feat: deploy with docker
cargo devel CI / cargo CI (push) Successful in 1m32s Details

This commit is contained in:
Christoph J. Scherr 2024-09-07 15:23:32 +02:00
parent 839206c12a
commit 50a7127e63
3 changed files with 68 additions and 1 deletions

14
Dockerfile Normal file
View File

@ -0,0 +1,14 @@
FROM rust:1.80
WORKDIR /usr/src/myapp
COPY . .
RUN cargo install --path .
EXPOSE 1337/tcp
ENV WOOLY_CHALLENGE 3
ENV WOOLY_PORT 1337
ENV WOOLY_ARGS ""
CMD WOOLY_SECRET=$(cat /run/secrets/flag) wooly-vault $WOOLY_CHALLENGE 0.0.0.0:$WOOLY_PORT $WOOLY_ARGS

View File

@ -30,5 +30,42 @@ There are a number of challenges:
## Solution ## Solution
Solutions for some challenges can be found in [solutions](./solutions/). Don't spoil the Solutions for some challenges can be found in [solutions](./solutions/). Don't spoil the
challenge for yourself. challenge for yourself.
## Hosting
As this is a challenge meant for hackers, it is advisable not to run this on
a system that should not be hacked. Some of the later challenges will possibly
provide remote code execution through things like SQL-injection. For this reason,
you should probably use some kind of VM, or at least a container to host this.
### Docker
Wooly-Vault has a [Dockerfile](./Dockerfile) and a
[docker compose specification](./docker-compose.yml), so you can run it
easily in a docker container:
```bash
WOOLY_SECRET=my_flag docker compose up
```
To configure what challenge is served and on what networking adress, tweak
[docker-compose.yml](./docker-compose.yml).
### The regular way
You can just `cargo run -r` it, or compile with `cargo build -r` and then
execute the executable.
```bash
$ WOOLY_SECRET=my_flag wooly-vault 3 127.0.0.1:1337
$ WOOLY_SECRET=my_flag cargo run -r -- 3 127.0.0.1:1337
```
## Naming
Q: Why is Wooly-Vault wooly?
A: I like sheeps. I'm literally PlexSheep.

16
docker-compose.yml Normal file
View File

@ -0,0 +1,16 @@
services:
wooly-vault:
container_name: wooly-vault
build:
dockerfile: ./Dockerfile
secrets:
- flag
ports:
- 127.0.0.1:1337:1337 # change this depending on who should be able to access
environment:
WOOLY_CHALLENGE: 3 # change me
WOOLY_PORT: 1337
WOOLY_ARGS: ""
secrets:
flag:
environment: WOOLY_SECRET