From 256a0ea2df9c4176ad1552538dce349fbdd5972e Mon Sep 17 00:00:00 2001
From: 4Quarks <47900195+4quarks@users.noreply.github.com>
Date: Mon, 29 Jul 2024 15:38:30 +0200
Subject: [PATCH] Delete docker directory

---
 files/docker/Dockerfile          | 43 ------------------------
 files/docker/docker-compose.yml  | 23 -------------
 files/docker/fluentd/Dockerfile  |  3 --
 files/docker/fluentd/fluent.conf | 31 ------------------
 files/docker/godnscollector.yml  | 56 --------------------------------
 files/docker/pdnssoccli.yml      | 49 ----------------------------
 files/docker/postrotate_query.sh |  8 -----
 files/docker/supervisord.conf    | 25 --------------
 8 files changed, 238 deletions(-)
 delete mode 100644 files/docker/Dockerfile
 delete mode 100644 files/docker/docker-compose.yml
 delete mode 100644 files/docker/fluentd/Dockerfile
 delete mode 100644 files/docker/fluentd/fluent.conf
 delete mode 100644 files/docker/godnscollector.yml
 delete mode 100644 files/docker/pdnssoccli.yml
 delete mode 100755 files/docker/postrotate_query.sh
 delete mode 100644 files/docker/supervisord.conf

diff --git a/files/docker/Dockerfile b/files/docker/Dockerfile
deleted file mode 100644
index 3cf2221..0000000
--- a/files/docker/Dockerfile
+++ /dev/null
@@ -1,43 +0,0 @@
-FROM python:3.11-alpine
-
-ARG GO_DNSCOLLECTOR_VERSION
-ARG PDNSSOC_CLI_VERSION
-ARG PDNSSOC_CLI_PYPI_INDEX
-
-RUN apk add --no-cache --update \
-    bash  \
-    py3-pip \
-    curl \
-    tar \
-    supervisor \
-    coreutils \
-    jq \
-    gzip
-
-# Install pdnssoc-cli
-RUN pip install --index-url https://$PDNSSOC_CLI_PYPI_INDEX/simple --extra-index-url https://pypi.org/simple pdnssoc-cli==$PDNSSOC_CLI_VERSION
-
-RUN mkdir /build
-
-WORKDIR /build
-
-
-# Install go-dnscollector
-RUN echo "https://github.com/dmachard/go-dnscollector/releases/download/${GO_DNSCOLLECTOR_VERSION}/go-dnscollector_${GO_DNSCOLLECTOR_VERSION}_linux_amd64.tar.gz"
-RUN curl -LO  "https://github.com/dmachard/go-dnscollector/releases/download/v${GO_DNSCOLLECTOR_VERSION}/go-dnscollector_${GO_DNSCOLLECTOR_VERSION}_linux_amd64.tar.gz" && \
-        tar xvf "go-dnscollector_${GO_DNSCOLLECTOR_VERSION}_linux_amd64.tar.gz" && \
-        mv go-dnscollector /usr/bin/
-
-RUN mkdir /etc/dnscollector
-
-RUN pip install superfsmon
-
-# Setup supervisord
-RUN mkdir -p /var/log/supervisor
-
-# Bake scripts for pdnssoc
-COPY postrotate_query.sh /etc/dnscollector/postrotate_query.sh
-COPY supervisord.conf /etc/supervisor/supervisord.conf
-COPY godnscollector.yml /etc/dnscollector/config.yml
-
-CMD ["supervisord"]
\ No newline at end of file
diff --git a/files/docker/docker-compose.yml b/files/docker/docker-compose.yml
deleted file mode 100644
index 4599cad..0000000
--- a/files/docker/docker-compose.yml
+++ /dev/null
@@ -1,23 +0,0 @@
-version: "3.9"
-services:
-  dnscollector:
-    image: ghcr.io/cern-cert/pdnssoc:edge
-    command: >
-      bash -c "mkdir -p /var/dnscollector/alerts
-      && mkdir -p /var/dnscollector/matches
-      && pdnssoc-cli -c /etc/pdnssoccli.yml fetch-iocs
-      && /usr/bin/supervisord -c /etc/supervisor/supervisord.conf"
-    ports:
-      - "6000:6000"
-    volumes:
