From c6772e8dc486cf59fe9f04d6bb3566e0cb143ddb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Mon, 9 Aug 2021 12:23:36 +0200
Subject: [PATCH 01/33] Fix typo

---
 .github/ISSUE_TEMPLATE/feature_request.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md
index 125e4319..86cead6d 100644
--- a/.github/ISSUE_TEMPLATE/feature_request.md
+++ b/.github/ISSUE_TEMPLATE/feature_request.md
@@ -3,7 +3,7 @@ name: Feature request
 about: Suggest an idea for this project
 title: "[Enhancement]"
 labels: ''
-assignees: austinsonger
+assignees: austinsonger, Dexus
 
 ---
 

From 3724c3c9e45fb0f88ed73f9a620dd27b7d0188cc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Fri, 13 Aug 2021 13:28:03 +0200
Subject: [PATCH 02/33] support docker buildx and architectures

---
 .github/workflows/docker-publish.yml | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
index 04612f25..869f3e8c 100644
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -165,10 +165,11 @@ jobs:
         with:
           submodules: recursive
 
-      - uses: docker/setup-buildx-action@v1
-        id: buildx
-        with:
-          install: true
+      - name: Setup QEMU
+        uses: docker/setup-qemu-action@v1
+
+      - name: Setup Docker Buildx
+        uses: docker/setup-docker-buildx-action@v1
 
       # Login against a Docker registry except on PR
       # https://github.com/docker/login-action

From a28dfd0f1ee2b821af04888fcad2e09df184972f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Fri, 13 Aug 2021 13:32:13 +0200
Subject: [PATCH 03/33] fix wrong action name

---
 .github/workflows/docker-publish.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
index 869f3e8c..d9f36311 100644
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -169,7 +169,7 @@ jobs:
         uses: docker/setup-qemu-action@v1
 
       - name: Setup Docker Buildx
-        uses: docker/setup-docker-buildx-action@v1
+        uses: docker/setup-buildx-action@v1
 
       # Login against a Docker registry except on PR
       # https://github.com/docker/login-action

From babfde60ed5ff669fe12538505c3e9b7963e07af Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Fri, 13 Aug 2021 13:43:27 +0200
Subject: [PATCH 04/33] Add inspector and build for all supported plfatforms

---
 .github/workflows/docker-publish.yml | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
index d9f36311..3d5686aa 100644
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -169,7 +169,22 @@ jobs:
         uses: docker/setup-qemu-action@v1
 
       - name: Setup Docker Buildx
+        id: buildx
         uses: docker/setup-buildx-action@v1
+      - name: Inspect builder
+        run: |
+          echo "Name        : ${{ steps.buildx.output.name }}"
+          echo "Endpoint    : ${{ steps.buildx.output.endpoint }}"
+          echo "Status      : ${{ steps.buildx.output.status }}"
+          echo "Flags       : ${{ steps.buildx.output.flags }}"
+          echo "Plfatforms  : ${{ steps.buildx.output.plfatforms }}"
+          echo "Architecture: ${{ steps.buildx.output.architecture }}"
+          echo "Version     : ${{ steps.buildx.output.version }}"
+          echo "OS          : ${{ steps.buildx.output.os }}"
+          echo "OS Version  : ${{ steps.buildx.output.os_version }}"
+          echo "CPUs        : ${{ steps.buildx.output.cpus }}"
+          echo "Memory      : ${{ steps.buildx.output.memory }}"
+          echo "Kernel      : ${{ steps.buildx.output.kernel }}"
 
       # Login against a Docker registry except on PR
       # https://github.com/docker/login-action
@@ -252,6 +267,7 @@ jobs:
         uses: docker/build-push-action@v2
         with:
           context: .
+          platforms: ${{ steps.buildx.output.plfatforms }}
           push: true
           tags: ${{ steps.meta2.outputs.tags }}
           labels: ${{ steps.meta2.outputs.labels }}

From b7ba74f952c6df6f55a9b7edd16280f16f5b39c9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Fri, 13 Aug 2021 14:00:46 +0200
Subject: [PATCH 05/33] typos

---
 .github/workflows/docker-publish.yml | 20 ++++++++------------
 1 file changed, 8 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
index 3d5686aa..f63f49e0 100644
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -171,20 +171,16 @@ jobs:
       - name: Setup Docker Buildx
         id: buildx
         uses: docker/setup-buildx-action@v1
+        with:
+          install: true
+
       - name: Inspect builder
         run: |
-          echo "Name        : ${{ steps.buildx.output.name }}"
-          echo "Endpoint    : ${{ steps.buildx.output.endpoint }}"
-          echo "Status      : ${{ steps.buildx.output.status }}"
-          echo "Flags       : ${{ steps.buildx.output.flags }}"
-          echo "Plfatforms  : ${{ steps.buildx.output.plfatforms }}"
-          echo "Architecture: ${{ steps.buildx.output.architecture }}"
-          echo "Version     : ${{ steps.buildx.output.version }}"
-          echo "OS          : ${{ steps.buildx.output.os }}"
-          echo "OS Version  : ${{ steps.buildx.output.os_version }}"
-          echo "CPUs        : ${{ steps.buildx.output.cpus }}"
-          echo "Memory      : ${{ steps.buildx.output.memory }}"
-          echo "Kernel      : ${{ steps.buildx.output.kernel }}"
+          echo "Name        : ${{ steps.buildx.outputs.name }}"
+          echo "Endpoint    : ${{ steps.buildx.outputs.endpoint }}"
+          echo "Status      : ${{ steps.buildx.outputs.status }}"
+          echo "Flags       : ${{ steps.buildx.outputs.flags }}"
+          echo "Plfatforms  : ${{ steps.buildx.outputs.plfatforms }}"
 
       # Login against a Docker registry except on PR
       # https://github.com/docker/login-action

From d206699025fc31ea9801ab15609815b233016b23 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Fri, 13 Aug 2021 14:04:09 +0200
Subject: [PATCH 06/33] typo

---
 .github/workflows/docker-publish.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
index f63f49e0..58ae034b 100644
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -180,7 +180,7 @@ jobs:
           echo "Endpoint    : ${{ steps.buildx.outputs.endpoint }}"
           echo "Status      : ${{ steps.buildx.outputs.status }}"
           echo "Flags       : ${{ steps.buildx.outputs.flags }}"
-          echo "Plfatforms  : ${{ steps.buildx.outputs.plfatforms }}"
+          echo "Plfatforms  : ${{ steps.buildx.outputs.platforms }}"
 
       # Login against a Docker registry except on PR
       # https://github.com/docker/login-action

From 2f4ccac0fabcf77dcf9f838d66bc93b4f8859c11 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Fri, 13 Aug 2021 14:06:06 +0200
Subject: [PATCH 07/33] typo

---
 .github/workflows/docker-publish.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
index 58ae034b..f6341de4 100644
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -180,7 +180,7 @@ jobs:
           echo "Endpoint    : ${{ steps.buildx.outputs.endpoint }}"
           echo "Status      : ${{ steps.buildx.outputs.status }}"
           echo "Flags       : ${{ steps.buildx.outputs.flags }}"
-          echo "Plfatforms  : ${{ steps.buildx.outputs.platforms }}"
+          echo "Platforms   : ${{ steps.buildx.outputs.platforms }}"
 
       # Login against a Docker registry except on PR
       # https://github.com/docker/login-action
@@ -263,7 +263,7 @@ jobs:
         uses: docker/build-push-action@v2
         with:
           context: .
-          platforms: ${{ steps.buildx.output.plfatforms }}
+          platforms: ${{ steps.buildx.outputs.platforms }}
           push: true
           tags: ${{ steps.meta2.outputs.tags }}
           labels: ${{ steps.meta2.outputs.labels }}

From 01f1ecb750114fb90e53f3e5473c4f419d08087e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Fri, 13 Aug 2021 13:43:27 +0200
Subject: [PATCH 08/33] Add inspector and build for all supported plfatforms

---
 .github/workflows/docker-publish.yml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
index f6341de4..5cbdc3dc 100644
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -263,7 +263,7 @@ jobs:
         uses: docker/build-push-action@v2
         with:
           context: .
-          platforms: ${{ steps.buildx.outputs.platforms }}
+          platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
           push: true
           tags: ${{ steps.meta2.outputs.tags }}
           labels: ${{ steps.meta2.outputs.labels }}
@@ -297,6 +297,7 @@ jobs:
         uses: docker/build-push-action@v2
         with:
           context: .
+          platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
           push: true
           tags: ${{ steps.meta3.outputs.tags }}
           labels: ${{ steps.meta3.outputs.labels }}
@@ -330,6 +331,7 @@ jobs:
         uses: docker/build-push-action@v2
         with:
           context: .
+          platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
           push: ${{ github.event_name != 'pull_request' }}
           tags: ${{ steps.meta4.outputs.tags }}
           labels: ${{ steps.meta4.outputs.labels }}
@@ -362,6 +364,7 @@ jobs:
         uses: docker/build-push-action@v2
         with:
           context: .
+          platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
           push: ${{ github.event_name != 'pull_request' }}
           tags: ${{ steps.meta5.outputs.tags }}
           labels: ${{ steps.meta5.outputs.labels }}

From 246735687ec366c71c3cea71f97821eb8b217d29 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Mon, 16 Aug 2021 21:57:57 +0200
Subject: [PATCH 09/33] debian image with no-deb-prebuilds

---
 .dockerignore                              |   2 +-
 Dockerfile                                 |  23 +-
 Dockerfile.debian                          |  62 ++++
 Makefile                                   |  48 ++-
 config/supervisord.conf                    |  13 +-
 scripts/add-scanner.sh                     |   1 +
 scripts/debian/main_pkgs.sh                | 377 +++++++++++++++++++++
 scripts/debian/prepare.sh                  |  33 ++
 scripts/entrypoint.sh                      |  10 +
 scripts/migration_v21.4.0_ubuntu_images.sh |   0
 scripts/start.sh                           |  11 +-
 scripts/start_crond.sh                     |   6 +
 scripts/start_gvmd.sh                      |   6 +
 scripts/sync-initial.sh                    |   2 +-
 14 files changed, 569 insertions(+), 25 deletions(-)
 create mode 100644 Dockerfile.debian
 create mode 100755 scripts/debian/main_pkgs.sh
 create mode 100755 scripts/debian/prepare.sh
 mode change 100644 => 100755 scripts/migration_v21.4.0_ubuntu_images.sh
 create mode 100755 scripts/start_crond.sh
 create mode 100644 scripts/start_gvmd.sh

diff --git a/.dockerignore b/.dockerignore
index 32a60fa7..1e471800 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -4,5 +4,5 @@
 !config/
 !gvm-sync-data/
 !report_formats/
-!scripts/*.sh
+!scripts/
 !sshd_config
diff --git a/Dockerfile b/Dockerfile
index fcf0d975..528add2a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,7 +2,7 @@ FROM alpine:3
 
 EXPOSE 22 5432 8081 9392
 
-ENTRYPOINT [ "/entrypoint.sh" ]
+ENTRYPOINT [ "/opt/setup/scripts/entrypoint.sh" ]
 CMD ["/usr/bin/supervisord", "-n", "-c", "/etc/supervisord.conf"]
 
 ARG SUPVISD=supervisorctl
@@ -47,7 +47,8 @@ ENV SUPVISD=${SUPVISD:-supervisorctl} \
     DB_PASSWORD_FILE=${DB_PASSWORD:-none} \
     LANG=en_US.UTF-8 \
     LANGUAGE=en_US.UTF-8 \
-    LC_ALL=en_US.UTF-8
+    LC_ALL=en_US.UTF-8\
+    SYSTEM_DIST=alpine
 
 ENV MUSL_LOCPATH="/usr/share/i18n/locales/musl"
 
@@ -80,13 +81,17 @@ RUN { \
     && su -c "mkdir -p /var/lib/gvm/.ssh/ && chmod 700 /var/lib/gvm/.ssh/ && touch /var/lib/gvm/.ssh/authorized_keys && chmod 644 /var/lib/gvm/.ssh/authorized_keys" gvm 
 
 COPY gvm-sync-data/gvm-sync-data.tar.xz /opt/gvm-sync-data.tar.xz
-COPY scripts/* /
+
 COPY report_formats/* /report_formats/
-COPY config/supervisord.conf /etc/supervisord.conf
-COPY config/logrotate-gvm.conf /etc/logrotate.d/gvm
-COPY config/redis-openvas.conf /etc/redis.conf
-COPY config/sshd_config /etc/ssh/sshd_config
-COPY config/* /opt/config/
+COPY config /opt/setup/
+COPY scripts /opt/setup/scripts/
+#RUN chmod -R +x /opt/setup/scripts/*.sh
+#COPY scripts/* /
+#COPY config/supervisord.conf /etc/supervisord.conf
+#COPY config/logrotate-gvm.conf /etc/logrotate.d/gvm
+#COPY config/redis-openvas.conf /etc/redis/redis-openvas.conf
+#COPY config/sshd_config /etc/ssh/sshd_config
+#COPY config/* /opt/config/
 
 
 ARG SETUP=0
@@ -95,7 +100,7 @@ ENV SETUP=${SETUP:-0} \
     OPT_PDF=${OPT_PDF:-0}
 
 RUN env \
-    && chmod +x /*.sh \
+    && chmod -R +x /opt/setup/scripts/*.sh \
     && if [ "${SETUP}" == "1" ]; then \
     ln -snf "/usr/share/zoneinfo/$TZ" /etc/localtime && echo "$TZ" >/etc/timezone \
     && /usr/bin/supervisord -c /etc/supervisord.conf || true ; \
diff --git a/Dockerfile.debian b/Dockerfile.debian
new file mode 100644
index 00000000..26054232
--- /dev/null
+++ b/Dockerfile.debian
@@ -0,0 +1,62 @@
+FROM debian:10-slim
+
+ENTRYPOINT [ "/opt/setup/scripts/entrypoint.sh" ]
+CMD ["/usr/bin/supervisord", "-n", "-c", "/etc/supervisord.conf"]
+
+ENV DEBIAN_FRONTEND=noninteractive
+ENV LANG=C.UTF-8
+
+COPY config /opt/setup/
+COPY scripts /opt/setup/scripts/
+RUN chmod -R +x /opt/setup/scripts/*.sh
+#RUN bash /opt/setup/debian/install-pkgs.sh
+
+# gvmd: v21.4.3
+# gsa: v21.4.2
+# gvm-libs: v21.4.2
+# gvm-tools: v21.6.1
+# ospd: v21.4.3
+# ospd-openvas: v21.4.2
+# openvas-scanner: v21.4.2
+# openvas-smb: v21.4.0
+# python-gvm: v21.6.0
+
+ARG gvm_libs_version="21.4.2"
+ARG openvas_scanner_version="21.4.2" 
+ARG pggvm_version="fa973261bee877590e0d0096eb0f9213a38a7965" 
+ARG gvmd_version="21.4.3" 
+ARG gsa_version="21.4.2" 
+ARG gvm_tools_version="21.6.1" 
+ARG openvas_smb_version="21.4.0" 
+ARG open_scanner_protocol_daemon="21.4.3" 
+ARG ospd_openvas="21.4.2" 
+ARG python_gvm_version="21.6.0"
+
+ENV gvm_libs_version=${gvm_libs_version} \
+    openvas_scanner_version=${openvas_scanner_version} \
+    pggvm_version=${pggvm_version} \
+    gvmd_version=${gvmd_version} \
+    gsa_version=${gsa_version} \
+    gvm_tools_version=${gvm_tools_version} \
+    openvas_smb_version=${openvas_smb_version} \
+    open_scanner_protocol_daemon=${open_scanner_protocol_daemon} \
+    ospd_openvas=${ospd_openvas} \
+    python_gvm_version=${python_gvm_version} \
+    SYSTEM_DIST=debian
+
+RUN ls -lahR /opt/setup/ \
+    && /opt/setup/scripts/debian/prepare.sh \
+    && /opt/setup/scripts/debian/main_pkgs.sh
+
+#COPY report_formats/* /report_formats/
+
+# COPY greenbone-feed-sync-patch.txt /greenbone-feed-sync-patch.txt
+
+# RUN patch /usr/local/sbin/greenbone-feed-sync /greenbone-feed-sync-patch.txt
+
+
+
+
+
+
+VOLUME [ "/opt/database", "/var/lib/openvas/plugins", "/var/lib/gvm", "/etc/ssh" ]
\ No newline at end of file
diff --git a/Makefile b/Makefile
index 366ec61d..c60fa8d4 100644
--- a/Makefile
+++ b/Makefile
@@ -1,5 +1,10 @@
 SHELL:=/bin/bash
 PWD ?= $(PWD)
+DOCKER_ORG:=securecompliance
+PLATFORM:=linux/amd64,linux/arm64
+ADD_OPTIONS:=--load
+OPTIONS:=
+
 
