/docker-clamav

ClamAV built on alpine

Primary LanguageShellMIT LicenseMIT

Docker ClamAV

Docker container for starting a ClamAV daemon.

Getting Started

These instructions will cover how to start a container both in Docker and within a Kubernetes cluster.

Prerequisites

In order to run this container you'll need docker installed.

Optionally:

  • A Kubernetes cluster to enable Kubernetes api discovery of other nodes.

Usage

The example below will start a single ClamAV instance.

docker run --name clamav -d -p 3310:3310 quay.io/ukhomeofficedigital/clamav:latest

To use with Kubernetes see the kubernetes examples.

Environment Variables

The variables and the defaults are shown below. By default, the container does not depend on Kubernetes.

  • CLAMD_SETTINGS_CSV="LogVerbose=yes,VirusEvent=/custom_alert.sh" See clamd.conf for more details
    and see ./clamd.conf for the default settings.
    To use specify a CSV of settings using Key=Value (not Key Value as the clamd.conf file) e.g. "CLAMD_SETTINGS_CSV='Setting=value'" Note, clamd has already been configured appropriately for a container but some useful settings include:
    • VirusEvent=/path/to/alert_script.sh If mounted in the container, will provide a custom alert facility
    • LogClean=yes Will log every scan performed
  • FRESHCLAM_SETTINGS_CSV="LogVerbose=yes" See freshclam.conf for more details
    and see ./freshclam.conf for the default settings. See above for how this works.
  • UPDATE=true (default) will start freshclam daemon in background to watch for update antivirus definitions
    UPDATE=false will watch for first successful update from separate sidecar container before starting
  • UPDATE_ONLY=true configure as a sidecar container and run the update process in the foreground
    UPDATE_ONLY=false (default) will run clamd and freshclam as normal.

Ports

This container exposes:

Contributing

Feel free to submit pull requests and issues. If it's a particularly large PR, you may wish to discuss it in an issue first.

Please note that this project is released with a Contributor Code of Conduct. By participating in this project you agree to abide by its terms.

Versioning

We use SemVer for versioning. For the versions available, see the tags on this repository.

Authors

See also the list of contributors who participated in this project.

License

This project is licensed under the MIT License - see the LICENSE.md file for details.

Acknowledgments

TODO:

  • Ensure the DB access doesn't need to be for user 999 (so the volume can be mounted)...
  • Long startup time, see point above.
  • Add testing for Travis