NOW that is what I call a entrypoint.sh !! 😎

1.2/Dockerfile

@@ -6,7 +6,7 @@ ENV CUCKOO_VERSION 1.2
 ENV SSDEEP ssdeep-2.13
 
 # Install Cuckoo Sandbox Required Dependencies
-RUN apk-install tcpdump py-lxml py-chardet py-libvirt py-crypto
+RUN apk-install tcpdump py-lxml py-chardet py-libvirt py-crypto curl
 RUN apk-install -t .build-deps \
                    openssl-dev \
                    libxslt-dev \
@@ -54,6 +54,7 @@ RUN apk-install -t .build-deps \
   && apk del --purge .build-deps
 
 COPY conf /cuckoo/conf
+COPY update_conf.py /update_conf.py
 COPY docker-entrypoint.sh /entrypoint.sh
 
 WORKDIR /cuckoo

1.2/docker-entrypoint.sh

@@ -2,8 +2,54 @@
 
 set -e
 
+setDefaults() {
+  export MONGO_HOST="$(env | grep MONGO.*PORT_.*_TCP_ADDR= | sed -e 's|.*=||')"
+  export MONGO_TCP_PORT="$(env | grep MONGO.*PORT_.*_TCP_PORT= | sed -e 's|.*=||')"
+  export POSTGRES_HOST="$(env | grep POSTGRES.*PORT_.*_TCP_ADDR= | sed -e 's|.*=||')"
+  export POSTGRES_TCP_PORT="$(env | grep POSTGRES.*PORT_.*_TCP_PORT= | sed -e 's|.*=||')"
+  env | grep -E "^MONGO_HOST|^MONGO_TCP_PORT|^POSTGRES.*" | sort -n
+}
+
+# Wait for. Params: host, port, service
+waitFor() {
+    echo -n "===> Waiting for ${3}(${1}:${2}) to start..."
+    i=1
+    while [ $i -le 20 ]; do
+        if nc -vz ${1} ${2} 2>/dev/null; then
+            echo "${3} is ready!"
+            return 0
+        fi
+
+        echo -n '.'
+        sleep 1
+        i=$((i+1))
+    done
+
+    echo
+    echo >&2 "${3} is not available"
+    echo >&2 "Address: ${1}:${2}"
+}
+
+setUpCuckoo(){
+  echo "===> Use default ports and hosts if not specified..."
+  setDefaults
+  echo
+  echo "===> Update /cuckoo/conf/reporting.conf if needed..."
+  /update_conf.py
+  echo
+  # Wait until all services are started
+  if [ ! "$MONGO_HOST" == "" ]; then
+  	waitFor ${MONGO_HOST} ${MONGO_TCP_PORT} MongoDB
+  fi
+  echo
+  if [ ! "$POSTGRES_HOST" == "" ]; then
+  	waitFor ${POSTGRES_HOST} ${POSTGRES_TCP_PORT} Postgres
+  fi
+}
+
 # Add cuckoo as command if needed
 if [ "${1:0:1}" = '-' ]; then
+  setUpCuckoo
 	# Change the ownership of /cuckoo to cuckoo
 	chown -R cuckoo:cuckoo /cuckoo
 	cd /cuckoo/
@@ -14,6 +60,7 @@ fi
 # Drop root privileges if we are running cuckoo-daemon
 if [ "$1" = 'daemon' -a "$(id -u)" = '0' ]; then
 	shift
+  setUpCuckoo
 	# Change the ownership of /cuckoo to cuckoo
 	chown -R cuckoo:cuckoo /cuckoo
 	cd /cuckoo
@@ -22,6 +69,7 @@ if [ "$1" = 'daemon' -a "$(id -u)" = '0' ]; then
 
 elif [ "$1" = 'submit' -a "$(id -u)" = '0' ]; then
 	shift
+  setUpCuckoo
 	# Change the ownership of /cuckoo to cuckoo
 	chown -R cuckoo:cuckoo /cuckoo
 	cd /cuckoo/utils
@@ -30,37 +78,37 @@ elif [ "$1" = 'submit' -a "$(id -u)" = '0' ]; then
 
