reduce build frequency

.gitea/workflows/build-images.yml

@@ -4,7 +4,7 @@ on:
   push:
     branches: [ "main" ]
   schedule:
-    - cron: '30 5 */5 * *'
+    - cron: '30 5 */10 * *'
 
 jobs:
   build-images-arm64:
@@ -19,7 +19,7 @@ jobs:
         run: podman login -u "${{ secrets.PACKAGES_USERNAME }}" -p "${{ secrets.PACKAGES_PASSWD }}" gitea.maciej.cloud
       - name: Build selected images
         run: | 
-          IMAGES=(system-toolbox cloud-toolbox tor wireguard zabbix-agent);
+          IMAGES=(system-toolbox cloud-toolbox tor zabbix-agent snowflake gitea-runner);
           for image in "${IMAGES[@]}";
           do
             echo "building image $image";
@@ -39,7 +39,7 @@ jobs:
         run: podman login -u "${{ secrets.PACKAGES_USERNAME }}" -p "${{ secrets.PACKAGES_PASSWD }}" gitea.maciej.cloud
       - name: Build selected images
         run: | 
-          IMAGES=(system-toolbox cloud-toolbox tor wireguard zabbix-agent);
+          IMAGES=(system-toolbox cloud-toolbox tor zabbix-agent snowflake gitea-runner);
           for image in "${IMAGES[@]}";
           do
             echo "building image $image";
@@ -57,7 +57,7 @@ jobs:
         run: podman login -u "${{ secrets.PACKAGES_USERNAME }}" -p "${{ secrets.PACKAGES_PASSWD }}" gitea.maciej.cloud
       - name: Create manifests and push
         run: | 
-          IMAGES=(system-toolbox cloud-toolbox tor wireguard zabbix-agent);
+          IMAGES=(system-toolbox cloud-toolbox tor zabbix-agent snowflake gitea-runner);
           for image in "${IMAGES[@]}";
           do
             echo "Updating manifest for $image";

README.md

@@ -180,7 +180,6 @@ Example uses root, but it should be very similar to setup under non-root user.
 Build image (will compile from main branch)
 ```bash
 podman build --no-cache -t gitea-runner \
-    --build-arg ARCH="arm64" \
         ./ContainersWorkspace/gitea-runner/
 ```
 
@@ -198,8 +197,8 @@ podman run --rm -it  gitea-runner:latest generate-config > /root/act-runner/runn
 Update registration file path in config and privileged mode.
 ```bash
 sed -i 's`file: .runner`file: /etc/runner/registration.json`g' /root/act-runner/runner/config.yaml;
-sed -i 's`privileged: false`privileged: true`g' act-runner/runner/config.yaml;
+sed -i 's`privileged: false`privileged: true`g' /root/act-runner/runner/config.yaml;
-sed -i 's`docker_host: ""`docker_host: "-"`g' act-runner/runner/config.yaml;
+sed -i 's`docker_host: ""`docker_host: "-"`g' /root/act-runner/runner/config.yaml;
 ```
 Currently you **need** to set `docker_host: "-"` in "container" section
 to make this setup with mounted docker.sock work.
@@ -207,9 +206,10 @@ to make this setup with mounted docker.sock work.
 Fix perms on those dirs:
 ```bash
 podman run --rm -it \
-    -v /root/act-runner/:/data \
+    -v /root/act-runner/:/data:z,rw \
     --privileged \
     --entrypoint bash \
+    -u root \
         gitea-runner:latest \
             -c "chown -R podman /data"
 ```
@@ -218,7 +218,7 @@ Register runner.
 example value for labels can be `ubuntu-latest:docker://quay.io/podman/stable`.
