forked from google/grr
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
74 lines (59 loc) · 1.78 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
# A Docker image capable of running all GRR components.
#
# See https://hub.docker.com/r/grrdocker/grr/
#
# We have configured Travis to trigger an image build every time a new server
# deb is been uploaded to GCS.
#
# Run the container with:
#
# docker run \
# -e EXTERNAL_HOSTNAME="localhost" \
# -e ADMIN_PASSWORD="demo" \
# -p 0.0.0.0:8000:8000 \
# -p 0.0.0.0:8080:8080 \
# grrdocker/grr
FROM ubuntu:xenial
LABEL maintainer="[email protected]"
ARG GCS_BUCKET
ARG GRR_COMMIT
ENV GRR_VENV /usr/share/grr-server
ENV DEBIAN_FRONTEND noninteractive
# Buffering output (sometimes indefinitely if a thread is stuck in
# a loop) makes for a non-optimal user experience when containers
# are run in the foreground, so we disable that.
ENV PYTHONUNBUFFERED=0
SHELL ["/bin/bash", "-c"]
RUN apt-get update && \
apt-get install -y \
debhelper \
default-jre \
dpkg-dev \
git \
libffi-dev \
libssl-dev \
python-dev \
python-pip \
rpm \
wget \
zip \
mysql-server \
python-mysqldb
RUN pip install --upgrade --no-cache-dir pip virtualenv && \
virtualenv --system-site-packages $GRR_VENV
RUN $GRR_VENV/bin/pip install --upgrade --no-cache-dir wheel six setuptools nodeenv && \
$GRR_VENV/bin/nodeenv -p --prebuilt --node=10.12.0 && \
echo '{ "allow_root": true }' > /root/.bowerrc
# Copy the GRR code over.
ADD . /usr/src/grr
RUN cd /usr/src/grr && /usr/src/grr/docker/install_grr_from_gcs.sh
ENTRYPOINT ["/usr/src/grr/docker/docker-entrypoint.sh"]
# Port for the admin UI GUI
EXPOSE 8000
# Port for clients to talk to
EXPOSE 8080
# Directories used by GRR at runtime, which can be mounted from the host's
# filesystem. Note that volumes can be mounted even if they do not appear in
# this list.
VOLUME ["/usr/share/grr-server/install_data/etc"]
CMD ["grr"]