AR2000/crowdsec-legacy-firewall-bouncer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Releases Activity

comments

Browse Source
This commit is contained in:
AR2000
2025-01-10 17:30:02 +01:00
parent 2f44aba3b7
commit e7b7b615b8
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
Dockerfile
View File

@@ -1,5 +1,6 @@
ARG IPTABLES_MODE=nft
#install iptables
FROM ubuntu:noble AS iptables
RUN --mount=type=cache,target=/var/lib/apt/lists,sharing=locked --mount=type=cache,target=/var/cache/apt,sharing=locked <<EOF
apt update
@@ -7,20 +8,24 @@ apt upgrade -y
apt install iptables -y
EOF
#set alternative to use iptables-legacy
FROM iptables AS iptables-legacy
RUN update-alternatives --set iptables /usr/sbin/iptables-legacy
RUN update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
#set alternative to use iptables-nft
FROM iptables AS iptables-nft
RUN update-alternatives --set iptables /usr/sbin/iptables-nft
RUN update-alternatives --set ip6tables /usr/sbin/ip6tables-nft
#build crowdsec-custom-bouncer
FROM golang:1.21.4 AS build-stage
WORKDIR /app
RUN git clone --depth 1 https://github.com/crowdsecurity/cs-custom-bouncer.git
WORKDIR /app/cs-custom-bouncer
RUN CGO_ENABLED=0 GOOS=linux make release
#build the final image
FROM iptables-${IPTABLES_MODE} AS crowdsec-custom-bouncer
ARG IPTABLES_MODE=nft
RUN mkdir -p /etc/crowdsec/bouncers