-      - ./logs:/var/dnscollector/ # Logging destination
-      - ./pdnssoccli.yml:/etc/pdnssoccli.yml
-
-  # Uncomment to enable shipping to different logging systems
-  # e.g. Opensearch, kafka
-  #fluentd:
-  #  build: ./fluentd
-  #  volumes:
-  #    - ./fluentd:/fluentd/etc
-  #    - ./logs:/var/pDNSSOC/
-
diff --git a/files/docker/fluentd/Dockerfile b/files/docker/fluentd/Dockerfile
deleted file mode 100644
index 6121db1..0000000
--- a/files/docker/fluentd/Dockerfile
+++ /dev/null
@@ -1,3 +0,0 @@
-FROM fluent/fluentd:v1.16.0-debian-1.0
-USER root
-RUN ["gem", "install", "fluent-plugin-opensearch", "--no-document"]
\ No newline at end of file
diff --git a/files/docker/fluentd/fluent.conf b/files/docker/fluentd/fluent.conf
deleted file mode 100644
index b9c7754..0000000
--- a/files/docker/fluentd/fluent.conf
+++ /dev/null
@@ -1,31 +0,0 @@
-## match tag=debug.** and dump to console
-<match debug.**>
-  @type stdout
-  @id output_stdout
-</match>
-
-# Getting logs from pdnssoc to send to OpenSearch
- <source>
-   @type tail
-   path /var/pDNSSOC/alerts/matches.json
-   tag pdnssoc
-   read_from_head true
-   pos_file /fluentd/etc/alerts.log.pos
-   <parse>
-     @type json
-   </parse>
- </source>
-
-<match pdnssoc>
-  @type opensearch
-  hosts https://opensearch_instance
-  index_name ${tag}-%Y.%m.%d #=> e.g.) pdnssoc-20170811
-  <buffer tag, time>
-    @type memory
-    flush_mode immediate
-    timekey 3600
-  </buffer>
-   user %{CHANGE_ME}
-  password %{CHANGE_ME}
-  ssl_verify true
- </match>
diff --git a/files/docker/godnscollector.yml b/files/docker/godnscollector.yml
deleted file mode 100644
index 283a606..0000000
--- a/files/docker/godnscollector.yml
+++ /dev/null
@@ -1,56 +0,0 @@
-
-################################################
-# global configuration
-################################################
-global:
-  # If turned on, log some applications messages
-  trace:
-    # debug informations
-    verbose: false
-  # Set the server identity name
-  # comment the following line to use the hostname
-  server-identity: "dns-collector"
-  text-format: "timestamp-rfc3339ns identity operation rcode queryip queryport family protocol length qname qtype latency"
-  # default text field delimiter
-  text-format-delimiter: " "
-  # default text field boundary
-  text-format-boundary: "\""
-
-multiplexer:
-  collectors:
-    - name: dnstap
-      dnstap:
-        listen-ip: 0.0.0.0
-        listen-port: 6000
-        chan-buffer-size: 655350
-
-  loggers:
-
-    - name: filelogdomains
-      logfile:
-        file-path: /var/dnscollector/matches/matches_domains.json
-        mode: json
-      transforms:
-        filtering:
-          keep-fqdn-file: '/var/dnscollector/misp_domains.txt'
-
-    - name: filelogips
-      logfile:
-        file-path: /var/dnscollector/matches/matches_ips.json
-        mode: json
-      transforms:
-        filtering:
-          keep-rdata-file: '/var/dnscollector/misp_ips.txt'
-
-    - name: fileall
-      logfile:
-        file-path: /var/dnscollector/queries.log
-        mode: json
-        max-size: 100
-        max-files: 100
-        postrotate-command: "/etc/dnscollector/postrotate_query.sh"
