Replace config.py with .env for Docker-standard configuration

Config was a Python file baked into the image or bind-mounted, requiring a rebuild or manual file management for any settings change. Now uses env_file in docker-compose with os.environ.get() calls, so config changes only need a container restart. Also filters Gitea traffic from LLM analysis to prevent false positive reconnaissance alerts on normal repository browsing. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-08 19:29:09 -05:00
commit e3ee9fc193
10 changed files with 1222 additions and 0 deletions
--- a/27
+++ b/27
@@ -0,0 +1,27 @@
+FROM python:3.12-slim-bookworm
+
+WORKDIR /app
+
+# Install Microsoft ODBC Driver 18 for SQL Server
+RUN apt-get update \
+    && apt-get install -y --no-install-recommends curl gnupg2 apt-transport-https \
+    && curl -fsSL https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor -o /usr/share/keyrings/microsoft-prod.gpg \
+    && echo "deb [arch=amd64 signed-by=/usr/share/keyrings/microsoft-prod.gpg] https://packages.microsoft.com/debian/12/prod bookworm main" > /etc/apt/sources.list.d/mssql-release.list \
+    && apt-get update \
+    && ACCEPT_EULA=Y apt-get install -y --no-install-recommends msodbcsql18 unixodbc-dev \
+    && apt-get purge -y curl gnupg2 apt-transport-https \
+    && apt-get autoremove -y \
+    && rm -rf /var/lib/apt/lists/*
+
+# Install Python dependencies
+COPY requirements.txt .
+RUN pip install --no-cache-dir -r requirements.txt
+
+# Copy application
+COPY web-log-monitor.py .
+COPY threat_db.py .
+
+# Create state directory
+RUN mkdir -p /data
+
+CMD ["python3", "-u", "web-log-monitor.py"]