forked from archerysec/archerysec
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
96 lines (72 loc) · 2.77 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
#Ubuntu base OS
FROM ubuntu:18.04
# Labels and Credits
LABEL \
name="ArcherySec" \
author="Anand Tiwari <[email protected]>" \
maintainer="Anand Tiwari <[email protected]>" \
description="Archery is an opensource vulnerability assessment and management tool which helps developers and pentesters to perform scans and manage vulnerabilities. Archery uses popular opensource tools to perform comprehensive scanning for web application and network. It also performs web application dynamic authenticated scanning and covers the whole applications by using selenium. The developers can also utilize the tool for implementation of their DevOps CI/CD environment."
ENV DJANGO_SETTINGS_MODULE="archerysecurity.settings.base" \
DJANGO_WSGI_MODULE="archerysecurity.wsgi"
# Update & Upgrade Ubuntu. Install packages
RUN \
apt-get update && \
DEBIAN_FRONTEND=noninteractive \
apt-get install --quiet --yes --fix-missing \
make \
default-jre \
postgresql-client-10 \
sslscan \
nikto \
nmap \
wget \
curl \
unzip \
git \
python3-pip \
virtualenv \
gunicorn \
postgresql \
python-psycopg2 \
postgresql-server-dev-all \
libpq-dev \
python3-dev \
&& \
DEBIAN_FRONTEND=noninteractive \
apt-get autoremove --purge -y && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
# Set locales
RUN locale-gen en_US.UTF-8
ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8'
# Create archerysec user and group
RUN groupadd -r archerysec && useradd -r -m -g archerysec archerysec
# Include init script
ADD ./docker-files/init.sh /usr/local/bin/init.sh
RUN chmod +x /usr/local/bin/init.sh
# Set user to archerysec to execute rest of commands
USER archerysec
# Create archerysec folder.
RUN mkdir /home/archerysec/app
# Set archerysec as a work directory.
WORKDIR /home/archerysec/app
RUN virtualenv -p python3 /home/archerysec/app/venv
# Copy all file to archerysec folder.
COPY . .
RUN mkdir nikto_result
RUN wget https://github.com/zaproxy/zaproxy/releases/download/2.7.0/ZAP_2.7.0_Linux.tar.gz
RUN tar -xvzf ZAP_2.7.0_Linux.tar.gz
RUN mkdir zap
RUN cp -r ZAP_2.7.0/* /home/archerysec/app/zap
COPY zap_config/policies /home/archerysec/app/zap
COPY zap_config/ascanrulesBeta-beta-24.zap /home/archerysec/app/zap/plugin/ascanrulesBeta-beta-24.zap
RUN rm -rf ZAP_2.7.0_Linux.tar.gz && \
rm -rf ZAP_2.7.0
# Install requirements
RUN . venv/bin/activate && pip3 install --no-cache-dir -r requirements.txt && \
rm -rf /home/archerysec/.cache
RUN . venv/bin/activate && python3 -m pip install git+https://github.com/archerysec/openvas_lib.git && python3 /home/archerysec/app/manage.py collectstatic --noinput
# Exposing port.
EXPOSE 8000
# UP & RUN application.
CMD ["/usr/local/bin/init.sh"]