-        postrotate-delete-success: true
-
-  routes:
-    - from: [ dnstap ]
-      to: [ filelogdomains, filelogips, fileall ]
diff --git a/files/docker/pdnssoccli.yml b/files/docker/pdnssoccli.yml
deleted file mode 100644
index ca99092..0000000
--- a/files/docker/pdnssoccli.yml
+++ /dev/null
@@ -1,49 +0,0 @@
-logging_level: "INFO"
-
-misp_servers:
-  - domain: "https://example-misp-instance.com"
-    api_key: "API_KEY"
-    verify_ssl: False
-    # misp.search() arguments
-    args:
-      enforce_warninglist: True
-    periods:
-      generic:
-        delta:
-          days: 30
-      tags:
-      - names:
-          - "tag_name"
-        delta: False
-
-correlation:
-  input_dir: ./input_dir/ # use this if no files are defined from commmand line
-  output_dir: ./output_dir/
-  archive_dir: ./archive/ # use this as input for looking back
-  malicious_domains_file: ./misp_domains.txt
-  malicious_ips_file: ./misp_ips.txt
-  last_correlation_pointer_file: ./correlation.last
-  last_retro_pointer_file: ./retro.last
-
-schedules:
-  fetch_iocs:
-    interval: 10 # minutes
-  correlation:
-    interval: 1 # minutes
-  retro:
-    interval: 1440 # minutes
-  alerting:
-    interval: 60 # minutes
-
-alerting:
-  last_alerting_pointer_file: ./tests/alert.last
-  email:
-    from: "pdnssoc-dev@domain.tld"
-    subject: "[pDNSSOC] Community XYZ alert"
-    summary_to: "pdnssoc-dev@cern.ch"
-    server: "localhost"
-    port: 25
-    template: ./alert_email_template.html
-    mappings:
-      - client_id: client_1
-        contact: client_1_sec_team@domain.tld
diff --git a/files/docker/postrotate_query.sh b/files/docker/postrotate_query.sh
deleted file mode 100755
index 36421da..0000000
--- a/files/docker/postrotate_query.sh
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/bash
-
-BACKUP_FOLDER=/var/dnscollector/queries/$(date +%Y-%m-%d)
-mkdir -p $BACKUP_FOLDER
-
-FILE_NAME=$(basename $1 .log)
-
-jq -c '. | {timestamp: .dnstap."timestamp-rfc3339ns", query: .dns.qname, client: .network."query-ip", server: .network."response-ip", client_id: .dnstap.identity , answers: .dns."resource-records".an }' $1 > $BACKUP_FOLDER/$FILE_NAME.json && gzip -S .gz_minified $BACKUP_FOLDER/$FILE_NAME.json
\ No newline at end of file
diff --git a/files/docker/supervisord.conf b/files/docker/supervisord.conf
deleted file mode 100644
index cd29344..0000000
--- a/files/docker/supervisord.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-[supervisord]
-nodaemon=true
-logfile=/dev/null
-logfile_maxbytes=0
-
-[inet_http_server]
-port = 127.0.0.1:9001
-
-[rpcinterface:supervisor]
-supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
-
-[program:dnscollector]
-stdout_logfile=/dev/fd/1
-stdout_logfile_maxbytes=0
-redirect_stderr=true
-command=/bin/bash -c "go-dnscollector -config /etc/dnscollector/config.yml"
-
-[program:pdnssoccli]
-stdout_logfile=/dev/fd/1
-stdout_logfile_maxbytes=0
-redirect_stderr=true
-command=/bin/bash -c "pdnssoc-cli -c /etc/pdnssoccli.yml daemonize"
-
-[program:superfsmon]
-command=/bin/bash -c "superfsmon /var/dnscollector dnscollector -r *.txt"
\ No newline at end of file