 elif [ "$1" = 'process' -a "$(id -u)" = '0' ]; then
 	shift
+  setUpCuckoo
 	# Change the ownership of /cuckoo to cuckoo
 	chown -R cuckoo:cuckoo /cuckoo
 	cd /cuckoo/utils
 
 	set -- su-exec cuckoo /sbin/tini -- python process.py "$@"
 
 elif [ "$1" = 'api' -a "$(id -u)" = '0' ]; then
-
+  setUpCuckoo
 	# Change the ownership of /cuckoo to cuckoo
 	chown -R cuckoo:cuckoo /cuckoo
 	cd /cuckoo/utils
 
-	echo "waiting for postgres to become available"
-	# while ! nc -z $POSTGRES_PORT_5432_TCP_ADDR $POSTGRES_PORT_5432_TCP_PORT
-	while ! nc -z postgres 5432
-	do
-	  echo "$(date) - still trying"
-	  sleep 1
-	done
-	echo "$(date) - connected successfully"
-
 	set -- su-exec cuckoo /sbin/tini -- python api.py --host 0.0.0.0 --port 1337
 
 elif [ "$1" = 'web' -a "$(id -u)" = '0' ]; then
-
+  setUpCuckoo
 	# Change the ownership of /cuckoo to cuckoo
 	chown -R cuckoo:cuckoo /cuckoo
 	cd /cuckoo/web
 
 	set -- su-exec cuckoo /sbin/tini -- python manage.py runserver 0.0.0.0:31337
 
+elif [ "$1" = 'distributed' -a "$(id -u)" = '0' ]; then
+	shift
+	# Change the ownership of /cuckoo to cuckoo
+	chown -R cuckoo:cuckoo /cuckoo
+	cd /cuckoo/distributed
+
+	set -- su-exec cuckoo /sbin/tini -- python app.py "$@"
+
 elif [ "$1" = 'stats' -a "$(id -u)" = '0' ]; then
 	shift
 	# Change the ownership of /cuckoo to cuckoo
@@ -70,7 +118,7 @@ elif [ "$1" = 'stats' -a "$(id -u)" = '0' ]; then
 	set -- su-exec cuckoo /sbin/tini -- python stats.py "$@"
 
 elif [ "$1" = 'help' -a "$(id -u)" = '0' ]; then
-
+  setUpCuckoo
 	# Change the ownership of /cuckoo to cuckoo
 	chown -R cuckoo:cuckoo /cuckoo
 	cd /cuckoo

1.2/update_conf.py

@@ -0,0 +1,16 @@
+#!/usr/bin/env python
+
+import os
+import sys
+import ConfigParser
+
+cfg = ConfigParser.ConfigParser()
+cfg.read("/cuckoo/conf/reporting.conf")
+
+with open("/cuckoo/conf/reporting.conf", 'w') as cfile:
+    if os.environ.get('MONGO_HOST'):
+        cfg.set('mongodb', 'enabled', True)
+        cfg.set('mongodb', 'hosts', os.environ['MONGO_HOST'])
+    cfg.write(cfile)
+
+sys.exit()

2.0/Dockerfile

@@ -7,7 +7,7 @@ ENV SSDEEP ssdeep-2.13
 
 # Install Cuckoo Sandbox Required Dependencies
 COPY requirements.txt /tmp/requirements.txt
-RUN apk-install tcpdump py-lxml py-chardet py-libvirt py-crypto
+RUN apk-install tcpdump py-lxml py-chardet py-libvirt py-crypto curl
 RUN apk-install -t .build-deps \
                    openssl-dev \
                    libxslt-dev \
@@ -56,6 +56,7 @@ RUN apk-install -t .build-deps \
   && apk del --purge .build-deps
 
 COPY conf /cuckoo/conf
+COPY update_conf.py /update_conf.py
 COPY docker-entrypoint.sh /entrypoint.sh
 
