re-design

BASEOS

@@ -1 +0,0 @@
-debian

VERSION

@@ -1 +0,0 @@
-18.11

docker-build.sh

@@ -1,27 +1,13 @@
 #!/bin/sh
 
 BRANCH="$(/usr/bin/git branch|/bin/grep \*|/usr/bin/awk {'print $2'})"
-VERSION="$(/bin/cat VERSION)"
-BASEOS="$(/bin/cat BASEOS)"
-GO=""
 
-while getopts g opt
+#IMAGES="server db"
-do
+IMAGES="server"
-  case $opt in
-    g) GO="go";;
-  esac
-done
-
-if [ -z "${GO}" ] ; then
-  echo "Building GULAG@docker on '${BASEOS}' for version '${VERSION}' in branch '${BRANCH}'!"
-  echo "GO serious with '-g'!"
-  exit 1
-fi
-
-IMAGES="gulag-server gulag-db"
 
 for IMAGE in ${IMAGES}; do
   /usr/bin/docker build \
-    -t "${IMAGE}/${BASEOS}:${VERSION}_${BRANCH}" \
+    -t ${IMAGE}:${BRANCH} \
-    -f "docker/${IMAGE}/${BASEOS}/Dockerfile" .
+    -f ./docker/${IMAGE}/Dockerfile \
+    ./docker/${IMAGE}/.
 done

docker/db/Dockerfile

@@ -8,3 +8,5 @@ RUN apt update && \
  && rm -rf /var/lib/apt/lists/*
 COPY db/gulag.sql /.
 CMD ["/usr/bin/mysqld_safe"]
+
+### FIXME: /var/run/mysqld ist nur für root beschreibbar!

docker/gulag-server/debian/Dockerfile

@@ -1,23 +0,0 @@
-ARG http_proxy
-ARG https_proxy
-FROM debian:buster
-LABEL maintainer="Dominik Chilla"
-
-ENV DEBIAN_FRONTEND=noninteractive \
- TZ=Europe/Berlin
-
-RUN env; set -ex ; \
-    apt-get -qq update \
- && apt-get -qq --no-install-recommends install \
-      uwsgi-plugin-python3 python3-setuptools python3-flask \
-      python3-flask-restful \
-      uwsgi uwsgi-plugin-python3 procps net-tools \
-      python3-pip libmagic1 python3-ssdeep \
- && pip3 install python-magic mysql-connector \
- && /bin/mkdir /config /socket /app \
- && apt-get clean \
- && rm -rf /var/lib/apt/lists/*
-
-COPY app/*.py /app/
-
-CMD ["/usr/bin/uwsgi","--emperor","/config/vassals"]

docker/server/Dockerfile

@@ -0,0 +1,18 @@
+FROM dockreg-zdf.int.zwackl.de/alpine/amd64:prod
+LABEL maintainer="Dominik Chilla"
+
+RUN env; set -ex ; \
+    apk update \
+ && apk add gcc python3-dev libc-dev uwsgi-python py3-flask-restful libmagic
+
+RUN apk add libffi-dev
+# ALPINE-TBD: ssdeep
+RUN pip3 install python-magic mysql-connector
+RUN pip3 install six
+
+RUN /bin/mkdir /config /socket /app
+
+ADD ./app/*.py /app/
+ADD ./config/ /config/
+
+CMD ["/usr/sbin/uwsgi","--emperor","/config/vassals"]

docker/server/app/Gulag.py

@@ -7,7 +7,8 @@ from GulagDB import (
 from GulagMailbox import IMAPmailbox,IMAPmailboxException
 from GulagMailrelay import GulagMailrelay,GulagMailrelayException
 from GulagUtils import whoami,extract_uris,extract_fqdn
-import ssdeep, hashlib
+#import ssdeep, hashlib
+import hashlib
 
 class GulagException(Exception):
   message = None
@@ -131,7 +132,7 @@ class Gulag:
           )
           imap_mb.move_message(str(uid.decode()), 'failed')
           continue
-        if(r5321_from is not '<>'):
+        if(r5321_from != '<>'):
           r5321_from = r5321_from.replace("<","")
           r5321_from = r5321_from.replace(">","")
         r5321_rcpts = None
@@ -193,7 +194,8 @@ class Gulag:
               'hdr_msgid': msg_id, 'hdr_date': date, 'cf_meta': 'cf_meta',
               'mailbox_id': mailbox['id'], 'imap_uid': uid,
               'source_id': source_id, 'msg_size': len(msg_serialized),
-              'ssdeep': ssdeep.hash(msg_serialized)
+#              'ssdeep': ssdeep.hash(msg_serialized)
+              'ssdeep': 'ALPINE-LINUX-TBD!'
             })
           except GulagDBBadInputException as e:
             logging.warn(whoami(self) + e.message)
@@ -234,7 +236,8 @@ class Gulag:
               'magic': mgc,
               'mime_type': mime_type,
               'sha256': hashlib.sha256(attach_decoded).hexdigest(),
-              'ssdeep': ssdeep.hash(attach_decoded),
+#              'ssdeep': ssdeep.hash(attach_decoded),
+              'ssdeep': 'ALPINE-LINUX-TBD!',
               'size': len(attach_decoded)
             })
             attachments.append(attach_id)

docker/server/app/gulag_helpers.py

@@ -18,15 +18,15 @@ if(importer_pid == 0):
     logging.info("Gulag-Importer Exception: " + e.message)
     sys.exit(1)
   except:
-    logging.info("Gulag-Importer Exception: " + str(sys.exc_info()))
+    logging.info("Gulag-Importer Exception: " + traceback.format_exc())
   logging.info("Gulag-Importer: starting")
   while True:
     try:
       gulag.import_quarmails()
     except GulagException as e:
-      logging.error("Gulag-Importer-Exception: " + e.message)
+      logging.error("Gulag-Importer-Exception1: " + traceback.format_exc())
     except:
-      logging.error("Gulag-Importer-Exception: " + traceback.format_exc())
+      logging.error("Gulag-Importer-Exception2: " + traceback.format_exc())
     time.sleep(gulag.config['importer']['interval'])
 
 cleaner_pid = os.fork()

docker/server/app/gulag_server.py

@@ -1,5 +1,6 @@
 #!/usr/bin/env python3
 
+import traceback
 import argparse,sys,logging
 from flask import Flask
 from flask_restful import Api
@@ -94,4 +95,4 @@ try:
     gulag.db.close()
     sys.exit(0)
 except:
-  logging.error("Gulag-Server-Exception: " + str(sys.exc_info()))
+  logging.error("Gulag-Server-Exception: " + traceback.format_exc())

docker/server/config/vassals/gulag_server.ini

@@ -3,7 +3,7 @@ processes = 4
 cheaper = 1
 cheaper-initial = 1
 cheaper-step = 1
-plugin = python3
+plugin = python
 python-path = /app
 wsgi-file = /app/uwsgi.py
 pyargv = --config /config/gulag-config.json