 ```bash
 podman run --rm -it \
-    -v /root/act-runner/runner/:/etc/runner \
+    -v /root/act-runner/runner/:/etc/runner:z,rw \
     --privileged  \
         gitea-runner:latest \
             --config /etc/runner/config.yaml register
@@ -229,7 +229,7 @@ Start container acting as podman/docker (use `--init` to get rid of zombies):
 podman run --rm -d --privileged --name gitea-podman \
     --init \
     --entrypoint podman \
-    -v /root/act-runner/podman:/podman \
+    -v /root/act-runner/podman:/podman:z,rw \
         gitea-runner:latest  \
             system service --time=0 unix:///podman/docker.sock
 ```
@@ -237,7 +237,7 @@ podman run --rm -d --privileged --name gitea-podman \
 Now start container with runner
 ```bash
 podman run --rm -d --name gitea-runner \
-    -v /root/act-runner/runner/:/etc/runner:ro,Z \
+    -v /root/act-runner/runner/:/etc/runner:rw,Z \
     -v /root/act-runner/podman:/podman:rw,z \
         gitea-runner:latest \
             daemon -c /etc/runner/config.yaml
@@ -252,4 +252,100 @@ restorecon -v /etc/systemd/system/gitea-runner.service;
 systemctl daemon-reload;
 systemctl enable --now gitea-podman.service;
 systemctl enable --now gitea-runner.service;
-````
+```
+
+## Podman quadlets examples
+
+This section is about quadlets, rather than specific image, but it is based on
+examples.
+
+To enable such container managed by systemd, create `.container` file
+at `/etc/containers/systemd/my-container.container`, and then run:
+```bash
+systemctl daemon-reload;
+systemctl enable --now my-container.service
+```
+
+### Example host-monitoring purpose quadlets
+
+#### zabbix-agent
+
+```systemd
+[Unit]
+Description=Zabbix agent 2
+After=local-fs.target
+
+[Container]
+Image=zabbix-agent
+ContainerName=zabbix-agent
+LogDriver=journald
+Network=host
+Pull=newer
+ReadOnly=yes
+VolatileTmp=true
+SecurityLabelDisable=yes
+Ulimit=host
+Unmask=ALL
+AddCapability=SYS_ADMIN
+AddCapability=SYS_RAWIO
+
+AutoUpdate=registry
+
+PodmanArgs=--pid=host
+PodmanArgs=--ipc=host
+PodmanArgs=--no-hosts
+PodmanArgs=--device-cgroup-rule='a *:* r'
+
+Volume=/etc/zabbix-agent2.conf:/etc/zabbix/zabbix_agent.conf:ro
+Volume=/dev:/dev:ro
+Volume=/var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket:rw
+
+[Service]
+Restart=always
+
+[Install]
+WantedBy=multi-user.target default.target
+```
+
+#### node-exporter (Prometheus)
+
+```systemd
+[Unit]
+Description=Node exporter for Prometheus
