-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathDockerfile
More file actions
41 lines (31 loc) · 1.09 KB
/
Dockerfile
File metadata and controls
41 lines (31 loc) · 1.09 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
FROM python:3.12-slim
LABEL maintainer="ThirdKey AI"
LABEL description="AgentSniff - AI Agent Network Scanner"
LABEL version="1.0.0"
# Install system dependencies for raw socket support
RUN apt-get update && apt-get install -y --no-install-recommends \
libcap2-bin \
iproute2 \
iputils-ping \
net-tools \
&& rm -rf /var/lib/apt/lists/*
WORKDIR /app
# Install Python dependencies
COPY pyproject.toml .
RUN pip install --no-cache-dir .
# Copy application
COPY . .
RUN pip install --no-cache-dir -e .
# Grant raw socket capabilities to Python binary
# This allows passive DNS and TLS monitoring without running as root
RUN setcap cap_net_raw,cap_net_admin+eip $(readlink -f $(which python3))
# Create non-root user
RUN useradd -m -s /bin/bash agentsniff
USER agentsniff
# Default: run web dashboard
EXPOSE 9090
# Health check
HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
CMD python -c "import urllib.request; urllib.request.urlopen('http://localhost:9090/api/health')" || exit 1
ENTRYPOINT ["python", "-m", "agentsniff"]
CMD ["serve", "--port", "9090"]