Request for a docker container

[MadDud]

Hi,

Do you have plans to offer your software in a docker container?

I started working on one for the server:

FROM ubuntu

RUN apt-get -y update
RUN apt-get -y install git-core python3-pip
RUN mkdir /opt/scantron
RUN groupadd -r scantron && useradd -r -g scantron scantron
RUN chown -R scantron:scantron /opt/scantron
USER scantron
RUN git clone https://github.com/rackerlabs/scantron.git /opt/scantron
WORKDIR /opt/scantron
RUN chmod 755 /opt/scantron/initial_setup.sh
RUN ./initial_setup.sh

It's not working yet though.

[derpadoo]

Hi @MadDud - Thanks for submitting an issue. I have not yet. If you'd love to take a crack at it, I'd appreciate it!

[derpadoo]

@MadDud / @luciddr34m3r I just started diving into docker, but wanted to try and get the agent dockerized first. It's a total work in progress. Let me know what you think. Ultimately, I want the agent to be a standalone binary that doesn't rely on SSH tunnels.

Agent Dockerfile.

# docker build --tag scantron-agent:1.0 .
# docker run -d -p 2200:22 --name agent scantron-agent:1.0
# docker run -it agent bash
# docker port agent 22
# docker stop agent
# docker rm agent

FROM ubuntu:18.04

USER root
WORKDIR /root

# Set (temporarily) DEBIAN_FRONTEND to avoid interaction.
RUN apt-get -qq -y update && \
    apt-get -qq -y upgrade && \
    DEBIAN_FRONTEND=noninteractive apt-get -qq -y install \
        autossh \
        curl \
        gcc \
        git \
        libpcap-dev \
        make \
        nmap \
        net-tools \
        openssh-server \
        python3.7 \
        python-dev \
        python3-pip \
        ssh \
        vim \
        && \
    apt-get -y autoclean && \
    apt-get -y autoremove && \
    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

# SSH
# https://github.com/rastasheep/ubuntu-sshd/blob/master/18.04/Dockerfile
# https://docs.docker.com/engine/examples/running_ssh_service/
RUN mkdir /var/run/sshd
RUN echo "root:randompassword123" | chpasswd
RUN sed -i "s/#PermitRootLogin prohibit-password/PermitRootLogin yes/" /etc/ssh/sshd_config

# Specify port to listen on for SSH.
EXPOSE 22

CMD ["/usr/sbin/sshd", "-D"]

# Install masscan from source.
# https://github.com/cmoro-deusto/docker-masscan
RUN git clone https://github.com/robertdavidgraham/masscan.git /root/masscan

# make masscan.
WORKDIR /root/masscan
RUN make -j

# Copy masscan binary.
RUN cp /root/masscan/bin/masscan /usr/local/bin/masscan
# RUN rm -rf /root/masscan

# Scantron Agent.
# TODO: Separate Scantron agent into a separate repo?
RUN git clone https://github.com/rackerlabs/scantron.git /root/scantron
WORKDIR /root/scantron/agent
RUN pip3 install -r requirements.txt

# Add autossh user.
RUN useradd --create-home --shell /bin/bash autossh
RUN mkdir -p /home/autossh/.ssh
RUN touch /home/autossh/.ssh/authorized_keys
RUN chown autossh:autossh /home/autossh/.ssh/authorized_keys
RUN chmod 600 /home/autossh/.ssh/authorized_keys

[Bzzz666]

any updates on docker support ?

[derpadoo]

Hey @Bzzz666

Unfortunately I haven't. I'd like to get the engine (formerly called the agent) container working first. The Dockerfile above was where I last left off. Recent updates include adding the engine binary in the repo (https://github.com/rackerlabs/scantron/blob/master/engine/engine) so a Python virtual environment would not be needed.

I'm also looking at options to migrate away from the SSH tunnel dependency, so all target file reads and scan result writes occur through a REST API. I have the basic code working, but haven't tried it at scale yet.

If you're able to assist or provide some recommendations for building the engine container, I'd appreciate it.