 .DEFAULT_GOAL := all
 
@@ -10,22 +15,55 @@ apkbuild:
 	cd ${PWD}/apk-build ; \
 	make build
 
+.PHONY: build_debian
+build: build_debian_latest build_debian_full build_debian_data build_debian_data_full 
+
+build_debian_latest: 
+	cd ${PWD} ; \
+	docker build --platform ${PLATFORM} ${ADD_OPTIONS} -f Dockerfile.debian -t ${DOCKER_ORG}/gvm:debian -t ${DOCKER_ORG}/gvm:debian-latest .
+build_debian_full: 
+	cd ${PWD} ; \
+	docker build --platform ${PLATFORM} ${ADD_OPTIONS} -f Dockerfile.debian --build-arg OPT_PDF=1  -t ${DOCKER_ORG}/gvm:debian-full .
+build_debian_data: 
+	cd ${PWD} ; \
+	docker build --platform ${PLATFORM} ${ADD_OPTIONS} -f Dockerfile.debian --build-arg SETUP=1 -t ${DOCKER_ORG}/gvm:debian-data .
+build_debian_data_full: 
+	cd ${PWD} ; \
+	docker build --platform ${PLATFORM} ${ADD_OPTIONS} -f Dockerfile.debian --build-arg SETUP=1 --build-arg OPT_PDF=1 -t ${DOCKER_ORG}/gvm:debian-data-full .
+
+
 .PHONY: build
 build: build_latest build_full build_data build_data_full 
 
 build_latest: 
 	cd ${PWD} ; \
-	docker build -t securecompliance/gvm:no-data -t securecompliance/gvm:latest .
+	docker build --platform ${PLATFORM} ${ADD_OPTIONS} -t ${DOCKER_ORG}/gvm:alpine -t ${DOCKER_ORG}/gvm:latest .
 build_full: 
 	cd ${PWD} ; \
-	docker build --build-arg OPT_PDF=1  -t securecompliance/gvm:full .
+	docker build --platform ${PLATFORM} ${ADD_OPTIONS} --build-arg OPT_PDF=1  -t ${DOCKER_ORG}/gvm:full .
 build_data: 
 	cd ${PWD} ; \
-	docker build --build-arg SETUP=1 -t securecompliance/gvm:data .
+	docker build --platform ${PLATFORM} ${ADD_OPTIONS} --build-arg SETUP=1 -t ${DOCKER_ORG}/gvm:data .
 build_data_full: 
 	cd ${PWD} ; \
-	docker build --build-arg SETUP=1 --build-arg OPT_PDF=1 -t securecompliance/gvm:data-full .
+	docker build --platform ${PLATFORM} ${ADD_OPTIONS} --build-arg SETUP=1 --build-arg OPT_PDF=1 -t ${DOCKER_ORG}/gvm:data-full .
 	
+run-debian:
+	mkdir -p ${PWD}/storage/postgres-db
+	mkdir -p ${PWD}/storage/openvas-plugins
+	mkdir -p ${PWD}/storage/gvm
+	mkdir -p ${PWD}/storage/ssh
+	docker run --rm --publish 8080:9392 --publish 5432:5432 --publish 2222:22 \
+	--env DB_PASSWORD="postgres DB password" \
+	--env PASSWORD="webUI password" \
+	--env SSHD="true" \
+	${OPTIONS} \
+	--volume "${PWD}/storage/postgres-db:/opt/database" \
+	--volume "${PWD}/storage/openvas-plugins:/var/lib/openvas/plugins" \
+	--volume "${PWD}/storage/gvm:/var/lib/gvm" \
+	--volume "${PWD}/storage/ssh:/etc/ssh" \
+	--name gvm ${DOCKER_ORG}/gvm:debian-latest
+
 run-full:
 	mkdir -p ${PWD}/storage/postgres-db
 	mkdir -p ${PWD}/storage/openvas-plugins
@@ -39,4 +77,4 @@ run-full:
 	--volume "${PWD}/storage/openvas-plugins:/var/lib/openvas/plugins" \
 	--volume "${PWD}/storage/gvm:/var/lib/gvm" \
 	--volume "${PWD}/storage/ssh:/etc/ssh" \
-	--name gvm securecompliance/gvm:data-full
\ No newline at end of file
+	--name gvm ${DOCKER_ORG}/gvm:data-full
\ No newline at end of file
diff --git a/config/supervisord.conf b/config/supervisord.conf
index 48b52b42..e54e034d 100644
--- a/config/supervisord.conf
+++ b/config/supervisord.conf
@@ -24,7 +24,7 @@ serverurl=unix:///tmp/supervisor.sock
 
 [program:init]
 priority=1
-command=/start.sh
+command=/opt/setup/scripts/start.sh
 autostart=true
 startsecs=5
 autorestart=false
@@ -35,7 +35,7 @@ stderr_logfile_maxbytes=0
 
 [program:redis]
 priority=5
-command=/usr/bin/redis-server /etc/redis.conf
+command=/usr/bin/redis-server /etc/redis/redis-openvas.conf --daemonize no
 stdout_logfile=/var/log/supervisor/%(program_name)s.log
 stderr_logfile=/var/log/supervisor/%(program_name)s_err.log
 autorestart=true
@@ -87,7 +87,7 @@ stopasgroup=true
 killasgroup=true
 
 [program:ospd-openvas]
-command=/ospd-openvas-wrapper.sh /usr/bin/ospd-openvas -f --unix-socket /var/run/ospd/ospd.sock --socket-mode 0o666 --log-level INFO
+command=/opt/setup/scripts/ospd-openvas-wrapper.sh /usr/bin/ospd-openvas -f --unix-socket /var/run/ospd/ospd.sock --socket-mode 0o770 --log-level INFO
 stdout_logfile=/var/log/supervisor/%(program_name)s.log
 stderr_logfile=/var/log/supervisor/%(program_name)s_err.log
 priority=10
@@ -101,7 +101,7 @@ stopasgroup=true
 killasgroup=true
 
 [program:gvmd]
-command=/usr/bin/gvmd -f --listen=0.0.0.0 --port=9390 --gnutls-priorities=SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1
+command=/opt/setup/scripts/start_gvmd.sh -f --listen=0.0.0.0 --port=9390 --gnutls-priorities=SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1
 stdout_logfile=/var/log/supervisor/%(program_name)s.log
 stderr_logfile=/var/log/supervisor/%(program_name)s_err.log
 priority=20
@@ -162,7 +162,7 @@ killasgroup=true
 
 #28800 = 8h
 [program:GVMUpdate]
-command=bash -c "sleep 28800 && exec /sync-all.sh"
+command=bash -c "sleep 28800 && exec /opt/setup/scripts/sync-all.sh"
 stdout_logfile=/dev/fd/1
 stdout_logfile_maxbytes=0
 stderr_logfile=/dev/fd/2
@@ -179,7 +179,7 @@ stopasgroup=true
 killasgroup=true
 
 [program:crond]
-command=/usr/sbin/crond -f -l 8 -c /etc/crontabs
+command=/opt/setup/scripts/start_crond.sh
 stdout_logfile=/dev/fd/1
 stdout_logfile_maxbytes=0
 stderr_logfile=/dev/fd/2
@@ -192,3 +192,4 @@ autostart=true
 stopsignal=TERM
 stopasgroup=true
 killasgroup=true
+
diff --git a/scripts/add-scanner.sh b/scripts/add-scanner.sh
index 8f5a9708..2bbd3c1d 100755
--- a/scripts/add-scanner.sh
+++ b/scripts/add-scanner.sh
@@ -1,5 +1,6 @@
 #!/usr/bin/env bash
 set -Eeuo pipefail
+mkdir -p /var/lib/gvm/.ssh/
 touch /var/lib/gvm/.ssh/authorized_keys
 chmod 600 /var/lib/gvm/.ssh/authorized_keys
 
