FROM debian:wheezy MAINTAINER Aymeric Sorek "aymericsorek@protonmail.com" # Environment ENV LANG C.UTF-8 ENV LANGUAGE C.UTF-8 ENV LC_ALL C.UTF-8 # Change sources.list RUN echo "deb http://archive.debian.org/debian wheezy main" > /etc/apt/sources.list # Update and upgrade RUN apt-get update RUN apt-get dist-upgrade -y # Install packages RUN apt-get install -y wget RUN apt-get install -y nginx RUN apt-get install -y curl # Install vulnerable versions from snapshot archive #RUN wget http://snapshot.debian.org/archive/debian/20130319T033933Z/pool/main/o/openssl/libssl1.0.0_1.0.1e-2_amd64.deb -O /tmp/libssl1.0.0_1.0.1e-2_amd64.deb #RUN wget http://snapshot.debian.org/archive/debian/20130319T033933Z/pool/main/o/openssl/openssl_1.0.1e-2_amd64.deb -O /tmp/openssl_1.0.1e-2_amd64.deb COPY libssl1.0.0_1.0.1e-2_amd64.deb /tmp/libssl1.0.0_1.0.1e-2_amd64.deb COPY openssl_1.0.1e-2_amd64.deb /tmp/openssl_1.0.1e-2_amd64.deb RUN dpkg -i /tmp/libssl1.0.0_1.0.1e-2_amd64.deb RUN dpkg -i /tmp/openssl_1.0.1e-2_amd64.deb # Define the ENV variable ENV nginx_vhost /etc/nginx/sites-available/default ENV nginx_conf /etc/nginx/nginx.conf # Generation certificate and key RUN mkdir /etc/nginx/ssl RUN openssl req -x509 -nodes -days 365 -sha256 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt -subj "/C=FR/ST=You_re_not_supposed_to_be_here/L=You_re_not_supposed_to_be_here/O=You_re_not_supposed_to_be_here/CN=10.1.0.1" RUN openssl dhparam -out /etc/nginx/dhparam.pem 2048 # Conf nginx COPY default ${nginx_vhost} COPY nginx.conf /etc/nginx/nginx.conf RUN rm -rf /var/www/html/* RUN mkdir -p /var/www/html RUN chown -R www-data:www-data /var/www/html # Volume COPY webroot /var/www/html # Test nginx conf RUN nginx -t # Clean up RUN apt-get autoremove RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* # Scripts COPY start.sh /start.sh CMD ["./start.sh"] # Expose web ports EXPOSE 443