mirror of
https://codeberg.org/icewind/haze.git
synced 2026-06-03 17:14:08 +02:00
add icap kaspersky mode
This commit is contained in:
parent
777213946d
commit
8cf5d273c2
3 changed files with 103 additions and 2 deletions
|
|
@ -46,7 +46,8 @@ Additionally, you can use the following options when starting an instance:
|
||||||
- `onlyoffice` setup an onlyoffice document server
|
- `onlyoffice` setup an onlyoffice document server
|
||||||
- `push` setup [client push](https://github.com/nextcloud/notify_push)
|
- `push` setup [client push](https://github.com/nextcloud/notify_push)
|
||||||
- `smb`: setup a samba server for external storage use
|
- `smb`: setup a samba server for external storage use
|
||||||
- `kaspersky`: setup a kaspersky scan engine server. (Requires [manually setting up the image](https://github.com/icewind1991/kaspersky-docker))
|
- `kaspersky`: setup a kaspersky scan engine server in http mode. (Requires [manually setting up the image](https://github.com/icewind1991/kaspersky-docker))
|
||||||
|
- `kaspersky-icap`: setup a kaspersky scan engine server in ICAP mode.
|
||||||
|
|
||||||
#### Run tests in a new instance
|
#### Run tests in a new instance
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -6,7 +6,7 @@ mod push;
|
||||||
mod smb;
|
mod smb;
|
||||||
|
|
||||||
use crate::config::HazeConfig;
|
use crate::config::HazeConfig;
|
||||||
use crate::service::kaspersky::Kaspersky;
|
use crate::service::kaspersky::{Kaspersky, KasperskyIcap};
|
||||||
pub use crate::service::ldap::{LDAPAdmin, LDAP};
|
pub use crate::service::ldap::{LDAPAdmin, LDAP};
|
||||||
pub use crate::service::objectstore::ObjectStore;
|
pub use crate::service::objectstore::ObjectStore;
|
||||||
pub use crate::service::onlyoffice::OnlyOffice;
|
pub use crate::service::onlyoffice::OnlyOffice;
|
||||||
|
|
@ -75,6 +75,7 @@ pub enum Service {
|
||||||
Push(NotifyPush),
|
Push(NotifyPush),
|
||||||
Smb(Smb),
|
Smb(Smb),
|
||||||
Kaspersky(Kaspersky),
|
Kaspersky(Kaspersky),
|
||||||
|
KasperskyIcap(KasperskyIcap),
|
||||||
}
|
}
|
||||||
|
|
||||||
impl Service {
|
impl Service {
|
||||||
|
|
@ -87,6 +88,7 @@ impl Service {
|
||||||
"push" => Some(&[Service::Push(NotifyPush)]),
|
"push" => Some(&[Service::Push(NotifyPush)]),
|
||||||
"smb" => Some(&[Service::Smb(Smb)]),
|
"smb" => Some(&[Service::Smb(Smb)]),
|
||||||
"kaspersky" => Some(&[Service::Kaspersky(Kaspersky)]),
|
"kaspersky" => Some(&[Service::Kaspersky(Kaspersky)]),
|
||||||
|
"kaspersky-icap" => Some(&[Service::KasperskyIcap(KasperskyIcap)]),
|
||||||
_ => None,
|
_ => None,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -99,3 +99,101 @@ impl ServiceTrait for Kaspersky {
|
||||||
])
|
])
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[derive(Debug, Clone, Eq, PartialEq)]
|
||||||
|
pub struct KasperskyIcap;
|
||||||
|
|
||||||
|
#[async_trait::async_trait]
|
||||||
|
impl ServiceTrait for KasperskyIcap {
|
||||||
|
fn name(&self) -> &str {
|
||||||
|
"kaspersky-icap"
|
||||||
|
}
|
||||||
|
|
||||||
|
