Created
September 27, 2024 18:05
-
-
Save tadghh/120e2cd6d8cef0f1ce7fa7cdb7836406 to your computer and use it in GitHub Desktop.
Pandoras Pot (Rust Hellpot) Alpine image (11. 8MB)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM rust:alpine as build | |
| # Install dependencies needed for building Rust projects | |
| RUN apk add --no-cache musl-dev | |
| COPY . . | |
| # Ensure config file exists | |
| ARG CONFIG="config.toml" | |
| RUN [ -z "$CONFIG" ] || touch "./$CONFIG" | |
| RUN mv "./$CONFIG" /config | |
| RUN cargo build --release | |
| RUN mv ./target/release/pandoras_pot /pandoras_pot | |
| # We create a user with no root access that cannot log in | |
| RUN adduser \ | |
| --disabled-password \ | |
| --gecos '' \ | |
| --shell /sbin/nologin \ | |
| --no-create-home \ | |
| --home /iamadirandidontexist \ | |
| "satan" | |
| FROM alpine:latest | |
| # Install necessary runtime dependencies | |
| RUN apk add --no-cache ca-certificates | |
| # Make our build stage user available | |
| COPY --from=build /etc/passwd /etc/passwd | |
| COPY --from=build /etc/group /etc/group | |
| # Create dir for log etc. | |
| RUN mkdir /hell | |
| RUN chown -R satan:satan /hell | |
| WORKDIR /hell | |
| COPY --from=build --chown=satan:satan /pandoras_pot ./pandoras_pot | |
| COPY --from=build --chown=satan:satan /config ./config | |
| USER satan:satan | |
| EXPOSE 443 | |
| ENTRYPOINT ["./pandoras_pot", "./config"] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment