added cron
Signed-off-by: ale <ale@manalejandro.com>
This commit is contained in:
parent
cc641f65d0
commit
c13580830d
GPG Key ID:
244A9C4DAB1C0C81
5
Dockerfile
Normal file
5
Dockerfile
Normal file
@ -0,0 +1,5 @@
|
||||
FROM clamav
|
||||
RUN apt update && apt install -y cron && apt clean
|
||||
COPY "./docker-entrypoint.sh" "/init"
|
||||
COPY "./clamav-cron" "/etc/cron.d/clamav"
|
||||
RUN service cron start
|
||||
2
clamav-cron
Normal file
2
clamav-cron
Normal file
@ -0,0 +1,2 @@
|
||||
PATH=/usr/sbin:/usr/bin:/sbin:/bin
|
||||
5 4 * * * root freshclam && nice -n10 clamscan -rio --move /data/quarantine /scandir 2>&1
|
||||
111
docker-entrypoint.sh
Executable file
111
docker-entrypoint.sh
Executable file
@ -0,0 +1,111 @@
|
||||
#!/usr/bin/env sh
|
||||
# SPDX-License-Identifier: GPL-2.0-or-later
|
||||
#
|
||||
# Copyright (C) 2021 Olliver Schinagl <oliver@schinagl.nl>
|
||||
# Copyright (C) 2021-2023 Cisco Systems, Inc. and/or its affiliates. All rights reserved.
|
||||
#
|
||||
# A beginning user should be able to docker run image bash (or sh) without
|
||||
# needing to learn about --entrypoint
|
||||
# https://github.com/docker-library/official-images#consistency
|
||||
|
||||
set -eu
|
||||
|
||||
service cron start
|
||||
|
||||
if [ ! -d "/run/clamav" ]; then
|
||||
install -d -g "clamav" -m 775 -o "clamav" "/run/clamav"
|
||||
fi
|
||||
|
||||
# Assign ownership to the database directory, just in case it is a mounted volume
|
||||
chown -R clamav:clamav /var/lib/clamav
|
||||
|
||||
# configure freshclam.conf and clamd.conf from env variables if present
|
||||
env | grep "^CLAMD_CONF_" | while IFS="=" read -r KEY VALUE; do
|
||||
TRIMMED="${KEY#CLAMD_CONF_}"
|
||||
|
||||
grep -q "^#$TRIMMED " /etc/clamav/clamd.conf && \
|
||||
sed -i "s/^#$TRIMMED .*/$TRIMMED $VALUE/" /etc/clamav/clamd.conf || \
|
||||
sed -i "\$ a\\$TRIMMED $VALUE" /etc/clamav/clamd.conf
|
||||
done
|
||||
|
||||
env | grep "^FRESHCLAM_CONF_" | while IFS="=" read -r KEY VALUE; do
|
||||
TRIMMED="${KEY#FRESHCLAM_CONF_}"
|
||||
|
||||
grep -q "^#$TRIMMED " /etc/clamav/freshclam.conf && \
|
||||
sed -i "s/^#$TRIMMED .*/$TRIMMED $VALUE/" /etc/clamav/freshclam.conf || \
|
||||
sed -i "\$ a\\$TRIMMED $VALUE" /etc/clamav/freshclam.conf
|
||||
done
|
||||
|
||||
# run command if it is not starting with a "-" and is an executable in PATH
|
||||
if [ "${#}" -gt 0 ] && \
|
||||
[ "${1#-}" = "${1}" ] && \
|
||||
command -v "${1}" > "/dev/null" 2>&1; then
|
||||
# Ensure healthcheck always passes
|
||||
CLAMAV_NO_CLAMD="true" exec "${@}"
|
||||
else
|
||||
if [ "${#}" -ge 1 ] && \
|
||||
[ "${1#-}" != "${1}" ]; then
|
||||
# If an argument starts with "-" pass it to clamd specifically
|
||||
exec clamd "${@}"
|
||||
fi
|
||||
# else default to running clamav's servers
|
||||
|
||||
# Help tiny-init a little
|
||||
mkdir -p "/run/lock"
|
||||
ln -f -s "/run/lock" "/var/lock"
|
||||
|
||||
# Ensure we have some virus data, otherwise clamd refuses to start
|
||||
if [ ! -f "/var/lib/clamav/main.cvd" ]; then
|
||||
echo "Updating initial database"
|
||||
# Set "TestDatabases no" and remove "NotifyClamd" for initial download
|
||||
sed -e 's|^\(TestDatabases \)|\#\1|' \
|
||||
-e '$a TestDatabases no' \
|
||||
-e 's|^\(NotifyClamd \)|\#\1|' \
|
||||
/etc/clamav/freshclam.conf > /tmp/freshclam_initial.conf
|
||||
freshclam --foreground --stdout --config-file=/tmp/freshclam_initial.conf
|
||||
rm /tmp/freshclam_initial.conf
|
||||
fi
|
||||
|
||||
if [ "${CLAMAV_NO_FRESHCLAMD:-false}" != "true" ]; then
|
||||
echo "Starting Freshclamd"
|
||||
freshclam \
|
||||
--checks="${FRESHCLAM_CHECKS:-1}" \
|
||||
--daemon \
|
||||
--foreground \
|
||||
--stdout \
|
||||
--user="clamav" \
|
||||
&
|
||||
fi
|
||||
|
||||
if [ "${CLAMAV_NO_CLAMD:-false}" != "true" ]; then
|
||||
echo "Starting ClamAV"
|
||||
if [ -S "/run/clamav/clamd.sock" ]; then
|
||||
unlink "/run/clamav/clamd.sock"
|
||||
fi
|
||||
if [ -S "/tmp/clamd.sock" ]; then
|
||||
unlink "/tmp/clamd.sock"
|
||||
fi
|
||||
clamd --foreground &
|
||||
while [ ! -S "/run/clamav/clamd.sock" ] && [ ! -S "/tmp/clamd.sock" ]; do
|
||||
if [ "${_timeout:=0}" -gt "${CLAMD_STARTUP_TIMEOUT:=1800}" ]; then
|
||||
echo
|
||||
echo "Failed to start clamd"
|
||||
exit 1
|
||||
fi
|
||||
printf "\r%s" "Socket for clamd not found yet, retrying (${_timeout}/${CLAMD_STARTUP_TIMEOUT}) ..."
|
||||
sleep 1
|
||||
_timeout="$((_timeout + 1))"
|
||||
done
|
||||
echo "socket found, clamd started."
|
||||
fi
|
||||
|
||||
if [ "${CLAMAV_NO_MILTERD:-true}" != "true" ]; then
|
||||
echo "Starting clamav milterd"
|
||||
clamav-milter &
|
||||
fi
|
||||
|
||||
# Wait forever (or until canceled)
|
||||
exec tail -f "/dev/null"
|
||||
fi
|
||||
|
||||
exit 0
|
||||
@ -2,4 +2,5 @@
|
||||
git clone --depth 1 https://github.com/Cisco-Talos/clamav-docker
|
||||
git clone --depth 1 https://github.com/Cisco-Talos/clamav
|
||||
cp -r ./clamav-docker/clamav/1.4/debian/* clamav/
|
||||
docker compose build --no-cache
|
||||
docker buildx build -t clamav clamav/
|
||||
docker compose build
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user