diff --git a/scripts/debian/main_pkgs.sh b/scripts/debian/main_pkgs.sh
new file mode 100755
index 00000000..83c3ea75
--- /dev/null
+++ b/scripts/debian/main_pkgs.sh
@@ -0,0 +1,377 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+apt-get update
+apt-get -yq upgrade
+
+#export PATH=$PATH:/usr/local/sbin
+export INSTALL_PREFIX=/usr
+
+export SOURCE_DIR=$HOME/source
+mkdir -p "${SOURCE_DIR}"
+
+export BUILD_DIR=$HOME/build
+mkdir -p "${BUILD_DIR}"
+
+export INSTALL_DIR=$HOME/install
+mkdir -p "${INSTALL_DIR}"
+
+sudo apt-get install --no-install-recommends --assume-yes \
+    build-essential \
+    curl \
+    cmake \
+    pkg-config \
+    python3 \
+    python3-pip \
+    gnupg \
+    supervisor
+
+curl -O https://www.greenbone.net/GBCommunitySigningKey.asc
+gpg --import GBCommunitySigningKey.asc
+
+# Install required dependencies for gvm-libs
+sudo apt-get install -y --no-install-recommends \
+    libglib2.0-dev \
+    libgpgme-dev \
+    libgpgme11 \
+    libgnutls28-dev \
+    uuid-dev \
+    libssh-gcrypt-dev \
+    libssh-gcrypt-4 \
+    libhiredis-dev \
+    libhiredis0.14 \
+    libxml2-dev \
+    libpcap-dev \
+    libnet1-dev \
+    libnet1
+
+# Install optional dependencies for gvm-libs
+sudo apt-get install -y --no-install-recommends \
+    libldap2-dev \
+    libradcli-dev \
+    libradcli4
+
+# Download and install gvm-libs
+curl -sSL "https://github.com/greenbone/gvm-libs/archive/refs/tags/v${gvm_libs_version}.tar.gz" -o "${SOURCE_DIR}/gvm-libs-${gvm_libs_version}.tar.gz"
+curl -sSL "https://github.com/greenbone/gvm-libs/releases/download/v${gvm_libs_version}/gvm-libs-${gvm_libs_version}.tar.gz.asc" -o "${SOURCE_DIR}/gvm-libs-${gvm_libs_version}.tar.gz.asc"
+
+ls -lahr "${SOURCE_DIR}"
+
+# Verify the signature of the gvm-libs tarball
+gpg --verify "${SOURCE_DIR}/gvm-libs-${gvm_libs_version}.tar.gz.asc" "${SOURCE_DIR}/gvm-libs-${gvm_libs_version}.tar.gz"
+
+# Unpack the gvm-libs tarball
+tar -C "${SOURCE_DIR}" -xvzf "${SOURCE_DIR}/gvm-libs-${gvm_libs_version}.tar.gz"
+
+# Build and install gvm-libs
+
+mkdir -p "${BUILD_DIR}/gvm-libs" && cd "${BUILD_DIR}/gvm-libs"
+
+cmake "${SOURCE_DIR}/gvm-libs-${gvm_libs_version}" \
+    -DCMAKE_INSTALL_PREFIX=${INSTALL_PREFIX} \
+    -DCMAKE_BUILD_TYPE=Release \
+    -DSYSCONFDIR=/etc \
+    -DLOCALSTATEDIR=/var \
+    -DGVM_PID_DIR=/run/gvm
+
+make "-j$(nproc)"
+
+make DESTDIR="${INSTALL_DIR}" install
+sudo cp -rv ${INSTALL_DIR}/* /
+#rm -rf ${INSTALL_DIR}/*
+
+# Install required dependencies for gvmd
+sudo apt-get install -y --no-install-recommends \
+    libglib2.0-dev \
+    libgnutls28-dev \
+    libpq-dev \
+    postgresql-server-dev-13 \
+    libical-dev \
+    libical3 \
+    xsltproc \
+    rsync
+
+# Install optional dependencies for gvmd
+sudo apt-get install -y --no-install-recommends \
+    xmlstarlet \
+    zip \
+    rpm \
+    fakeroot \
+    dpkg \
+    nsis \
+    gnupg \
+    gpgsm \
+    wget \
+    sshpass \
+    openssh-client \
+    socat \
+    snmp \
+    python3 \
+    smbclient \
+    python3-lxml \
+    gnutls-bin \
+    xml-twig-tools
+
+# Download and install gvmd
+curl -sSL https://github.com/greenbone/gvmd/archive/refs/tags/v${gvmd_version}.tar.gz -o ${SOURCE_DIR}/gvmd-${gvmd_version}.tar.gz
+curl -sSL https://github.com/greenbone/gvmd/releases/download/v${gvmd_version}/gvmd-${gvmd_version}.tar.gz.asc -o ${SOURCE_DIR}/gvmd-${gvmd_version}.tar.gz.asc
+
+gpg --verify ${SOURCE_DIR}/gvmd-${gvmd_version}.tar.gz.asc ${SOURCE_DIR}/gvmd-${gvmd_version}.tar.gz
+
+tar -C ${SOURCE_DIR} -xvzf ${SOURCE_DIR}/gvmd-${gvmd_version}.tar.gz
+
+mkdir -p ${BUILD_DIR}/gvmd && cd ${BUILD_DIR}/gvmd
+
+cmake ${SOURCE_DIR}/gvmd-${gvmd_version} \
+    -DCMAKE_INSTALL_PREFIX=${INSTALL_PREFIX} \
+    -DCMAKE_BUILD_TYPE=Release \
+    -DLOCALSTATEDIR=/var \
+    -DSYSCONFDIR=/etc \
+    -DGVM_DATA_DIR=/var \
+    -DGVM_RUN_DIR=/run/gvm \
+    -DPostgreSQL_TYPE_INCLUDE_DIR=/usr/include/postgresql \
+    -DOPENVAS_DEFAULT_SOCKET=/run/ospd/ospd-openvas.sock \
+    -DGVM_FEED_LOCK_PATH=/var/lib/gvm/feed-update.lock \
+    -DSYSTEMD_SERVICE_DIR=/lib/systemd/system \
+    -DDEFAULT_CONFIG_DIR=/etc/default \
+    -DLOGROTATE_DIR=/etc/logrotate.d
+
+make -j$(nproc)
+
+make DESTDIR=${INSTALL_DIR} install
+sudo cp -rv ${INSTALL_DIR}/* /
+#rm -rf ${INSTALL_DIR}/*
+
+# Install required dependencies for gsad & gsa
+sudo apt-get install -y --no-install-recommends \
+    libmicrohttpd-dev \
+    libmicrohttpd12 \
+    libxml2-dev \
+    libglib2.0-dev \
+    libgnutls28-dev
+
+sudo apt-get install -y --no-install-recommends \
+    nodejs \
+    yarnpkg
+
+curl -sSL https://github.com/greenbone/gsa/archive/refs/tags/v${gsa_version}.tar.gz -o ${SOURCE_DIR}/gsa-${gsa_version}.tar.gz
+curl -sSL https://github.com/greenbone/gsa/releases/download/v${gsa_version}/gsa-${gsa_version}.tar.gz.asc -o ${SOURCE_DIR}/gsa-${gsa_version}.tar.gz.asc
+curl -sSL https://github.com/greenbone/gsa/releases/download/v${gsa_version}/gsa-node-modules-${gsa_version}.tar.gz -o ${SOURCE_DIR}/gsa-node-modules-${gsa_version}.tar.gz
+curl -sSL https://github.com/greenbone/gsa/releases/download/v${gsa_version}/gsa-node-modules-${gsa_version}.tar.gz.asc -o ${SOURCE_DIR}/gsa-node-modules-${gsa_version}.tar.gz.asc
+
+gpg --verify ${SOURCE_DIR}/gsa-${gsa_version}.tar.gz.asc ${SOURCE_DIR}/gsa-${gsa_version}.tar.gz
+gpg --verify ${SOURCE_DIR}/gsa-node-modules-${gsa_version}.tar.gz.asc ${SOURCE_DIR}/gsa-node-modules-${gsa_version}.tar.gz
+
+tar -C ${SOURCE_DIR} -xvzf ${SOURCE_DIR}/gsa-${gsa_version}.tar.gz
+tar -C ${SOURCE_DIR}/gsa-${gsa_version}/gsa -xvzf ${SOURCE_DIR}/gsa-node-modules-${gsa_version}.tar.gz
+
+mkdir -p ${BUILD_DIR}/gsa && cd ${BUILD_DIR}/gsa
+
+cmake ${SOURCE_DIR}/gsa-${gsa_version} \
+    -DCMAKE_INSTALL_PREFIX=${INSTALL_PREFIX} \
+    -DCMAKE_BUILD_TYPE=Release \
+    -DSYSCONFDIR=/etc \
+    -DLOCALSTATEDIR=/var \
+    -DGVM_RUN_DIR=/run/gvm \
+    -DGSAD_PID_DIR=/run/gvm \
+    -DLOGROTATE_DIR=/etc/logrotate.d
+
+make -j$(nproc)
+
+make DESTDIR=${INSTALL_DIR} install
+sudo cp -rv ${INSTALL_DIR}/* /
+#rm -rf ${INSTALL_DIR}/*
+
+# Install required dependencies for openvas-smb
+sudo apt-get install -y --no-install-recommends \
+    gcc-mingw-w64 \
+    libgnutls28-dev \
+    libglib2.0-dev \
+    libpopt-dev \
+    libunistring-dev \
+    heimdal-dev \
+    libgssapi3-heimdal \
+    libhdb9-heimdal \
+    perl-base
+
+curl -sSL https://github.com/greenbone/openvas-smb/archive/refs/tags/v${openvas_smb_version}.tar.gz -o ${SOURCE_DIR}/openvas-smb-${openvas_smb_version}.tar.gz
+curl -sSL https://github.com/greenbone/openvas-smb/releases/download/v${openvas_smb_version}/openvas-smb-${openvas_smb_version}.tar.gz.asc -o ${SOURCE_DIR}/openvas-smb-${openvas_smb_version}.tar.gz.asc
+
+gpg --verify ${SOURCE_DIR}/openvas-smb-${openvas_smb_version}.tar.gz.asc ${SOURCE_DIR}/openvas-smb-${openvas_smb_version}.tar.gz
+
+tar -C ${SOURCE_DIR} -xvzf ${SOURCE_DIR}/openvas-smb-${openvas_smb_version}.tar.gz
+
+mkdir -p ${BUILD_DIR}/openvas-smb && cd ${BUILD_DIR}/openvas-smb
+
+cmake ${SOURCE_DIR}/openvas-smb-${openvas_smb_version} \
+    -DCMAKE_INSTALL_PREFIX=${INSTALL_PREFIX} \
+    -DCMAKE_BUILD_TYPE=Release
+
+make -j$(nproc)
+make DESTDIR=${INSTALL_DIR} install
+sudo cp -rv ${INSTALL_DIR}/* /
+#rm -rf ${INSTALL_DIR}/*
+
+# Install required dependencies for openvas-scanner
+sudo apt-get install -y --no-install-recommends \
+    bison \
+    libglib2.0-dev \
+    libgnutls28-dev \
+    libgcrypt20-dev \
+    libpcap-dev \
+    libgpgme-dev \
+    libksba-dev \
+    rsync \
+    nmap
+
+# Install optional dependencies for openvas-scanner
+sudo apt-get install -y \
+    python-impacket \
+    libsnmp-dev
+
+curl -sSL https://github.com/greenbone/openvas-scanner/archive/refs/tags/v${openvas_scanner_version}.tar.gz -o ${SOURCE_DIR}/openvas-scanner-${openvas_scanner_version}.tar.gz
+curl -sSL https://github.com/greenbone/openvas-scanner/releases/download/v${openvas_scanner_version}/openvas-scanner-${openvas_scanner_version}.tar.gz.asc -o ${SOURCE_DIR}/openvas-scanner-${openvas_scanner_version}.tar.gz.asc
+gpg --verify ${SOURCE_DIR}/openvas-scanner-${openvas_scanner_version}.tar.gz.asc ${SOURCE_DIR}/openvas-scanner-${openvas_scanner_version}.tar.gz
+
+tar -C ${SOURCE_DIR} -xvzf ${SOURCE_DIR}/openvas-scanner-${openvas_scanner_version}.tar.gz
+
+mkdir -p ${BUILD_DIR}/openvas-scanner && cd ${BUILD_DIR}/openvas-scanner
+
+cmake ${SOURCE_DIR}/openvas-scanner-${openvas_scanner_version} \
+    -DCMAKE_INSTALL_PREFIX=${INSTALL_PREFIX} \
+    -DCMAKE_BUILD_TYPE=Release \
+    -DSYSCONFDIR=/etc \
+    -DLOCALSTATEDIR=/var \
+    -DOPENVAS_FEED_LOCK_PATH=/var/lib/openvas/feed-update.lock \
+    -DOPENVAS_RUN_DIR=/run/ospd
+
+make -j$(nproc)
+make DESTDIR=${INSTALL_DIR} install
+sudo cp -rv ${INSTALL_DIR}/* /
+#rm -rf ${INSTALL_DIR}/*
+
+# Install required dependencies for ospd-openvas
+sudo apt-get install -y --no-install-recommends \
+    python3 \
+    python3-pip \
+    python3-setuptools \
+    python3-packaging \
+    python3-wrapt \
+    python3-cffi \
+    python3-psutil/buster-backports \
+    python3-lxml \
+    python3-defusedxml \
+    python3-paramiko \
+    python3-redis \
+    libnet1
+
+#sudo python3 -m pip install --no-warn-script-location psutil
+
+# Download and install ospd-openvas
+curl -sSL https://github.com/greenbone/ospd/archive/refs/tags/v${open_scanner_protocol_daemon}.tar.gz -o ${SOURCE_DIR}/ospd-${open_scanner_protocol_daemon}.tar.gz
+curl -sSL https://github.com/greenbone/ospd/releases/download/v${open_scanner_protocol_daemon}/ospd-${open_scanner_protocol_daemon}.tar.gz.asc -o ${SOURCE_DIR}/ospd-${open_scanner_protocol_daemon}.tar.gz.asc
+gpg --verify ${SOURCE_DIR}/ospd-${open_scanner_protocol_daemon}.tar.gz.asc ${SOURCE_DIR}/ospd-${open_scanner_protocol_daemon}.tar.gz
+
+curl -sSL https://github.com/greenbone/ospd-openvas/archive/refs/tags/v${ospd_openvas}.tar.gz -o ${SOURCE_DIR}/ospd-openvas-${ospd_openvas}.tar.gz
+curl -sSL https://github.com/greenbone/ospd-openvas/releases/download/v${ospd_openvas}/ospd-openvas-${ospd_openvas}.tar.gz.asc -o ${SOURCE_DIR}/ospd-openvas-${ospd_openvas}.tar.gz.asc
+gpg --verify ${SOURCE_DIR}/ospd-openvas-${ospd_openvas}.tar.gz.asc ${SOURCE_DIR}/ospd-openvas-${ospd_openvas}.tar.gz
+
+tar -C ${SOURCE_DIR} -xvzf ${SOURCE_DIR}/ospd-${open_scanner_protocol_daemon}.tar.gz
+tar -C ${SOURCE_DIR} -xvzf ${SOURCE_DIR}/ospd-openvas-${ospd_openvas}.tar.gz
+
+cd ${SOURCE_DIR}/ospd-${open_scanner_protocol_daemon}
+python3 -m pip install . --prefix=${INSTALL_PREFIX} --root=${INSTALL_DIR}
+python3 -m pip install .
+
+cd ${SOURCE_DIR}/ospd-openvas-${ospd_openvas}
+python3 -m pip install . --prefix=${INSTALL_PREFIX} --root=${INSTALL_DIR} --no-warn-script-location
+python3 -m pip install . --no-warn-script-location
+sudo cp -rv ${INSTALL_DIR}/* /
+#rm -rf ${INSTALL_DIR}/*
+
+# Install required dependencies for gvmd-tools
+sudo apt-get install -y --no-install-recommends \
+    python3 \
+    python3-pip \
+    python3-setuptools \
+    python3-packaging \
+    python3-lxml \
+    python3-defusedxml \
+    python3-paramiko
+
+# Install for user
+# python3 -m pip install --user gvm-tools
+
+# Install for root
+python3 -m pip install --no-warn-script-location gvm-tools
+python3 -m pip install --prefix=${INSTALL_PREFIX} --root=${INSTALL_DIR} --no-warn-script-location gvm-tools
+sudo cp -rv ${INSTALL_DIR}/* /
+#rm -rf ${INSTALL_DIR}/*
+
+# Install redis-server
+sudo apt-get install -y --no-install-recommends redis-server/buster-backports
+sudo mkdir -p /etc/redis
+sudo cp ${SOURCE_DIR}/openvas-scanner-${openvas_scanner_version}/config/redis-openvas.conf /etc/redis/redis-openvas.org.conf
+sudo chown redis:redis /etc/redis/*.conf
+echo "db_address = /run/redis-openvas/redis.sock" | sudo tee -a /etc/openvas/openvas.conf
+
+sudo usermod -aG redis gvm
+
+# Adjusting the permissions
+sudo chown -R gvm:gvm /var/lib/gvm
+sudo chown -R gvm:gvm /var/lib/openvas
+sudo chown -R gvm:gvm /var/log/gvm
+sudo chown -R gvm:gvm /run/gvm
+
+sudo chmod -R g+srw /var/lib/gvm
+sudo chmod -R g+srw /var/lib/openvas
+sudo chmod -R g+srw /var/log/gvm
+
+sudo chown gvm:gvm /usr/sbin/gvmd
+sudo chmod 6750 /usr/sbin/gvmd
+
+sudo chown gvm:gvm /usr/bin/greenbone-nvt-sync
+sudo chmod 740 /usr/sbin/greenbone-feed-sync
+sudo chown gvm:gvm /usr/sbin/greenbone-*-sync
+sudo chmod 740 /usr/sbin/greenbone-*-sync
+
+# SUDO for Scanning
+echo '%gvm ALL = NOPASSWD: /usr/sbin/openvas' | sudo EDITOR='tee -a' visudo
+
+# Install Postgres
+sudo apt-get install -y --no-install-recommends postgresql
+
+# Remove required dependencies for gvm-libs
+sudo apt-get purge --auto-remove -y \
+    heimdal-dev \
+    libgcrypt20-dev \
+    libglib2.0-dev \
+    libgnutls28-dev \
+    libgpgme-dev \
+    libhiredis-dev \
+    libksba-dev \
+    libldap2-dev \
+    libmicrohttpd-dev \
+    libnet1-dev \
+    libpcap-dev \
+    libpopt-dev \
+    libradcli-dev \
+    libsnmp-dev \
+    libssh-gcrypt-dev \
+    libunistring-dev \
+    libxml2-dev \
+    uuid-dev \
+    build-essential \
+    postgresql-server-dev-13 \
+    nodejs \
+    yarnpkg \
+    cmake
+sudo apt-get purge --auto-remove -y *-dev
+
+sudo apt-get -y autoremove
+
+echo "/usr/local/lib" >/etc/ld.so.conf.d/openvas.conf && ldconfig
+
+rm -rf ${SOURCE_DIR} ${BUILD_DIR} ${INSTALL_DIR}
+rm -rf /var/lib/apt/lists/*
+rm /etc/apt/apt.conf.d/30proxy || true
diff --git a/scripts/debian/prepare.sh b/scripts/debian/prepare.sh
new file mode 100755
index 00000000..1f1b6dd2
--- /dev/null
+++ b/scripts/debian/prepare.sh
@@ -0,0 +1,33 @@
+#!/usr/bin/env bash
+#set -Eeuo pipefail
+
+touch /opt/setup/.env
+
+echo 'deb http://deb.debian.org/debian buster-backports main' | tee /etc/apt/sources.list.d/backports.list
+echo "Acquire:http::Proxy \"${http_proxy}\";" | tee /etc/apt/apt.conf.d/30proxy
+echo "APT::Install-Recommends \"0\" ; APT::Install-Suggests \"0\" ;" | tee /etc/apt/apt.conf.d/10no-recommend-installs
+
+apt-get update
+apt-get install -yq --no-install-recommends gnupg curl wget sudo ca-certificates postfix supervisor cron openssh-server
+
+## START Postgres
+echo "deb http://apt.postgresql.org/pub/repos/apt buster-pgdg main" | sudo tee /etc/apt/sources.list.d/pgdg.list
+curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
+
+sudo apt-get update
+sudo apt-get -yq upgrade
+
+sudo apt-get install -y postgresql-13
+
+sudo update-alternatives --install /usr/bin/postgres postgres /usr/lib/postgresql/13/bin/postgres 50
+sudo update-alternatives --install /usr/bin/initdb initdb /usr/lib/postgresql/13/bin/initdb 50
+#ln -s /usr/lib/postgresql/13/bin/postgres /usr/bin/postgres
+#ln -s /usr/lib/postgresql/13/bin/initdb /usr/bin/initdb
+
+sudo locale-gen en_US.UTF-8
+sudo localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+## END Postgres
+
+sudo rm -rf /var/lib/apt/lists/*
+
+sudo useradd -r -M -U -G sudo -s /bin/sh gvm
diff --git a/scripts/entrypoint.sh b/scripts/entrypoint.sh
index c9dacf82..692c4675 100755
--- a/scripts/entrypoint.sh
+++ b/scripts/entrypoint.sh
@@ -1,5 +1,9 @@
 #!/usr/bin/env bash
 set -e
+set -o allexport
+# shellcheck disable=SC1091
+source /opt/setup/.env
+set +o allexport
 export GVMD_USER=${USERNAME:-${GVMD_USER:-admin}}
 export GVMD_PASSWORD=${PASSWORD:-${GVMD_PASSWORD:-adminpassword}}
 export GVMD_PASSWORD_FILE=${PASSWORD_FILE:-${GVMD_PASSWORD_FILE:-adminpassword}}
@@ -21,6 +25,12 @@ export DB_PASSWORD=${DB_PASSWORD:-none}
 export DB_PASSWORD_FILE=${DB_PASSWORD_FILE:-none}
 
 if [ "$1" == "/usr/bin/supervisord" ]; then
+
+    cp /opt/setup/supervisord.conf /etc/supervisord.conf
+    cp /opt/setup/logrotate-gvm.conf /etc/logrotate.d/gvm
+    cp /opt/setup/redis-openvas.conf /etc/redis/redis-openvas.conf
+    cp /opt/setup/sshd_config /etc/ssh/sshd_config
+
     echo "Starting Postfix for report delivery by email"
     sed -i "s/^relayhost.*$/relayhost = ${RELAYHOST}:${SMTPPORT}/" /etc/postfix/main.cf
     /usr/sbin/postfix -c /etc/postfix start
diff --git a/scripts/migration_v21.4.0_ubuntu_images.sh b/scripts/migration_v21.4.0_ubuntu_images.sh
old mode 100644
new mode 100755
diff --git a/scripts/start.sh b/scripts/start.sh
index 9db509b1..08e18079 100755
--- a/scripts/start.sh
+++ b/scripts/start.sh
@@ -1,5 +1,5 @@
 #!/usr/bin/env bash
-set -Eeuo pipefail
+set -Eeuxo pipefail
 
 export SUPVISD=${SUPVISD:-supervisorctl}
 export USERNAME=${USERNAME:-${GVMD_USER:-admin}}
@@ -19,8 +19,13 @@ export DB_PASSWORD=${DB_PASSWORD:-none}
 export DB_PASSWORD_FILE=${DB_PASSWORD_FILE:-none}
 export OPT_PDF=${OPT_PDF:-0}
 
