[ENH] Updated IntelMQ-Full

Now we're using the api instead of the manager. This is future proof & will be updated constantly. Removed manager config & added api config Signed-off-by: Sebastian Waldbauer <waldbauer@cert.at> [NGINX] Added default webserver (nginx) Signed-off-by: Sebastian Waldbauer <waldbauer@cert.at> Updated intelmq-full docker image Signed-off-by: Sebastian Waldbauer <waldbauer@cert.at> Changed build process Signed-off-by: Sebastian Waldbauer <waldbauer@cert.at> Updated utils Signed-off-by: Sebastian Waldbauer <waldbauer@cert.at> Fixed entrypoint Signed-off-by: Sebastian Waldbauer <waldbauer@cert.at> Updated docker-compose Signed-off-by: Sebastian Waldbauer <waldbauer@cert.at> Misc Signed-off-by: Sebastian Waldbauer <waldbauer@cert.at>
2025-12-06 09:12:49 +01:00 · 2021-01-24 15:14:10 +01:00
parent 3a105d97bc
commit 0082f38a2f
15 changed files with 156 additions and 56 deletions
--- a/.docker/intelmq-full/Dockerfile
+++ b/.docker/intelmq-full/Dockerfile
@@ -0,0 +1,56 @@
+FROM debian:buster
+ENV LANG C.UTF-8
+
+ARG BUILD_DATE
+ARG VCS_REF
+ARG BUILD_VERSION
+
+LABEL maintainer="IntelMQ Team <intelmq-team@cert.at>" \
+      org.opencontainers.image.authors="IntelMQ-Team <intelmq-team@cert.at>" \
+      org.opencontainers.image.title="intelmq-full" \
+      org.opencontainers.image.description="IntelMQ with core & api" \
+      org.opencontainers.image.url="https://intelmq.org/" \
+      org.opencontainers.image.source="https://github.com/certtools/intelmq.git" \
+      org.opencontainers.image.documentation="https://intelmq.readthedocs.io/en/latest/" \
+      org.opencontainers.image.vendor="intelmq-team"
+
+RUN apt-get update \
+    && apt-get install -y --no-install-recommends \
+    sudo \
+    gcc \
+    python3-nose \
+    python3-yaml \
+    python3-cerberus \
+    python3-requests-mock \
+    python3-dev \
+    python3-setuptools \
+    python3-pip \
+    && rm -rf /var/lib/apt/lists/*
+
+LABEL org.opencontainers.image.created=$BUILD_DATE \
+      org.opencontainers.image.revision=$VCS_REF \
+      org.opencontainers.image.version=$BUILD_VERSION
+
+WORKDIR /opt
+
+COPY ./intelmq /opt/intelmq
+COPY ./intelmq-api /opt/intelmq-api
+
+RUN useradd -d /opt/intelmq -U -s /bin/bash intelmq \
+    && adduser intelmq sudo \ 
+    && echo "%sudo ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers \
+    && sudo chown -R intelmq:intelmq /opt/intelmq
+
+### Install IntelMQ
+RUN cd /opt/intelmq \
+    && pip3 install hug \
+    && pip3 install --no-cache-dir -e . \
+    && intelmqsetup
+
+ADD entrypoint.sh /opt/entrypoint.sh
+RUN chmod +x /opt/entrypoint.sh \
+    && chown intelmq:intelmq /opt/entrypoint.sh
+
+USER intelmq:intelmq
+
+ENTRYPOINT [ "/opt/entrypoint.sh" ]
--- a/.docker/nginx/Dockerfile
+++ b/.docker/nginx/Dockerfile
@@ -0,0 +1,24 @@
+FROM nginx:1.13-alpine
+ENV LANG C.UTF-8
+
+ARG BUILD_DATE
+ARG VCS_REF
+ARG BUILD_VERSION
+
+LABEL maintainer="IntelMQ-Team <intelmq-team@cert.at>" \
+      org.opencontainers.image.authors="IntelMQ-Team <intelmq-team@cert.at>" \
+      org.opencontainers.image.title="intelmq-nginx" \
+      org.opencontainers.image.description="Modified NGINX Server for intelmq" \
+      org.opencontainers.image.url="https://github.com/certtools/intelmq/issues" \
+      org.opencontainers.image.source="https://github.com/certtools/intelmq.git" \
+      org.opencontainers.image.documentation="https://intelmq.readthedocs.io/en/latest/" \
+      org.opencontainers.image.vendor="intelmq-team"
+
+LABEL org.opencontainers.image.created=$BUILD_DATE \
+      org.opencontainers.image.revision=$VCS_REF \
+      org.opencontainers.image.version=$BUILD_VERSION
+
+WORKDIR /www
+
+COPY .docker/nginx/config/app.conf /etc/nginx/conf.d/default.conf
+COPY .docker/nginx/config/nginx.conf /etc/nginx/nginx.conf
--- a/.docker/nginx/config/app.conf
+++ b/.docker/nginx/config/app.conf
@@ -0,0 +1,20 @@
+upstream intelmq_api {
+    server intelmq:8080;
+}
+
+server {
+    listen 80 default_server;
+
+    server_name localhost;
+    
+    root /www;
+
+    location / {
+        index index.html;
+        try_files $uri /index.html =404;
+    }
+
+    location /intelmq/ {
+        proxy_pass http://intelmq_api/;
+    }
+}
--- a/.docker/nginx/config/nginx.conf
+++ b/.docker/nginx/config/nginx.conf
@@ -0,0 +1,27 @@
+user nginx;
+
+worker_processes 1;
+
+error_log /var/log/nginx/error.log warn;
+pid /var/run/nginx.pid;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
+
+    log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+                    '$status $body_bytes_sent "$http_referer" '
+                    '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log /var/log/nginx/access.log main;
+
+    sendfile on;
+
+    keepalive_timeout 65;
+
+    include /etc/nginx/conf.d/*.conf;
+}