Merge branch 'feature/KASM-5299_nessus' into 'develop'

Resolve KASM-5299 "Feature/ nessus"

Closes KASM-5299

See merge request kasm-technologies/internal/workspaces-images!159
This commit is contained in:
Richard Koliser 2024-02-05 21:20:38 +00:00
commit fb8a62165b
7 changed files with 138 additions and 0 deletions

View File

@ -85,6 +85,15 @@ multiImages:
changeFiles:
- dockerfile-kasm-libre-office
- src/ubuntu/install/libre_office/**
- name: nessus
singleapp: false
base: core-ubuntu-focal
dockerfile: dockerfile-kasm-nessus
changeFiles:
- dockerfile-kasm-nessus
- src/ubuntu/install/chromium/**
- src/ubuntu/install/nessus/**
- src/ubuntu/install/cleanup/**
- name: opensuse-15-desktop
singleapp: false
base: core-opensuse-15

38
dockerfile-kasm-nessus Normal file
View File

@ -0,0 +1,38 @@
ARG BASE_TAG="develop"
ARG BASE_IMAGE="core-ubuntu-focal"
FROM kasmweb/$BASE_IMAGE:$BASE_TAG
USER root
ENV HOME /home/kasm-default-profile
ENV STARTUPDIR /dockerstartup
ENV INST_SCRIPTS $STARTUPDIR/install
WORKDIR $HOME
######### Customize Container Here ###########
# Install Chromium
COPY ./src/ubuntu/install/chromium $INST_SCRIPTS/chromium/
RUN bash $INST_SCRIPTS/chromium/install_chromium.sh && rm -rf $INST_SCRIPTS/chromium/
COPY ./src/ubuntu/install/nessus $INST_SCRIPTS/nessus/
RUN bash $INST_SCRIPTS/nessus/install_nessus.sh && rm -rf $INST_SCRIPTS/nessus/
COPY ./src/ubuntu/install/cleanup $INST_SCRIPTS/cleanup/
RUN bash $INST_SCRIPTS/cleanup/cleanup.sh && rm -rf $INST_SCRIPTS/cleanup/
COPY ./src/ubuntu/install/nessus/custom_startup.sh $STARTUPDIR/custom_startup.sh
RUN chmod +x $STARTUPDIR/custom_startup.sh
RUN chmod 755 $STARTUPDIR/custom_startup.sh
RUN cp /usr/share/backgrounds/bg_kasm.png /usr/share/backgrounds/bg_default.png
######### End Customizations ###########
RUN chown 1000:0 $HOME
ENV HOME /home/kasm-user
WORKDIR $HOME
RUN mkdir -p $HOME && chown -R 1000:0 $HOME
USER 1000

11
docs/nessus/README.md Normal file
View File

@ -0,0 +1,11 @@
# About This Image
This Image contains a browser-accessible version of [Tennable Nessus](https://www.tenable.com/products/nessus).
![Screenshot][Image_Screenshot]
[Image_Screenshot]: https://5856039.fs1.hubspotusercontent-na1.net/hubfs/5856039/dockerhub/image-screenshots/nessus.png "Image Screenshot"
# Environment Variables
* `APP_ARGS` - Additional arguments to pass to the application when launched.

9
docs/nessus/demo.txt Normal file
View File

@ -0,0 +1,9 @@
# Live Demo
<a href="https://app.kasmweb.com/#/cast/42823419034" target="_blank"><img src="https://info.kasmweb.com/hubfs/dockerhub/GIFs/nessus.gif" width="640" height="360"></a>
**Launch a real-time demo in a new browser window:** <a href="https://app.kasmweb.com/#/cast/42823419034" target="_blank">Live Demo</a>.
<a href="https://app.kasmweb.com/#/cast/42823419034" target="_blank"><img src="https://5856039.fs1.hubspotusercontent-na1.net/hub/5856039/hubfs/dockerhub/casting-buttons/nessus.png" width="300" height="104"></a>
&lowast;*Note: Demo is limited to 3 minutes and has upload/downloads restricted for security purposes.*

View File

@ -0,0 +1 @@
Nessus Vulnerability Scanner for Kasm Workspaces

View File

@ -0,0 +1,42 @@
#!/usr/bin/env bash
set -ex
START_COMMAND="/opt/nessus/sbin/nessusd start"
PGREP="nessusd"
DEFAULT_ARGS=""
ARGS=${APP_ARGS:-$DEFAULT_ARGS}
FORCE=$2
kasm_startup() {
if [ -n "$KASM_URL" ] ; then
URL=$KASM_URL
elif [ -z "$URL" ] ; then
URL=$LAUNCH_URL
fi
if [ -z "$DISABLE_CUSTOM_STARTUP" ] || [ -n "$FORCE" ] ; then
echo "Entering process startup loop"
set +x
while true
do
if ! pgrep -x $PGREP > /dev/null
then
/usr/bin/filter_ready
/usr/bin/desktop_ready
set +e
bash ${MAXIMIZE_SCRIPT} &
$START_COMMAND $ARGS $URL &
sleep 3
chromium-browser https://localhost:8834 --start-maximized &
set -e
fi
sleep 1
done
set -x
fi
}
kasm_startup

View File

@ -0,0 +1,28 @@
#!/usr/bin/env bash
set -ex
ARCH=$(arch | sed 's/x86_64/amd64/g')
apt-get update
apt-get install -y jq
NESSUS_URL=$(curl --request GET --url https://www.tenable.com/downloads/api/v2/pages/nessus --header 'accept: application/json' | jq -r '.releases.latest[][] | select(.file_url | contains("ubuntu")) | .file_url' | grep $ARCH)
NESSUS_UPDATES_URL=$(curl --request GET --url https://www.tenable.com/downloads/api/v2/pages/nessus --header 'accept: application/json' | jq -r '.releases.latest[][] | select(.file_url | contains("nessus-updates-latest")) | .file_url')
cd /tmp
curl --request GET \
--url "${NESSUS_URL}" \
--output 'nessus.deb'
curl --request GET \
--url ${NESSUS_UPDATES_URL} \
--output 'nessus-updates-latest.tar.gz'
apt-get install -y ./nessus.deb
rm nessus.deb
/opt/nessus/sbin/nessuscli update /tmp/nessus-updates-latest.tar.gz
rm nessus-updates-latest.tar.gz