-if [ "${OPT_PDF}" == "1" ]; then
+if [ "${OPT_PDF}" == "1" ] && [ "${SYSTEM_DIST}" == "alpine" ]; then
 	apk add --no-cache --allow-untrusted texlive texmf-dist-latexextra texmf-dist-fontsextra
+elif [ "${OPT_PDF}" == "1" ] && [ "${SYSTEM_DIST}" == "debian" ]; then
+	# Install optional dependencies for gvmd
+	sudo apt install -y --no-install-recommends \
+		texlive-latex-extra \
+		texlive-fonts-recommended
 fi
 
 mkdir -p /var/lib/gvm
@@ -195,7 +200,7 @@ fi
 
 # Sync NVTs, CERT data, and SCAP data on container start
 # See this as a super fallback to have at least some data, even if it is then out of date.
-/sync-initial.sh
+/opt/setup/scripts/sync-initial.sh
 
 #############################
 # Remove leftover pid files #
diff --git a/scripts/start_crond.sh b/scripts/start_crond.sh
new file mode 100755
index 00000000..f329cd5f
--- /dev/null
+++ b/scripts/start_crond.sh
@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+if [ "${SYSTEM_DIST}" == "alpine" ]; then
+    exec /usr/sbin/crond -f -l 8 -c /etc/crontabs
+elif [ "${SYSTEM_DIST}" == "debian" ]; then
+    exec /usr/sbin/cron -f -l -L 8
+fi
diff --git a/scripts/start_gvmd.sh b/scripts/start_gvmd.sh
new file mode 100644
index 00000000..ecccc437
--- /dev/null
+++ b/scripts/start_gvmd.sh
@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+if [ "${SYSTEM_DIST}" == "alpine" ]; then
+    exec /usr/bin/gvmd "$@"
+elif [ "${SYSTEM_DIST}" == "debian" ]; then
+    exec /usr/sbin/gvmd "$@"
+fi
diff --git a/scripts/sync-initial.sh b/scripts/sync-initial.sh
index 0ed316fa..9fb30524 100755
--- a/scripts/sync-initial.sh
+++ b/scripts/sync-initial.sh
@@ -31,7 +31,7 @@ if [ ! -f "/var/lib/gvm/.firstsync" ] && [ -f "/opt/gvm-sync-data.tar.xz" ]; the
 fi
 
 # Sync NVTs, CERT data, and SCAP data on container start
-/sync-all.sh
+/opt/setup/scripts/sync-all.sh
 touch /var/lib/gvm/.firstsync
 
 true

From 97debffbf5f50300b1803e087cddeaa45ab4d058 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Wed, 18 Aug 2021 22:50:41 +0200
Subject: [PATCH 10/33] gsa

---
 Dockerfile.debian           | 39 +++++++++++++++++++++++++++-
 Makefile                    |  8 ++++++
 config/supervisord.conf     | 13 +++++-----
 scripts/debian/main_pkgs.sh | 12 ++++++---
 scripts/debian/prepare.sh   | 52 +++++++++++++++++++++++++++++++++----
 scripts/start.sh            | 12 ++++++++-
 scripts/start_gsad.sh       |  6 +++++
 7 files changed, 126 insertions(+), 16 deletions(-)
 create mode 100644 scripts/start_gsad.sh

diff --git a/Dockerfile.debian b/Dockerfile.debian
index 26054232..00eba85f 100644
--- a/Dockerfile.debian
+++ b/Dockerfile.debian
@@ -32,6 +32,24 @@ ARG open_scanner_protocol_daemon="21.4.3"
 ARG ospd_openvas="21.4.2" 
 ARG python_gvm_version="21.6.0"
 
+ARG SUPVISD=supervisorctl
+ARG GVMD_USER
+ARG GVMD_PASSWORD
+ARG USERNAME=admin
+ARG PASSWORD=adminpassword
+ARG PASSWORD_FILE=none
+ARG TIMEOUT=15
+ARG DEBUG=N
+ARG RELAYHOST=smtp
+ARG SMTPPORT=25
+ARG AUTO_SYNC=true
+ARG CERTIFICATE=none
+ARG CERTIFICATE_KEY=none
+ARG HTTPS=true
+ARG TZ=Etc/UTC
+ARG SSHD=false
+ARG DB_PASSWORD=none
+
 ENV gvm_libs_version=${gvm_libs_version} \
     openvas_scanner_version=${openvas_scanner_version} \
     pggvm_version=${pggvm_version} \
@@ -42,7 +60,26 @@ ENV gvm_libs_version=${gvm_libs_version} \
     open_scanner_protocol_daemon=${open_scanner_protocol_daemon} \
     ospd_openvas=${ospd_openvas} \
     python_gvm_version=${python_gvm_version} \
-    SYSTEM_DIST=debian
+    SYSTEM_DIST=debian \
+    SUPVISD=${SUPVISD:-supervisorctl} \
+    USERNAME=${USERNAME:-${GVMD_USER:-admin}} \
+    PASSWORD=${PASSWORD:-${GVMD_PASSWORD:-admin}} \
+    PASSWORD_FILE=${PASSWORD_FILE:-${GVMD_PASSWORD_FILE:-none}} \
+    TIMEOUT=${TIMEOUT:-15} \
+    DEBUG=${DEBUG:-N} \
+    RELAYHOST=${RELAYHOST:-smtp} \
+    SMTPPORT=${SMTPPORT:-25} \
+    AUTO_SYNC=${AUTO_SYNC:-true} \
+    HTTPS=${HTTPS:-true} \
+    CERTIFICATE=${CERTIFICATE:-none} \
+    CERTIFICATE_KEY=${CERTIFICATE_KEY:-none} \
+    TZ=${TZ:-Etc/UTC} \
+    SSHD=${SSHD:-false} \
+    DB_PASSWORD=${DB_PASSWORD:-none} \
+    DB_PASSWORD_FILE=${DB_PASSWORD:-none} \
+    LANG=en_US.UTF-8 \
+    LANGUAGE=en_US.UTF-8 \
+    LC_ALL=en_US.UTF-8
 
 RUN ls -lahR /opt/setup/ \
     && /opt/setup/scripts/debian/prepare.sh \
diff --git a/Makefile b/Makefile
index c60fa8d4..675dd059 100644
--- a/Makefile
+++ b/Makefile
@@ -18,6 +18,10 @@ apkbuild:
 .PHONY: build_debian
 build: build_debian_latest build_debian_full build_debian_data build_debian_data_full 
 
+build_debian_squash:
+	cd ${PWD} ; \
+	docker build -f Dockerfile.debian --squash -t ${DOCKER_ORG}/gvm:debian . ; \
+	docker push ${DOCKER_ORG}/gvm:debian
 build_debian_latest: 
 	cd ${PWD} ; \
 	docker build --platform ${PLATFORM} ${ADD_OPTIONS} -f Dockerfile.debian -t ${DOCKER_ORG}/gvm:debian -t ${DOCKER_ORG}/gvm:debian-latest .
@@ -35,6 +39,9 @@ build_debian_data_full:
 .PHONY: build
 build: build_latest build_full build_data build_data_full 
 
+build_squash:
+	cd ${PWD} ; \
+	docker build --no-cache --squash --platform ${PLATFORM} ${ADD_OPTIONS} -t ${DOCKER_ORG}/gvm:no-data-uid-squash .
 build_latest: 
 	cd ${PWD} ; \
 	docker build --platform ${PLATFORM} ${ADD_OPTIONS} -t ${DOCKER_ORG}/gvm:alpine -t ${DOCKER_ORG}/gvm:latest .
@@ -49,6 +56,7 @@ build_data_full:
 	docker build --platform ${PLATFORM} ${ADD_OPTIONS} --build-arg SETUP=1 --build-arg OPT_PDF=1 -t ${DOCKER_ORG}/gvm:data-full .
 	
 run-debian:
+	sudo rm -rf ${PWD}/storage
 	mkdir -p ${PWD}/storage/postgres-db
 	mkdir -p ${PWD}/storage/openvas-plugins
 	mkdir -p ${PWD}/storage/gvm
diff --git a/config/supervisord.conf b/config/supervisord.conf
index e54e034d..94443ed3 100644
--- a/config/supervisord.conf
+++ b/config/supervisord.conf
@@ -35,9 +35,10 @@ stderr_logfile_maxbytes=0
 
 [program:redis]
 priority=5
-command=/usr/bin/redis-server /etc/redis/redis-openvas.conf --daemonize no
+command=/usr/bin/redis-server /etc/redis/redis-openvas.conf --daemonize no --syslog-enabled no
 stdout_logfile=/var/log/supervisor/%(program_name)s.log
 stderr_logfile=/var/log/supervisor/%(program_name)s_err.log
+user=redis
 autorestart=true
 autostart=false
 startretries=10
@@ -87,7 +88,7 @@ stopasgroup=true
 killasgroup=true
 
 [program:ospd-openvas]
-command=/opt/setup/scripts/ospd-openvas-wrapper.sh /usr/bin/ospd-openvas -f --unix-socket /var/run/ospd/ospd.sock --socket-mode 0o770 --log-level INFO
+command=sudo -Hiu gvm /opt/setup/scripts/ospd-openvas-wrapper.sh /usr/bin/ospd-openvas -f --unix-socket /var/run/ospd/ospd.sock --pid-file /var/run/ospd/ospd.pid --socket-mode 0o777 --log-level INFO
 stdout_logfile=/var/log/supervisor/%(program_name)s.log
 stderr_logfile=/var/log/supervisor/%(program_name)s_err.log
 priority=10
@@ -101,7 +102,7 @@ stopasgroup=true
 killasgroup=true
 
 [program:gvmd]
-command=/opt/setup/scripts/start_gvmd.sh -f --listen=0.0.0.0 --port=9390 --gnutls-priorities=SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1
+command=/opt/setup/scripts/start_gvmd.sh -f --osp-vt-update=/var/run/ospd/ospd.sock --listen=0.0.0.0 --port=9390 --gnutls-priorities=SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1
 stdout_logfile=/var/log/supervisor/%(program_name)s.log
 stderr_logfile=/var/log/supervisor/%(program_name)s_err.log
 priority=20
@@ -116,7 +117,7 @@ stopasgroup=true
 killasgroup=true
 
 [program:gsad-https-owncert]
-command=/usr/bin/gsad -f --verbose --gnutls-priorities=SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0 --ssl-certificate=%(ENV_CERTIFICATE)s --ssl-private-key=%(ENV_CERTIFICATE_KEY)s --timeout=%(ENV_TIMEOUT)s --no-redirect --mlisten=127.0.0.1 --mport=9390 --port=9392
+command=/opt/setup/scripts/start_gsad.sh -f --verbose --gnutls-priorities=SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0 --ssl-certificate=%(ENV_CERTIFICATE)s --ssl-private-key=%(ENV_CERTIFICATE_KEY)s --timeout=%(ENV_TIMEOUT)s --no-redirect --mlisten=127.0.0.1 --mport=9390 --port=9392
 stdout_logfile=/var/log/supervisor/%(program_name)s.log
 stderr_logfile=/var/log/supervisor/%(program_name)s_err.log
 priority=30
@@ -131,7 +132,7 @@ stopasgroup=true
 killasgroup=true
 
 [program:gsad-https]
-command=/usr/bin/gsad -f --verbose --gnutls-priorities=SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0 --timeout=%(ENV_TIMEOUT)s --no-redirect --mlisten=127.0.0.1 --mport=9390 --port=9392
+command=/opt/setup/scripts/start_gsad.sh -f --verbose --gnutls-priorities=SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0 --timeout=%(ENV_TIMEOUT)s --no-redirect --mlisten=127.0.0.1 --mport=9390 --port=9392
 stdout_logfile=/var/log/supervisor/%(program_name)s.log
 stderr_logfile=/var/log/supervisor/%(program_name)s_err.log
 priority=30
@@ -146,7 +147,7 @@ stopasgroup=true
 killasgroup=true
 
 [program:gsad]
-command=/usr/bin/gsad -f --verbose --http-only --timeout=%(ENV_TIMEOUT)s --no-redirect --mlisten=127.0.0.1 --mport=9390 --port=9392
+command=/opt/setup/scripts/start_gsad.sh -f --verbose --http-only --timeout=%(ENV_TIMEOUT)s --no-redirect --mlisten=127.0.0.1 --mport=9390 --port=9392
 stdout_logfile=/var/log/supervisor/%(program_name)s.log
 stderr_logfile=/var/log/supervisor/%(program_name)s_err.log
 priority=30
diff --git a/scripts/debian/main_pkgs.sh b/scripts/debian/main_pkgs.sh
index 83c3ea75..b7837780 100755
--- a/scripts/debian/main_pkgs.sh
+++ b/scripts/debian/main_pkgs.sh
@@ -32,6 +32,7 @@ gpg --import GBCommunitySigningKey.asc
 # Install required dependencies for gvm-libs
 sudo apt-get install -y --no-install-recommends \
     libglib2.0-dev \
+    graphviz graphviz-dev \
     libgpgme-dev \
     libgpgme11 \
     libgnutls28-dev \
@@ -85,7 +86,7 @@ sudo apt-get install -y --no-install-recommends \
     libglib2.0-dev \
     libgnutls28-dev \
     libpq-dev \
-    postgresql-server-dev-13 \
+    postgresql-server-dev-all \
     libical-dev \
     libical3 \
     xsltproc \
@@ -154,6 +155,10 @@ sudo apt-get install -y --no-install-recommends \
     nodejs \
     yarnpkg
 
