
ADD . /usr/src/grr
RUN cd /usr/src/grr && /usr/src/grr/docker/install_grr_from_gcs.sh
ENTRYPOINT ["/usr/src/grr/docker/docker-entrypoint.sh"]
# Port for the admin UI GUI
EXPOSE 8000
# Port for clients to talk to
EXPOSE 8080
# Directories used by GRR at runtime, which can be mounted from the host's
# filesystem. Note that volumes can be mounted even if they do not appear in
# this list.
VOLUME ["/usr/share/grr-server/install_data/etc"]
CMD ["grr"]