镜像制作记录
jerem1ah Lv4
  2023-01-11 14:50:43 2023-01-11 14:50   2024-05-18 21:57:17  

镜像制作记录学习

CTFd-Dockerfile

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
FROM python:3.7-alpine

WORKDIR /opt/CTFd
RUN mkdir -p /opt/CTFd /var/log/CTFd /var/uploads

RUN sed -i 's/dl-cdn.alpinelinux.org/mirror.tuna.tsinghua.edu.cn/g' /etc/apk/repositories && \
    apk update && \
    apk add \
        python \
        python-dev \
        linux-headers \
        libffi-dev \
        gcc \
        make \
        musl-dev \
        py-pip \
        mysql-client \
        git \
        openssl-dev

COPY . /opt/CTFd

RUN pip install -i http://mirrors.aliyun.com/pypi/simple/ --trusted-host mirrors.aliyun.com -r requirements.txt
RUN for d in CTFd/plugins/*; do \
      if [ -f "$d/requirements.txt" ]; then \
        pip install -i http://mirrors.aliyun.com/pypi/simple/ --trusted-host mirrors.aliyun.com -r $d/requirements.txt; \
      fi; \
    done;

RUN chmod +x /opt/CTFd/docker-entrypoint.sh
RUN adduser -D -u 1001 -s /bin/sh ctfd
RUN chown -R 1001:1001 /opt/CTFd /var/log/CTFd /var/uploads

USER 1001
EXPOSE 8000
ENTRYPOINT ["/opt/CTFd/docker-entrypoint.sh"]

php-5.6-Dockerfile

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
FROM php:5.6-fpm-alpine

COPY files /tmp/

RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories \
    && apk add --update --no-cache nginx mysql mysql-client \
    && docker-php-source extract \
    && docker-php-ext-install mysql \
    && docker-php-source delete \
    && mysql_install_db --user=mysql --datadir=/var/lib/mysql \
    && sh -c 'mysqld_safe &' \
  && sleep 5s \
    && mysqladmin -uroot password 'root' \
    && mysql -e "source /tmp/db.sql;" -uroot -proot \
    && mkdir /run/nginx \
    && mv /tmp/nginx.conf /etc/nginx/nginx.conf \
    && mv /tmp/vhost.nginx.conf /etc/nginx/conf.d/default.conf \
    && mv /tmp/src/* /var/www/html \
    && chmod -R -w /var/www/html \
    && chmod -R 777 /var/www/html/upload \
    && chown -R www-data:www-data /var/www/html \
    && rm -rf /tmp/* \
    && rm -rf /etc/apk

EXPOSE 80

qwb-2019-supersqli

1
2
3
4
5
6
7
8
9
10
  FROM ctftraining/base_image_nginx_mysql_php_73

LABEL Author="glzjin <i@zhaoj.in>"
LABEL Blog="https://www.zhaoj.in"

COPY ./files /tmp/
RUN cp -rf /tmp/html /var/www/ \
    && cp -f /tmp/flag.sh /flag.sh \
    && chown -R www-data:www-data /var/www/html \
    && sed -i 's/skip-network/#skip-network/' /etc/my.cnf.d/mariadb-server.cnf

base_image_nginx_mysql_php_73

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
FROM php:7.3-fpm-alpine
LABEL Organization="CTFTraining" Author="Virink <virink@outlook.com>"
MAINTAINER Virink@CTFTraining <virink@outlook.com>

COPY _files /tmp/
COPY src /var/www/html

RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories \
    && apk add --update --no-cache tar nginx mysql mysql-client \
    && mkdir /run/nginx \
    # mysql ext
    && docker-php-source extract \
    && docker-php-ext-install pdo_mysql mysqli \
    && docker-php-source delete \
    # init mysql
    && mysql_install_db --user=mysql --datadir=/var/lib/mysql \
    && sh -c 'mysqld_safe &' \
    && sleep 5s \
    && mysqladmin -uroot password 'root' \
    && mysql -e "source /var/www/html/db.sql;" -uroot -proot \
    # configure file
    && mv /tmp/flag.sh /flag.sh \
    && mv /tmp/docker-php-entrypoint /usr/local/bin/docker-php-entrypoint \
    && chmod +x /usr/local/bin/docker-php-entrypoint \
    && mv /tmp/nginx.conf /etc/nginx/nginx.conf \
    && chown -R www-data:www-data /var/www/html \    
    && mv /tmp/docker-php-ext-mysqli.ini /usr/local/etc/php/conf.d \
    && mv /tmp/docker-php-ext-pdo_mysql.ini /usr/local/etc/php/conf.d \
    # clear
    && rm -rf /var/www/html/db.sql \
    && rm -rf /tmp/*

WORKDIR /var/www/html

EXPOSE 80

VOLUME ["/var/log/nginx"]