+# looks like need because of an issue with yarn
+yarnpkg install
+yarnpkg upgrade
+
 curl -sSL https://github.com/greenbone/gsa/archive/refs/tags/v${gsa_version}.tar.gz -o ${SOURCE_DIR}/gsa-${gsa_version}.tar.gz
 curl -sSL https://github.com/greenbone/gsa/releases/download/v${gsa_version}/gsa-${gsa_version}.tar.gz.asc -o ${SOURCE_DIR}/gsa-${gsa_version}.tar.gz.asc
 curl -sSL https://github.com/greenbone/gsa/releases/download/v${gsa_version}/gsa-node-modules-${gsa_version}.tar.gz -o ${SOURCE_DIR}/gsa-node-modules-${gsa_version}.tar.gz
@@ -311,7 +316,7 @@ sudo cp -rv ${INSTALL_DIR}/* /
 # Install redis-server
 sudo apt-get install -y --no-install-recommends redis-server/buster-backports
 sudo mkdir -p /etc/redis
-sudo cp ${SOURCE_DIR}/openvas-scanner-${openvas_scanner_version}/config/redis-openvas.conf /etc/redis/redis-openvas.org.conf
+sudo cp ${SOURCE_DIR}/openvas-scanner-${openvas_scanner_version}/config/redis-openvas.conf /etc/redis/redis-openvas.conf
 sudo chown redis:redis /etc/redis/*.conf
 echo "db_address = /run/redis-openvas/redis.sock" | sudo tee -a /etc/openvas/openvas.conf
 
@@ -362,9 +367,10 @@ sudo apt-get purge --auto-remove -y \
     libxml2-dev \
     uuid-dev \
     build-essential \
-    postgresql-server-dev-13 \
+    postgresql-server-dev-all \
     nodejs \
     yarnpkg \
+    graphviz-dev \
     cmake
 sudo apt-get purge --auto-remove -y *-dev
 
diff --git a/scripts/debian/prepare.sh b/scripts/debian/prepare.sh
index 1f1b6dd2..fa786ca3 100755
--- a/scripts/debian/prepare.sh
+++ b/scripts/debian/prepare.sh
@@ -8,16 +8,16 @@ echo "Acquire:http::Proxy \"${http_proxy}\";" | tee /etc/apt/apt.conf.d/30proxy
 echo "APT::Install-Recommends \"0\" ; APT::Install-Suggests \"0\" ;" | tee /etc/apt/apt.conf.d/10no-recommend-installs
 
 apt-get update
-apt-get install -yq --no-install-recommends gnupg curl wget sudo ca-certificates postfix supervisor cron openssh-server
+apt-get install -yq --no-install-recommends gnupg curl wget sudo ca-certificates postfix supervisor cron openssh-server nano
 
 ## START Postgres
-echo "deb http://apt.postgresql.org/pub/repos/apt buster-pgdg main" | sudo tee /etc/apt/sources.list.d/pgdg.list
-curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
+#echo "deb http://apt.postgresql.org/pub/repos/apt buster-pgdg main" | sudo tee /etc/apt/sources.list.d/pgdg.list
+#curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
 
 sudo apt-get update
 sudo apt-get -yq upgrade
 
-sudo apt-get install -y postgresql-13
+sudo apt-get install -y postgresql postgresql-server-dev-all
 
 sudo update-alternatives --install /usr/bin/postgres postgres /usr/lib/postgresql/13/bin/postgres 50
 sudo update-alternatives --install /usr/bin/initdb initdb /usr/lib/postgresql/13/bin/initdb 50
@@ -29,5 +29,47 @@ sudo localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-
 ## END Postgres
 
 sudo rm -rf /var/lib/apt/lists/*
+sudo useradd -r -M -d /var/lib/gvm -U -G sudo -s /bin/bash gvm
+sudo usermod -aG tty gvm
+sudo usermod -aG sudo gvm
 
-sudo useradd -r -M -U -G sudo -s /bin/sh gvm
+echo 'PATH="${HOME}/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"' | sudo tee /etc/profile.d/path.sh
+
+#9 65.89 Generation complete.
+#9 67.83 Usage: useradd [options] LOGIN
+#9 67.83        useradd -D
+#9 67.83        useradd -D [options]
+#9 67.83
+#9 67.83 Options:
+#9 67.83   -b, --base-dir BASE_DIR       base directory for the home directory of the
+#9 67.83                                 new account
+#9 67.83   -c, --comment COMMENT         GECOS field of the new account
+#9 67.83   -d, --home-dir HOME_DIR       home directory of the new account
+#9 67.83   -D, --defaults                print or change default useradd configuration
+#9 67.83   -e, --expiredate EXPIRE_DATE  expiration date of the new account
+#9 67.83   -f, --inactive INACTIVE       password inactivity period of the new account
+#9 67.83   -g, --gid GROUP               name or ID of the primary group of the new
+#9 67.83                                 account
+#9 67.83   -G, --groups GROUPS           list of supplementary groups of the new
+#9 67.83                                 account
+#9 67.83   -h, --help                    display this help message and exit
+#9 67.83   -k, --skel SKEL_DIR           use this alternative skeleton directory
+#9 67.83   -K, --key KEY=VALUE           override /etc/login.defs defaults
+#9 67.83   -l, --no-log-init             do not add the user to the lastlog and
+#9 67.83                                 faillog databases
+#9 67.83   -m, --create-home             create the user's home directory
+#9 67.83   -M, --no-create-home          do not create the user's home directory
+#9 67.83   -N, --no-user-group           do not create a group with the same name as
+#9 67.83                                 the user
+#9 67.83   -o, --non-unique              allow to create users with duplicate
+#9 67.83                                 (non-unique) UID
+#9 67.83   -p, --password PASSWORD       encrypted password of the new account
+#9 67.83   -r, --system                  create a system account
+#9 67.83   -R, --root CHROOT_DIR         directory to chroot into
+#9 67.83   -s, --shell SHELL             login shell of the new account
+#9 67.83   -u, --uid UID                 user ID of the new account
+#9 67.83   -U, --user-group              create a group with the same name as the user
+#9 67.83   -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user mapping
+#9 67.83
+#9 67.84 usermod: user 'gvm' does not exist
+#9 67.85 usermod: user 'gvm' does not exist
diff --git a/scripts/start.sh b/scripts/start.sh
index 08e18079..f8f85235 100755
--- a/scripts/start.sh
+++ b/scripts/start.sh
@@ -15,17 +15,21 @@ export CERTIFICATE=${CERTIFICATE:-none}
 export CERTIFICATE_KEY=${CERTIFICATE_KEY:-none}
 export TZ=${TZ:-Etc/UTC}
 export SSHD=${SSHD:-false}
+export SETUP=${SETUP:-0}
 export DB_PASSWORD=${DB_PASSWORD:-none}
 export DB_PASSWORD_FILE=${DB_PASSWORD_FILE:-none}
 export OPT_PDF=${OPT_PDF:-0}
+export SYSTEM_DIST=${SYSTEM_DIST:-unsupported}
 
 if [ "${OPT_PDF}" == "1" ] && [ "${SYSTEM_DIST}" == "alpine" ]; then
 	apk add --no-cache --allow-untrusted texlive texmf-dist-latexextra texmf-dist-fontsextra
 elif [ "${OPT_PDF}" == "1" ] && [ "${SYSTEM_DIST}" == "debian" ]; then
 	# Install optional dependencies for gvmd
+	sudo apt update
 	sudo apt install -y --no-install-recommends \
 		texlive-latex-extra \
 		texlive-fonts-recommended
+	sudo rm -rf /var/lib/apt/lists/*
 fi
 
 mkdir -p /var/lib/gvm
@@ -40,6 +44,7 @@ chown gvm:gvm -R /var/lib/gvm
 # fix for greenbone-nvt-sync
 mkdir -p /run/ospd/
 chown gvm:gvm /run/ospd
+chmod 2775 /var/run/ospd/
 su -c "touch /run/ospd/feed-update.lock" gvm
 mkdir -p /var/lib/openvas/plugins/
 chown -R gvm:gvm /var/lib/openvas/plugins/
@@ -65,6 +70,9 @@ if [ -S /run/redis-openvas/redis.sock ]; then
 	rm /run/redis-openvas/redis.sock
 fi
 
+sudo chown -R redis:redis /run/redis-openvas/
+sudo chown -R redis:redis /etc/redis/
+
 ${SUPVISD} start redis
 if [ "${DEBUG}" == "Y" ]; then
 	${SUPVISD} status redis
@@ -167,6 +175,7 @@ fi
 if [ ! -d "/run/gvmd" ]; then
 	mkdir -p /run/gvmd
 	chown gvm:gvm -R /run/gvmd/
+	chmod 2775 /var/run/gvmd/
 fi
 
 echo "gvmd --migrate"
@@ -261,7 +270,8 @@ if [ ! -f "/var/lib/gvm/.created_gvm_user" ]; then
 	echo "${ADDR[1]}"
 
 	su -c "gvmd --modify-setting 78eceaec-3385-11ea-b237-28d24461215b --value ${ADDR[1]}" gvm
-
+	su -c "gvmd --modify-scanner=08b69003-5fc2-4037-a479-93b440211c73 --scanner-host=/var/run/ospd/ospd.sock" gvm
+	su -c "gvmd --modify-scanner=08b69003-5fc2-4037-a479-93b440211c73 --value ${ADDR[1]}" gvm
 	touch /var/lib/gvm/.created_gvm_user
 fi
 
diff --git a/scripts/start_gsad.sh b/scripts/start_gsad.sh
new file mode 100644
index 00000000..fa2ab167
--- /dev/null
+++ b/scripts/start_gsad.sh
@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+if [ "${SYSTEM_DIST}" == "alpine" ]; then
+    exec /usr/bin/gsad "$@"
+elif [ "${SYSTEM_DIST}" == "debian" ]; then
+    exec /usr/sbin/gsad "$@"
+fi

From f71a80f7c88f2b26c8dd4edaa327974c1a227ae8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Fri, 20 Aug 2021 16:00:34 +0200
Subject: [PATCH 11/33] add alternatives

---
 scripts/debian/prepare.sh | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/scripts/debian/prepare.sh b/scripts/debian/prepare.sh
index fa786ca3..c668ecb1 100755
--- a/scripts/debian/prepare.sh
+++ b/scripts/debian/prepare.sh
@@ -19,8 +19,12 @@ sudo apt-get -yq upgrade
 
 sudo apt-get install -y postgresql postgresql-server-dev-all
 
-sudo update-alternatives --install /usr/bin/postgres postgres /usr/lib/postgresql/13/bin/postgres 50
-sudo update-alternatives --install /usr/bin/initdb initdb /usr/lib/postgresql/13/bin/initdb 50
+sudo update-alternatives --install /usr/bin/postgres postgres /usr/lib/postgresql/11/bin/postgres 10
+sudo update-alternatives --install /usr/bin/initdb initdb /usr/lib/postgresql/11/bin/initdb 10
+sudo update-alternatives --install /usr/bin/postgres postgres /usr/lib/postgresql/12/bin/postgres 20
+sudo update-alternatives --install /usr/bin/initdb initdb /usr/lib/postgresql/12/bin/initdb 20
+sudo update-alternatives --install /usr/bin/postgres postgres /usr/lib/postgresql/13/bin/postgres 30
+sudo update-alternatives --install /usr/bin/initdb initdb /usr/lib/postgresql/13/bin/initdb 40
 #ln -s /usr/lib/postgresql/13/bin/postgres /usr/bin/postgres
 #ln -s /usr/lib/postgresql/13/bin/initdb /usr/bin/initdb
 

From b32b125109a12afc4ba7c79463844c540f724f99 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Fri, 10 Sep 2021 11:17:42 +0200
Subject: [PATCH 12/33] Purge only for build pagackes

---
 Makefile                    | 2 +-
 scripts/debian/main_pkgs.sh | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/Makefile b/Makefile
index 675dd059..4de042f9 100644
--- a/Makefile
+++ b/Makefile
@@ -20,7 +20,7 @@ build: build_debian_latest build_debian_full build_debian_data build_debian_data
 
 build_debian_squash:
 	cd ${PWD} ; \
-	docker build -f Dockerfile.debian --squash -t ${DOCKER_ORG}/gvm:debian . ; \
+	docker build -f Dockerfile.debian --squash ${ADD_OPTIONS}  -t ${DOCKER_ORG}/gvm:debian . ; \
 	docker push ${DOCKER_ORG}/gvm:debian
 build_debian_latest: 
 	cd ${PWD} ; \
diff --git a/scripts/debian/main_pkgs.sh b/scripts/debian/main_pkgs.sh
index b7837780..cc9b0aab 100755
--- a/scripts/debian/main_pkgs.sh
+++ b/scripts/debian/main_pkgs.sh
@@ -187,6 +187,10 @@ make DESTDIR=${INSTALL_DIR} install
 sudo cp -rv ${INSTALL_DIR}/* /
 #rm -rf ${INSTALL_DIR}/*
 
+sudo apt-get purge -y \
+    nodejs \
+    yarnpkg
+
 # Install required dependencies for openvas-smb
 sudo apt-get install -y --no-install-recommends \
     gcc-mingw-w64 \

From ec07231bdf6696e7c00e83056d68919065d60cda Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Tue, 28 Sep 2021 11:17:07 +0200
Subject: [PATCH 13/33] Add some fixes for alpine

---
 Dockerfile            | 12 +++++++++---
 Makefile              | 17 ++++++++++++++++-
 scripts/entrypoint.sh |  2 ++
 3 files changed, 27 insertions(+), 4 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 528add2a..227079e0 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -5,6 +5,7 @@ EXPOSE 22 5432 8081 9392
 ENTRYPOINT [ "/opt/setup/scripts/entrypoint.sh" ]
 CMD ["/usr/bin/supervisord", "-n", "-c", "/etc/supervisord.conf"]
 
+
 ARG SUPVISD=supervisorctl
 ARG GVMD_USER
 ARG GVMD_PASSWORD
@@ -23,6 +24,11 @@ ARG TZ=Etc/UTC
 ARG SSHD=false
 ARG DB_PASSWORD=none
 
+
+COPY config /opt/setup/
+COPY scripts /opt/setup/scripts/
+RUN chmod -R +x /opt/setup/scripts/*.sh
+
 RUN mkdir -p /repo/main \
     && mkdir -p /repo/community
 
@@ -69,7 +75,7 @@ RUN { \
     # build and install musl-locales
     # remove sources and compile artifacts
     # lastly remove dev dependencies again
-    && apk --no-cache add libintl \
+    && apk --no-cache add libintl sudo \
     && apk --no-cache --virtual .locale_build add cmake make musl-dev gcc gettext-dev git \
     && git clone https://gitlab.com/rilian-la-te/musl-locales \
     && cd musl-locales && cmake -DLOCALE_PROFILE=OFF -DCMAKE_INSTALL_PREFIX:PATH=/usr . && make && make install \
@@ -83,8 +89,8 @@ RUN { \
 COPY gvm-sync-data/gvm-sync-data.tar.xz /opt/gvm-sync-data.tar.xz
 
