added cron
Signed-off-by: ale <ale@manalejandro.com>
This commit is contained in:
parent
cc641f65d0
commit
c13580830d
GPG Key ID:
244A9C4DAB1C0C81
5
Dockerfile
Normal file
5
Dockerfile
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
FROM clamav
|
||||||
|
RUN apt update && apt install -y cron && apt clean
|
||||||
|
COPY "./docker-entrypoint.sh" "/init"
|
||||||
|
COPY "./clamav-cron" "/etc/cron.d/clamav"
|
||||||
|
RUN service cron start
|
||||||
2
clamav-cron
Normal file
2
clamav-cron
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
PATH=/usr/sbin:/usr/bin:/sbin:/bin
|
||||||
|
5 4 * * * root freshclam && nice -n10 clamscan -rio --move /data/quarantine /scandir 2>&1
|
||||||
111
docker-entrypoint.sh
Executable file
111
docker-entrypoint.sh
Executable file
@ -0,0 +1,111 @@
|
|||||||
|
#!/usr/bin/env sh
|
||||||
|
# SPDX-License-Identifier: GPL-2.0-or-later
|
||||||
|
#
|
||||||
|
# Copyright (C) 2021 Olliver Schinagl <oliver@schinagl.nl>
|
||||||
|
# Copyright (C) 2021-2023 Cisco Systems, Inc. and/or its affiliates. All rights reserved.
|
||||||
|
#
|
||||||
|
# A beginning user should be able to docker run image bash (or sh) without
|
||||||
|
# needing to learn about --entrypoint
|
||||||
|
# https://github.com/docker-library/official-images#consistency
|
||||||
|
|
||||||
|
set -eu
|
||||||
|
|
||||||
|
service cron start
|
||||||
|
|
||||||
|
if [ ! -d "/run/clamav" ]; then
|
||||||
|
install -d -g "clamav" -m 775 -o "clamav" "/run/clamav"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Assign ownership to the database directory, just in case it is a mounted volume
|
||||||
|
chown -R clamav:clamav /var/lib/clamav
|
||||||
|
|
||||||
|
# configure freshclam.conf and clamd.conf from env variables if present
|
||||||
|
env | grep "^CLAMD_CONF_" | while IFS="=" read -r KEY VALUE; do
|
||||||
|
TRIMMED="${KEY#CLAMD_CONF_}"
|
||||||
|
|
||||||
|
grep -q "^#$TRIMMED " /etc/clamav/clamd.conf && \
|
||||||
|
sed -i "s/^#$TRIMMED .*/$TRIMMED $VALUE/" /etc/clamav/clamd.conf || \
|
||||||
|
sed -i "\$ a\\$TRIMMED $VALUE" /etc/clamav/clamd.conf
|
||||||
|
done
|
||||||
|
|
||||||
|
env | grep "^FRESHCLAM_CONF_" | while IFS="=" read -r KEY VALUE; do
|
||||||
|
TRIMMED="${KEY#FRESHCLAM_CONF_}"
|
||||||
|
|
||||||
|
grep -q "^#$TRIMMED " /etc/clamav/freshclam.conf && \
|
||||||
|
sed -i "s/^#$TRIMMED .*/$TRIMMED $VALUE/" /etc/clamav/freshclam.conf || \
|
||||||
|
sed -i "\$ a\\$TRIMMED $VALUE" /etc/clamav/freshclam.conf
|
||||||
|
done
|
||||||
|
|
||||||
|
# run command if it is not starting with a "-" and is an executable in PATH
|
||||||
|
if [ "${#}" -gt 0 ] && \
|
||||||
|
[ "${1#-}" = "${1}" ] && \
|
||||||
|
command -v "${1}" > "/dev/null" 2>&1; then
|
||||||
|
# Ensure healthcheck always passes
|
||||||
|
CLAMAV_NO_CLAMD="true" exec "${@}"
|
||||||
|
else
|
||||||
|
if [ "${#}" -ge 1 ] && \
|
||||||
|
[ "${1#-}" != "${1}" ]; then
|
||||||
|
# If an argument starts with "-" pass it to clamd specifically
|
