Question on docker FIle issue?

General Discussions General
1

Hi
I was wondering if someone could shed some light on the issue im having,
Currently i have SWAG installed as docker and its working, but currently trying to install this on my docker file
https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/blob/master/MANUAL-CONFIGURATION.md

but i keep getting this, it says the file or directory does not exist, which from my understanding when it finishes compiling the lscr.io/linuxserver/swag:latest i thought it created the folders

 => ERROR [swag-swag  9/22] RUN wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/conf.d/globalblacklist.conf -O /config/nginx/globalblacklist.conf                                                  1.0s 
------                                                                                                                                                                                                                                              
 > [swag-swag  9/22] RUN wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/conf.d/globalblacklist.conf -O /config/nginx/globalblacklist.conf:                                                             
#0 0.895 /config/nginx/globalblacklist.conf: No such file or directory                                                                                                                                                                              
------                                                                                                                                                                                                                                              
failed to solve: executor failed running [/bin/sh -c wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/conf.d/globalblacklist.conf -O /config/nginx/globalblacklist.conf]: exit code: 1

This is the docker File


FROM lscr.io/linuxserver/swag:latest
RUN apk update
RUN apk add --upgrade nginx-mod-http-naxsi
RUN apk add vim
RUN apk add --no-cache python2
ADD ./nxutil/ /opt/nxutil/
RUN cd /opt/nxutil/ && python setup.py install
RUN apk add curl wget

# https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/blob/master/MANUAL-CONFIGURATION.md
RUN wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/conf.d/globalblacklist.conf -O /config/nginx/globalblacklist.conf
RUN mkdir /config/nginx/bots.d
RUN wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/blockbots.conf -O /config/nginx/bots.d/blockbots.conf
RUN wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/ddos.conf -O /config/nginx/bots.d/ddos.conf
RUN wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/whitelist-ips.conf -O /config/nginx/bots.d/whitelist-ips.conf
RUN wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/whitelist-domains.conf -O /config/nginx/bots.d/whitelist-domains.conf
RUN wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/blacklist-user-agents.conf -O /config/nginx/bots.d/blacklist-user-agents.conf
RUN wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/custom-bad-referrers.conf -O /config/nginx/bots.d/custom-bad-referrers.conf
RUN wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/blacklist-ips.conf -O /config/nginx/bots.d/blacklist-ips.conf
RUN wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/bad-referrer-words.conf -O /config/nginx/bots.d/bad-referrer-words.conf
RUN wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/conf.d/botblocker-nginx-settings.conf -O /config/nginx/botblocker-nginx-settings.conf

# copy nginx blocker update script into daily cron
COPY update_blocker.sh /etc/periodic/daily/update_blocker

# make sure script is executable
RUN chmod a+x /etc/periodic/daily/update_blocker

# start crond to update blocker
RUN crond -b

Thank you

2

This happens, because there is no nginx folder inside the /config folder. You need to create it first.

Further notes:

  • the current version of the base image lscr.io/linuxserver/swag:latest the python2 package is not available anymore
  • the RUN statements can be chained to optimize the image like this:
RUN wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/blacklist-user-agents.conf -O /config/nginx/bots.d/blacklist-user-agents.conf \
 && wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/bots.d/custom-bad-referrers.conf -O /config/nginx/bots.d/custom-bad-referrers.conf

Make sure the \ character at the end of the line has no trailing space.

3

An optimized version of your Dockerfile would look something like this:

FROM lscr.io/linuxserver/swag:latest
RUN apk update \
    && apk add --upgrade nginx-mod-http-naxsi \
    && apk add vim \
    && apk add curl wget \
    && apk add --no-cache python2 \
    && rm -rf /var/cache/apk/*

ADD ./nxutil/ /opt/nxutil/
WORKDIR /opt/nxuitl
RUN python setup.py install

ARG BASE_URL=https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master
# https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/blob/master/MANUAL-CONFIGURATION.md
RUN mkdir -p /config/nginx/bots.d \
    && wget ${BASE_URL}/conf.d/globalblacklist.conf -O /config/nginx/globalblacklist.conf \
    && wget ${BASE_URL}/bots.d/blockbots.conf -O /config/nginx/bots.d/blockbots.conf \
    && wget ${BASE_URL}/bots.d/ddos.conf -O /config/nginx/bots.d/ddos.conf \
    && wget ${BASE_URL}/bots.d/whitelist-ips.conf -O /config/nginx/bots.d/whitelist-ips.conf \
    && wget ${BASE_URL}/bots.d/whitelist-domains.conf -O /config/nginx/bots.d/whitelist-domains.conf \
    && wget ${BASE_URL}/bots.d/blacklist-user-agents.conf -O /config/nginx/bots.d/blacklist-user-agents.conf \
    && wget ${BASE_URL}/bots.d/custom-bad-referrers.conf -O /config/nginx/bots.d/custom-bad-referrers.conf \
    && wget ${BASE_URL}/bots.d/blacklist-ips.conf -O /config/nginx/bots.d/blacklist-ips.conf \
    && wget ${BASE_URL}/bots.d/bad-referrer-words.conf -O /config/nginx/bots.d/bad-referrer-words.conf \
    && wget ${BASE_URL}/conf.d/botblocker-nginx-settings.conf -O /config/nginx/botblocker-nginx-settings.conf

# copy nginx blocker update script into daily cron
COPY update_blocker.sh /etc/periodic/daily/update_blocker

# make sure script is executable
RUN chmod a+x /etc/periodic/daily/update_blocker

# start crond to update blocker
RUN crond -b

Further notes:

  • why not add all packages with a single apk add?
  • the last RUN command will just run crond -b while creating that image layer. After that it will not get started inside the container unless the ENTRYPOINT or CMD start it as well…

The base image bases on Alpine 3.17.0. As far I can see there is neither python2, nor a python3 package in the official alpine repositories. Since you seem to be able to install python2, you must have a very old version of the base image in your local image cache. Creating your own image based on a very old image is eventually going to cause problems, which I recommend you fix today: you need to solve how you get python2 installed in the current swag image - otherwise you just postpone a potential party breaker.

1 Like
4

wow thank you so much that did the trick,
as for the last command i think im going to create cronjob better on the host to update the global blacklist
and as for the python2 im going to see if python3 works for whitelisting with naxsi

Thank you so much