Preamble

This article is created for challenge developers of Hacking-Lab who want to integrate Docker images into HL. Please read this first: Challenge Development

HL Docker Templates

Many challenges in Hacking-Lab are based on Docker containers. Hacking-Lab provides a base image that contains the distribution of flags and also implements the service startup via the s6 framework.

When developing a Docker for Hacking-Lab, you can use the HL Docker Generator and choose from a selection of use cases.

As a result for a Docker challenge, Hacking-Lab expects a file dockerfiles.tar.gz.

Dockers created with the generator have a prepare.sh script that generates `dockerfiles.tar.gz that will later be uploaded into the Ressource Editor of Hacking-Lab.

HL Docker Generator

It is recommended to use web-based generator

• https://generator.hacking-lab.com/

CLI base generator

Please watch the video Hacking--Lab Challenge Docker Development and visit the GitHub repo

• https://github.com/Hacking-Lab/generator-hl-challenge

HL Docker Templates on GitHub

In addition to the Generator project above, please browse GitHub for other HL docker images. The alpine-base-hl image contains the s6 framework and flag distribution services but does not offer any exposed services.

• https://github.com/Hacking-Lab/alpine-base-hl

Please search for other Hacking-Lab docker images, most sourced from alpine-base-hl

• https://github.com/orgs/Hacking-Lab/repositories?q=alpine&type=all&language=&sort=

S6 Framework

Service startup in HL dockers use https://github.com/just-containers/s6-overlay . This is a nice framework to start multiple service within the same docker. Most interesting files and directories are the following

S6 Service Initialization

Please store your init scripts in /etc/cont-init.d/ This script will be executed as root when the docker starts. Store your init scripts to this folder. The s6 will execute them at the beginning of the service startup phase.

S6 Service Startup

Please store your service files in /etc/services.d/<service>/ and add a run and finish script. Visit https://github.com/Hacking-Lab/alpine-nginx-hl/tree/main/root/etc/services.d/nginx to see an example. Every service that shall be started by s6 must have it's own directory in /etc/services.d/<service> folder.

See this example for a docker hosting multiple services

• https://github.com/Hacking-Lab/alpine-nginx-with-theia-web-ide-hl/tree/master/root/etc/services.d

S6 Service Privileges

By default, services will run as root. You may want to start your services as unprivileged user. See an example of such a service here

• https://github.com/Hacking-Lab/alpine-nginx-with-theia-web-ide-hl/blob/master/root/etc/services.d/theia/run