add docker-compose dev stack, Dockerfile, scripts

.dockerignore

@@ -0,0 +1,51 @@
+# Git
+.git
+.gitignore
+.github
+
+# Docker
+docker-compose.yml
+Dockerfile
+.dockerignore
+
+# DB
+mongodata
+pgdata
+*.db
+*.sqlite3
+
+# Python
+__pycache__
+*.py[cod]
+*$py.class
+*.so
+.Python
+*.egg
+*.egg-info
+dist
+build
+.eggs
+.venv
+venv
+env
+
+# IDE
+.vscode
+.idea
+*.swp
+*.swo
+*~
+
+# Logs
+*.log
+logs
+
+# OS
+.DS_Store
+Thumbs.db
+
+# Others
+.env.local
+.cache
+tmp
+temp

docker/.env.example

@@ -0,0 +1,8 @@
+WEB_PORT=8000
+RESULT_PORT=2042
+PG_PORT=5432
+MONGO_PORT=27017
+
+POSTGRES_USER=cape
+POSTGRES_PASSWORD=cape
+POSTGRES_DB=cape

docker/Dockerfile

@@ -0,0 +1,36 @@
+FROM python:3.11-bookworm
+
+RUN apt-get update \
+    && apt-get install -y --no-install-recommends git libgraphviz-dev tcpdump libcap2-bin iproute2 libjansson-dev libmagic-dev \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN useradd -ms /bin/bash cape
+
+RUN pip install --no-cache-dir poetry
+
+RUN poetry config virtualenvs.create false
+
+RUN mkdir -p /etc/poetry/bin && ln -s $(which poetry) /etc/poetry/bin/poetry
+RUN mkdir -p /opt && ln -s /cape /opt/CAPEv2
+
+WORKDIR /cape
+
+COPY pyproject.toml poetry.lock* ./
+
+RUN poetry install --no-interaction --no-ansi --no-root
+
+COPY . .
+
+RUN poetry install --no-interaction --no-ansi
+
+RUN pip install --no-cache-dir -U flare-floss
+RUN bash extra/yara_installer.sh
+
+RUN bash docker/pcap.sh
+
+RUN bash conf/copy_configs.sh
+RUN chown -R cape:cape /cape
+
+USER cape
+
+CMD ["bash", "docker/run.sh"]

docker/docker-compose.yml

@@ -0,0 +1,62 @@
+services:
+  cape-db:
+    image: postgres:bookworm
+    hostname: cape-db
+    restart: unless-stopped
+    ports:
+      - "127.0.0.1:${PG_PORT:-5432}:5432"
+    environment:
+      POSTGRES_USER: ${POSTGRES_USER:-cape}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-cape}
+      POSTGRES_DB: ${POSTGRES_DB:-cape}
+      PGDATA: /var/lib/postgresql/data/pgdata
+    volumes:
+      - cape-db-data:/var/lib/postgresql/data
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-cape} -d ${POSTGRES_DB:-cape}"]
+      interval: 5s
+      timeout: 5s
+      retries: 10
+      start_period: 30s
+
+  mongodb:
+    image: mongo:6
+    command: ["--bind_ip_all"]
+    volumes:
+      - cape-mongo-data:/data/db
+    ports:
+      - "127.0.0.1:${MONGO_PORT:-27017}:27017"
+    restart: unless-stopped
+    healthcheck:
+      test: ["CMD", "mongosh", "--eval", "db.runCommand({ ping: 1 })"]
+      interval: 10s
+      timeout: 5s
+      retries: 12
+      start_period: 20s
+
+  cape-server:
+    build:
+      context: ../
+      dockerfile: docker/Dockerfile
+    hostname: cape-server
+    restart: unless-stopped
+    depends_on:
+      cape-db:
+        condition: service_healthy
+      mongodb:
+        condition: service_healthy
+    environment:
+      - WEB_PORT=${WEB_PORT:-8000}
+    ports:
+      - "127.0.0.1:${RESULT_PORT:-2042}:2042"  # result server
+      - "127.0.0.1:${WEB_PORT:-8000}:8000"     # web ui
+    volumes:
+      - ../custom:/cape/custom
+      - ../custom/conf:/cape/custom/conf
+    cap_add:
+      - NET_ADMIN
+      - NET_RAW
+
+volumes:
+  cape-db-data:
+  cape-mongo-data:

docker/pcap.sh

@@ -0,0 +1,4 @@
+groupadd pcap
+usermod -a -G pcap cape
+chgrp pcap /usr/bin/tcpdump
+setcap cap_net_raw,cap_net_admin=eip /usr/bin/tcpdump

docker/run.sh

@@ -0,0 +1,17 @@
+#!/bin/bash
+set -e
+
+cd /cape
+
+cd web
+python manage.py migrate
+cd ..
+
+python cuckoo.py &
+CUCKOO_PID=$!
+
+cd web
+
+: "${WEB_PORT:=8000}"
+
+python manage.py runserver 0.0.0.0:${WEB_PORT}