CMD ["/bin/bash", "-c", "docker-php-entrypoint"]

qwb_2019_upload

1
2
3
4
5
6
7
8
9
10
11
FROM ctftraining/base_image_nginx_mysql_php_73

LABEL Author="glzjin <i@zhaoj.in>" Blog="https://www.zhaoj.in"

COPY ./files /tmp/

RUN cp -rf /tmp/html /var/www/ \
    && cp -f /tmp/nginx.conf /etc/nginx/nginx.conf \
    && chown -R www-data:www-data /var/www/html \
    && chmod -R 755 /var/www/html/public/upload \
    && sed -i 's/skip-network/#skip-network/' /etc/my.cnf.d/mariadb-server.cnf

pasecactf_2019_web_flask_ssti

1
2
3
4
5
6
7
8
9
FROM python:3.7-alpine

COPY ./files /app

RUN pip install -r app/requirements.txt

WORKDIR /app

CMD sh -c "echo $FLAG > /app/flag && export FLAG=not_flag && FLAG=not_flag" && python app.py

HGAME2023-v2board

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
FROM php:7.4-apache

RUN set -ex \
        && apt-get update \
        && apt-get install -y --no-install-recommends unzip wait-for-it libjpeg62-turbo-dev libpng-dev libfreetype6-dev \
        && rm -rf /var/lib/apt/lists/*

RUN set -ex \
    && docker-php-ext-configure gd --with-freetype --with-jpeg \
    && docker-php-ext-install pdo_mysql gd pcntl \
    && yes '' | pecl install redis \
    && { \
        echo "extension=redis.so"; \
    } > /usr/local/etc/php/conf.d/redis.ini \
    && curl -#sSL https://getcomposer.org/download/2.4.4/composer.phar -o /usr/local/bin/composer \
    && chmod +x /usr/local/bin/composer

ENV APACHE_DOCUMENT_ROOT /var/www/public

COPY ./src /var/www

RUN set -ex \
    && cd /var/www \
    && sed -ri -e 's!/var/www/html!${APACHE_DOCUMENT_ROOT}!g' /etc/apache2/sites-available/*.conf \
    && sed -ri -e 's!/var/www/!${APACHE_DOCUMENT_ROOT}!g' /etc/apache2/apache2.conf /etc/apache2/conf-available/*.conf

RUN set -ex \
    && cd /var/www \
    && composer install \
    && a2enmod rewrite \
    && chown www-data:www-data -R .

COPY apache.htaccess /var/www/public/.htaccess

WORKDIR /var/www

COPY ./entrypoint.sh /entrypoint.sh

ENTRYPOINT [ "bash", "/entrypoint.sh" ]

CMD [ "apache2-foreground" ]

HGAME2023-Guess Who I Am

1
2
3
4
5
6
7
8
9
10
11
12
13
FROM golang:alpine as builder

WORKDIR /app
ADD . .
ENV GOPROXY=https://goproxy.cn,direct
RUN go build ./cmd/main.go

FROM alpine:latest
WORKDIR /app
COPY --from=builder /app/main /app/
COPY --from=builder /app/member.json /app/
COPY --from=builder /app/dist /app/dist
ENTRYPOINT ["/app/main"]

HGAME2023-Git Leakage

1
2
3
4
5
6
7
8
9
10
11
FROM node:alpine

ENV PROJECT_ENV production

ENV NODE_ENV production
WORKDIR /app
ADD . /app
RUN npm install -g http-server --registry https://registry.npm.taobao.org/
EXPOSE 80

CMD http-server ./src -p 80

HGAME2023-Gopher Shop

1
2
3
4
5
6
7
8
9
10
11
12
13
14
FROM golang:alpine as builder

WORKDIR /app
ADD . .
ENV GOPROXY=https://goproxy.cn,direct
RUN go build ./cmd/main.go

FROM alpine:latest
WORKDIR /app
COPY --from=builder /app/main /app/
COPY --from=builder /app/dist /app/dist
COPY --from=builder /app/config.toml /app/

ENTRYPOINT ["/app/main"]

DASCTF-GoGoGo

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
FROM golang:1.19 AS builder

WORKDIR /app
COPY . /app
RUN export GOPROXY=https://goproxy.io,direct; go build -o /web_bin /app/main.go

## Deploy
FROM debian:buster AS runner

WORKDIR /

COPY --from=builder /web_bin /
COPY ./www /www

EXPOSE 8088

ENTRYPOINT ["/web_bin"]

image-20230302130021652

base_web_nodejs_pm2

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
FROM node:12-stretch-slim

LABEL Organization="CTFHUB" Author="Virink <virink@outlook.com>"

ENV LANG="C.UTF-8"

