diff --git a/.gitea/workflows/build-images.yml b/.gitea/workflows/build-images.yml index 69f7463..d3d4dc6 100644 --- a/.gitea/workflows/build-images.yml +++ b/.gitea/workflows/build-images.yml @@ -4,7 +4,7 @@ on: push: branches: [ "main" ] schedule: - - cron: '30 5 */5 * *' + - cron: '30 5 */10 * *' jobs: build-images-arm64: @@ -19,7 +19,7 @@ jobs: run: podman login -u "${{ secrets.PACKAGES_USERNAME }}" -p "${{ secrets.PACKAGES_PASSWD }}" gitea.maciej.cloud - name: Build selected images run: | - IMAGES=(system-toolbox cloud-toolbox tor wireguard zabbix-agent); + IMAGES=(system-toolbox cloud-toolbox tor zabbix-agent snowflake gitea-runner); for image in "${IMAGES[@]}"; do echo "building image $image"; @@ -39,7 +39,7 @@ jobs: run: podman login -u "${{ secrets.PACKAGES_USERNAME }}" -p "${{ secrets.PACKAGES_PASSWD }}" gitea.maciej.cloud - name: Build selected images run: | - IMAGES=(system-toolbox cloud-toolbox tor wireguard zabbix-agent); + IMAGES=(system-toolbox cloud-toolbox tor zabbix-agent snowflake gitea-runner); for image in "${IMAGES[@]}"; do echo "building image $image"; @@ -57,7 +57,7 @@ jobs: run: podman login -u "${{ secrets.PACKAGES_USERNAME }}" -p "${{ secrets.PACKAGES_PASSWD }}" gitea.maciej.cloud - name: Create manifests and push run: | - IMAGES=(system-toolbox cloud-toolbox tor wireguard zabbix-agent); + IMAGES=(system-toolbox cloud-toolbox tor zabbix-agent snowflake gitea-runner); for image in "${IMAGES[@]}"; do echo "Updating manifest for $image"; diff --git a/README.md b/README.md index 9f2a7bc..bcd2c57 100644 --- a/README.md +++ b/README.md @@ -180,7 +180,6 @@ Example uses root, but it should be very similar to setup under non-root user. Build image (will compile from main branch) ```bash podman build --no-cache -t gitea-runner \ - --build-arg ARCH="arm64" \ ./ContainersWorkspace/gitea-runner/ ``` @@ -198,8 +197,8 @@ podman run --rm -it gitea-runner:latest generate-config > /root/act-runner/runn Update registration file path in config and privileged mode. ```bash sed -i 's`file: .runner`file: /etc/runner/registration.json`g' /root/act-runner/runner/config.yaml; -sed -i 's`privileged: false`privileged: true`g' act-runner/runner/config.yaml; -sed -i 's`docker_host: ""`docker_host: "-"`g' act-runner/runner/config.yaml; +sed -i 's`privileged: false`privileged: true`g' /root/act-runner/runner/config.yaml; +sed -i 's`docker_host: ""`docker_host: "-"`g' /root/act-runner/runner/config.yaml; ``` Currently you **need** to set `docker_host: "-"` in "container" section to make this setup with mounted docker.sock work. @@ -207,9 +206,10 @@ to make this setup with mounted docker.sock work. Fix perms on those dirs: ```bash podman run --rm -it \ - -v /root/act-runner/:/data \ + -v /root/act-runner/:/data:z,rw \ --privileged \ --entrypoint bash \ + -u root \ gitea-runner:latest \ -c "chown -R podman /data" ``` @@ -218,7 +218,7 @@ Register runner. example value for labels can be `ubuntu-latest:docker://quay.io/podman/stable`. ```bash podman run --rm -it \ - -v /root/act-runner/runner/:/etc/runner \ + -v /root/act-runner/runner/:/etc/runner:z,rw \ --privileged \ gitea-runner:latest \ --config /etc/runner/config.yaml register @@ -229,7 +229,7 @@ Start container acting as podman/docker (use `--init` to get rid of zombies): podman run --rm -d --privileged --name gitea-podman \ --init \ --entrypoint podman \ - -v /root/act-runner/podman:/podman \ + -v /root/act-runner/podman:/podman:z,rw \ gitea-runner:latest \ system service --time=0 unix:///podman/docker.sock ``` @@ -237,7 +237,7 @@ podman run --rm -d --privileged --name gitea-podman \ Now start container with runner ```bash podman run --rm -d --name gitea-runner \ - -v /root/act-runner/runner/:/etc/runner:ro,Z \ + -v /root/act-runner/runner/:/etc/runner:rw,Z \ -v /root/act-runner/podman:/podman:rw,z \ gitea-runner:latest \ daemon -c /etc/runner/config.yaml @@ -252,4 +252,100 @@ restorecon -v /etc/systemd/system/gitea-runner.service; systemctl daemon-reload; systemctl enable --now gitea-podman.service; systemctl enable --now gitea-runner.service; -```` +``` + +## Podman quadlets examples + +This section is about quadlets, rather than specific image, but it is based on +examples. + +To enable such container managed by systemd, create `.container` file +at `/etc/containers/systemd/my-container.container`, and then run: +```bash +systemctl daemon-reload; +systemctl enable --now my-container.service +``` + +### Example host-monitoring purpose quadlets + +#### zabbix-agent + +```systemd +[Unit] +Description=Zabbix agent 2 +After=local-fs.target + +[Container] +Image=zabbix-agent +ContainerName=zabbix-agent +LogDriver=journald +Network=host +Pull=newer +ReadOnly=yes +VolatileTmp=true +SecurityLabelDisable=yes +Ulimit=host +Unmask=ALL +AddCapability=SYS_ADMIN +AddCapability=SYS_RAWIO + +AutoUpdate=registry + +PodmanArgs=--pid=host +PodmanArgs=--ipc=host +PodmanArgs=--no-hosts +PodmanArgs=--device-cgroup-rule='a *:* r' + +Volume=/etc/zabbix-agent2.conf:/etc/zabbix/zabbix_agent.conf:ro +Volume=/dev:/dev:ro +Volume=/var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket:rw + +[Service] +Restart=always + +[Install] +WantedBy=multi-user.target default.target +``` + +#### node-exporter (Prometheus) + +```systemd +[Unit] +Description=Node exporter for Prometheus +After=local-fs.target + +[Container] +Image=docker.io/prom/node-exporter:latest +ContainerName=node-exporter +LogDriver=journald +Network=host +Pull=newer +ReadOnly=yes +VolatileTmp=true +SecurityLabelDisable=yes +User=1222 +UserNS=host +Ulimit=host +Unmask=ALL + +AutoUpdate=registry + +# Exec=--help + +PodmanArgs=--pid=host +PodmanArgs=--ipc=host +PodmanArgs=--no-hosts + +Volume=/proc:/host/proc:ro +Volume=/sys:/host/sys:ro +Volume=/:/rootfs:ro + +Exec=--path.procfs=/host/proc --path.rootfs=/rootfs --path.sysfs=/host/sys --collector.filesystem.mount-points-exclude='^/(sys|proc|dev|host|etc)($$|/)' + +[Service] +Restart=always + +[Install] +# Start by default on boot +WantedBy=multi-user.target default.target +``` diff --git a/cloud-toolbox/Dockerfile b/cloud-toolbox/Dockerfile index 156daea..093a5fd 100644 --- a/cloud-toolbox/Dockerfile +++ b/cloud-toolbox/Dockerfile @@ -1,4 +1,4 @@ -FROM registry.fedoraproject.org/fedora:38 +FROM registry.fedoraproject.org/fedora:39 USER root @@ -6,7 +6,7 @@ ENV HISTSIZE=10000 ENV HISTTIMEFORMAT="%d/%m/%y %T " ENV HISTFILESIZE=20000 -ENV PKGS_BASE="fzf git python3-pip rclone bash-completion" +ENV PKGS_BASE="fzf git python3-pip rclone bash-completion kubernetes-client helm golang-sigs-k8s-kustomize" ENV PKGS_TEMP="python3-devel gcc wget" RUN dnf clean all && \ @@ -24,7 +24,11 @@ RUN dnf clean all && \ WORKDIR /data +COPY kube_ps.sh /root/kube_ps.sh -RUN echo $'[ -f /usr/share/fzf/shell/key-bindings.bash ] && source /usr/share/fzf/shell/key-bindings.bash' >> /root/.bashrc +RUN echo $'[ -f /usr/share/fzf/shell/key-bindings.bash ] && source /usr/share/fzf/shell/key-bindings.bash;\ +source /root/kube_ps.sh;\ +PS1=\'[cloud-toolbox \W/ $(kube_ps1)]\$ \'\ +' >> /root/.bashrc ENTRYPOINT [ "/bin/bash" ] diff --git a/cloud-toolbox/kube_ps.sh b/cloud-toolbox/kube_ps.sh new file mode 100644 index 0000000..53f7bda --- /dev/null +++ b/cloud-toolbox/kube_ps.sh @@ -0,0 +1,423 @@ +# Kubernetes prompt helper for bash/zsh +# Displays current context and namespace + +# Copyright 2023 Jon Mosco +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Debug +[[ -n $DEBUG ]] && set -x + +# Default values for the prompt +# Override these values in ~/.zshrc or ~/.bashrc +KUBE_PS1_BINARY="${KUBE_PS1_BINARY:-kubectl}" +KUBE_PS1_SYMBOL_ENABLE="${KUBE_PS1_SYMBOL_ENABLE:-true}" +_KUBE_PS1_SYMBOL_DEFAULT=${_KUBE_PS1_SYMBOL_DEFAULT:-$'\u2388'} +KUBE_PS1_SYMBOL_PADDING="${KUBE_PS1_SYMBOL_PADDING:-false}" +KUBE_PS1_SYMBOL_USE_IMG="${KUBE_PS1_SYMBOL_USE_IMG:-false}" +KUBE_PS1_SYMBOL_OC_IMG="${KUBE_PS1_SYMBOL_OC_IMG:-false}" +_KUBE_PS1_SYMBOL_OC=${KUBE_PS1_SYMBOL_OC:-$'\ue7b7'} + +KUBE_PS1_NS_ENABLE="${KUBE_PS1_NS_ENABLE:-true}" +KUBE_PS1_CONTEXT_ENABLE="${KUBE_PS1_CONTEXT_ENABLE:-true}" +KUBE_PS1_PREFIX="${KUBE_PS1_PREFIX-(}" +KUBE_PS1_SEPARATOR="${KUBE_PS1_SEPARATOR-|}" +KUBE_PS1_DIVIDER="${KUBE_PS1_DIVIDER-:}" +KUBE_PS1_SUFFIX="${KUBE_PS1_SUFFIX-)}" + +KUBE_PS1_SYMBOL_COLOR="${KUBE_PS1_SYMBOL_COLOR-blue}" +KUBE_PS1_CTX_COLOR="${KUBE_PS1_CTX_COLOR-red}" +KUBE_PS1_NS_COLOR="${KUBE_PS1_NS_COLOR-cyan}" +KUBE_PS1_BG_COLOR="${KUBE_PS1_BG_COLOR}" + +KUBE_PS1_CLUSTER_FUNCTION="${KUBE_PS1_CLUSTER_FUNCTION}" +KUBE_PS1_NAMESPACE_FUNCTION="${KUBE_PS1_NAMESPACE_FUNCTION}" + +_KUBE_PS1_KUBECONFIG_CACHE="${KUBECONFIG}" +_KUBE_PS1_DISABLE_PATH="${HOME}/.kube/kube-ps1/disabled" +_KUBE_PS1_LAST_TIME=0 + +# Determine our shell +_kube_ps1_shell_type() { + local _KUBE_PS1_SHELL_TYPE + + if [ "${ZSH_VERSION-}" ]; then + _KUBE_PS1_SHELL_TYPE="zsh" + elif [ "${BASH_VERSION-}" ]; then + _KUBE_PS1_SHELL_TYPE="bash" + fi + echo $_KUBE_PS1_SHELL_TYPE +} + +_kube_ps1_init() { + [[ -f "${_KUBE_PS1_DISABLE_PATH}" ]] && KUBE_PS1_ENABLED=off + + case "$(_kube_ps1_shell_type)" in + "zsh") + _KUBE_PS1_OPEN_ESC="%{" + _KUBE_PS1_CLOSE_ESC="%}" + _KUBE_PS1_DEFAULT_BG="%k" + _KUBE_PS1_DEFAULT_FG="%f" + setopt PROMPT_SUBST + autoload -U add-zsh-hook + add-zsh-hook precmd _kube_ps1_prompt_update + zmodload -F zsh/stat b:zstat + zmodload zsh/datetime + ;; + "bash") + _KUBE_PS1_OPEN_ESC=$'\001' + _KUBE_PS1_CLOSE_ESC=$'\002' + _KUBE_PS1_DEFAULT_BG=$'\033[49m' + _KUBE_PS1_DEFAULT_FG=$'\033[39m' + [[ $PROMPT_COMMAND =~ _kube_ps1_prompt_update ]] || PROMPT_COMMAND="_kube_ps1_prompt_update;${PROMPT_COMMAND:-:}" + ;; + esac +} + +_kube_ps1_color_fg() { + local _KUBE_PS1_FG_CODE + case "${1}" in + black) _KUBE_PS1_FG_CODE=0;; + red) _KUBE_PS1_FG_CODE=1;; + green) _KUBE_PS1_FG_CODE=2;; + yellow) _KUBE_PS1_FG_CODE=3;; + blue) _KUBE_PS1_FG_CODE=4;; + magenta) _KUBE_PS1_FG_CODE=5;; + cyan) _KUBE_PS1_FG_CODE=6;; + white) _KUBE_PS1_FG_CODE=7;; + # 256 + [0-9]|[1-9][0-9]|[1][0-9][0-9]|[2][0-4][0-9]|[2][5][0-6]) _KUBE_PS1_FG_CODE="${1}";; + *) _KUBE_PS1_FG_CODE=default + esac + + if [[ "${_KUBE_PS1_FG_CODE}" == "default" ]]; then + _KUBE_PS1_FG_CODE="${_KUBE_PS1_DEFAULT_FG}" + return + elif [[ "$(_kube_ps1_shell_type)" == "zsh" ]]; then + _KUBE_PS1_FG_CODE="%F{$_KUBE_PS1_FG_CODE}" + elif [[ "$(_kube_ps1_shell_type)" == "bash" ]]; then + if tput setaf 1 &> /dev/null; then + _KUBE_PS1_FG_CODE="$(tput setaf ${_KUBE_PS1_FG_CODE})" + elif [[ $_KUBE_PS1_FG_CODE -ge 0 ]] && [[ $_KUBE_PS1_FG_CODE -le 256 ]]; then + _KUBE_PS1_FG_CODE="\033[38;5;${_KUBE_PS1_FG_CODE}m" + else + _KUBE_PS1_FG_CODE="${_KUBE_PS1_DEFAULT_FG}" + fi + fi + echo ${_KUBE_PS1_OPEN_ESC}${_KUBE_PS1_FG_CODE}${_KUBE_PS1_CLOSE_ESC} +} + +_kube_ps1_color_bg() { + local _KUBE_PS1_BG_CODE + case "${1}" in + black) _KUBE_PS1_BG_CODE=0;; + red) _KUBE_PS1_BG_CODE=1;; + green) _KUBE_PS1_BG_CODE=2;; + yellow) _KUBE_PS1_BG_CODE=3;; + blue) _KUBE_PS1_BG_CODE=4;; + magenta) _KUBE_PS1_BG_CODE=5;; + cyan) _KUBE_PS1_BG_CODE=6;; + white) _KUBE_PS1_BG_CODE=7;; + # 256 + [0-9]|[1-9][0-9]|[1][0-9][0-9]|[2][0-4][0-9]|[2][5][0-6]) _KUBE_PS1_BG_CODE="${1}";; + *) _KUBE_PS1_BG_CODE=$'\033[0m';; + esac + + if [[ "${_KUBE_PS1_BG_CODE}" == "default" ]]; then + _KUBE_PS1_FG_CODE="${_KUBE_PS1_DEFAULT_BG}" + return + elif [[ "$(_kube_ps1_shell_type)" == "zsh" ]]; then + _KUBE_PS1_BG_CODE="%K{$_KUBE_PS1_BG_CODE}" + elif [[ "$(_kube_ps1_shell_type)" == "bash" ]]; then + if tput setaf 1 &> /dev/null; then + _KUBE_PS1_BG_CODE="$(tput setab ${_KUBE_PS1_BG_CODE})" + elif [[ $_KUBE_PS1_BG_CODE -ge 0 ]] && [[ $_KUBE_PS1_BG_CODE -le 256 ]]; then + _KUBE_PS1_BG_CODE="\033[48;5;${_KUBE_PS1_BG_CODE}m" + else + _KUBE_PS1_BG_CODE="${DEFAULT_BG}" + fi + fi + echo ${_KUBE_PS1_OPEN_ESC}${_KUBE_PS1_BG_CODE}${_KUBE_PS1_CLOSE_ESC} +} + +_kube_ps1_binary_check() { + command -v $1 >/dev/null +} + +_kube_ps1_symbol() { + [[ "${KUBE_PS1_SYMBOL_ENABLE}" == false ]] && return + + case "$(_kube_ps1_shell_type)" in + bash) + if ((BASH_VERSINFO[0] >= 4)) && [[ $'\u2388' != "\\u2388" ]]; then + KUBE_PS1_SYMBOL="${_KUBE_PS1_SYMBOL_DEFAULT}" + KUBE_PS1_SYMBOL_IMG=$'\u2638\ufe0f' + else + KUBE_PS1_SYMBOL=$'\xE2\x8E\x88' + KUBE_PS1_SYMBOL_IMG=$'\xE2\x98\xB8' + fi + ;; + zsh) + KUBE_PS1_SYMBOL="${_KUBE_PS1_SYMBOL_DEFAULT}" + KUBE_PS1_SYMBOL_IMG="\u2638";; + *) + KUBE_PS1_SYMBOL="k8s" + esac + + if [[ "${KUBE_PS1_SYMBOL_USE_IMG}" == true ]]; then + KUBE_PS1_SYMBOL="${KUBE_PS1_SYMBOL_IMG}" + fi + + # OpenShift glyph + # NOTE: this requires a patched "Nerd" font to work + # https://www.nerdfonts.com/ + if [[ "${KUBE_PS1_SYMBOL_OC_IMG}" == true ]]; then + KUBE_PS1_SYMBOL="${_KUBE_PS1_SYMBOL_OC}" + fi + + if [[ "${KUBE_PS1_SYMBOL_PADDING}" == true ]]; then + echo "${KUBE_PS1_SYMBOL} " + else + echo "${KUBE_PS1_SYMBOL}" + fi + +} + +_kube_ps1_split_config() { + type setopt >/dev/null 2>&1 && setopt SH_WORD_SPLIT + local IFS=$1 + echo $2 +} + +_kube_ps1_file_newer_than() { + local mtime + local file=$1 + local check_time=$2 + + if [[ "$(_kube_ps1_shell_type)" == "zsh" ]]; then + # Use zstat '-F %s.%s' to make it compatible with low zsh version (eg: 5.0.2) + mtime=$(zstat +mtime -F %s.%s "${file}") + elif stat -c "%s" /dev/null &> /dev/null; then + # GNU stat + mtime=$(stat -L -c %Y "${file}") + else + # BSD stat + mtime=$(stat -L -f %m "$file") + fi + + [[ "${mtime}" -gt "${check_time}" ]] +} + +_kube_ps1_prompt_update() { + local return_code=$? + + [[ "${KUBE_PS1_ENABLED}" == "off" ]] && return $return_code + + if ! _kube_ps1_binary_check "${KUBE_PS1_BINARY}"; then + # No ability to fetch context/namespace; display N/A. + KUBE_PS1_CONTEXT="BINARY-N/A" + KUBE_PS1_NAMESPACE="N/A" + return $return_code + fi + + if [[ "${KUBECONFIG}" != "${_KUBE_PS1_KUBECONFIG_CACHE}" ]]; then + # User changed KUBECONFIG; unconditionally refetch. + _KUBE_PS1_KUBECONFIG_CACHE=${KUBECONFIG} + _kube_ps1_get_context_ns + return $return_code + fi + + # kubectl