 WORKDIR /cuckoo

2.0/docker-entrypoint.sh

@@ -2,8 +2,115 @@
 
 set -e
 
+setDefaults() {
+  export ES_HOST="$(env | grep ELASTIC.*PORT_9200_TCP_ADDR= | sed -e 's|.*=||')"
+  export ES_PORT="$(env | grep ELASTIC.*PORT_9200_TCP_PORT= | sed -e 's|.*=||')"
+  export MONGO_HOST="$(env | grep MONGO.*PORT_.*_TCP_ADDR= | sed -e 's|.*=||')"
+  export MONGO_TCP_PORT="$(env | grep MONGO.*PORT_.*_TCP_PORT= | sed -e 's|.*=||')"
+  export POSTGRES_HOST="$(env | grep POSTGRES.*PORT_.*_TCP_ADDR= | sed -e 's|.*=||')"
+  export POSTGRES_TCP_PORT="$(env | grep POSTGRES.*PORT_.*_TCP_PORT= | sed -e 's|.*=||')"
+  env | grep -E "^ES.*|^MONGO_HOST|^MONGO_TCP_PORT|^POSTGRES.*" | sort -n
+}
+
+es_url() {
+    local auth
+
+    auth=""
+    if [ -n "$ES_USER" ]; then
+        auth="$ES_USER"
+        if [ -n "$ES_PASS" ]; then
+            auth="$auth:$ES_PASS"
+        fi
+        auth="$auth@"
+    fi
+
+    if [ -z "$SHIELD" ]
+    then
+    	: # Not using X-Pack Shield.
+    else
+      if [ $SHIELD == "true" ]; then
+          code=$(curl --write-out "%{http_code}\n" --silent --output /dev/null "http://${ES_HOST}:${ES_PORT}/")
+
+          if [ $code != 401 ]; then
+              echo "Shield does not seem to be running"
+              exit 1
+          fi
+      fi
+    fi
+
+    echo "http://${auth}${ES_HOST}:${ES_PORT}"
+}
+
+# Wait for elasticsearch to start. It requires that the status be either
+# green or yellow.
+waitForElasticsearch() {
+  echo -n "===> Waiting on elasticsearch($(es_url)) to start..."
+  i=0;
+  while [ $i -le 60 ]; do
+    health=$(curl --silent "$(es_url)/_cat/health" | awk '{print $4}')
+    if [[ "$health" == "green" ]] || [[ "$health" == "yellow" ]]
+    then
+      echo
+      echo "Elasticsearch is ready!"
+      return 0
+    fi
+
+    echo -n '.'
+    sleep 1
+    i=$((i+1));
+  done
+
+  echo
+  echo >&2 'Elasticsearch is not running or is not healthy.'
+  echo >&2 "Address: $(es_url)"
+  echo >&2 "$health"
+  exit 1
+}
+
+# Wait for. Params: host, port, service
+waitFor() {
+    echo -n "===> Waiting for ${3}(${1}:${2}) to start..."
+    i=1
+    while [ $i -le 20 ]; do
+        if nc -vz ${1} ${2} 2>/dev/null; then
+            echo "${3} is ready!"
+            return 0
+        fi
+
+        echo -n '.'
+        sleep 1
+        i=$((i+1))
+    done
+
+    echo
+    echo >&2 "${3} is not available"
+    echo >&2 "Address: ${1}:${2}"
+}
+
+setUpCuckoo(){
+  echo "===> Use default ports and hosts if not specified..."
+  setDefaults
+  echo
+  echo "===> Update /cuckoo/conf/reporting.conf if needed..."
+  /update_conf.py
+  echo
+  # Wait until all services are started
+  if [ ! "$ES_HOST" == "" ]; then
+  	waitForElasticsearch
+  fi
+  echo
+  if [ ! "$MONGO_HOST" == "" ]; then
+  	waitFor ${MONGO_HOST} ${MONGO_TCP_PORT} MongoDB
+  fi
+  echo
+  if [ ! "$POSTGRES_HOST" == "" ]; then
+  	waitFor ${POSTGRES_HOST} ${POSTGRES_TCP_PORT} Postgres
+  fi
+}
+
 # Add cuckoo as command if needed
 if [ "${1:0:1}" = '-' ]; then
+  setUpCuckoo
 	# Change the ownership of /cuckoo to cuckoo
 	chown -R cuckoo:cuckoo /cuckoo
 	cd /cuckoo/
@@ -14,6 +121,7 @@ fi
 # Drop root privileges if we are running cuckoo-daemon
 if [ "$1" = 'daemon' -a "$(id -u)" = '0' ]; then
 	shift
+  setUpCuckoo
 	# Change the ownership of /cuckoo to cuckoo
 	chown -R cuckoo:cuckoo /cuckoo
 	cd /cuckoo
@@ -22,6 +130,7 @@ if [ "$1" = 'daemon' -a "$(id -u)" = '0' ]; then
 