||||||
|
exec clamd "${@}"
|
||||||
|
fi
|
||||||
|
# else default to running clamav's servers
|
||||||
|
|
||||||
|
# Help tiny-init a little
|
||||||
|
mkdir -p "/run/lock"
|
||||||
|
ln -f -s "/run/lock" "/var/lock"
|
||||||
|
|
||||||
|
# Ensure we have some virus data, otherwise clamd refuses to start
|
||||||
|
if [ ! -f "/var/lib/clamav/main.cvd" ]; then
|
||||||
|
echo "Updating initial database"
|
||||||
|
# Set "TestDatabases no" and remove "NotifyClamd" for initial download
|
||||||
|
sed -e 's|^\(TestDatabases \)|\#\1|' \
|
||||||
|
-e '$a TestDatabases no' \
|
||||||
|
-e 's|^\(NotifyClamd \)|\#\1|' \
|
||||||
|
/etc/clamav/freshclam.conf > /tmp/freshclam_initial.conf
|
||||||
|
freshclam --foreground --stdout --config-file=/tmp/freshclam_initial.conf
|
||||||
|
rm /tmp/freshclam_initial.conf
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "${CLAMAV_NO_FRESHCLAMD:-false}" != "true" ]; then
|
||||||
|
echo "Starting Freshclamd"
|
||||||
|
freshclam \
|
||||||
|
--checks="${FRESHCLAM_CHECKS:-1}" \
|
||||||
|
--daemon \
|
||||||
|
--foreground \
|
||||||
|
--stdout \
|
||||||
|
--user="clamav" \
|
||||||
|
&
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "${CLAMAV_NO_CLAMD:-false}" != "true" ]; then
|
||||||
|
echo "Starting ClamAV"
|
||||||
|
if [ -S "/run/clamav/clamd.sock" ]; then
|
||||||
|
unlink "/run/clamav/clamd.sock"
|
||||||
|
fi
|
||||||
|
if [ -S "/tmp/clamd.sock" ]; then
|
||||||
|
unlink "/tmp/clamd.sock"
|
||||||
|
fi
|
||||||
|
clamd --foreground &
|
||||||
|
while [ ! -S "/run/clamav/clamd.sock" ] && [ ! -S "/tmp/clamd.sock" ]; do
|
||||||
|
if [ "${_timeout:=0}" -gt "${CLAMD_STARTUP_TIMEOUT:=1800}" ]; then
|
||||||
|
echo
|
||||||
|
echo "Failed to start clamd"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
printf "\r%s" "Socket for clamd not found yet, retrying (${_timeout}/${CLAMD_STARTUP_TIMEOUT}) ..."
|
||||||
|
sleep 1
|
||||||
|
_timeout="$((_timeout + 1))"
|
||||||
|
done
|
||||||
|
echo "socket found, clamd started."
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "${CLAMAV_NO_MILTERD:-true}" != "true" ]; then
|
||||||
|
echo "Starting clamav milterd"
|
||||||
|
clamav-milter &
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Wait forever (or until canceled)
|
||||||
|
exec tail -f "/dev/null"
|
||||||
|
fi
|
||||||
|
|
||||||
|
exit 0
|
||||||
@ -2,4 +2,5 @@
|
|||||||
git clone --depth 1 https://github.com/Cisco-Talos/clamav-docker
|
git clone --depth 1 https://github.com/Cisco-Talos/clamav-docker
|
||||||
git clone --depth 1 https://github.com/Cisco-Talos/clamav
|
git clone --depth 1 https://github.com/Cisco-Talos/clamav
|
||||||
cp -r ./clamav-docker/clamav/1.4/debian/* clamav/
|
cp -r ./clamav-docker/clamav/1.4/debian/* clamav/
|
||||||
docker compose build --no-cache
|
docker buildx build -t clamav clamav/
|
||||||
|
docker compose build
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user