fn env(&self) -> &[&str] {
|
||||||
|
&[
|
||||||
|
"ICAP_HOST=kaspersky-icap",
|
||||||
|
"ICAP_PORT=1344",
|
||||||
|
"ICAP_REQUEST=req",
|
||||||
|
"ICAP_HEADER=X-Virus-ID",
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
async fn spawn(
|
||||||
|
&self,
|
||||||
|
docker: &Docker,
|
||||||
|
cloud_id: &str,
|
||||||
|
network: &str,
|
||||||
|
_config: &HazeConfig,
|
||||||
|
) -> Result<String> {
|
||||||
|
let image = "kaspersky-icap";
|
||||||
|
if !image_exists(docker, image).await {
|
||||||
|
bail!("You need to manually create the 'kaspersky-icap' image");
|
||||||
|
}
|
||||||
|
pull_image(docker, image).await?;
|
||||||
|
let options = Some(CreateContainerOptions {
|
||||||
|
name: self.container_name(cloud_id),
|
||||||
|
});
|
||||||
|
let config = Config {
|
||||||
|
image: Some(image),
|
||||||
|
host_config: Some(HostConfig {
|
||||||
|
network_mode: Some(network.to_string()),
|
||||||
|
..Default::default()
|
||||||
|
}),
|
||||||
|
labels: Some(hashmap! {
|
||||||
|
"haze-type" => self.name(),
|
||||||
|
"haze-cloud-id" => cloud_id
|
||||||
|
}),
|
||||||
|
networking_config: Some(NetworkingConfig {
|
||||||
|
endpoints_config: hashmap! {
|
||||||
|
network => EndpointSettings {
|
||||||
|
aliases: Some(vec![self.name().to_string()]),
|
||||||
|
..Default::default()
|
||||||
|
}
|
||||||
|
},
|
||||||
|
}),
|
||||||
|
..Default::default()
|
||||||
|
};
|
||||||
|
let id = docker
|
||||||
|
.create_container(options, config)
|
||||||
|
.await
|
||||||
|
.into_diagnostic()?
|
||||||
|
.id;
|
||||||
|
docker
|
||||||
|
.start_container::<String>(&id, None)
|
||||||
|
.await
|
||||||
|
.into_diagnostic()?;
|
||||||
|
Ok(id)
|
||||||
|
}
|
||||||
|
|
||||||
|
// async fn is_healthy(&self, docker: &Docker, cloud_id: &str) -> Result<bool> {
|
||||||
|
// let exit = exec(
|
||||||
|
// docker,
|
||||||
|
// self.container_name(cloud_id),
|
||||||
|
// "root",
|
||||||
|
// vec!["curl", "localhost/licenseinfo"],
|
||||||
|
// vec![],
|
||||||
|
// Option::<Stdout>::None,
|
||||||
|
// )
|
||||||
|
// .await?;
|
||||||
|
// Ok(exit.to_result().is_ok())
|
||||||
|
// }
|
||||||
|
|
||||||
|
fn container_name(&self, cloud_id: &str) -> String {
|
||||||
|
format!("{}-kaspersky-icap", cloud_id)
|
||||||
|
}
|
||||||
|
|
||||||
|
fn apps(&self) -> &'static [&'static str] {
|
||||||
|
&["files_antivirus"]
|
||||||
|
}
|
||||||
|
|
||||||
|
async fn post_setup(&self, _docker: &Docker, _cloud_id: &str) -> Result<Vec<String>> {
|
||||||
|
Ok(vec![
|
||||||
|
"occ config:app:set files_antivirus av_mode --value=icap".into(),
|
||||||
|
"occ config:app:set files_antivirus av_host --value=kaspersky-icap".into(),
|
||||||
|
"occ config:app:set files_antivirus av_port --value=1344".into(),
|
||||||
|
"occ config:app:set files_antivirus av_icap_request_service --value=req".into(),
|
||||||
|
"occ config:app:set files_antivirus av_icap_response_header --value=X-Infection-Found"
|
||||||
|
.into(),
|
||||||
|
])
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue