colin
/
clam
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update docker/clam/docker-entrypoint.sh
ci/woodpecker/push/woodpecker Pipeline failed Details

This commit is contained in:
colin 2024-10-29 16:24:12 -04:00
parent 64739f6f2f
commit e66270f25f
1 changed files with 41 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
docker/clam/docker-entrypoint.sh
View File

@ -2,16 +2,45 @@
MODE=${1:-"scan"} MODE=${1:-"scan"}
temp_log_file="/tmp/clamav_scan_$(date +%Y%m%d_%H%M%S).log"
create_temp_log() {
local log_file="$1"
cat "$log_file" > "$temp_log_file"
}
scan() { scan() {
echo "Running ClamAV scan..." echo "Running ClamAV scan..."
SCAN_PRIORITY=${SCAN_PRIORITY:-low} SCAN_PRIORITY=${SCAN_PRIORITY:-low}
local retry_count=0
local max_retries=5
if [ "$SCAN_PRIORITY" = "low" ]; then if [ "$SCAN_PRIORITY" = "low" ]; then
echo "Running scan in low priority mode." echo "Running scan in low priority mode."
nice -n 19 clamscan -r /scan --log=/var/log/clamav/clamav.log while ! nice -n 19 clamscan -r /scan --log=/var/log/clamav/clamav.log; do
retry_count=$((retry_count + 1))
if [ "$retry_count" -ge "$max_retries" ]; then
echo "Max retries reached. Sending failure report to GlitchTip..."
create_temp_log "/var/log/clamav/clamav.log"
go-glitch report --dsn "$GLITCHTIP_DSN" "$temp_log_file" || echo "Failed to report scan failure to GlitchTip"
return
fi
echo "Scan failed. Retrying... ($retry_count/$max_retries)"
sleep 5
done
else else
echo "Running scan in full power mode." echo "Running scan in full power mode."
clamscan -r /scan --log=/var/log/clamav/clamav.log while ! clamscan -r /scan --log=/var/log/clamav/clamav.log; do
retry_count=$((retry_count + 1))
if [ "$retry_count" -ge "$max_retries" ]; then
echo "Max retries reached. Sending failure report to GlitchTip..."
create_temp_log "/var/log/clamav/clamav.log"
go-glitch report --dsn "$GLITCHTIP_DSN" "$temp_log_file" || echo "Failed to report scan failure to GlitchTip"
return
fi
echo "Scan failed. Retrying... ($retry_count/$max_retries)"
sleep 5
done
fi fi
} }
@ -22,20 +51,26 @@ report() {
echo "No log file found." echo "No log file found."
return return
fi fi
local total_files=$(grep "Infected files:" "$log_file" | cut -d" " -f3) local total_files=$(grep "Scanned files:" "$log_file" | cut -d":" -f2 | xargs)
local infected_files=$(grep "Infected files:" "$log_file" | cut -d" " -f5) local infected_files=$(grep "Infected files:" "$log_file" | cut -d":" -f2 | xargs)
local errors=$(grep "Total errors:" "$log_file" | cut -d" " -f3) local errors=$(grep "Total errors:" "$log_file" | cut -d":" -f2 | xargs)
echo "Scan Report:" echo "Scan Report:"
echo "Total files scanned: $total_files" echo "Total files scanned: $total_files"
echo "Infected files found: $infected_files" echo "Infected files found: $infected_files"
echo "Errors during scan: $errors" echo "Errors during scan: $errors"
if [ "$infected_files" -gt 0 ]; then
echo "Reporting detections to GlitchTip..."
go-glitch report --dsn "$GLITCHTIP_DSN" --message "ClamAV Scan: $infected_files infected files found" || echo "Failed to report to GlitchTip"
fi
} }
quarantine() { quarantine() {
echo "Quarantining infected files..." echo "Quarantining infected files..."
local log_file="/var/log/clamav/clamav.log" local log_file="/var/log/clamav/clamav.log"
local quarantine_dir="/quarantine" local quarantine_dir="/quarantine"
mkdir -p "$quarantine_dir" mkdir -p "$quarantine_dir"
grep "FOUND" "$log_file" | cut -d" " -f1 | while read -r infected_file; do grep "FOUND" "$log_file" | cut -d":" -f1 | while read -r infected_file; do
if [ -f "$infected_file" ]; then if [ -f "$infected_file" ]; then
mv "$infected_file" "$quarantine_dir/" mv "$infected_file" "$quarantine_dir/"
fi fi