diff --git a/ctl.sh b/ctl.sh index 240b36f..0e14596 100755 --- a/ctl.sh +++ b/ctl.sh @@ -16,6 +16,14 @@ case "${1}" in docker-compose up -d; ;; + reinit ) + yes | docker-compose rm --stop; + docker rmi $(docker images | grep "docker_and_networks" | awk '{print $1}'); + docker rmi $(docker images | grep "ngx-template" | awk '{print $1}'); + docker rmi $(docker images | grep "visor" | awk '{print $1}'); + docker-compose up -d; + ;; + watch ) watch "docker-compose ps" ;; diff --git a/docker-compose.yml b/docker-compose.yml index 5fff9bd..8a6a431 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -79,6 +79,7 @@ services: visor: container_name: visor + image: visor build: context: . dockerfile: ./dockerfiles/Dockerfile_visor diff --git a/dockerfiles/Dockerfile b/dockerfiles/Dockerfile index de97528..c0ae9b1 100644 --- a/dockerfiles/Dockerfile +++ b/dockerfiles/Dockerfile @@ -5,6 +5,8 @@ ARG NET_NAME=kek ARG CONTAINER_NAME=lol ARG STATIC_FILE=/usr/share/nginx/html/index.html +COPY ./scripts/.env /root/scripts/.env + # change default nginx index.html RUN sed -i '13,21d' $STATIC_FILE && \ sed -i "13i \ diff --git a/dockerfiles/Dockerfile_Ngx_Template b/dockerfiles/Dockerfile_Ngx_Template index 728973e..57a0478 100644 --- a/dockerfiles/Dockerfile_Ngx_Template +++ b/dockerfiles/Dockerfile_Ngx_Template @@ -1,6 +1,9 @@ FROM nginx:latest COPY ./scripts/knocking_setup.sh /root/scripts/knocking_setup.sh +COPY ./scripts/.env /root/scripts/.env + +WORKDIR /root/scripts/ RUN apt update \ && apt install knockd htop iptables iproute2 vim curl -y diff --git a/dockerfiles/Dockerfile_visor b/dockerfiles/Dockerfile_visor index 660fac0..ea912bc 100644 --- a/dockerfiles/Dockerfile_visor +++ b/dockerfiles/Dockerfile_visor @@ -1,5 +1,10 @@ FROM ubuntu:latest +COPY ./scripts/.env /root/scripts/.env +COPY ./scripts/block_port.sh /root/scripts/block_port.sh + +WORKDIR /root/scripts/ + CMD apt update \ && apt install iproute2 vim curl nmap knockd -y \ && sleep infinity diff --git a/scripts/knocking_setup.sh b/scripts/knocking_setup.sh index d50b277..9584110 100755 --- a/scripts/knocking_setup.sh +++ b/scripts/knocking_setup.sh @@ -4,18 +4,20 @@ INTERFACE=$(ip -br a | grep -E "172.28" | awk '{print $1}') || \ exit 0 +source .env + echo -E " [options] Interface = ${INTERFACE%@*} [openNGINX] -sequence = 8100, 7200, 13000 +sequence = ${OPEN_PORT_SEQ} seq_timeout = 5 command = /sbin/iptables -D INPUT -p tcp --dport 80 -j REJECT tcpflags = syn [closeNGINX] -sequence = 6300, 5200, 12001 +sequence = ${CLOSE_PORT_SEQ} seq_timeout = 5 command = /sbin/iptables -A INPUT -p tcp --dport 80 -j REJECT tcpflags = syn