FROM debian:stretch
LABEL maintainer="Evgenii Protsenko <procenkoeg@yandex-team.ru>"

# ENV DEBIAN_FRONTEND noninteractive

# Dependencies
RUN echo "deb http://deb.debian.org/debian stretch-backports main" >> /etc/apt/sources.list
RUN apt-get update
RUN apt-get -y install python-crypto python-setuptools \
    python-future python-bottle ca-certificates tar wget

# Py2neo
RUN wget https://github.com/nigelsmall/py2neo/tarball/py2neo-3.0.0 -O py2neo.tar.gz && \
    tar zxf ./py2neo.tar.gz && rm ./py2neo.tar.gz && \
    mv nigelsmall-py2neo-* py2neo && cd py2neo && \
    python setup.py build && python setup.py install && \
    cd ../ && rm -rf py2neo/

# Tools
## non-free: s3270
RUN sed -i 's/ main/ main non-free/' /etc/apt/sources.list
RUN apt-get update
## openssl: IVRE depends on openssl exec + libssl needed for Nmap
## libfreetype6 libfontconfig1 fonts-dejavu: screenshots w/ phantomjs
RUN apt-get -y install p0f rsync screen ipython openssl tesseract-ocr \
    libfreetype6 libfontconfig1 fonts-dejavu imagemagick ffmpeg s3270 \
    patch bash-completion bzip2 bro python-pil

# Install Nmap. Use included libpcap because to use the workaround for
# Nmap issue #34 (https://github.com/nmap/nmap/issues/34) since we do
# not know which kernel version will be used
# ADD https://github.com/nmap/nmap/tarball/master ./nmap.tar.gz
# Use 7.25BETA2 to have Lua 5.3
RUN wget https://nmap.org/dist/nmap-7.70.tgz -O nmap.tar.gz && \
    apt-get -y install build-essential libssl-dev && \
    tar zxf nmap.tar.gz && \
    mv nmap-* nmap && \
    cd nmap && \
    ./configure --without-ndiff --without-zenmap --without-nping \
                --without-ncat --without-nmap-update \
                --with-libpcap=included && \
    make && make install && \
    cd ../ && rm -rf nmap nmap.tar.gz && \
    apt-get -y --purge autoremove build-essential libssl-dev

# "Install" phantomjs for our http-screenshot NSE script replacement
RUN wget https://bitbucket.org/ariya/phantomjs/downloads/phantomjs-1.9.8-linux-x86_64.tar.bz2 -O phantomjs-1.9.8-linux-x86_64.tar.bz2 && \
    tar jxf phantomjs-1.9.8-linux-x86_64.tar.bz2 phantomjs-1.9.8-linux-x86_64/bin/phantomjs && \
    mv phantomjs-1.9.8-linux-x86_64/bin/phantomjs /usr/local/bin/ && \
    rm -rf phantomjs-1.9.8-linux-x86_64*

# Add our *-screenshot NSE scripts
RUN for d in /usr /usr/local; do \
        d="$d/share/ivre/nmap_scripts"; \
        [ -d "$d" ] && ( \
	    cp $d/*.nse /usr/local/share/nmap/scripts; \
	    cd /usr/local/share/nmap/; \
	    for p in $d/patches/*.patch; do \
	         patch -p0 < $p; \
            done \
	) \
    done; true
RUN nmap --script-update

RUN mkdir /var/lib/ivre-share
VOLUME /var/lib/ivre-share

# Neo4j
# http://debian.neo4j.org/
ADD https://debian.neo4j.org/neotechnology.gpg.key /neotechnology.gpg.key
RUN apt-key add /neotechnology.gpg.key && rm /neotechnology.gpg.key
RUN echo 'deb http://debian.neo4j.org/repo stable/' > /etc/apt/sources.list.d/neo4j.list
RUN apt-get -q update && apt-get -qy install neo4j=2.3.3


# Accept remote connections to DBs
# Neo4j
RUN sed -ri 's/^(dbms\.security\.auth_enabled=)true/\1false/;s/^# *(org\.neo4j\.server\.webserver\.address=0\.0\.0\.0)/\1/' /etc/neo4j/neo4j-server.properties
## v3
# RUN sed -ri 's/^# *(dbms\.security\.auth_enabled=false|dbms\.connector\.http\.address=0\.0\.0\.0:7474|dbms\.connector\.bolt\.address=0\.0\.0\.0:7687)/\1/' /etc/neo4j/neo4j.conf

RUN apt-get -y install python-pip

# IVRE
RUN apt-get -qy install python python-dev python-pip && \
    pip install ivre sqlalchemy psycopg2-binary && \
    apt-get -qy autoremove python-dev python-pip

# Config
ADD ivre.conf /etc/ivre.conf
