{"id":18289799,"url":"https://github.com/tiredofit/docker-clamav","last_synced_at":"2025-04-05T09:31:46.212Z","repository":{"id":46105751,"uuid":"103297259","full_name":"tiredofit/docker-clamav","owner":"tiredofit","description":"Docker antivirus software with monitoring and customizable features","archived":false,"fork":false,"pushed_at":"2025-01-22T17:34:37.000Z","size":113,"stargazers_count":28,"open_issues_count":10,"forks_count":18,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-03-21T02:21:56.177Z","etag":null,"topics":["alpine","antivirus","clamav","docker","malware-detection","zabbix-agent"],"latest_commit_sha":null,"homepage":"","language":"Dockerfile","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tiredofit.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":["tiredofit"]}},"created_at":"2017-09-12T16:49:00.000Z","updated_at":"2025-01-22T17:34:39.000Z","dependencies_parsed_at":"2023-02-16T11:01:29.683Z","dependency_job_id":"a075bfea-1f44-4c12-a52b-ee18f2caf2fd","html_url":"https://github.com/tiredofit/docker-clamav","commit_stats":null,"previous_names":[],"tags_count":50,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tiredofit%2Fdocker-clamav","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tiredofit%2Fdocker-clamav/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tiredofit%2Fdocker-clamav/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tiredofit%2Fdocker-clamav/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tiredofit","download_url":"https://codeload.github.com/tiredofit/docker-clamav/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247318267,"owners_count":20919457,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["alpine","antivirus","clamav","docker","malware-detection","zabbix-agent"],"created_at":"2024-11-05T14:08:18.498Z","updated_at":"2025-04-05T09:31:42.946Z","avatar_url":"https://github.com/tiredofit.png","language":"Dockerfile","funding_links":["https://github.com/sponsors/tiredofit","https://www.paypal.me/tiredofit"],"categories":[],"sub_categories":[],"readme":"# github.com/tiredofit/docker-clamav\n\n[![GitHub release](https://img.shields.io/github/v/tag/tiredofit/docker-clamav?style=flat-square)](https://github.com/tiredofit/docker-clamav/releases/latest)\n[![Build Status](https://img.shields.io/github/actions/workflow/status/tiredofit/docker-clamav/main.yml?branch=main\u0026style=flat-square)](https://github.com/tiredofit/docker-clamav/actions)\n[![Docker Stars](https://img.shields.io/docker/stars/tiredofit/clamav.svg?style=flat-square\u0026logo=docker)](https://hub.docker.com/r/tiredofit/clamav/)\n[![Docker Pulls](https://img.shields.io/docker/pulls/tiredofit/clamav.svg?style=flat-square\u0026logo=docker)](https://hub.docker.com/r/tiredofit/clamav/)\n[![Become a sponsor](https://img.shields.io/badge/sponsor-tiredofit-181717.svg?logo=github\u0026style=flat-square)](https://github.com/sponsors/tiredofit)\n[![Paypal Donate](https://img.shields.io/badge/donate-paypal-00457c.svg?logo=paypal\u0026style=flat-square)](https://www.paypal.me/tiredofit)\n\n* * *\n## About\n\nDockerfile to build an [Clam Antivirus](https://www.clamav.net) to scan files or mail messages.\n\n- Auto Configuration Support\n- Sane Defaults\n- Automatic Downlad and update of Virus Definitions\n- Ability to load custom definitions\n- Log rotation\n\n## Maintainer\n\n- [Dave Conroy](https://github.com/tiredofit/)\n\n## Table of Contents\n\n- [About](#about)\n- [Maintainer](#maintainer)\n- [Table of Contents](#table-of-contents)\n- [Prerequisites and Assumptions](#prerequisites-and-assumptions)\n- [Installation](#installation)\n  - [Build from Source](#build-from-source)\n  - [Prebuilt Images](#prebuilt-images)\n- [Configuration](#configuration)\n  - [Quick Start](#quick-start)\n  - [Persistent Storage](#persistent-storage)\n  - [Environment Variables](#environment-variables)\n    - [Base Images used](#base-images-used)\n    - [Core Configuration](#core-configuration)\n    - [Virus Definitions Configuration](#virus-definitions-configuration)\n    - [Virus Scanning Settings](#virus-scanning-settings)\n    - [Scanning Limits](#scanning-limits)\n    - [Alerting Settings](#alerting-settings)\n  - [Networking](#networking)\n- [Maintenance](#maintenance)\n  - [Shell Access](#shell-access)\n  - [Manual Definition Updates](#manual-definition-updates)\n- [Support](#support)\n  - [Usage](#usage)\n  - [Bugfixes](#bugfixes)\n  - [Feature Requests](#feature-requests)\n  - [Updates](#updates)\n- [License](#license)\n\n## Prerequisites and Assumptions\n\n- This container doesn't do much on it's own unless you use an additional service or communicator to talk to it! You can scan files if you'd like by binding a volume inside the container but that is not the intent of this image.