 COPY report_formats/* /report_formats/
-COPY config /opt/setup/
-COPY scripts /opt/setup/scripts/
+#COPY config /opt/setup/
+#COPY scripts /opt/setup/scripts/
 #RUN chmod -R +x /opt/setup/scripts/*.sh
 #COPY scripts/* /
 #COPY config/supervisord.conf /etc/supervisord.conf
diff --git a/Makefile b/Makefile
index 4de042f9..c52895e4 100644
--- a/Makefile
+++ b/Makefile
@@ -85,4 +85,19 @@ run-full:
 	--volume "${PWD}/storage/openvas-plugins:/var/lib/openvas/plugins" \
 	--volume "${PWD}/storage/gvm:/var/lib/gvm" \
 	--volume "${PWD}/storage/ssh:/etc/ssh" \
-	--name gvm ${DOCKER_ORG}/gvm:data-full
\ No newline at end of file
+	--name gvm ${DOCKER_ORG}/gvm:data-
+	
+run-latest:
+	mkdir -p ${PWD}/storage/postgres-db
+	mkdir -p ${PWD}/storage/openvas-plugins
+	mkdir -p ${PWD}/storage/gvm
+	mkdir -p ${PWD}/storage/ssh
+	docker run --rm --publish 8080:9392 --publish 5432:5432 --publish 2222:22 \
+	--env DB_PASSWORD="postgres DB password" \
+	--env PASSWORD="webUI password" \
+	--env SSHD="true" \
+	--volume "${PWD}/storage/postgres-db:/opt/database" \
+	--volume "${PWD}/storage/openvas-plugins:/var/lib/openvas/plugins" \
+	--volume "${PWD}/storage/gvm:/var/lib/gvm" \
+	--volume "${PWD}/storage/ssh:/etc/ssh" \
+	--name gvm ${DOCKER_ORG}/gvm:alpine
\ No newline at end of file
diff --git a/scripts/entrypoint.sh b/scripts/entrypoint.sh
index 692c4675..12f629ba 100755
--- a/scripts/entrypoint.sh
+++ b/scripts/entrypoint.sh
@@ -1,5 +1,6 @@
 #!/usr/bin/env bash
 set -e
+touch /opt/setup/.env
 set -o allexport
 # shellcheck disable=SC1091
 source /opt/setup/.env
@@ -28,6 +29,7 @@ if [ "$1" == "/usr/bin/supervisord" ]; then
 
     cp /opt/setup/supervisord.conf /etc/supervisord.conf
     cp /opt/setup/logrotate-gvm.conf /etc/logrotate.d/gvm
+    mkdir -p /etc/redis/
     cp /opt/setup/redis-openvas.conf /etc/redis/redis-openvas.conf
     cp /opt/setup/sshd_config /etc/ssh/sshd_config
 

From fec96dcb297fc674a5a4affabfbe151c94073fde Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Tue, 28 Sep 2021 14:12:19 +0200
Subject: [PATCH 14/33] Fix #267 use `postconf`

---
 scripts/entrypoint.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/scripts/entrypoint.sh b/scripts/entrypoint.sh
index 12f629ba..cb303540 100755
--- a/scripts/entrypoint.sh
+++ b/scripts/entrypoint.sh
@@ -34,7 +34,8 @@ if [ "$1" == "/usr/bin/supervisord" ]; then
     cp /opt/setup/sshd_config /etc/ssh/sshd_config
 
     echo "Starting Postfix for report delivery by email"
-    sed -i "s/^relayhost.*$/relayhost = ${RELAYHOST}:${SMTPPORT}/" /etc/postfix/main.cf
+    #sed -i "s/^relayhost.*$/relayhost = ${RELAYHOST}:${SMTPPORT}/" /etc/postfix/main.cf
+    postconf -e "relayhost = ${RELAYHOST}:${SMTPPORT}"
     /usr/sbin/postfix -c /etc/postfix start
 
     #  exec /start.sh

From 89e13f6e163f1ca6e64ce3f23d3304e616a0dd85 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Tue, 28 Sep 2021 14:14:40 +0200
Subject: [PATCH 15/33] fix #281, #263 build full initialized container

---
 scripts/start.sh | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/scripts/start.sh b/scripts/start.sh
index f8f85235..bf086518 100755
--- a/scripts/start.sh
+++ b/scripts/start.sh
@@ -336,5 +336,21 @@ echo "+              and at: /var/log/gvm/                      +"
 echo "==========================================================="
 
 if [ "${SETUP}" == "1" ]; then
+	echo "==========================================================="
+	echo "==================  WebUI Password  ======================="
+	echo "================== ${PASSWORD} =================="
+	echo "================  Postgres Password  ======================"
+	echo "================== ${DB_PASSWORD} =================="
+	echo "==========================================================="
+
+	sleep 30
+	echo "<get_feeds/>" >/tmp/gvm_action.xml
+	su -c "gvm-cli --gmp-username ${USERNAME} --gmp-password ${PASSWORD} --protocol GMP tls /tmp/gvm_action.xml | grep -o -i 'currently_syncing' | wc -l " gvm
+	until [ "$(su -c "gvm-cli --gmp-username ${USERNAME} --gmp-password ${PASSWORD} --protocol GMP tls /tmp/gvm_action.xml | grep -o -i 'currently_syncing' | wc -l " gvm)" == "0" ]; do
+		sleep 60
+		echo "Wait for full sync!"
+	done
+	rm /tmp/gvm_action.xml
+	sleep 120
 	${SUPVISD} shutdown || true
 fi

From 6632c77dde688d5abb2f396822fd9b6ea3d43381 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Tue, 28 Sep 2021 14:15:20 +0200
Subject: [PATCH 16/33] Build Debian Image

---
 .github/workflows/docker-publish-debian.yml | 373 ++++++++++++++++++++
 Dockerfile.debian                           |  20 ++
 2 files changed, 393 insertions(+)
 create mode 100644 .github/workflows/docker-publish-debian.yml

diff --git a/.github/workflows/docker-publish-debian.yml b/.github/workflows/docker-publish-debian.yml
new file mode 100644
index 00000000..cc12f85d
--- /dev/null
+++ b/.github/workflows/docker-publish-debian.yml
@@ -0,0 +1,373 @@
+name: Docker Image Build and Release for Debian
+
+on:
+  push:
+    branches: [master]
+  pull_request:
+    branches: [master, dev]
+  create:
+    tags:
+
+concurrency: ci-${{ github.ref }}
+
+env:
+  # Use docker.io for Docker Hub if empty
+  REGISTRY: ghcr.io
+  # github.repository as <account>/<repo>
+  IMAGE_NAME: ${{ github.repository }}
+  IMAGE_NAME_GHCR: ghcr.io/${{ github.repository }}
+  IMAGE_NAME_DOCKER: securecompliance/gvm
+
+permissions:
+  contents: read
+  packages: write
+
+jobs:
+  build_test_trivy:
+    name: Build and Test - Trivy
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: PrepareReg Names
+        run: |
+          echo IMAGE_REPOSITORY_GHCR=$(echo "ghcr.io/${{ github.repository }}" | tr '[:upper:]' '[:lower:]') >> $GITHUB_ENV
+          echo IMAGE_TAG=$(echo ${{ github.ref }} | tr '[:upper:]' '[:lower:]' | awk '{split($0,a,"/"); print a[3]}') >> $GITHUB_ENV
+
+      - name: Set tag var
+        id: vars
+        run: echo ::set-output name=docker_tag::$(echo ${GITHUB_REF} | cut -d'/' -f3)-${GITHUB_SHA}
+
+      - name: Download artifact
+        uses: dawidd6/action-download-artifact@v2
+        with:
+          # Optional, GitHub token, a Personal Access Token with `public_repo` scope if needed
+          # Required, if artifact is from a different repo
+          github_token: ${{secrets.GITHUB_TOKEN}}
+          # Required, workflow file name or ID
+          workflow: build-apk.yml
+          # Optional, will use the branch
+          branch: master
+          # Optional, uploaded artifact name,
+          # will download all artifacts if not specified
+          # and extract them in respective subdirectories
+          # https://github.com/actions/download-artifact#download-all-artifacts
+          name: apk-builds
+          # Optional, directory where to extract artifact. Defaults to the artifact name (see `name` input)
+          path: ${{ github.workspace }}/apk-build/
+          # Optional, defaults to current repo
+          repo: Secure-Compliance-Solutions-LLC/GVM-APK-build
+
+      - name: Build the Docker image
+        run: docker build . --file Dockerfile.debian --build-arg OPT_PDF=1 --tag ${{ env.IMAGE_REPOSITORY_GHCR }}:${{ github.sha }}
+
+      - uses: actions/cache@v2.1.4
+        with:
+          path: .trivy
+          key: ${{ runner.os }}-trivy-${{ github.run_id }}
+          restore-keys: |
+            ${{ runner.os }}-trivy-
+
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: "${{ env.IMAGE_REPOSITORY_GHCR }}:${{ github.sha }}"
+          format: "table"
+          exit-code: "1"
+          ignore-unfixed: true
+          vuln-type: "os,library"
+          severity: "CRITICAL,HIGH"
+          cache-dir: .trivy
+
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/trivy-action@master
+        if: always()
+        with:
+          image-ref: "${{ env.IMAGE_REPOSITORY_GHCR }}:${{ github.sha }}"
+          format: "template"
+          template: "@/contrib/sarif.tpl"
+          output: "trivy-results.sarif"
+          severity: "CRITICAL,HIGH"
+          cache-dir: .trivy
+
+      - name: Upload Trivy scan results to GitHub Security tab
+        uses: github/codeql-action/upload-sarif@v1
+        if: always()
+        with:
+          sarif_file: "trivy-results.sarif"
+
+      - name: Correct Trivy cache permissions
+        if: always()
+        run: sudo chown -R $USER:$GROUP .trivy
+
+  build_test_anchore:
+    name: Build and Test - Anchore
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: PrepareReg Names
+        run: |
+          echo IMAGE_REPOSITORY_GHCR=$(echo "ghcr.io/${{ github.repository }}" | tr '[:upper:]' '[:lower:]') >> $GITHUB_ENV
+          echo IMAGE_TAG=$(echo ${{ github.ref }} | tr '[:upper:]' '[:lower:]' | awk '{split($0,a,"/"); print a[3]}') >> $GITHUB_ENV
+
+      - name: Set tag var
+        id: vars
+        run: echo ::set-output name=docker_tag::$(echo ${GITHUB_REF} | cut -d'/' -f3)-${GITHUB_SHA}
+
+      - name: Download artifact
+        uses: dawidd6/action-download-artifact@v2
+        with:
+          # Optional, GitHub token, a Personal Access Token with `public_repo` scope if needed
+          # Required, if artifact is from a different repo
+          github_token: ${{secrets.GITHUB_TOKEN}}
+          # Required, workflow file name or ID
+          workflow: build-apk.yml
+          # Optional, will use the branch
+          branch: master
+          # Optional, uploaded artifact name,
+          # will download all artifacts if not specified
+          # and extract them in respective subdirectories
+          # https://github.com/actions/download-artifact#download-all-artifacts
+          name: apk-builds
+          # Optional, directory where to extract artifact. Defaults to the artifact name (see `name` input)
+          path: ${{ github.workspace }}/apk-build/
+          # Optional, defaults to current repo
+          repo: Secure-Compliance-Solutions-LLC/GVM-APK-build
+
+      - name: Build the Docker image
+        run: docker build . --file Dockerfile.debian --build-arg OPT_PDF=1 --tag ${{ env.IMAGE_REPOSITORY_GHCR }}:${{ github.sha }}
+
+      - uses: anchore/scan-action@v2
+        if: always()
+        id: scan
+        with:
+          image: "${{ env.IMAGE_REPOSITORY_GHCR }}:${{ github.sha }}"
+          acs-report-enable: true
+
+      - name: upload Anchore scan SARIF report
+        if: always()
+        uses: github/codeql-action/upload-sarif@v1
+        with:
+          sarif_file: ${{ steps.scan.outputs.sarif }}
+
+  build_release:
+    name: Build and Release
+    runs-on: ubuntu-latest
+
+    outputs:
+      labels: ${{ steps.meta.outputs.labels }}
+      tags: ${{ steps.meta.outputs.tags }}
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+        with:
+          submodules: recursive
+
+      - name: Setup QEMU
+        uses: docker/setup-qemu-action@v1
+
+      - name: Setup Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v1
+        with:
+          install: true
+
+      - name: Inspect builder
+        run: |
+          echo "Name        : ${{ steps.buildx.outputs.name }}"
+          echo "Endpoint    : ${{ steps.buildx.outputs.endpoint }}"
+          echo "Status      : ${{ steps.buildx.outputs.status }}"
+          echo "Flags       : ${{ steps.buildx.outputs.flags }}"
+          echo "Platforms   : ${{ steps.buildx.outputs.platforms }}"
+
+      # Login against a Docker registry except on PR
+      # https://github.com/docker/login-action
+      - name: Login to GitHub Container Registry ${{ env.REGISTRY }}
+        uses: docker/login-action@v1
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Login to DockerHub
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Relase Prepare for latest Tag
+        id: releasePreareLatestTag
+        shell: bash
+        run: |
+          if [[ "$GITHUB_EVENT_NAME" == "create" ]] && [[ "$GITHUB_REF" =~ ^refs/tags/v.* ]]; then
+            echo -n "::set-output name=latest::true"
+          else
+            echo -n "::set-output name=latest::false"
+          fi
+
+      - name: Relase Prepare
+        id: releasePreare
+        run: |
+          echo -n "::set-output name=images::"
+          if [ "${GITHUB_EVENT_NAME}" != "pull_request" ]; then
+            echo -n "${IMAGE_NAME_DOCKER}"
+            echo -n ","
+          fi
+          echo -n "${IMAGE_NAME_GHCR}"
+
+      - name: Download artifact
+        uses: dawidd6/action-download-artifact@v2
+        with:
+          # Optional, GitHub token, a Personal Access Token with `public_repo` scope if needed
+          # Required, if artifact is from a different repo
+          github_token: ${{secrets.GITHUB_TOKEN}}
+          # Required, workflow file name or ID
+          workflow: build-apk.yml
+          # Optional, will use the branch
+          branch: master
+          # Optional, uploaded artifact name,
+          # will download all artifacts if not specified
+          # and extract them in respective subdirectories
+          # https://github.com/actions/download-artifact#download-all-artifacts
+          name: apk-builds
+          # Optional, directory where to extract artifact. Defaults to the artifact name (see `name` input)
+          path: ${{ github.workspace }}/apk-build/
+          # Optional, defaults to current repo
+          repo: Secure-Compliance-Solutions-LLC/GVM-APK-build
+
+      # Extract metadata (tags, labels) for Docker
+      # https://github.com/docker/metadata-action
+      - name: Extract Docker metadata
+        id: meta2
+        uses: docker/metadata-action@v3
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          images: ${{ steps.releasePreare.outputs.images }}
+          flavor: |
+            latest=${{ steps.releasePreareLatestTag.outputs.latest}}
+            prefix=debian-
+            suffix=
+          tags: |
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{raw}}
+            type=semver,pattern={{major}}.{{minor}}
+
+      # Build and push Docker image with Buildx (don't push on PR)
+      # https://github.com/docker/build-push-action
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
+          push: true
+          tags: ${{ steps.meta2.outputs.tags }}
+          labels: ${{ steps.meta2.outputs.labels }}
+          build-args: |
+            SETUP=0
+
+      # Extract metadata (tags, labels) for Docker
+      # https://github.com/docker/metadata-action
+      - name: Extract Docker metadata
+        id: meta3
+        uses: docker/metadata-action@v3
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          images: ${{ steps.releasePreare.outputs.images }}
+          flavor: |
+            latest=${{ steps.releasePreareLatestTag.outputs.latest}}
+            onlatest=${{ steps.releasePreareLatestTag.outputs.latest}}
+            prefix=debian-
+            suffix=-full,onlatest=${{ steps.releasePreareLatestTag.outputs.latest}}
+          tags: |
+            type=ref,event=branch
+            type=ref,event=tag
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{raw}}
+            type=semver,pattern={{major}}.{{minor}}
+
+      # Build and push Docker image with Buildx (don't push on PR)
+      # https://github.com/docker/build-push-action
+      - name: Build and push Docker image -full tag
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
+          push: true
+          tags: ${{ steps.meta3.outputs.tags }}
+          labels: ${{ steps.meta3.outputs.labels }}
+          build-args: |
+            SETUP=0
+            OPT_PDF=1
+
+      # Extract metadata (tags, labels) for Docker
+      # https://github.com/docker/metadata-action
+      - name: Extract Docker metadata
+        id: meta4
+        uses: docker/metadata-action@v3
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          images: ${{ steps.releasePreare.outputs.images }}
+          flavor: |
+            latest=${{ steps.releasePreareLatestTag.outputs.latest}}
+            onlatest=${{ steps.releasePreareLatestTag.outputs.latest}}
+            prefix=debian-
+            suffix=-data,onlatest=${{ steps.releasePreareLatestTag.outputs.latest}}
+          tags: |
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{raw}}
+            type=semver,pattern={{major}}.{{minor}}
+
+      # Build and push Docker image with Buildx (don't push on PR)
+      # https://github.com/docker/build-push-action
+      - name: Build and push Docker image with -data tag
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta4.outputs.tags }}
+          labels: ${{ steps.meta4.outputs.labels }}
+          build-args: |
+            SETUP=1
+
+      # Extract metadata (tags, labels) for Docker
+      # https://github.com/docker/metadata-action
+      - name: Extract Docker metadata
+        id: meta5
+        uses: docker/metadata-action@v3
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          images: ${{ steps.releasePreare.outputs.images }}
+          flavor: |
+            latest=${{ steps.releasePreareLatestTag.outputs.latest}}
+            onlatest=${{ steps.releasePreareLatestTag.outputs.latest}}
+            prefix=debian-
+            suffix=-data-full,onlatest=${{ steps.releasePreareLatestTag.outputs.latest}}
+          tags: |
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{raw}}
+            type=semver,pattern={{major}}.{{minor}}
+
+      # Build and push Docker image with Buildx (don't push on PR)
+      # https://github.com/docker/build-push-action
+      - name: Build and push Docker image with -data-full tag
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta5.outputs.tags }}
+          labels: ${{ steps.meta5.outputs.labels }}
+          build-args: |
+            SETUP=1
+            OPT_PDF=1
diff --git a/Dockerfile.debian b/Dockerfile.debian
index 00eba85f..d5d61324 100644
--- a/Dockerfile.debian
+++ b/Dockerfile.debian
@@ -92,6 +92,26 @@ RUN ls -lahR /opt/setup/ \
 # RUN patch /usr/local/sbin/greenbone-feed-sync /greenbone-feed-sync-patch.txt
 
 
+ARG SETUP=0
+ARG OPT_PDF=0
+ENV SETUP=${SETUP:-0} \
+    OPT_PDF=${OPT_PDF:-0}
+
+RUN env \
+    && chmod -R +x /opt/setup/scripts/*.sh \
+    && if [ "${SETUP}" = "1" ]; then \
+    ln -snf "/usr/share/zoneinfo/$TZ" /etc/localtime && echo "$TZ" >/etc/timezone \
+    && /opt/setup/scripts/entrypoint.sh /usr/bin/supervisord -c /etc/supervisord.conf || true ; \
+    unset SETUP ;\
+    fi \
+    && rm -rfv /var/lib/gvm/CA || true \
+    && rm -rfv /var/lib/gvm/private || true \
+    && rm /etc/localtime || true\
+    && echo "Etc/UTC" >/etc/timezone \
+    && rm -rfv /tmp/* /var/cache/apk/* \
+    && echo "!!! FINISH Setup !!!"
+ENV SETUP=0
+
 
 
 

From af826139c320e58d0799863dada37c9e452edb76 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Tue, 28 Sep 2021 14:38:42 +0200
Subject: [PATCH 17/33] Use right dockerfile for Debian build.

---
 .github/workflows/docker-publish-debian.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/workflows/docker-publish-debian.yml b/.github/workflows/docker-publish-debian.yml
index cc12f85d..5efe6f4d 100644
--- a/.github/workflows/docker-publish-debian.yml
+++ b/.github/workflows/docker-publish-debian.yml
@@ -265,6 +265,7 @@ jobs:
           context: .
           platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
           push: true
+          file: "{context}/Dockerfile.debian"
           tags: ${{ steps.meta2.outputs.tags }}
           labels: ${{ steps.meta2.outputs.labels }}
           build-args: |
@@ -299,6 +300,7 @@ jobs:
           context: .
           platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
           push: true
+          file: "{context}/Dockerfile.debian"
           tags: ${{ steps.meta3.outputs.tags }}
           labels: ${{ steps.meta3.outputs.labels }}
           build-args: |
@@ -333,6 +335,7 @@ jobs:
           context: .
           platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
           push: ${{ github.event_name != 'pull_request' }}
+          file: "{context}/Dockerfile.debian"
           tags: ${{ steps.meta4.outputs.tags }}
           labels: ${{ steps.meta4.outputs.labels }}
           build-args: |
@@ -366,6 +369,7 @@ jobs:
           context: .
           platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
           push: ${{ github.event_name != 'pull_request' }}
+          file: "{context}/Dockerfile.debian"
           tags: ${{ steps.meta5.outputs.tags }}
           labels: ${{ steps.meta5.outputs.labels }}
           build-args: |

From 27442b83d18f263d5ef42a65e60fb86fa2cdead2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Tue, 28 Sep 2021 14:45:23 +0200
Subject: [PATCH 18/33] Fix file for Debian pipeline

---
 .github/workflows/docker-publish-debian.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/docker-publish-debian.yml b/.github/workflows/docker-publish-debian.yml
index 5efe6f4d..bbcf6b4c 100644
--- a/.github/workflows/docker-publish-debian.yml
+++ b/.github/workflows/docker-publish-debian.yml
@@ -265,7 +265,7 @@ jobs:
           context: .
           platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
           push: true
-          file: "{context}/Dockerfile.debian"
+          file: "./Dockerfile.debian"
           tags: ${{ steps.meta2.outputs.tags }}
           labels: ${{ steps.meta2.outputs.labels }}
           build-args: |
@@ -300,7 +300,7 @@ jobs:
           context: .
           platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
           push: true
-          file: "{context}/Dockerfile.debian"
+          file: "./Dockerfile.debian"
           tags: ${{ steps.meta3.outputs.tags }}
           labels: ${{ steps.meta3.outputs.labels }}
           build-args: |
@@ -335,7 +335,7 @@ jobs:
           context: .
           platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
           push: ${{ github.event_name != 'pull_request' }}
-          file: "{context}/Dockerfile.debian"
+          file: "./Dockerfile.debian"
           tags: ${{ steps.meta4.outputs.tags }}
           labels: ${{ steps.meta4.outputs.labels }}
           build-args: |
@@ -369,7 +369,7 @@ jobs:
           context: .
           platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
           push: ${{ github.event_name != 'pull_request' }}
-          file: "{context}/Dockerfile.debian"
+          file: "./Dockerfile.debian"
           tags: ${{ steps.meta5.outputs.tags }}
           labels: ${{ steps.meta5.outputs.labels }}
           build-args: |

From d056f1ea78167cb7c1c74449108d0eded86cb7fc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Tue, 28 Sep 2021 14:47:36 +0200
Subject: [PATCH 19/33] ci-debian pipeline

---
 .github/workflows/docker-publish-debian.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/docker-publish-debian.yml b/.github/workflows/docker-publish-debian.yml
index bbcf6b4c..995e24f9 100644
--- a/.github/workflows/docker-publish-debian.yml
+++ b/.github/workflows/docker-publish-debian.yml
@@ -8,7 +8,7 @@ on:
   create:
     tags:
 
-concurrency: ci-${{ github.ref }}
+concurrency: ci-debian-${{ github.ref }}
 
 env:
   # Use docker.io for Docker Hub if empty

From f28d4e8b1c7992d6f8b7bc7690dc8763141b51c8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Tue, 28 Sep 2021 15:29:40 +0200
Subject: [PATCH 20/33] Remove ARM V6/7

---
 .github/workflows/docker-publish-debian.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/docker-publish-debian.yml b/.github/workflows/docker-publish-debian.yml
index 995e24f9..7b0ef203 100644
--- a/.github/workflows/docker-publish-debian.yml
+++ b/.github/workflows/docker-publish-debian.yml
@@ -263,7 +263,7 @@ jobs:
         uses: docker/build-push-action@v2
         with:
           context: .
-          platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
+          platforms: linux/amd64,linux/arm64
           push: true
           file: "./Dockerfile.debian"
           tags: ${{ steps.meta2.outputs.tags }}
@@ -298,7 +298,7 @@ jobs:
         uses: docker/build-push-action@v2
         with:
           context: .
-          platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
+          platforms: linux/amd64,linux/arm64
           push: true
           file: "./Dockerfile.debian"
           tags: ${{ steps.meta3.outputs.tags }}
@@ -333,7 +333,7 @@ jobs:
         uses: docker/build-push-action@v2
         with:
           context: .
-          platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
+          platforms: linux/amd64,linux/arm64
           push: ${{ github.event_name != 'pull_request' }}
           file: "./Dockerfile.debian"
           tags: ${{ steps.meta4.outputs.tags }}
@@ -367,7 +367,7 @@ jobs:
         uses: docker/build-push-action@v2
         with:
           context: .
-          platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
+          platforms: linux/amd64,linux/arm64
           push: ${{ github.event_name != 'pull_request' }}
           file: "./Dockerfile.debian"
           tags: ${{ steps.meta5.outputs.tags }}

From a16fc57c100276d5ee707594cf0ca09ae2e4dae2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Tue, 28 Sep 2021 15:59:43 +0200
Subject: [PATCH 21/33] Update Debian Image to Version 11 - Bullseye

---
 Dockerfile.debian | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile.debian b/Dockerfile.debian
index d5d61324..ac386b72 100644
--- a/Dockerfile.debian
+++ b/Dockerfile.debian
@@ -1,4 +1,4 @@
-FROM debian:10-slim
+FROM debian:11-slim
 
 ENTRYPOINT [ "/opt/setup/scripts/entrypoint.sh" ]
 CMD ["/usr/bin/supervisord", "-n", "-c", "/etc/supervisord.conf"]

From 3976c1ba6319621053e5ac72087624a37fef60ac Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Wed, 29 Sep 2021 09:27:32 +0200
Subject: [PATCH 22/33] Update for Debian11 impacket package name

---
 scripts/debian/main_pkgs.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/debian/main_pkgs.sh b/scripts/debian/main_pkgs.sh
index cc9b0aab..03958149 100755
--- a/scripts/debian/main_pkgs.sh
+++ b/scripts/debian/main_pkgs.sh
@@ -235,7 +235,7 @@ sudo apt-get install -y --no-install-recommends \
 
 # Install optional dependencies for openvas-scanner
 sudo apt-get install -y \
-    python-impacket \
+    python3-impacket \
     libsnmp-dev
 
 curl -sSL https://github.com/greenbone/openvas-scanner/archive/refs/tags/v${openvas_scanner_version}.tar.gz -o ${SOURCE_DIR}/openvas-scanner-${openvas_scanner_version}.tar.gz

From c642e96740a613b12778b02ec29f4e15cf5be376 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Wed, 29 Sep 2021 09:46:44 +0200
Subject: [PATCH 23/33] Revert Deban 11 changes - currently unsupported by
 greenbone packages - special openvas nasl package

---
 Dockerfile.debian           | 2 +-
 scripts/debian/main_pkgs.sh | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Dockerfile.debian b/Dockerfile.debian
index ac386b72..d5d61324 100644
--- a/Dockerfile.debian
+++ b/Dockerfile.debian
@@ -1,4 +1,4 @@
-FROM debian:11-slim
+FROM debian:10-slim
 
 ENTRYPOINT [ "/opt/setup/scripts/entrypoint.sh" ]
 CMD ["/usr/bin/supervisord", "-n", "-c", "/etc/supervisord.conf"]
diff --git a/scripts/debian/main_pkgs.sh b/scripts/debian/main_pkgs.sh
index 03958149..cc9b0aab 100755
--- a/scripts/debian/main_pkgs.sh
+++ b/scripts/debian/main_pkgs.sh
@@ -235,7 +235,7 @@ sudo apt-get install -y --no-install-recommends \
 
 # Install optional dependencies for openvas-scanner
 sudo apt-get install -y \
-    python3-impacket \
+    python-impacket \
     libsnmp-dev
 
 curl -sSL https://github.com/greenbone/openvas-scanner/archive/refs/tags/v${openvas_scanner_version}.tar.gz -o ${SOURCE_DIR}/openvas-scanner-${openvas_scanner_version}.tar.gz

From a070ff50f7fd9b876e03a7c5d56b74def458617b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Wed, 29 Sep 2021 11:12:22 +0200
Subject: [PATCH 24/33] Update debian python setuptools

---
 scripts/debian/main_pkgs.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/scripts/debian/main_pkgs.sh b/scripts/debian/main_pkgs.sh
index cc9b0aab..cb3e740c 100755
--- a/scripts/debian/main_pkgs.sh
+++ b/scripts/debian/main_pkgs.sh
@@ -274,6 +274,8 @@ sudo apt-get install -y --no-install-recommends \
     python3-redis \
     libnet1
 
+sudo python3 -m pip install --upgrade setuptools
+
 #sudo python3 -m pip install --no-warn-script-location psutil
 
 # Download and install ospd-openvas
@@ -307,7 +309,7 @@ sudo apt-get install -y --no-install-recommends \
     python3-lxml \
     python3-defusedxml \
     python3-paramiko
-
+sudo python3 -m pip install --upgrade setuptools
 # Install for user
 # python3 -m pip install --user gvm-tools
 

From 55c27aebff4e3b07f3700c0fa787b235c713e774 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Wed, 29 Sep 2021 11:14:50 +0200
Subject: [PATCH 25/33] update pip for debian

---
 scripts/debian/main_pkgs.sh | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/scripts/debian/main_pkgs.sh b/scripts/debian/main_pkgs.sh
index cb3e740c..310d167f 100755
--- a/scripts/debian/main_pkgs.sh
+++ b/scripts/debian/main_pkgs.sh
@@ -22,9 +22,11 @@ sudo apt-get install --no-install-recommends --assume-yes \
     cmake \
     pkg-config \
     python3 \
+    python3-dev \
     python3-pip \
     gnupg \
     supervisor
+sudo python3 -m pip install --upgrade pip
 
 curl -O https://www.greenbone.net/GBCommunitySigningKey.asc
 gpg --import GBCommunitySigningKey.asc
@@ -372,6 +374,7 @@ sudo apt-get purge --auto-remove -y \
     libunistring-dev \
     libxml2-dev \
     uuid-dev \
+    python3-dev \
     build-essential \
     postgresql-server-dev-all \
     nodejs \