+After=local-fs.target
+
+[Container]
+Image=docker.io/prom/node-exporter:latest
+ContainerName=node-exporter
+LogDriver=journald
+Network=host
+Pull=newer
+ReadOnly=yes
+VolatileTmp=true
+SecurityLabelDisable=yes
+User=1222
+UserNS=host
+Ulimit=host
+Unmask=ALL
+
+AutoUpdate=registry
+
+# Exec=--help
+
+PodmanArgs=--pid=host
+PodmanArgs=--ipc=host
+PodmanArgs=--no-hosts
+
+Volume=/proc:/host/proc:ro
+Volume=/sys:/host/sys:ro
+Volume=/:/rootfs:ro
+
+Exec=--path.procfs=/host/proc --path.rootfs=/rootfs --path.sysfs=/host/sys --collector.filesystem.mount-points-exclude='^/(sys|proc|dev|host|etc)($$|/)'
+
+[Service]
+Restart=always
+
+[Install]
+# Start by default on boot
+WantedBy=multi-user.target default.target
+```

cloud-toolbox/Dockerfile

@@ -1,4 +1,4 @@
-FROM registry.fedoraproject.org/fedora:38
+FROM registry.fedoraproject.org/fedora:39
 
 USER root
 
@@ -6,7 +6,7 @@ ENV HISTSIZE=10000
 ENV HISTTIMEFORMAT="%d/%m/%y %T "
 ENV HISTFILESIZE=20000
 
-ENV PKGS_BASE="fzf git python3-pip rclone bash-completion"
+ENV PKGS_BASE="fzf git python3-pip rclone bash-completion kubernetes-client helm golang-sigs-k8s-kustomize"
 ENV PKGS_TEMP="python3-devel gcc wget"
 
 RUN dnf clean all && \
@@ -24,7 +24,11 @@ RUN dnf clean all && \
 
 WORKDIR /data
 
+COPY kube_ps.sh /root/kube_ps.sh
 
-RUN echo $'[ -f /usr/share/fzf/shell/key-bindings.bash ] && source /usr/share/fzf/shell/key-bindings.bash' >> /root/.bashrc
+RUN echo $'[ -f /usr/share/fzf/shell/key-bindings.bash ] && source /usr/share/fzf/shell/key-bindings.bash;\
+source /root/kube_ps.sh;\
+PS1=\'[cloud-toolbox \W/ $(kube_ps1)]\$ \'\
+' >> /root/.bashrc
 
 ENTRYPOINT [ "/bin/bash" ]

cloud-toolbox/kube_ps.sh

@@ -0,0 +1,423 @@
+# Kubernetes prompt helper for bash/zsh
+# Displays current context and namespace
+
+# Copyright 2023 Jon Mosco
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Debug
+[[ -n $DEBUG ]] && set -x
+
+# Default values for the prompt
+# Override these values in ~/.zshrc or ~/.bashrc
+KUBE_PS1_BINARY="${KUBE_PS1_BINARY:-kubectl}"
+KUBE_PS1_SYMBOL_ENABLE="${KUBE_PS1_SYMBOL_ENABLE:-true}"
+_KUBE_PS1_SYMBOL_DEFAULT=${_KUBE_PS1_SYMBOL_DEFAULT:-$'\u2388'}
+KUBE_PS1_SYMBOL_PADDING="${KUBE_PS1_SYMBOL_PADDING:-false}"
+KUBE_PS1_SYMBOL_USE_IMG="${KUBE_PS1_SYMBOL_USE_IMG:-false}"
+KUBE_PS1_SYMBOL_OC_IMG="${KUBE_PS1_SYMBOL_OC_IMG:-false}"
+_KUBE_PS1_SYMBOL_OC=${KUBE_PS1_SYMBOL_OC:-$'\ue7b7'}
+
