123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 |
- FROM golang:alpine3.19 as build
- # Update libraries
- RUN apk update && apk upgrade
- # Set workdir
- WORKDIR /go/src
- # Build go package
- ADD . /go/src/clamav-rest/
- RUN cd /go/src/clamav-rest && go mod download github.com/dutchcoders/go-clamd@latest && go mod init clamav-rest && go mod tidy && go mod vendor && go build -v
- FROM alpine:3.20
- # Copy compiled clamav-rest binary from build container to production container
- COPY --from=build /go/src/clamav-rest/clamav-rest /usr/bin/
- # Update & Install tzdata
- RUN apk update && apk upgrade && apk add --no-cache tzdata
- # Enable Bash & logrotate
- RUN apk add bash logrotate
- COPY clamavlogrotate /etc/logrotate.d/clamav
- # Set timezone to Europe/Zurich
- ENV TZ=Europe/Zurich
- ADD ./server.* /etc/ssl/clamav-rest/
- # Install ClamAV
- RUN apk --no-cache add clamav clamav-libunrar \
- && mkdir /run/clamav \
- && chown clamav:clamav /run/clamav
- # Configure clamAV to run in foreground with port 3310
- RUN sed -i 's/^#Foreground .*$/Foreground true/g' /etc/clamav/clamd.conf \
- && sed -i 's/^#TCPSocket .*$/TCPSocket 3310/g' /etc/clamav/clamd.conf \
- && sed -i 's/^#Foreground .*$/Foreground true/g' /etc/clamav/freshclam.conf
- RUN freshclam --quiet --no-dns
- COPY entrypoint.sh /usr/bin/
- RUN mkdir /clamav \
- && chown -R clamav.clamav /clamav \
- && chown -R clamav.clamav /var/log/clamav \
- && chown -R clamav.clamav /run/clamav
- ENV PORT=9000
- ENV SSL_PORT=9443
- ENV MAX_SCAN_SIZE=100M
- ENV MAX_FILE_SIZE=25M
- ENV MAX_RECURSION=16
- ENV MAX_FILES=10000
- ENV MAX_EMBEDDEDPE=10M
- ENV MAX_HTMLNORMALIZE=10M
- ENV MAX_HTMLNOTAGS=2M
- ENV MAX_SCRIPTNORMALIZE=5M
- ENV MAX_ZIPTYPERCG=1M
- ENV MAX_PARTITIONS=50
- ENV MAX_ICONSPE=100
- ENV PCRE_MATCHLIMIT=100000
- ENV PCRE_RECMATCHLIMIT=2000
- ENV SIGNATURE_CHECKS=2
- USER clamav
- ENTRYPOINT [ "entrypoint.sh" ]
|