Initial clamd container
This commit is contained in:
parent
7676fe2dd2
commit
cae7ff7816
@ -1,8 +1,8 @@
|
||||
FROM debian:latest
|
||||
FROM debian:stretch-slim
|
||||
MAINTAINER https://m-ko.de Markus Kosmal <code@cnfg.io>
|
||||
|
||||
# Debian Base to use
|
||||
ENV DEBIAN_VERSION jessie
|
||||
ENV DEBIAN_VERSION stretch
|
||||
|
||||
# initial install of av daemon
|
||||
RUN echo "deb http://http.debian.net/debian/ $DEBIAN_VERSION main contrib non-free" > /etc/apt/sources.list && \
|
||||
@ -13,15 +13,14 @@ RUN echo "deb http://http.debian.net/debian/ $DEBIAN_VERSION main contrib non-fr
|
||||
clamav-daemon \
|
||||
clamav-freshclam \
|
||||
libclamunrar7 \
|
||||
wget && \
|
||||
curl && \
|
||||
apt-get clean && \
|
||||
rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# initial update of av databases
|
||||
RUN wget -O /var/lib/clamav/main.cvd http://db.local.clamav.net/main.cvd && \
|
||||
wget -O /var/lib/clamav/daily.cvd http://db.local.clamav.net/daily.cvd && \
|
||||
wget -O /var/lib/clamav/bytecode.cvd http://db.local.clamav.net/bytecode.cvd && \
|
||||
chown clamav:clamav /var/lib/clamav/*.cvd
|
||||
COPY dl_files.sh /dl_files.sh
|
||||
RUN chmod +x /dl_files.sh
|
||||
RUN /dl_files.sh
|
||||
|
||||
# permission juggling
|
||||
RUN mkdir /var/run/clamav && \
|
||||
@ -33,9 +32,6 @@ RUN sed -i 's/^Foreground .*$/Foreground true/g' /etc/clamav/clamd.conf && \
|
||||
echo "TCPSocket 3310" >> /etc/clamav/clamd.conf && \
|
||||
sed -i 's/^Foreground .*$/Foreground true/g' /etc/clamav/freshclam.conf
|
||||
|
||||
# volume provision
|
||||
VOLUME ["/var/lib/clamav"]
|
||||
|
||||
# port provision
|
||||
EXPOSE 3310
|
||||
|
||||
|
@ -1,35 +1,7 @@
|
||||
#!/bin/bash
|
||||
# bootstrap clam av service and clam av database updater shell script
|
||||
# presented by mko (Markus Kosmal<code@cnfg.io>)
|
||||
set -m
|
||||
trap "kill 0" SIGINT
|
||||
|
||||
# start clam service itself and the updater in background as daemon
|
||||
freshclam -d &
|
||||
clamd &
|
||||
|
||||
# recognize PIDs
|
||||
pidlist=`jobs -p`
|
||||
|
||||
# initialize latest result var
|
||||
latest_exit=0
|
||||
|
||||
# define shutdown helper
|
||||
function shutdown() {
|
||||
trap "" SUBS
|
||||
|
||||
for single in $pidlist; do
|
||||
if ! kill -0 $pidlist 2>/dev/null; then
|
||||
wait $pidlist
|
||||
exitcode=$?
|
||||
fi
|
||||
done
|
||||
|
||||
kill $pidlist 2>/dev/null
|
||||
}
|
||||
|
||||
# run shutdown
|
||||
trap terminate SUBS
|
||||
wait
|
||||
|
||||
# return received result
|
||||
exit $latest_exit
|
||||
sleep inf
|
||||
|
32
data/Dockerfiles/clamav/dl_files.sh
Executable file
32
data/Dockerfiles/clamav/dl_files.sh
Executable file
@ -0,0 +1,32 @@
|
||||
#!/bin/bash
|
||||
|
||||
declare -a DB_MIRRORS=(
|
||||
"switch.clamav.net"
|
||||
"clamavdb.heanet.ie"
|
||||
"clamav.iol.cz"
|
||||
"clamav.univ-nantes.fr"
|
||||
"clamav.easynet.fr"
|
||||
"clamav.begi.net"
|
||||
)
|
||||
declare -a DB_MIRRORS=( $(shuf -e "${DB_MIRRORS[@]}") )
|
||||
|
||||
DB_FILES=(
|
||||
"bytecode.cvd"
|
||||
"daily.cvd"
|
||||
"main.cvd"
|
||||
)
|
||||
|
||||
for i in "${DB_MIRRORS[@]}"; do
|
||||
for j in "${DB_FILES[@]}"; do
|
||||
[[ -f "/var/lib/clamav/${j}" && -s "/var/lib/clamav/${j}" ]] && continue;
|
||||
if [[ $(curl -o /dev/null --connect-timeout 1 \
|
||||
--max-time 1 \
|
||||
--silent \
|
||||
--head \
|
||||
--write-out "%{http_code}\n" "${i}/${j}") == 200 ]]; then
|
||||
curl "${i}/${j}" -o "/var/lib/clamav/${j}" -#
|
||||
fi
|
||||
done
|
||||
done
|
||||
|
||||
chown clamav:clamav /var/lib/clamav/*.cvd
|
Loading…
Reference in New Issue
Block a user