version: '3.8'

services:
  victim_db:
    image: postgres:15
    container_name: victim_db
    environment:
      POSTGRES_PASSWORD: "SuperSecretPassword123!"
      POSTGRES_USER: "admin"
      POSTGRES_DB: "secrets"
      CTF_FLAG: "FLAG{CVE_2024_49882_hugepage_leak_pwned}"
    volumes:
      - /dev/hugepages:/dev/hugepages
    shm_size: '256mb'
    networks:
      - covert_net

  attacker:
    build:
      context: .
      dockerfile: Dockerfile.attacker
    container_name: attacker
    privileged: true
    volumes:
      - /dev/hugepages:/dev/hugepages
      - /dev/udmabuf:/dev/udmabuf
      - ./:/exploit
    networks:
      - covert_net
    stdin_open: true
    tty: true

  sender:
    build:
      context: .
      dockerfile: Dockerfile.covert
    container_name: sender
    privileged: true
    volumes:
      - /dev/hugepages:/dev/hugepages
      - /dev/udmabuf:/dev/udmabuf
      - ./:/exploit
    networks:
      - covert_net
    stdin_open: true
    tty: true
    command: sleep infinity

  receiver:
    build:
      context: .
      dockerfile: Dockerfile.covert
    container_name: receiver
    privileged: true
    volumes:
      - /dev/hugepages:/dev/hugepages
      - /dev/udmabuf:/dev/udmabuf
      - ./:/exploit
    networks:
      - covert_net
    stdin_open: true
    tty: true
    command: sleep infinity

networks:
  covert_net:
    driver: bridge
    enable_ipv6: true
    ipam:
      config:
        - subnet: 172.28.0.0/16
        - subnet: fd00:dead:beef::/64