62 lines
1.9 KiB
Docker
62 lines
1.9 KiB
Docker
FROM debian:wheezy
|
|
|
|
MAINTAINER Aymeric Sorek "aymericsorek@protonmail.com"
|
|
|
|
# Environment
|
|
ENV LANG C.UTF-8
|
|
ENV LANGUAGE C.UTF-8
|
|
ENV LC_ALL C.UTF-8
|
|
|
|
# Change sources.list
|
|
RUN echo "deb http://archive.debian.org/debian wheezy main" > /etc/apt/sources.list
|
|
|
|
# Update and upgrade
|
|
RUN apt-get update
|
|
RUN apt-get dist-upgrade -y
|
|
|
|
# Install packages
|
|
RUN apt-get install -y wget
|
|
RUN apt-get install -y nginx
|
|
RUN apt-get install -y curl
|
|
|
|
# Install vulnerable versions from snapshot archive
|
|
#RUN wget http://snapshot.debian.org/archive/debian/20130319T033933Z/pool/main/o/openssl/libssl1.0.0_1.0.1e-2_amd64.deb -O /tmp/libssl1.0.0_1.0.1e-2_amd64.deb
|
|
#RUN wget http://snapshot.debian.org/archive/debian/20130319T033933Z/pool/main/o/openssl/openssl_1.0.1e-2_amd64.deb -O /tmp/openssl_1.0.1e-2_amd64.deb
|
|
COPY libssl1.0.0_1.0.1e-2_amd64.deb /tmp/libssl1.0.0_1.0.1e-2_amd64.deb
|
|
COPY openssl_1.0.1e-2_amd64.deb /tmp/openssl_1.0.1e-2_amd64.deb
|
|
RUN dpkg -i /tmp/libssl1.0.0_1.0.1e-2_amd64.deb
|
|
RUN dpkg -i /tmp/openssl_1.0.1e-2_amd64.deb
|
|
|
|
# Define the ENV variable
|
|
ENV nginx_vhost /etc/nginx/sites-available/default
|
|
ENV nginx_conf /etc/nginx/nginx.conf
|
|
|
|
# Generation certificate and key
|
|
RUN mkdir /etc/nginx/ssl
|
|
RUN openssl req -x509 -nodes -days 365 -sha256 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt -subj "/C=FR/ST=You_re_not_supposed_to_be_here/L=You_re_not_supposed_to_be_here/O=You_re_not_supposed_to_be_here/CN=10.1.0.1"
|
|
RUN openssl dhparam -out /etc/nginx/dhparam.pem 2048
|
|
|
|
# Conf nginx
|
|
COPY default ${nginx_vhost}
|
|
COPY nginx.conf /etc/nginx/nginx.conf
|
|
RUN rm -rf /var/www/html/*
|
|
RUN mkdir -p /var/www/html
|
|
RUN chown -R www-data:www-data /var/www/html
|
|
|
|
# Volume
|
|
COPY webroot /var/www/html
|
|
|
|
# Test nginx conf
|
|
RUN nginx -t
|
|
|
|
# Clean up
|
|
RUN apt-get autoremove
|
|
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
|
|
|
# Scripts
|
|
COPY start.sh /start.sh
|
|
CMD ["./start.sh"]
|
|
|
|
# Expose web ports
|
|
EXPOSE 443
|