+KUBE_PS1_NS_ENABLE="${KUBE_PS1_NS_ENABLE:-true}"
+KUBE_PS1_CONTEXT_ENABLE="${KUBE_PS1_CONTEXT_ENABLE:-true}"
+KUBE_PS1_PREFIX="${KUBE_PS1_PREFIX-(}"
+KUBE_PS1_SEPARATOR="${KUBE_PS1_SEPARATOR-|}"
+KUBE_PS1_DIVIDER="${KUBE_PS1_DIVIDER-:}"
+KUBE_PS1_SUFFIX="${KUBE_PS1_SUFFIX-)}"
+
+KUBE_PS1_SYMBOL_COLOR="${KUBE_PS1_SYMBOL_COLOR-blue}"
+KUBE_PS1_CTX_COLOR="${KUBE_PS1_CTX_COLOR-red}"
+KUBE_PS1_NS_COLOR="${KUBE_PS1_NS_COLOR-cyan}"
+KUBE_PS1_BG_COLOR="${KUBE_PS1_BG_COLOR}"
+
+KUBE_PS1_CLUSTER_FUNCTION="${KUBE_PS1_CLUSTER_FUNCTION}"
+KUBE_PS1_NAMESPACE_FUNCTION="${KUBE_PS1_NAMESPACE_FUNCTION}"
+
+_KUBE_PS1_KUBECONFIG_CACHE="${KUBECONFIG}"
+_KUBE_PS1_DISABLE_PATH="${HOME}/.kube/kube-ps1/disabled"
+_KUBE_PS1_LAST_TIME=0
+
+# Determine our shell
+_kube_ps1_shell_type() {
+  local _KUBE_PS1_SHELL_TYPE
+
+  if [ "${ZSH_VERSION-}" ]; then
+    _KUBE_PS1_SHELL_TYPE="zsh"
+  elif [ "${BASH_VERSION-}" ]; then
+    _KUBE_PS1_SHELL_TYPE="bash"
+  fi
+  echo $_KUBE_PS1_SHELL_TYPE
+}
+
+_kube_ps1_init() {
+  [[ -f "${_KUBE_PS1_DISABLE_PATH}" ]] && KUBE_PS1_ENABLED=off
+
+  case "$(_kube_ps1_shell_type)" in
+    "zsh")
+      _KUBE_PS1_OPEN_ESC="%{"
+      _KUBE_PS1_CLOSE_ESC="%}"
+      _KUBE_PS1_DEFAULT_BG="%k"
+      _KUBE_PS1_DEFAULT_FG="%f"
+      setopt PROMPT_SUBST
+      autoload -U add-zsh-hook
+      add-zsh-hook precmd _kube_ps1_prompt_update
+      zmodload -F zsh/stat b:zstat
+      zmodload zsh/datetime
+      ;;
+    "bash")
+      _KUBE_PS1_OPEN_ESC=$'\001'
+      _KUBE_PS1_CLOSE_ESC=$'\002'
+      _KUBE_PS1_DEFAULT_BG=$'\033[49m'
+      _KUBE_PS1_DEFAULT_FG=$'\033[39m'
+      [[ $PROMPT_COMMAND =~ _kube_ps1_prompt_update ]] || PROMPT_COMMAND="_kube_ps1_prompt_update;${PROMPT_COMMAND:-:}"
+      ;;
+  esac
+}
+
+_kube_ps1_color_fg() {
+  local _KUBE_PS1_FG_CODE
+  case "${1}" in
+    black) _KUBE_PS1_FG_CODE=0;;
+    red) _KUBE_PS1_FG_CODE=1;;
+    green) _KUBE_PS1_FG_CODE=2;;
+    yellow) _KUBE_PS1_FG_CODE=3;;
+    blue) _KUBE_PS1_FG_CODE=4;;
+    magenta) _KUBE_PS1_FG_CODE=5;;
+    cyan) _KUBE_PS1_FG_CODE=6;;
+    white) _KUBE_PS1_FG_CODE=7;;
+    # 256
+    [0-9]|[1-9][0-9]|[1][0-9][0-9]|[2][0-4][0-9]|[2][5][0-6]) _KUBE_PS1_FG_CODE="${1}";;
+    *) _KUBE_PS1_FG_CODE=default
+  esac
+
+  if [[ "${_KUBE_PS1_FG_CODE}" == "default" ]]; then
+    _KUBE_PS1_FG_CODE="${_KUBE_PS1_DEFAULT_FG}"
+    return
+  elif [[ "$(_kube_ps1_shell_type)" == "zsh" ]]; then
+    _KUBE_PS1_FG_CODE="%F{$_KUBE_PS1_FG_CODE}"
