brianredbeard/Dockerfile-OSSEC-HIDS

## Dockerfile-OSSEC-HIDS
####
#
# BUILD CONTAINER
#
####

FROM alpine:latest as build

# Setup a work environment and retrieve the sources

WORKDIR /ossec/
ENV OSSEC_VERSION 2.9.2
ADD https://github.com/ossec/ossec-hids/archive/${OSSEC_VERSION}.tar.gz /ossec/
RUN /bin/tar -xvf ${OSSEC_VERSION}.tar.gz --strip-components=1

# Retrieve the build dependencies
RUN /sbin/apk update
RUN /sbin/apk add libressl libcrypto1.0 linux-headers alpine-sdk shadow

# Fix for https://github.com/ossec/ossec-hids/issues/997
RUN /bin/ln -s /usr/include/linux/a.out.h /usr/include/a.out.h

# Setup build environment
WORKDIR /ossec/src
# We will manually add a user, so don't run the adduser.sh script

RUN echo "USER_BINARYINSTALL=\"y\"" >> /ossec/etc/preloaded-vars.conf
#RUN /bin/sed -i '/adduser/d' Makefile
RUN /usr/sbin/addgroup -g 1000 ossec && /usr/sbin/adduser -h /home/ossec -u 1000 -G ossec -D ossec
RUN /bin/mkdir /opt
RUN /bin/chmod g+s /opt
RUN /usr/bin/make TARGET=agent PREFIX=/opt install-agent
RUN /bin/chown -R root:ossec /opt/bin

RUN /bin/tar cvf ossec-install.tar /opt

####
#
# RUNTIME CONTAINER
#
####

FROM alpine:latest as runtime

RUN /usr/sbin/addgroup -g 1000 ossec && /usr/sbin/adduser -h /home/ossec -u 1000 -G ossec -D ossec
RUN echo "PATH=\"$PATH:/opt/bin\"" >> /etc/profile

COPY --from=build /ossec/src/ossec-install.tar /tmp/
RUN /bin/tar xvf /tmp/ossec-install.tar

# Due to a quirk in how OSSEC-HIDS wants to _switch_ to the ossec user and group
# we don't define this as the ossec user doesn't have permissions to switch to itself
#USER ossec:ossec
	####
	#
	# BUILD CONTAINER
	#
	####

	FROM alpine:latest as build

	# Setup a work environment and retrieve the sources

	WORKDIR /ossec/
	ENV OSSEC_VERSION 2.9.2
	ADD https://github.com/ossec/ossec-hids/archive/${OSSEC_VERSION}.tar.gz /ossec/
	RUN /bin/tar -xvf ${OSSEC_VERSION}.tar.gz --strip-components=1

	# Retrieve the build dependencies
	RUN /sbin/apk update
	RUN /sbin/apk add libressl libcrypto1.0 linux-headers alpine-sdk shadow

	# Fix for https://github.com/ossec/ossec-hids/issues/997
	RUN /bin/ln -s /usr/include/linux/a.out.h /usr/include/a.out.h

	# Setup build environment
	WORKDIR /ossec/src
	# We will manually add a user, so don't run the adduser.sh script

	RUN echo "USER_BINARYINSTALL=\"y\"" >> /ossec/etc/preloaded-vars.conf
	#RUN /bin/sed -i '/adduser/d' Makefile
	RUN /usr/sbin/addgroup -g 1000 ossec && /usr/sbin/adduser -h /home/ossec -u 1000 -G ossec -D ossec
	RUN /bin/mkdir /opt
	RUN /bin/chmod g+s /opt
	RUN /usr/bin/make TARGET=agent PREFIX=/opt install-agent
	RUN /bin/chown -R root:ossec /opt/bin

	RUN /bin/tar cvf ossec-install.tar /opt

	####
	#
	# RUNTIME CONTAINER
	#
	####

	FROM alpine:latest as runtime

	RUN /usr/sbin/addgroup -g 1000 ossec && /usr/sbin/adduser -h /home/ossec -u 1000 -G ossec -D ossec
	RUN echo "PATH=\"$PATH:/opt/bin\"" >> /etc/profile

	COPY --from=build /ossec/src/ossec-install.tar /tmp/
	RUN /bin/tar xvf /tmp/ossec-install.tar

	# Due to a quirk in how OSSEC-HIDS wants to _switch_ to the ossec user and group
	# we don't define this as the ossec user doesn't have permissions to switch to itself
	#USER ossec:ossec