will read the environment variable $KUBECONFIG + # otherwise set it to ~/.kube/config + local conf + local config_file_cache + + for conf in $(_kube_ps1_split_config : "${KUBECONFIG:-${HOME}/.kube/config}"); do + [[ -r "${conf}" ]] || continue + config_file_cache+=":${conf}" + if _kube_ps1_file_newer_than "${conf}" "${_KUBE_PS1_LAST_TIME}"; then + _kube_ps1_get_context_ns + return $return_code + fi + done + + if [[ "${config_file_cache}" != "${_KUBE_PS1_CFGFILES_READ_CACHE}" ]]; then + _kube_ps1_get_context_ns + return $return_code + fi + + return $return_code +} + +_kube_ps1_get_context() { + if [[ "${KUBE_PS1_CONTEXT_ENABLE}" == true ]]; then + KUBE_PS1_CONTEXT="$(${KUBE_PS1_BINARY} config current-context 2>/dev/null)" + # Set namespace to 'N/A' if it is not defined + KUBE_PS1_CONTEXT="${KUBE_PS1_CONTEXT:-N/A}" + + if [[ -n "${KUBE_PS1_CLUSTER_FUNCTION}" ]]; then + KUBE_PS1_CONTEXT=$($KUBE_PS1_CLUSTER_FUNCTION $KUBE_PS1_CONTEXT) + fi + fi +} + +_kube_ps1_get_ns() { + if [[ "${KUBE_PS1_NS_ENABLE}" == true ]]; then + KUBE_PS1_NAMESPACE="$(${KUBE_PS1_BINARY} config view --minify --output 'jsonpath={..namespace}' 2>/dev/null)" + KUBE_PS1_NAMESPACE="${KUBE_PS1_NAMESPACE:-N/A}" + + if [[ -n "${KUBE_PS1_NAMESPACE_FUNCTION}" ]]; then + KUBE_PS1_NAMESPACE=$($KUBE_PS1_NAMESPACE_FUNCTION $KUBE_PS1_NAMESPACE) + fi + fi +} + +_kube_ps1_get_context_ns() { + # Set the command time + if [[ "$(_kube_ps1_shell_type)" == "bash" ]]; then + if ((BASH_VERSINFO[0] >= 4 && BASH_VERSINFO[1] >= 2)); then + _KUBE_PS1_LAST_TIME=$(printf '%(%s)T') + else + _KUBE_PS1_LAST_TIME=$(date +%s) + fi + elif [[ "$(_kube_ps1_shell_type)" == "zsh" ]]; then + _KUBE_PS1_LAST_TIME=$EPOCHREALTIME + fi + + KUBE_PS1_CONTEXT="${KUBE_PS1_CONTEXT:-N/A}" + KUBE_PS1_NAMESPACE="${KUBE_PS1_NAMESPACE:-N/A}" + + # Cache which cfgfiles we can read in case they change. + local conf + _KUBE_PS1_CFGFILES_READ_CACHE= + for conf in $(_kube_ps1_split_config : "${KUBECONFIG:-${HOME}/.kube/config}"); do + [[ -r $conf ]] && _KUBE_PS1_CFGFILES_READ_CACHE+=":$conf" + done + + _kube_ps1_get_context + _kube_ps1_get_ns +} + +# Set kube-ps1 shell defaults +_kube_ps1_init + +_kubeon_usage() { + cat <<"EOF" +Toggle kube-ps1 prompt on + +Usage: kubeon [-g | --global] [-h | --help] + +With no arguments, turn oon kube-ps1 status for this shell instance (default). + + -g --global turn on kube-ps1 status globally + -h --help print this message +EOF +} + +_kubeoff_usage() { + cat <<"EOF" +Toggle kube-ps1 prompt off + +Usage: kubeoff [-g | --global] [-h | --help] + +With no arguments, turn off kube-ps1 status for this shell instance (default). + + -g --global turn off kube-ps1 status globally + -h --help print this message +EOF +} + +kubeon() { + if [[ "${1}" == '-h' || "${1}" == '--help' ]]; then + _kubeon_usage + elif [[ "${1}" == '-g' || "${1}" == '--global' ]]; then + rm -f -- "${_KUBE_PS1_DISABLE_PATH}" + elif [[ "$#" -ne 0 ]]; then + echo -e "error: unrecognized flag ${1}\\n" + _kubeon_usage + return + fi + + KUBE_PS1_ENABLED=on +} + +kubeoff() { + if [[ "${1}" == '-h' || "${1}" == '--help' ]]; then + _kubeoff_usage + elif [[ "${1}" == '-g' || "${1}" == '--global' ]]; then + mkdir -p -- "$(dirname "${_KUBE_PS1_DISABLE_PATH}")" + touch -- "${_KUBE_PS1_DISABLE_PATH}" + elif [[ $# -ne 0 ]]; then + echo "error: unrecognized flag ${1}" >&2 + _kubeoff_usage + return + fi + + KUBE_PS1_ENABLED=off +} + +# Build our prompt +kube_ps1() { + [[ "${KUBE_PS1_ENABLED}" == "off" ]] && return + [[ -z "${KUBE_PS1_CONTEXT}" ]] && [[ "${KUBE_PS1_CONTEXT_ENABLE}" == true ]] && return + + local KUBE_PS1 + local KUBE_PS1_RESET_COLOR="${_KUBE_PS1_OPEN_ESC}${_KUBE_PS1_DEFAULT_FG}${_KUBE_PS1_CLOSE_ESC}" + + # Background Color + [[ -n "${KUBE_PS1_BG_COLOR}" ]] && KUBE_PS1+="$(_kube_ps1_color_bg ${KUBE_PS1_BG_COLOR})" + + # Prefix + if [[ -z "${KUBE_PS1_PREFIX_COLOR:-}" ]] && [[ -n "${KUBE_PS1_PREFIX}" ]]; then + KUBE_PS1+="${KUBE_PS1_PREFIX}" + else + KUBE_PS1+="$(_kube_ps1_color_fg $KUBE_PS1_PREFIX_COLOR)${KUBE_PS1_PREFIX}${KUBE_PS1_RESET_COLOR}" + fi + + # Symbol + if [[ "${KUBE_PS1_SYMBOL_OC_IMG}" == true ]]; then + local _KUBE_PS1_OC_SYMBOL_COLOR=red + KUBE_PS1+="$(_kube_ps1_color_fg $_KUBE_PS1_OC_SYMBOL_COLOR)$(_kube_ps1_symbol)${KUBE_PS1_RESET_COLOR}" + else + KUBE_PS1+="$(_kube_ps1_color_fg $KUBE_PS1_SYMBOL_COLOR)$(_kube_ps1_symbol)${KUBE_PS1_RESET_COLOR}" + fi + + if [[ -n "${KUBE_PS1_SEPARATOR}" ]] && [[ "${KUBE_PS1_SYMBOL_ENABLE}" == true ]]; then + KUBE_PS1+="${KUBE_PS1_SEPARATOR}" + fi + + # Context + if [[ "${KUBE_PS1_CONTEXT_ENABLE}" == true ]]; then + KUBE_PS1+="$(_kube_ps1_color_fg $KUBE_PS1_CTX_COLOR)${KUBE_PS1_CONTEXT}${KUBE_PS1_RESET_COLOR}" + fi + + # Namespace + if [[ "${KUBE_PS1_NS_ENABLE}" == true ]]; then + if [[ -n "${KUBE_PS1_DIVIDER}" ]] && [[ "${KUBE_PS1_CONTEXT_ENABLE}" == true ]]; then + KUBE_PS1+="${KUBE_PS1_DIVIDER}" + fi + KUBE_PS1+="$(_kube_ps1_color_fg ${KUBE_PS1_NS_COLOR})${KUBE_PS1_NAMESPACE}${KUBE_PS1_RESET_COLOR}" + fi + + # Suffix + if [[ -z "${KUBE_PS1_SUFFIX_COLOR:-}" ]] && [[ -n "${KUBE_PS1_SUFFIX}" ]]; then + KUBE_PS1+="${KUBE_PS1_SUFFIX}" + else + KUBE_PS1+="$(_kube_ps1_color_fg $KUBE_PS1_SUFFIX_COLOR)${KUBE_PS1_SUFFIX}${KUBE_PS1_RESET_COLOR}" + fi + + # Close Background color if defined + [[ -n "${KUBE_PS1_BG_COLOR}" ]] && KUBE_PS1+="${_KUBE_PS1_OPEN_ESC}${_KUBE_PS1_DEFAULT_BG}${_KUBE_PS1_CLOSE_ESC}" + + echo "${KUBE_PS1}" +} diff --git a/gui-container/Dockerfile b/gui-container/Dockerfile index b125561..c885c06 100644 --- a/gui-container/Dockerfile +++ b/gui-container/Dockerfile @@ -1,4 +1,4 @@ -FROM registry.fedoraproject.org/fedora:38 +FROM registry.fedoraproject.org/fedora:39 ENV HISTSIZE=10000 ENV HISTTIMEFORMAT="%d/%m/%y %T " diff --git a/snowflake/Dockerfile b/snowflake/Dockerfile index 47ebf22..914aa78 100644 --- a/snowflake/Dockerfile +++ b/snowflake/Dockerfile @@ -1,4 +1,4 @@ -FROM registry.fedoraproject.org/fedora:38 +FROM registry.fedoraproject.org/fedora:39 RUN useradd -u 1423 -m -s '/bin/bash' -U snowflake ENV TZ=Europe/Warsaw diff --git a/system-toolbox/Dockerfile b/system-toolbox/Dockerfile index c3a551f..35edad8 100644 --- a/system-toolbox/Dockerfile +++ b/system-toolbox/Dockerfile @@ -1,4 +1,12 @@ -FROM registry.fedoraproject.org/fedora:38 +FROM registry.fedoraproject.org/fedora:39 + +USER root + +ENV HISTSIZE=10000 +ENV HISTTIMEFORMAT="%d/%m/%y %T " +ENV HISTFILESIZE=20000 + +ENV PKGS_BASE="fzf bash-completion" ENV PKGS_GENERAL="htop \ btop \ @@ -10,8 +18,7 @@ ENV PKGS_GENERAL="htop \ yt-dlp \ openfortivpn \ conntrack-tools \ - wireguard-tools \ - qrencode" + wireguard-tools" ENV PKGS_PROCESSES="procps-ng \ strace" @@ -25,15 +32,19 @@ ENV PKGS_NETWORK="bind-utils \ iproute \ iputils \ whois \ - iptraf-ng" + iptraf-ng \ + mtr" RUN dnf clean all && \ - dnf install -y ${PKGS_GENERAL} ${PKGS_PROCESSES} ${PKGS_NETWORK} && \ + dnf install -y ${PKGS_BASE} ${PKGS_GENERAL} ${PKGS_PROCESSES} ${PKGS_NETWORK} && \ dnf -y autoremove && \ dnf -y clean all COPY help-toolbox.sh /usr/bin/help-toolbox -RUN chmod 555 /usr/bin/help-toolbox +RUN chmod 555 /usr/bin/help-toolbox && \ + echo $'[ -f /usr/share/fzf/shell/key-bindings.bash ] && source /usr/share/fzf/shell/key-bindings.bash;\ +PS1=\'[system-toolbox \W/]\$ \'\ +' >> /root/.bashrc USER root diff --git a/system-toolbox/help-toolbox.sh b/system-toolbox/help-toolbox.sh index 3d77c11..7ba5c1e 100644 --- a/system-toolbox/help-toolbox.sh +++ b/system-toolbox/help-toolbox.sh @@ -54,7 +54,7 @@ echo "nmap - advanced network scanning" echo "telnet - open interactive tcp connection" echo "tcpdump - monitor network packets" echo "iftop - monitor network traffic per hosts" -echo +echo "mtr - advanced network path tracking" printTitle "Memory" printTitle "Storage" echo "smartctl - check smart disks interfaces" diff --git a/tor/Dockerfile b/tor/Dockerfile index 996fb46..a9eb910 100644 --- a/tor/Dockerfile +++ b/tor/Dockerfile @@ -1,4 +1,4 @@ -FROM registry.fedoraproject.org/fedora:38 +FROM registry.fedoraproject.org/fedora:rawhide RUN dnf clean all && \ dnf install -y tor nyx util-linux && \ diff --git a/wireguard/Dockerfile b/wireguard/Dockerfile index 3f3fd37..25c5830 100644 --- a/wireguard/Dockerfile +++ b/wireguard/Dockerfile @@ -1,4 +1,4 @@ -FROM registry.fedoraproject.org/fedora:38 +FROM registry.fedoraproject.org/fedora:39 ENV PKGS="\