From 2cdd93e811e558d38dc1dfd17ebb86b1d9c7384e Mon Sep 17 00:00:00 2001
From: Romke van Dijk <github.com@ocbios.nl>
Date: Fri, 11 Aug 2023 18:41:24 +0200
Subject: [PATCH] Adding binaries directory which allows for hosting binaries
 incase of a instance without internet access. Binaries are cracker binaries
 or any other binaries that need to be downloaded by the agents

---
 000-default.conf     | 5 +++++
 Dockerfile           | 8 ++++++--
 docker-entrypoint.sh | 3 +++
 3 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/000-default.conf b/000-default.conf
index 84eab5cf1..d94b1007e 100644
--- a/000-default.conf
+++ b/000-default.conf
@@ -6,4 +6,9 @@
 	<Directory /var/www/html/src/api/v2>
 		AllowOverride All
 	</Directory>
+
+    Alias /binaries ${HASHTOPOLIS_BINARIES_PATH}
+    <Directory ${HASHTOPOLIS_BINARIES_PATH}>
+        Require all granted
+	</Directory>
 </VirtualHost>
diff --git a/Dockerfile b/Dockerfile
index 4b650ffec..6601e9e93 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -23,6 +23,7 @@ ENV HASHTOPOLIS_FILES_PATH=${HASHTOPOLIS_PATH}/files
 ENV HASHTOPOLIS_IMPORT_PATH=${HASHTOPOLIS_PATH}/import
 ENV HASHTOPOLIS_LOG_PATH=${HASHTOPOLIS_PATH}/log
 ENV HASHTOPOLIS_CONFIG_PATH=${HASHTOPOLIS_PATH}/config
+ENV HASHTOPOLIS_BINARIES_PATH=${HASHTOPOLIS_PATH}/binaries
 
 # Add support for TLS inspection corporate setups, see .env.sample for details
 ENV NODE_EXTRA_CA_CERTS=/etc/ssl/certs/ca-certificates.crt 
@@ -66,7 +67,10 @@ RUN mkdir -p ${HASHTOPOLIS_DOCUMENT_ROOT} \
     && chmod g+w ${HASHTOPOLIS_LOG_PATH} \
     && mkdir -p ${HASHTOPOLIS_CONFIG_PATH} \
     && chown www-data:www-data ${HASHTOPOLIS_CONFIG_PATH} \
-    && chmod g+w ${HASHTOPOLIS_CONFIG_PATH}
+    && chmod g+w ${HASHTOPOLIS_CONFIG_PATH} \
+    && mkdir -p ${HASHTOPOLIS_BINARIES_PATH} \
+    && chown www-data:www-data ${HASHTOPOLIS_BINARIES_PATH} \
+    && chmod g+w ${HASHTOPOLIS_BINARIES_PATH}
 
 COPY --from=preprocess /HEA[D] ${HASHTOPOLIS_DOCUMENT_ROOT}/../.git/
 
@@ -78,7 +82,7 @@ COPY docker-entrypoint.sh /usr/local/bin
 
 # Setting the hashtopolis document root is done at build time. Because the www-data user cannot write to the apache config folder.
 COPY 000-default.conf /tmp/
-RUN envsubst '${HASHTOPOLIS_DOCUMENT_ROOT}' < /tmp/000-default.conf > /etc/apache2/sites-available/000-default.conf && rm /tmp/000-default.conf
+RUN envsubst '${HASHTOPOLIS_DOCUMENT_ROOT} ${HASHTOPOLIS_BINARIES_PATH}' < /tmp/000-default.conf > /etc/apache2/sites-available/000-default.conf && rm /tmp/000-default.conf
 
 ENTRYPOINT [ "docker-entrypoint.sh" ]
 # ----END----
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index 1cd09195f..7bed554f6 100755
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -38,6 +38,9 @@ fi
 if [ ! -d ${HASHTOPOLIS_IMPORT_PATH} ];then
 	mkdir -p ${HASHTOPOLIS_IMPORT_PATH} && chown www-data:www-data ${HASHTOPOLIS_IMPORT_PATH}
 fi
+if [ ! -d ${HASHTOPOLIS_BINARIES_PATH} ];then
+  mkdir -p ${HASHTOPOLIS_BINARIES_PATH} && chown www-data:www-data ${HASHTOPOLIS_BINARIES_PATH}
+fi
 
 # required to trigger the initialization
 echo "Start initialization process..."