This may not be the only method or the best method, but, to modify the greenbone-security-assistant.service
file within the container, you would need to create a custom Docker image that includes the modified file and then use that image in your docker-compose.yml
file.
mkdir custom-gsa
cd custom-image
Create a new file called greenbone-security-assistant.service
in the custom-gsa
directory and add your modifications to it. Change 127.0.0.1
to 0.0.0.0
in the file. Save the changes.
Create a new file called Dockerfile
in the custom-image
directory with the following content:
FROM greenbone/gsa:stable
COPY greenbone-security-assistant.service /etc/systemd/system/greenbone-security-assistant.service
This Dockerfile
will start from the base greenbone/gsa:stable
image and copy your modified greenbone-security-assistant.service
file to the container. Then you need to build the container from within the directory using the Dockerfile
and tags it as something like my-custom-gsa
.
docker build -t my-custom-gsa .
Finally, update the docker-compose.yml
file to use the custom image. Replace the greenbone/gsa:stable
image with my-custom-gsa
. The modified section should look like this:
gsa:
image: my-custom-gsa
restart: on-failure
ports:
- 9392:80
volumes:
- gvmd_socket_vol:/run/gvmd
depends_on:
- gvmd
Start the containers using the modified docker-compose.yml file:
docker-compose -f $DOWNLOAD_DIR/docker-compose.yml -p greenbone-community-edition up -d
I have not tested this method, but I guess it is the correct way to override a container image.
You could otherwise set an environment variable but I believe there is currently no commands in the GSA container that would pick up the environment variable and move it into the service file. Such as this:
gsa:
image: my-custom-gsa
restart: on-failure
ports:
- 9392:80
volumes:
- gvmd_socket_vol:/run/gvmd
depends_on:
- gvmd
environment:
- LISTEN_IP=0.0.0.0
If the container could pick that up and execute something like:
sed -e "s/127.0.0.1/$LISTEN_IP/g" greenbone-security-assistant.