Public | Automated Build

Last pushed: 2 years ago
Short Description
Short description is empty for this repo.
Full Description


WARNING: just POC for bootstrap to make dev/test and as alternative to
the VDI/VMDK provide by quarkslab

Instead here is build from the current git version and only the frontend
and brain and an another dockerfile for the probe clamav

Before ppl cry, IS NOT SECURE setup, never put that online (credz
hardcoded everywhere!)

Note: I'm note a docker expert at all, I accept any recommendation.

It does not follow the real docker philosophy, normally we've to dockerize
all the things, but here is more just a start to dev/testing.


Quick & Dirty

If you like danger, and have docker already installed and running

# start it
wget -O - | bash
# stop it
wget -O - | bash

Start script

Stop script

running with

Is just example docker allow lot of fancy stuff

Starting up

# in foreground with no data persistence
docker run --rm -it  \
        -p -p \
        -p -p -p \
        -h brain.irma --name irma y0ug/irma

# in background that leave you the choice to recover some files or commit change
# but you should used volumes take a looks to the Makefile
docker run -d  \
        -p -p \
        -p -p -p \
        -h brain.irma --name irma y0ug/irma

# to destroy it (all not in mounted volume will by destroy)
docker rm irma

Go to and you should get a nice IRMA web interface
you can get some delay like 30s due to racecondition fixed by sleep (so l33t).
Big other issue is mongodb take so long to init the db files.

For clamav probe take a looks to


# in foreground standalone (not recommended), have database from last
# build and start update a boottime
docker run --rm -it  \
        -h clamav.probe.irma --name irma-probe-clamav \

# in foreground with clamav db persistence it will download the all
# db if the directory is empty so please by patient
docker run --rm -it  \
        -v /var/volumes/irma_probe_clamav_clamav:/var/lib/clamav \
        -h clamav.probe.irma --name irma-probe-clamav \

# in background with clamav db persistence (best way)
docker run -d  \
        -v /var/volumes/irma_probe_clamav_clamav:/var/lib/clamav \
        -h clamav.probe.irma --name irma-probe-clamav \

more dev env

git clone
git clone

Check the Makefile inside the directory and fix VOL_DIR is my directory where all docker volume

To get ssh access, you should used

% make sshsetup 
sudo mkdir -p /var/volumes/ssh_root/
sudo chmod 700 /var/volumes/ssh_root/
sudo touch /var/volumes/ssh_root/authorized_keys
sudo chmod 600 /var/volumes/ssh_root/authorized_keys
sudo mkdir -p /var/volumes/irma_db

and just add you pub key into /var/volumes/ssh_root/authorized_keys

note: all my Makefile used the same volume for the authorized_keys (volume are not RO so if one instance is compromised,
attacker can hijack all other instance by injecting key, just fun fact)

You don't need to build, you can start it with

% make run
docker run -d  \
        -v /var/volumes/ssh_root:/root/.ssh \
        -v /var/volumes/irma_db:/var/lib/mongodb \
        -p -p -p -p -p \
        -h brain.irma --name irma y0ug/irma
echo ip: `docker inspect --format '{{ .NetworkSettings.IPAddress }}' irma`

You can ssh into the ip as root with the right key.
Most of the log are into /var/log/supervisor/

To destroy the instance

% make destroy
docker rm -f irma

If you've update the Dockerfile

make build

And run the new version

make destroy run

TODO for real docker world

@find some docker/devops ninja?

Manage credential setup.

For IRMA switch to volume to pass the config.

Find how secure all the things

Remove mongodb, and redis. Rabbitmq is more tricky, due to hostname etc.. but toldy possible

Replace by that

# get/run a redis docker
docker run -d --name redis -p dockerfile/redis

# get/run mongo docker (data are saved into /root/db)
docker run -d -p -v /root/db:/data/db --name mongodb dockerfile/mongodb

# get/run a redis docker
docker run -d --name redis -p dockerfile/redis

# to connect to redis cli
docker run -it --rm --link redis:redis dockerfile/redis bash -c 'redis-cli -h $REDIS_PORT_6379_TCP_ADDR'

# to connect to the mongo db
docker run -it --rm --link mongodb:mongodb dockerfile/mongodb bash -c 'mongo --host $MONGODB_PORT_27017_TCP_ADDR'

Dreaming (the final goal)

Using an docker with vagrant and vbox for example to build profile for windows agent with automatic setup/install/update of AV
and irma-probe git.

Something with WinRM (powershell), Chocolatey and maybe some script for gui process due to lame AV.

That will allow ability to build the all AV probe in one place and put in
prod directly with last update etc...

So many possibility...


Nothing to see here...


If you need dns into docker easly without heavy setup

Docker Pull Command
Source Repository

Comments (0)