Functionnal web server on docker-compose

2018-11-07 09:51:45 +01:00
parent c87223b11c
commit ca5a20c18a
10 changed files with 209 additions and 2 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1,2 @@
+data/mariadb
+*.log
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -0,0 +1,36 @@
+version: '3'
+
+services:
+    web:
+        image: nginx:latest
+        ports:
+            - "8080:80"
+        volumes:
+            - ./webroot:/webroot
+            - ./resources/nginx/default.conf:/etc/nginx/conf.d/default.conf
+            - ./resources/nginx/nginx.conf:/etc/nginx/nginx.conf
+            - ./log/nginx:/var/log/nginx
+        links:
+            - php
+        restart: always
+
+    php:
+        build: ./php/
+        volumes:
+            - ./webroot:/webroot
+            - ./resources/php/custom.ini:/usr/local/etc/php/conf.d/custom.ini
+            - ./log/php:/var/log/php
+        links:
+            - database
+        restart: always
+
+    database:
+        image: mariadb:latest
+        volumes:
+            - ./log/mariadb:/var/log/mysql
+            - ./data/mariadb:/var/lib/mysql
+            - ./resources/mariadb/base.sql:/docker-entrypoint-initdb.d/init.sql
+            - ./resources/mariadb/custom.cnf:/etc/mysql/conf.d/custom.cnf
+        environment:
+            MYSQL_RANDOM_ROOT_PASSWORD: "yes"
+        restart: always
--- a/php/Dockerfile
+++ b/php/Dockerfile
@@ -0,0 +1,6 @@
+FROM php:7.2-fpm
+
+RUN mkdir -p /var/log/php
+
+# Install mysqli
+RUN docker-php-ext-install mysqli
--- a/resources/mariadb/base.sql
+++ b/resources/mariadb/base.sql
@@ -0,0 +1,68 @@
+-- MySQL dump 10.16  Distrib 10.1.26-MariaDB, for debian-linux-gnu (x86_64)
+--
+-- Host: localhost    Database: ctf-zetatech-inc
+-- ------------------------------------------------------
+-- Server version	10.1.26-MariaDB-0+deb9u1
+
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
+/*!40101 SET NAMES utf8mb4 */;
+/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;
+/*!40103 SET TIME_ZONE='+00:00' */;
+/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
+/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
+/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
+/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
+
+--
+-- Current Database: `ctf-zetatech-inc`
+--
+
+CREATE DATABASE /*!32312 IF NOT EXISTS*/ `ctf-zetatech-inc` /*!40100 DEFAULT CHARACTER SET utf8mb4 */;
+
+
+CREATE USER 'cyber-zetatech-inc'@'%' IDENTIFIED BY 'wY7nhg7xnzmCcJbfz3Gf89qyU5cvpr';
+
+GRANT SELECT ON `ctf-zetatech-inc`.* TO `cyber-zetatech-inc`@`%`;
+
+FLUSH PRIVILEGES;
+
+
+USE `ctf-zetatech-inc`;
+
+--
+-- Table structure for table `access`
+--
+
+DROP TABLE IF EXISTS `access`;
+/*!40101 SET @saved_cs_client     = @@character_set_client */;
+/*!40101 SET character_set_client = utf8 */;
+CREATE TABLE `access` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `user` varchar(100) NOT NULL,
+  `password` varchar(100) NOT NULL,
+  PRIMARY KEY (`id`)
+) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8;
+/*!40101 SET character_set_client = @saved_cs_client */;
+
+--
+-- Dumping data for table `access`
+--
+
+LOCK TABLES `access` WRITE;
+/*!40000 ALTER TABLE `access` DISABLE KEYS */;
+INSERT INTO `access` VALUES (1,'admin','e6c2d84527c9f0af9b6d6fe33fd987b6ef47360e335e71220201e72c4ac5ccf9'),(2,'puppet-master','31e2d9e7ee8279341dee46986670996145a699937616fd03fe362426b5b47c25');
+/*!40000 ALTER TABLE `access` ENABLE KEYS */;
+UNLOCK TABLES;
+/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;
+
+/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
+/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
+/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
+/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
+
+-- Dump completed on 2018-11-06 17:10:27
--- a/resources/mariadb/custom.cnf
+++ b/resources/mariadb/custom.cnf
@@ -0,0 +1,6 @@
+[mysqld]
+
+log-error=/var/log/mysql/mysql.log
+general_log_file=/var/log/mysql/mysql.log
+general_log=1
+log_warnings=2
--- a/resources/nginx/default.conf
+++ b/resources/nginx/default.conf
@@ -0,0 +1,18 @@
+server {
+    listen 80;
+
+    index index.html;
+    server_name localhost;
+
+    error_log  /var/log/nginx/error.log;
+    access_log /var/log/nginx/access.log;
+
+    root /webroot;
+
+    location ~ \.php$ {
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_param REDIRECT_STATUS 200;
+        fastcgi_pass php:9000;
+    }
+}
--- a/resources/nginx/nginx.conf
+++ b/resources/nginx/nginx.conf
@@ -0,0 +1,55 @@
+user www-data;
+pid /run/nginx.pid;
+include /etc/nginx/modules-enabled/*.conf;
+
+events {
+	worker_connections 768;
+	# multi_accept on;
+}
+
+http {
+
+	##
+	# Basic Settings
+	##
+
+	sendfile on;
+	tcp_nopush on;
+	tcp_nodelay on;
+	keepalive_timeout 65;
+	types_hash_max_size 2048;
+	server_tokens off;
+
+	include /etc/nginx/mime.types;
+	default_type application/octet-stream;
+
+	##
+	# Headers
+	##
+
+	add_header X-Frame-Options DENY;
+	add_header X-Content-Type-Options nosniff;
+	add_header X-XSS-Protection "1; mode=block";
+
+
+	##
+	# Logging Settings
+	##
+
+	access_log /var/log/nginx/access.log;
+	error_log /var/log/nginx/error.log;
+
+	##
+	# Gzip Settings
+	##
+
+	gzip off; # To avoid BREACH Attack
+	gzip_disable "msie6";
+
+
+	##
+	# Virtual Host Configs
+	##
+
+	include /etc/nginx/conf.d/*.conf;
+}
--- a/resources/php/custom.ini
+++ b/resources/php/custom.ini
@@ -0,0 +1,14 @@
+expose_php              = Off
+error_reporting         = E_ALL
+display_errors          = Off
+display_startup_errors  = Off
+log_errors              = On
+error_log               = /var/log/php/php_error.log
+ignore_repeated_errors  = Off
+allow_url_fopen         = Off
+allow_url_include       = Off
+file_uploads            = Off
+disable_functions       = system, exec, shell_exec, passthru, phpinfo, show_source, popen, proc_open
+disable_functions       = fopen_with_path, dbmopen, dbase_open, putenv, move_uploaded_file
+disable_functions       = chdir, mkdir, rmdir, chmod, rename
+disable_functions       = filepro, filepro_rowcount, filepro_retrieve, posix_mkfifo
--- a/webroot/fonts/techmono.woff2
+++ b/webroot/fonts/techmono.woff2
--- a/webroot/zetatech-admin.php
+++ b/webroot/zetatech-admin.php
@@ -7,12 +7,14 @@ if (isset($_POST['login']) && $_POST['login'] == 'Login') {
  if ( isset($_POST['username']) && !empty($_POST['username']) ) {
    if ( isset($_POST['password']) && !empty($_POST['password']) ) {

-      $bdd = new mysqli("localhost", "cyber-zetatech-inc", "wY7nhg7xnzmCcJbfz3Gf89qyU5cvpr", "ctf-zetatech-inc");
-      if ($bdd->connect_errno) {
+      $bdd = mysqli_connect('database:3306', 'cyber-zetatech-inc', 'wY7nhg7xnzmCcJbfz3Gf89qyU5cvpr', 'ctf-zetatech-inc');
+      //$bdd = new mysqli("database", "cyber-zetatech-inc", "wY7nhg7xnzmCcJbfz3Gf89qyU5cvpr", "ctf-zetatech-inc", 3306);
+      if (mysqli_connect_errno()) {
          $state->return = 'error';
          $state->string = 'Connection error';
          $state_json = json_encode($state);
          echo $state_json;
+          return;
      }

      $real_user = "puppet-master";