2023-03-17 19:19:29 +00:00
|
|
|
# Containers-Workspace
|
|
|
|
Various useful and useless Dockerfiles, often experimental and work in progress
|
2023-03-18 18:14:16 +00:00
|
|
|
|
2023-04-23 18:20:41 +00:00
|
|
|
## toolbox
|
|
|
|
|
|
|
|
Fedora based container wih preinstalled many usefull tools for various debug and problem searching purposes
|
|
|
|
run help-toolbox to show what can you do in there
|
|
|
|
|
|
|
|
Typical container run options that allows for host data access:
|
|
|
|
```bash
|
|
|
|
podman run --rm -it --privileged \
|
|
|
|
--network host --pid host --ipc host --no-hosts --ulimit host \
|
|
|
|
--userns host \
|
|
|
|
--name toolbox toolbox
|
|
|
|
```
|
|
|
|
|
2023-07-18 17:19:10 +00:00
|
|
|
## cloud-toolbox
|
|
|
|
|
|
|
|
Sounds huge, but it is just set of tools for cloud-based stuff,
|
|
|
|
like openstack-cli, rclone, openshift cli, etc...
|
|
|
|
|
|
|
|
Also contains `fzf` and bash-completion. Mount your bash_history for
|
|
|
|
best experience.
|
|
|
|
|
|
|
|
```bash
|
2023-07-19 09:10:03 +00:00
|
|
|
podman run --rm -it \
|
|
|
|
-v "$HOME/.bash_history:/root/.bash_history" \
|
|
|
|
--security-opt label:disable \
|
|
|
|
cloud-toolbox:latest
|
2023-07-18 17:19:10 +00:00
|
|
|
```
|
2023-04-23 18:20:41 +00:00
|
|
|
|
2023-03-18 18:14:16 +00:00
|
|
|
## gui-container
|
|
|
|
|
|
|
|
gui-container is an experiment for apps with GUI
|
|
|
|
|
|
|
|
how to run with default, permissive options:
|
|
|
|
|
|
|
|
```bash
|
|
|
|
podman run --privileged -it \
|
|
|
|
-e XDG_RUNTIME_DIR=/runtime_dir \
|
|
|
|
-e WAYLAND_DISPLAY="$WAYLAND_DISPLAY" \
|
|
|
|
-e DISPLAY="$DISPLAY" \
|
|
|
|
-v /tmp/.X11-unix:/tmp/.X11-unix:rw \
|
|
|
|
-v $HOME/.Xauthority:/root/.Xauthority:ro \
|
|
|
|
-v "$XDG_RUNTIME_DIR:/runtime_dir:rw" \
|
|
|
|
--entrypoint bash \
|
|
|
|
--name "gui_container" \
|
|
|
|
gui-container:latest
|
|
|
|
```
|
|
|
|
|
|
|
|
starting dbus:
|
|
|
|
|
|
|
|
```bash
|
|
|
|
export $(dbus-launch)
|
|
|
|
```
|
|
|
|
|
|
|
|
unsetting `WAYLAD_DISPLAY` or `DISPLAY` can force apps to use the other one
|
|
|
|
|
|
|
|
```bash
|
|
|
|
unset DISPLAY
|
|
|
|
# or
|
|
|
|
unset WAYLAD_DISPLAY
|
|
|
|
```
|
|
|
|
|
|
|
|
to mage Qt-based apps work:
|
|
|
|
|
|
|
|
```bash
|
|
|
|
export QT_QPA_PLATFORM=wayland
|
|
|
|
```
|
|
|
|
|
|
|
|
## rathole
|
|
|
|
|
|
|
|
Compiled from source [rathole](https://github.com/rapiz1/rathole) image.
|
|
|
|
|
|
|
|
## snowflake
|
|
|
|
|
|
|
|
Compiled from source [torproject snowflake](https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake) image.
|
2023-03-26 15:16:56 +00:00
|
|
|
|
|
|
|
## Tor relay/bridge node
|
|
|
|
|
|
|
|
```bash
|
|
|
|
# prepare
|
|
|
|
cd tor/;
|
|
|
|
podman build -t tornode .;
|
|
|
|
chmod 777 ./data ./logs;
|
|
|
|
|
2023-03-26 18:02:57 +00:00
|
|
|
# run (network host for easy port bind on ipv6)
|
|
|
|
podman run -d --read-only --network host \
|
2023-03-26 15:16:56 +00:00
|
|
|
-v "/home/user/torrc.conf:/torrc:rw,Z" \
|
|
|
|
-v "/home/user/tor/logs:/var/log:Z,rw" \
|
|
|
|
-v "/home/user/tor/data:/var/lib/tor:Z,rw" \
|
2023-03-26 18:02:57 +00:00
|
|
|
--name tornode tornode:latest
|
2023-03-26 15:16:56 +00:00
|
|
|
|
|
|
|
# prepare systemd service for reboot persistence
|
|
|
|
podman generate systemd --new --name tornode > /etc/systemd/system/tornode.service;
|
|
|
|
restorecon -v /etc/systemd/system/tornode.service;
|
|
|
|
systemctl daemon-reload;
|
|
|
|
systemctl enable --now tornode.service;
|
|
|
|
|
|
|
|
# view nyx dashboard
|
|
|
|
podman exec -it tornode nyx
|
|
|
|
```
|