 elif [ "$1" = 'submit' -a "$(id -u)" = '0' ]; then
 	shift
+  setUpCuckoo
 	# Change the ownership of /cuckoo to cuckoo
 	chown -R cuckoo:cuckoo /cuckoo
 	cd /cuckoo/utils
@@ -30,31 +139,23 @@ elif [ "$1" = 'submit' -a "$(id -u)" = '0' ]; then
 
 elif [ "$1" = 'process' -a "$(id -u)" = '0' ]; then
 	shift
+  setUpCuckoo
 	# Change the ownership of /cuckoo to cuckoo
 	chown -R cuckoo:cuckoo /cuckoo
 	cd /cuckoo/utils
 
 	set -- su-exec cuckoo /sbin/tini -- python process.py "$@"
 
 elif [ "$1" = 'api' -a "$(id -u)" = '0' ]; then
-
+  setUpCuckoo
 	# Change the ownership of /cuckoo to cuckoo
 	chown -R cuckoo:cuckoo /cuckoo
 	cd /cuckoo/utils
 
-	echo "waiting for postgres to become available"
-	# while ! nc -z $POSTGRES_PORT_5432_TCP_ADDR $POSTGRES_PORT_5432_TCP_PORT
-	while ! nc -z postgres 5432
-	do
-	  echo "$(date) - still trying"
-	  sleep 1
-	done
-	echo "$(date) - connected successfully"
-
 	set -- su-exec cuckoo /sbin/tini -- python api.py --host 0.0.0.0 --port 1337
 
 elif [ "$1" = 'web' -a "$(id -u)" = '0' ]; then
-
+  setUpCuckoo
 	# Change the ownership of /cuckoo to cuckoo
 	chown -R cuckoo:cuckoo /cuckoo
 	cd /cuckoo/web
@@ -78,7 +179,7 @@ elif [ "$1" = 'stats' -a "$(id -u)" = '0' ]; then
 	set -- su-exec cuckoo /sbin/tini -- python stats.py "$@"
 
 elif [ "$1" = 'help' -a "$(id -u)" = '0' ]; then
-
+  setUpCuckoo
 	# Change the ownership of /cuckoo to cuckoo
 	chown -R cuckoo:cuckoo /cuckoo
 	cd /cuckoo

2.0/requirements.txt

@@ -29,4 +29,5 @@ SQLAlchemy==1.0.8
 tlslite-ng==0.6.0-alpha3
 wakeonlan==0.2.2
 Werkzeug==0.10.4
-XenAPI==1.2
+XenAPI==1.2
+elasticsearch>=5.0.0,<6.0.0

2.0/update_conf.py

@@ -0,0 +1,19 @@
+#!/usr/bin/env python
+
+import os
+import sys
+import ConfigParser
+
+cfg = ConfigParser.ConfigParser()
+cfg.read("/cuckoo/conf/reporting.conf")
+
+with open("/cuckoo/conf/reporting.conf", 'w') as cfile:
+    if os.environ.get('ES_HOST'):
+        cfg.set('elasticsearch', 'enabled', True)
+        cfg.set('elasticsearch', 'hosts', os.environ['ES_HOST'])
+    if os.environ.get('MONGO_HOST'):
+        cfg.set('mongodb', 'enabled', True)
+        cfg.set('mongodb', 'hosts', os.environ['MONGO_HOST'])
+    cfg.write(cfile)
+
+sys.exit()