RUN sed -i 's/deb.debian.org/mirrors.tuna.tsinghua.edu.cn/' /etc/apt/sources.list && \
    sed -i 's/# deb-src/deb-src/' /etc/apt/sources.list && \
    sed -i '/security/d' /etc/apt/sources.list && \
    apt-get update -y && \
    apt-get upgrade -y; \
    # yarn config
    yarn config set registry https://registry.npm.taobao.org -g; \
    yarn global add pm2; \
    # Clear
    yarn cache clean; \
    apt-get purge -y --auto-remove; \
    rm -rf /tmp/*;

# RUN yarn add express
COPY src /home/node/src
COPY _files /tmp/

RUN mv /tmp/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh && \
    mv /tmp/flag.sh /flag.sh && \
    mv /tmp/processes.json /home/node/processes.json

WORKDIR /home/node/src

EXPOSE 80
1
2
3
4
5
FROM ctfhub/base_web_nodejs_pm2

COPY src /home/node/src

RUN yarn install

base_web_nodehs_koa_xssbot

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
FROM node:12-stretch-slim

LABEL Organization="CTFHUB" Author="Virink <virink@outlook.com>"

ENV LANG="C.UTF-8" PUPPETEER_SKIP_CHROMIUM_DOWNLOA=true

COPY _files/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
COPY src /home/bot

RUN sed -i 's/deb.debian.org/mirrors.tuna.tsinghua.edu.cn/' /etc/apt/sources.list && \
    sed -i 's/# deb-src/deb-src/' /etc/apt/sources.list && \
    sed -i '/security/d' /etc/apt/sources.list && \
    apt-get update -y && \
    apt-get upgrade -y; \
    # Install
    apt install -y ca-certificates chromium redis-server udev; \
    # useradd -d /home/bot -u 10086 bot; \
    mkdir -p /home/bot; \
    # yarn config
    yarn config set registry https://registry.npm.taobao.org -g; \
    yarn global add pm2; \
    cd /home; \
    # bot and koa
    yarn add puppeteer-core redis koa koa-router koa-bodyparser koa-session; \
    # 
    chmod +x /usr/local/bin/docker-entrypoint.sh; \
    # Clear
    yarn cache clean; \
    apt-get purge -y --auto-remove; \
    rm -rf /tmp/*;

WORKDIR /home/bot

EXPOSE 80
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
FROM ctfhub/base_web_nodejs_koa_xssbot

# Directory Structure: like this
# COPY src/web /home/bot/web

# Directory Structure: just web src
# COPY src /home/bot/web

# Directory Structure: just for examples
COPY examples/web/app.js /home/bot/web/app.js

# You can install node_modules in /home what your web need
# Some modules have been installed:
#   Bot:
#       puppeteer-core redis
#   Web:
#       koa koa-router koa-bodyparser koa-session
# eg:
#   RUN cd /home && yarn add express
1
2
3
4
5
FROM ctfhub/base_web_nodejs_koa_xssbot

COPY src /home/bot/web

RUN cd /home && yarn add xxx; yarn cache clean;

base_web_flask_python_36

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
FROM python:3.6-alpine

LABEL Organization="CTFHUB" Author="Virink <virink@outlook.com>"

COPY _files /tmp/

# Default Env
ENV FLASK_APP=app FLASK_ENV=production FLASK_DEBUG=False

RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories; \
    apk update; \
    # _files
    mv /tmp/flag.sh /flag.sh; \
    mv /tmp/pip.conf /etc/pip.conf; \
    mkdir -p /app; \
    # pip
    python -m pip install -U pip; \
    python -m pip install -U flask; \
    # docker-entrypoint
    mv /tmp/docker-entrypoint /usr/local/bin/docker-entrypoint \
    && chmod +x /usr/local/bin/docker-entrypoint

WORKDIR /app

EXPOSE 80

CMD ["docker-entrypoint"]
1
2
3
4
5
6
7
8
9
10
11
version: "2"
services:
  web:
    build: .
    image: ctfhub/base_web_flask_python_36
    ports:
      - "8085:80"
    environment:
      - FLAG=ctfhub{base_web_flask_python_36}
      - FLASK_APP=app
      - FLASK_ENV=development
1
2
3
npm init
npm install
npm install express
1
go mod init web_test
1
2
docker run --name mongo -d mongo
docker exec -it mongo /bin/sh
1
2
3
4
mongodb://localhost
mongodb://admin:123456@localhost/
mongodb://admin:123456@localhost/test

1
2
3
4
#create
use NewDataBase
db
show dbs
 Comments
  1. 镜像制作记录学习
    1. CTFd-Dockerfile
    2. php-5.6-Dockerfile
    3. qwb-2019-supersqli
    4. base_image_nginx_mysql_php_73
    5. qwb_2019_upload
    6. pasecactf_2019_web_flask_ssti
    7. HGAME2023-v2board
    8. HGAME2023-Guess Who I Am
    9. HGAME2023-Git Leakage
    10. HGAME2023-Gopher Shop
    11. base_web_nodejs_pm2
    12. base_web_nodehs_koa_xssbot
    13. base_web_flask_python_36