\n\n\n## Installation\n\n### Build from Source\nClone this repository and build the image with `docker build -t (imagename) .`\n\n### Prebuilt Images\nBuilds of the image are available on [Docker Hub](https://hub.docker.com/r/tiredofit/clamav)\n\n```bash\ndocker pull docker.io/tiredofit/clamav:(imagetag)\n```\n\nBuilds of the image are also available on the [Github Container Registry](https://github.com/tiredofit/docker-clamav/pkgs/container/docker-clamav) \n \n```\ndocker pull ghcr.io/tiredofit/docker-clamav:(imagetag)\n``` \n\nThe following image tags are available along with their tagged release based on what's written in the [Changelog](CHANGELOG.md):\n\n| Container OS | Tag       |\n| ------------ | --------- |\n| Alpine       | `:latest` |\n\n\n## Configuration\n\n### Quick Start\n\n* The quickest way to get started is using [docker-compose](https://docs.docker.com/compose/). See the examples folder for a working [docker-compose.yml](examples/docker-compose.yml) that can be modified for development or production use.\n\n* Set various [environment variables](#environment-variables) to understand the capabilities of this image.\n* Map [persistent storage](#data-volumes) for access to configuration and data files for backup.\n\n### Persistent Storage\n\nThe container will look for definition files upon startup in `/data` and if not found, download them. 6 times a day it will also check for updated definitions.\n\nThe following directories are used for configuration and can be mapped for persistent storage.\n\n| Directory           | Description         |\n| ------------------- | ------------------- |\n| `/data/definitions` | Virus Definitions   |\n| `/data/config`      | Configuration Files |\n| `/logs`             | Log Files           |\n\n### Environment Variables\n\n#### Base Images used\n\nThis image relies on an [Alpine Linux](https://hub.docker.com/r/tiredofit/alpine) or [Debian Linux](https://hub.docker.com/r/tiredofit/debian) base image that relies on an [init system](https://github.com/just-containers/s6-overlay) for added capabilities. Outgoing SMTP capabilities are handlded via `msmtp`. Individual container performance monitoring is performed by [zabbix-agent](https://zabbix.org). Additional tools include: `bash`,`curl`,`less`,`logrotate`, `nano`.\n\nBe sure to view the following repositories to understand all the customizable options:\n\n| Image                                                  | Description                            |\n| ------------------------------------------------------ | -------------------------------------- |\n| [OS Base](https://github.com/tiredofit/docker-alpine/) | Customized Image based on Alpine Linux |\n\n\n#### Core Configuration\n\n| Parameter                    | Description                                                                     | Default                         |\n| ---------------------------- | ------------------------------------------------------------------------------- | ------------------------------- |\n| `SETUP_TYPE`                 | Auto Configure Configuration each startup - Set to `MANUAL` to disable          | `AUTO`                          |\n| `CLAMD_CONFIG_FILE`          | Clamd Configuration file                                                        | `clamd.conf`                    |\n| `CLAMD_LOCAL_SOCKET`         | Clamd Socket Name                                                               | `/run/clamd/clamd.sock`         |\n| `CLAMD_TEMP_LOCATION`        | CLamd Temp Location                                                             | `/tmp/clamd/`                   |\n| `CONCURRENT_DATABASE_RELOAD` | Enable non-blocking (multi-threaded/concurrent) database reloads.               | `TRUE`                          |\n| `DATA_LOCATION`              | Base Folder for Data Files                                                      | `/data/`                        |\n| `CONFIG_LOCATION`            | Folder for Config Files                                                         | `${DATA_LOCATION}/config/`      |\n| `DEFINITIONS_LOCATION`       | Folder for Virus Definitions                                                    | `${DATA_LOCATION}/definitions/` |\n| `ENABLE_CLAMD`               | Enable ClamD Daemon                                                             | `TRUE`                          |\n| `ENABLE_LOG_CLAMD`           | Enable Logging for Clamd                                                        | `TRUE`                          |\n| `ENABLE_LOG_FRESHCLAM`       | Enable Logging for Definitions Updaer                                           | `TRUE`                          |\n| `FRESHCLAM_CONFIG_FILE`      | Freshclam Definitions Updater configuration file                                | `freshclam.conf`                |\n| `FRESHCLAM_DATABASES`        | Comma seperated list of additional definitions eg                               |                                 |\n|                              | `http://www.rfxn.com/downloads/rfxn.ndb,http://www.rfxn.com/downloads/rfxn.hdb` |                                 |\n| `LISTEN_PORT`                | ClamD TCP Socket Listen port                                                    | `3310`                          |\n| `LOG_FILE_CLAMD`             | ClamD Log File                                                                  | `clamd.log`                     |\n| `LOG_FILE_FRESHCLAM`         | Freshclam Log File                                                              | `freshclam.log`                 |\n| `LOG_PATH`                   | Logfile locations                                                               | `/logs/`                        |\n| `LOG_VERBOSE`                | Enable Verbosity in Logs                                                        | `FALSE`                         |\n\n\n#### Virus Definitions Configuration\n\n| Parameter                      | Description                                                                                                                                    | Default |\n| ------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------- | ------- |\n| `ENABLE_DEFINITIONS_UPDATE`    | Enable Automatic Definitions Updating                                                                                                          | `TRUE`  |\n| `DEFINITIONS_UPDATE_FREQUENCY` | How often to check for new Definitions in minutes                                                                                              | `1440`  |\n| `DEFINITIONS_UPDATE_BEGIN`     | What time to do the first dump. Defaults to immediate. Must be in one of two formats                                                           |         |\n|                                | Absolute HHMM, e.g. `2330` or `0415`                                                                                                           |         |\n|                                | Relative +MM, i.e. how many minutes after starting the container, e.g. `+0` (immediate), `+10` (in 10 minutes), or `+90` in an hour and a half |         |\n\n#### Virus Scanning Settings\n\n| Parameter                      | Description                                      | Default          |\n| ------------------------------ | ------------------------------------------------ | ---------------- |\n| `DISABLE_CERT_CHECK`           | Disable PE Cert Checks                           | `TRUE`           |\n| `ENABLE_ALGORITHMIC_DETECTION` | Enable Algorithmic Detection                     | `TRUE`           |\n| `ENABLE_BYTECODE`              | Enable Bytecode Checks                           | `TRUE`           |\n| `ENABLE_DETECT_PUA`            | Detect PUA                                       | `TRUE`           |\n| `ENABLE_PHISHING_SCAN_URLS`    | Scan URLs for Phishing                           | `TRUE`           |\n| `ENABLE_PHISHING_SIGNATURES`   | Scan for signatures related to Phishing          | `TRUE`           |\n| `ENABLE_SCAN_ARCHIVE`          | Scan Archives                                    | `TRUE`           |\n| `ENABLE_SCAN_ELF`              | Scan ELF files                                   | `TRUE`           |\n| `ENABLE_SCAN_HTML`             | Scan HTML Files                                  | `TRUE`           |\n| `ENABLE_SCAN_MAIL`             | Scan Mail Files                                  | `TRUE`           |\n| `ENABLE_SCAN_OLE2`             | Scan OLE2 Files                                  | `TRUE`           |\n| `ENABLE_SCAN_PDF`              | Scan PDF Files                                   | `TRUE`           |\n| `ENABLE_SCAN_PE`               | Scan PE Files                                    | `TRUE`           |\n| `ENABLE_SCAN_SWF`              | Scan SWF Files                                   | `TRUE`           |\n| `EXCLUDE_PUA`                  | Comma Seperated Values of PUA formats to exclude | `NetTool,PWTool` |\n| `INCLUDE_PUA`                  | Comma Seperated Values of PUA formats to exclude | `(null)`         |\n\n#### Scanning Limits\n\n| Parameter             | Description               | Default |\n| --------------------- | ------------------------- | ------- |\n| `MAX_EMBEDDEDPE`      | Max filesize Embedded PE  | `10M`   |\n| `MAX_FILE_SIZE`       | Max file to scan          | `25M`   |\n| `MAX_FILES`           | Max files to scan         | `10000` |\n| `MAX_HTMLNORMALIZE`   | Max HTML Normalize        | `10M`   |\n| `MAX_HTMLNOTAGS`      | Max HTML No Tags          | `2M`    |\n| `MAX_ICONSPE`         | Max IconsPE               | `100`   |\n| `MAX_PARTITIONS`      | Max Partitons to Scan     | `50`    |\n| `MAX_RECHWP3`         | Max Recursive HWP3        | `16`    |\n| `MAX_RECURSION`       | Max Folder Recursion      | `16`    |\n| `MAX_SCAN_SIZE`       | Max Scan Size             | `100M`  |\n| `MAX_SCRIPTNORMALIZE` | Max Script Normalize Scan | `5M`    |\n| `MAX_THREADS`         | Max Scanning Threads      | `10`    |\n| `MAX_ZIPTYPERCG`      | Max Zip type Recursive    | `1M`    |\n| `PCRE_MATCH_LIMIT`    | PCRE Match Limit          | `10000` |\n| `PCRE_MAX_FILE_SIZE`  | PCRE Max File Size        | `25M`   |\n| `PCRE_RECMATCH_LIMIT` | PCRE REcursive Max Limit  | `2000`  |\n| `STREAM_MAX_LENGTH`   | Max stream size to scan   | `25M`   |\n\n#### Alerting Settings\n\n| Parameter                        | Description                                                        | Default |\n| -------------------------------- | ------------------------------------------------------------------ | ------- |\n| `ENABLE_ALERT_ENCRYPTED_ARCHIVE` | Alert on encrypted archives (.zip, .7zip, .rar)                    | `FALSE` |\n| `ENABLE_ALERT_ENCRYPTED_DOC`     | Alert on encrypted documents (.pdf)                                | `FALSE` |\n| `ENABLE_ALERT_OLE2_MACROS`       | Alert on OLE2 files containing VBA macros                          | `FALSE` |\n| `ENABLE_ALERT_EXCEEDS_MAX`       | Alert on files exceeding MAX_FILES, MAX_SCAN_SIZE or MAX_RECURSION | `FALSE` |\n\n\n### Networking\n\n| Port   | Description          |\n| ------ | -------------------- |\n| `3310` | ClamD Listening Port |\n\n* * *\n## Maintenance\n\n### Shell Access\n\nFor debugging and maintenance purposes you may want access the containers shell.\n\n``bash\ndocker exec -it (whatever your container name is) bash\n``\n\n### Manual Definition Updates\nManual Definition Updates can be performed by entering the container and typing `update-now`\n\n## Support\n\nThese images were built to serve a specific need in a production environment and gradually have had more functionality added based on requests from the community.\n### Usage\n- The [Discussions board](../../discussions) is a great place for working with the community on tips and tricks of using this image.\n- [Sponsor me](https://tiredofit.ca/sponsor) for personalized support\n### Bugfixes\n- Please, submit a [Bug Report](issues/new) if something isn't working as expected. I'll do my best to issue a fix in short order.\n\n### Feature Requests\n- Feel free to submit a feature request, however there is no guarantee that it will be added, or at what timeline.\n- [Sponsor me](https://tiredofit.ca/sponsor) regarding development of features.\n\n### Updates\n- Best effort to track upstream changes, More priority if I am actively using the image in a production environment.\n- [Sponsor me](https://tiredofit.ca/sponsor) for up to date releases.\n\n## License\nMIT. See [LICENSE](LICENSE) for more details.## References\n\n* https://www.clamav.net\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftiredofit%2Fdocker-clamav","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftiredofit%2Fdocker-clamav","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftiredofit%2Fdocker-clamav/lists"}