forked from fabriziofiorucci/NGINX-NMS-Docker
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile.manual
65 lines (51 loc) · 2.14 KB
/
Dockerfile.manual
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
FROM ubuntu:20.04
ARG NIM_DEBFILE
ARG BUILD_WITH_SECONDSIGHT=false
ARG ACM_IMAGE=nim-files/.placeholder
ARG SM_IMAGE=nim-files/.placeholder
ARG PUM_IMAGE=nim-files/.placeholder
# Initial setup
RUN apt-get update && \
DEBIAN_FRONTEND=noninteractive apt-get install -y -q build-essential git nano curl jq wget gawk \
nginx lsb-release rsyslog systemd apt-transport-https ca-certificates netcat && \
mkdir -p /deployment/setup
# NGINX Instance Manager 2.4.0+
COPY $NIM_DEBFILE /deployment/setup/nim.deb
COPY $ACM_IMAGE /deployment/setup/acm.deb
COPY $SM_IMAGE /deployment/setup/sm.deb
COPY $PUM_IMAGE /deployment/setup/pum.deb
COPY ./container/startNIM.sh /deployment/
RUN chmod +x /deployment/startNIM.sh
WORKDIR /deployment/setup
COPY $NIM_DEBFILE /deployment/setup/nim.deb
RUN apt-get -y install /deployment/setup/nim.deb && \
curl -s http://hg.nginx.org/nginx.org/raw-file/tip/xml/en/security_advisories.xml > /usr/share/nms/cve.xml
# Optional API Connectivity Manager
RUN if [ "$ACM_IMAGE" != "nim-files/.placeholder" ] ; then \
apt-get -y install /deployment/setup/acm.deb; fi
# Optional Security Monitoring
RUN if [ "$SM_IMAGE" != "nim-files/.placeholder" ] ; then \
apt-get -y install /deployment/setup/sm.deb; fi
# Optional WAF Policy Compiler
RUN if [ "$PUM_IMAGE" != "nim-files/.placeholder" ] ; then \
apt-get -y install /deployment/setup/pum.deb; fi
# Set permissions
RUN chmod +x /etc/nms/scripts/*.sh
RUN rm -r /deployment/setup
# Optional Second Sight
WORKDIR /deployment
RUN if [ "$BUILD_WITH_SECONDSIGHT" = "true" ] ; then \
apt-get install -y -q build-essential python3-pip python3-dev python3-simplejson git nano curl && \
pip3 install fastapi uvicorn requests clickhouse-driver python-dateutil flask && \
touch /deployment/counter.enabled && \
git clone https://github.com/F5Networks/SecondSight && \
cp SecondSight/f5tt/app.py . && \
cp SecondSight/f5tt/bigiq.py . && \
cp SecondSight/f5tt/cveDB.py . && \
cp SecondSight/f5tt/f5ttCH.py . && \
cp SecondSight/f5tt/f5ttfs.py . && \
cp SecondSight/f5tt/nms.py . && \
cp SecondSight/f5tt/utils.py . && \
rm -rf SecondSight; fi
WORKDIR /deployment
CMD /deployment/startNIM.sh