version: '3.3'

networks:
  every:
    external: false

services:

  # Here, we build the vulnerable Squid image. I do this because the vulnerable
  # version may be yanked from repositories in the near future, and because
  # specific configuration has to go into the build for it to work.
  squid:
    build: .
    container_name: 'vulnerable'
    hostname: 'vulnerable'
    networks:
      - every
    ports:
      - '3128:3128'
    volumes:
      - "$PWD/source/squid.conf:/etc/squid/squid.conf:ro"
      - "$PWD/key.pem:/key.pem:ro"
      - "$PWD/cert.pem:/cert.pem:ro"

  web:
    container_name: 'malicious'
    hostname: 'malicious'
    image: 'nginx:latest'
    networks:
      - every
    volumes:
      - "$PWD/source/nginx.conf:/etc/nginx/nginx.conf:ro"
      - "$PWD/source/index.html:/usr/share/nginx/html/index.html:ro"
      - "$PWD/key.pem:/key.pem:ro"
      - "$PWD/cert.pem:/cert.pem:ro"