From 849b6aab76216aa41fa5ee4c48377b20bd874a12 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Wed, 29 Sep 2021 13:53:13 +0200
Subject: [PATCH 26/33] Make sure that the debian image contain texlive with
 build-args set

---
 Dockerfile.debian | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/Dockerfile.debian b/Dockerfile.debian
index d5d61324..f8b7bbc0 100644
--- a/Dockerfile.debian
+++ b/Dockerfile.debian
@@ -99,6 +99,11 @@ ENV SETUP=${SETUP:-0} \
 
 RUN env \
     && chmod -R +x /opt/setup/scripts/*.sh \
+    && if [ "${OPT_PDF}" = "1" ]; then \
+    sudo apt update ;\
+    sudo apt install -y --no-install-recommends texlive-latex-extra texlive-fonts-recommended ;\
+    unset OPT_PDF ;\
+    fi \
     && if [ "${SETUP}" = "1" ]; then \
     ln -snf "/usr/share/zoneinfo/$TZ" /etc/localtime && echo "$TZ" >/etc/timezone \
     && /opt/setup/scripts/entrypoint.sh /usr/bin/supervisord -c /etc/supervisord.conf || true ; \
@@ -108,7 +113,7 @@ RUN env \
     && rm -rfv /var/lib/gvm/private || true \
     && rm /etc/localtime || true\
     && echo "Etc/UTC" >/etc/timezone \
-    && rm -rfv /tmp/* /var/cache/apk/* \
+    && rm -rfv /tmp/* /var/cache/apk/* /var/lib/apt/lists/* \
     && echo "!!! FINISH Setup !!!"
 ENV SETUP=0
 

From a80ee6cc92eca84df3390370ed1471187112f717 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <froehle@b1-systems.de>
Date: Wed, 29 Sep 2021 20:46:34 +0200
Subject: [PATCH 27/33] Full image build for github

---
 .github/workflows/docker-publish-debian.yml | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/docker-publish-debian.yml b/.github/workflows/docker-publish-debian.yml
index 7b0ef203..1f2ccf46 100644
--- a/.github/workflows/docker-publish-debian.yml
+++ b/.github/workflows/docker-publish-debian.yml
@@ -248,7 +248,7 @@ jobs:
           images: ${{ steps.releasePreare.outputs.images }}
           flavor: |
             latest=${{ steps.releasePreareLatestTag.outputs.latest}}
-            prefix=debian-
+            prefix=debian-,onlatest=${{ steps.releasePreareLatestTag.outputs.latest}}
             suffix=
           tags: |
             type=ref,event=branch
@@ -282,7 +282,7 @@ jobs:
           flavor: |
             latest=${{ steps.releasePreareLatestTag.outputs.latest}}
             onlatest=${{ steps.releasePreareLatestTag.outputs.latest}}
-            prefix=debian-
+            prefix=debian-,onlatest=${{ steps.releasePreareLatestTag.outputs.latest}}
             suffix=-full,onlatest=${{ steps.releasePreareLatestTag.outputs.latest}}
           tags: |
             type=ref,event=branch
@@ -318,7 +318,7 @@ jobs:
           flavor: |
             latest=${{ steps.releasePreareLatestTag.outputs.latest}}
             onlatest=${{ steps.releasePreareLatestTag.outputs.latest}}
-            prefix=debian-
+            prefix=debian-,onlatest=${{ steps.releasePreareLatestTag.outputs.latest}}
             suffix=-data,onlatest=${{ steps.releasePreareLatestTag.outputs.latest}}
           tags: |
             type=ref,event=branch
@@ -334,7 +334,7 @@ jobs:
         with:
           context: .
           platforms: linux/amd64,linux/arm64
-          push: ${{ github.event_name != 'pull_request' }}
+          push: true
           file: "./Dockerfile.debian"
           tags: ${{ steps.meta4.outputs.tags }}
           labels: ${{ steps.meta4.outputs.labels }}
@@ -352,7 +352,7 @@ jobs:
           flavor: |
             latest=${{ steps.releasePreareLatestTag.outputs.latest}}
             onlatest=${{ steps.releasePreareLatestTag.outputs.latest}}
-            prefix=debian-
+            prefix=debian-,onlatest=${{ steps.releasePreareLatestTag.outputs.latest}}
             suffix=-data-full,onlatest=${{ steps.releasePreareLatestTag.outputs.latest}}
           tags: |
             type=ref,event=branch
@@ -368,7 +368,7 @@ jobs:
         with:
           context: .
           platforms: linux/amd64,linux/arm64
-          push: ${{ github.event_name != 'pull_request' }}
+          push: true
           file: "./Dockerfile.debian"
           tags: ${{ steps.meta5.outputs.tags }}
           labels: ${{ steps.meta5.outputs.labels }}

From 30255b6c3c236207b5ee69a781ad3c3da07f2850 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <github@josef-froehle.de>
Date: Wed, 3 Nov 2021 10:28:15 +0100
Subject: [PATCH 28/33] Update supervisord.conf

fix #295
---
 config/supervisord.conf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/config/supervisord.conf b/config/supervisord.conf
index 94443ed3..af1f4e91 100644
--- a/config/supervisord.conf
+++ b/config/supervisord.conf
@@ -117,7 +117,7 @@ stopasgroup=true
 killasgroup=true
 
 [program:gsad-https-owncert]
-command=/opt/setup/scripts/start_gsad.sh -f --verbose --gnutls-priorities=SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0 --ssl-certificate=%(ENV_CERTIFICATE)s --ssl-private-key=%(ENV_CERTIFICATE_KEY)s --timeout=%(ENV_TIMEOUT)s --no-redirect --mlisten=127.0.0.1 --mport=9390 --port=9392
+command=/opt/setup/scripts/start_gsad.sh -f --verbose --gnutls-priorities=SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1 --ssl-certificate=%(ENV_CERTIFICATE)s --ssl-private-key=%(ENV_CERTIFICATE_KEY)s --timeout=%(ENV_TIMEOUT)s --no-redirect --mlisten=127.0.0.1 --mport=9390 --port=9392
 stdout_logfile=/var/log/supervisor/%(program_name)s.log
 stderr_logfile=/var/log/supervisor/%(program_name)s_err.log
 priority=30
@@ -132,7 +132,7 @@ stopasgroup=true
 killasgroup=true
 
 [program:gsad-https]
-command=/opt/setup/scripts/start_gsad.sh -f --verbose --gnutls-priorities=SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0 --timeout=%(ENV_TIMEOUT)s --no-redirect --mlisten=127.0.0.1 --mport=9390 --port=9392
+command=/opt/setup/scripts/start_gsad.sh -f --verbose --gnutls-priorities=SECURE128:-AES-128-CBC:-CAMELLIA-128-CBC:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1 --timeout=%(ENV_TIMEOUT)s --no-redirect --mlisten=127.0.0.1 --mport=9390 --port=9392
 stdout_logfile=/var/log/supervisor/%(program_name)s.log
 stderr_logfile=/var/log/supervisor/%(program_name)s_err.log
 priority=30

From d4ce616b9d9c64d0b7d8da687bad571374dc574a Mon Sep 17 00:00:00 2001
From: Alexandre Fresnais <alexandre.fresnais@netnatmo.com>
Date: Tue, 9 Nov 2021 11:13:09 +0100
Subject: [PATCH 29/33] update: allow sync-all.sh to be run as gvm

---
 scripts/sync-all.sh | 23 +++++++++++++++++++----
 1 file changed, 19 insertions(+), 4 deletions(-)

diff --git a/scripts/sync-all.sh b/scripts/sync-all.sh
index 67f1f797..9e183d5f 100755
--- a/scripts/sync-all.sh
+++ b/scripts/sync-all.sh
@@ -1,5 +1,20 @@
 #!/usr/bin/env bash
 
+exec_as_gvm(){
+	# if root
+	if [ "$EUID" -eq 0 ]; then
+		su -c "$1" gvm
+		return
+	elif [ "$(whoami)" = "gvm" ]; then
+		eval "$1"
+		return
+	else
+		echo "Run this script either as root or as gvm user"
+	fi
+
+	false
+}
+
 if [ ! -f "/var/lib/gvm/.firstsync" ]; then
 	echo "Downloading data TAR to speed up first sync..."
 	curl -o /tmp/data.tar.xz https://vulndata.securecompliance.solutions/file/VulnData/data.tar.xz # This file is updated at 0:00 UTC every day
@@ -32,18 +47,18 @@ fi
 
 echo "Updating NVTs..."
 #su -c "rsync --compress-level=9 --links --times --omit-dir-times --recursive --partial --quiet rsync://feed.community.greenbone.net:/nvt-feed /var/lib/openvas/plugins" gvm
-su -c "greenbone-nvt-sync" gvm
+exec_as_gvm "greenbone-nvt-sync"
 sleep 5
 
 echo "Updating GVMd data..."
-su -c "greenbone-feed-sync --type GVMD_DATA" gvm
+exec_as_gvm "greenbone-feed-sync --type GVMD_DATA"
 sleep 5
 
 echo "Updating SCAP data..."
-su -c "greenbone-feed-sync --type SCAP" gvm
+exec_as_gvm "greenbone-feed-sync --type SCAP"
 sleep 5
 
 echo "Updating CERT data..."
-su -c "greenbone-feed-sync --type CERT" gvm
+exec_as_gvm "greenbone-feed-sync --type CERT"
 
 true

From d1364953c0b5e60349a6808afcc822e8a5478366 Mon Sep 17 00:00:00 2001
From: Hardzen <Hardzen@gmail.com>
Date: Thu, 18 Nov 2021 20:07:23 +0100
Subject: [PATCH 30/33] Update prepare.sh

Missing : in /etc/apt/apt.conf.d/30proxy
---
 scripts/debian/prepare.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/debian/prepare.sh b/scripts/debian/prepare.sh
index c668ecb1..169fc898 100755
--- a/scripts/debian/prepare.sh
+++ b/scripts/debian/prepare.sh
@@ -4,7 +4,7 @@
 touch /opt/setup/.env
 
 echo 'deb http://deb.debian.org/debian buster-backports main' | tee /etc/apt/sources.list.d/backports.list
-echo "Acquire:http::Proxy \"${http_proxy}\";" | tee /etc/apt/apt.conf.d/30proxy
+echo "Acquire::http::Proxy \"${http_proxy}\";" | tee /etc/apt/apt.conf.d/30proxy
 echo "APT::Install-Recommends \"0\" ; APT::Install-Suggests \"0\" ;" | tee /etc/apt/apt.conf.d/10no-recommend-installs
 
 apt-get update

From 1a3426d9fcb4ba429623846b04e789c00da76efa Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <github@josef-froehle.de>
Date: Fri, 19 Nov 2021 10:07:50 +0100
Subject: [PATCH 31/33] Update Dockerfile.debian

---
 Dockerfile.debian | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/Dockerfile.debian b/Dockerfile.debian
index f8b7bbc0..c9e6a9f6 100644
--- a/Dockerfile.debian
+++ b/Dockerfile.debian
@@ -21,16 +21,16 @@ RUN chmod -R +x /opt/setup/scripts/*.sh
 # openvas-smb: v21.4.0
 # python-gvm: v21.6.0
 
-ARG gvm_libs_version="21.4.2"
-ARG openvas_scanner_version="21.4.2" 
-ARG pggvm_version="fa973261bee877590e0d0096eb0f9213a38a7965" 
-ARG gvmd_version="21.4.3" 
-ARG gsa_version="21.4.2" 
+ARG gvm_libs_version="21.4.3"
+ARG openvas_scanner_version="21.4.3" 
+ARG pggvm_version="da7bef426089e63da80fe85b723ce01714810871" 
+ARG gvmd_version="21.4.4" 
+ARG gsa_version="21.4.3" 
 ARG gvm_tools_version="21.6.1" 
 ARG openvas_smb_version="21.4.0" 
-ARG open_scanner_protocol_daemon="21.4.3" 
-ARG ospd_openvas="21.4.2" 
-ARG python_gvm_version="21.6.0"
+ARG open_scanner_protocol_daemon="21.4.4" 
+ARG ospd_openvas="21.4.3" 
+ARG python_gvm_version="21.10.0"
 
 ARG SUPVISD=supervisorctl
 ARG GVMD_USER
@@ -121,4 +121,4 @@ ENV SETUP=0
 
 
 
-VOLUME [ "/opt/database", "/var/lib/openvas/plugins", "/var/lib/gvm", "/etc/ssh" ]
\ No newline at end of file
+VOLUME [ "/opt/database", "/var/lib/openvas/plugins", "/var/lib/gvm", "/etc/ssh" ]

From 0cfbd1a6d14fdffdd93c26e53a82ddd2e1be7c2c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <github@josef-froehle.de>
Date: Fri, 19 Nov 2021 10:30:12 +0100
Subject: [PATCH 32/33] add ultimatly trust

---
 scripts/debian/main_pkgs.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/scripts/debian/main_pkgs.sh b/scripts/debian/main_pkgs.sh
index 310d167f..f971725f 100755
--- a/scripts/debian/main_pkgs.sh
+++ b/scripts/debian/main_pkgs.sh
@@ -29,7 +29,8 @@ sudo apt-get install --no-install-recommends --assume-yes \
 sudo python3 -m pip install --upgrade pip
 
 curl -O https://www.greenbone.net/GBCommunitySigningKey.asc
-gpg --import GBCommunitySigningKey.asc
+gpg --import <GBCommunitySigningKey.asc
+(echo 5; echo y; echo save) | gpg --command-fd 0 --no-tty --no-greeting -q --edit-key "$( gpg --list-packets <key.asc | awk '$1=="keyid:"{print$2;exit}')" trust 
 
 # Install required dependencies for gvm-libs
 sudo apt-get install -y --no-install-recommends \

From a0885b7099ce166108543ec7f19d92f72e876097 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Fr=C3=B6hle?= <github@josef-froehle.de>
Date: Fri, 19 Nov 2021 10:30:56 +0100
Subject: [PATCH 33/33] fix trust fail

---
 scripts/debian/main_pkgs.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/debian/main_pkgs.sh b/scripts/debian/main_pkgs.sh
index f971725f..0a1edf24 100755
--- a/scripts/debian/main_pkgs.sh
+++ b/scripts/debian/main_pkgs.sh
@@ -30,7 +30,7 @@ sudo python3 -m pip install --upgrade pip
 
 curl -O https://www.greenbone.net/GBCommunitySigningKey.asc
 gpg --import <GBCommunitySigningKey.asc
-(echo 5; echo y; echo save) | gpg --command-fd 0 --no-tty --no-greeting -q --edit-key "$( gpg --list-packets <key.asc | awk '$1=="keyid:"{print$2;exit}')" trust 
+(echo 5; echo y; echo save) | gpg --command-fd 0 --no-tty --no-greeting -q --edit-key "$( gpg --list-packets <GBCommunitySigningKey.asc | awk '$1=="keyid:"{print$2;exit}')" trust 
 
 # Install required dependencies for gvm-libs
 sudo apt-get install -y --no-install-recommends \