+  elif [[ "$(_kube_ps1_shell_type)" == "bash" ]]; then
+    if tput setaf 1 &> /dev/null; then
+      _KUBE_PS1_FG_CODE="$(tput setaf ${_KUBE_PS1_FG_CODE})"
+    elif [[ $_KUBE_PS1_FG_CODE -ge 0 ]] && [[ $_KUBE_PS1_FG_CODE -le 256 ]]; then
+      _KUBE_PS1_FG_CODE="\033[38;5;${_KUBE_PS1_FG_CODE}m"
+    else
+      _KUBE_PS1_FG_CODE="${_KUBE_PS1_DEFAULT_FG}"
+    fi
+  fi
+  echo ${_KUBE_PS1_OPEN_ESC}${_KUBE_PS1_FG_CODE}${_KUBE_PS1_CLOSE_ESC}
+}
+
+_kube_ps1_color_bg() {
+  local _KUBE_PS1_BG_CODE
+  case "${1}" in
+    black) _KUBE_PS1_BG_CODE=0;;
+    red) _KUBE_PS1_BG_CODE=1;;
+    green) _KUBE_PS1_BG_CODE=2;;
+    yellow) _KUBE_PS1_BG_CODE=3;;
+    blue) _KUBE_PS1_BG_CODE=4;;
+    magenta) _KUBE_PS1_BG_CODE=5;;
+    cyan) _KUBE_PS1_BG_CODE=6;;
+    white) _KUBE_PS1_BG_CODE=7;;
+    # 256
+    [0-9]|[1-9][0-9]|[1][0-9][0-9]|[2][0-4][0-9]|[2][5][0-6]) _KUBE_PS1_BG_CODE="${1}";;
+    *) _KUBE_PS1_BG_CODE=$'\033[0m';;
+  esac
+
+  if [[ "${_KUBE_PS1_BG_CODE}" == "default" ]]; then
+    _KUBE_PS1_FG_CODE="${_KUBE_PS1_DEFAULT_BG}"
+    return
+  elif [[ "$(_kube_ps1_shell_type)" == "zsh" ]]; then
+    _KUBE_PS1_BG_CODE="%K{$_KUBE_PS1_BG_CODE}"
+  elif [[ "$(_kube_ps1_shell_type)" == "bash" ]]; then
+    if tput setaf 1 &> /dev/null; then
+      _KUBE_PS1_BG_CODE="$(tput setab ${_KUBE_PS1_BG_CODE})"
+    elif [[ $_KUBE_PS1_BG_CODE -ge 0 ]] && [[ $_KUBE_PS1_BG_CODE -le 256 ]]; then
+      _KUBE_PS1_BG_CODE="\033[48;5;${_KUBE_PS1_BG_CODE}m"
+    else
+      _KUBE_PS1_BG_CODE="${DEFAULT_BG}"
+    fi
+  fi
+  echo ${_KUBE_PS1_OPEN_ESC}${_KUBE_PS1_BG_CODE}${_KUBE_PS1_CLOSE_ESC}
+}
+
+_kube_ps1_binary_check() {
+  command -v $1 >/dev/null
+}
+
+_kube_ps1_symbol() {
+  [[ "${KUBE_PS1_SYMBOL_ENABLE}" == false ]] && return
+
+  case "$(_kube_ps1_shell_type)" in
+    bash)
+      if ((BASH_VERSINFO[0] >= 4)) && [[ $'\u2388' != "\\u2388" ]]; then
+        KUBE_PS1_SYMBOL="${_KUBE_PS1_SYMBOL_DEFAULT}"
+        KUBE_PS1_SYMBOL_IMG=$'\u2638\ufe0f'
+      else
+        KUBE_PS1_SYMBOL=$'\xE2\x8E\x88'
+        KUBE_PS1_SYMBOL_IMG=$'\xE2\x98\xB8'
+      fi
+      ;;
+    zsh)
+      KUBE_PS1_SYMBOL="${_KUBE_PS1_SYMBOL_DEFAULT}"
+      KUBE_PS1_SYMBOL_IMG="\u2638";;
+    *)
+      KUBE_PS1_SYMBOL="k8s"
+  esac
+
+  if [[ "${KUBE_PS1_SYMBOL_USE_IMG}" == true ]]; then
+    KUBE_PS1_SYMBOL="${KUBE_PS1_SYMBOL_IMG}"
+  fi
+
+  # OpenShift glyph
+  # NOTE: this requires a patched "Nerd" font to work
+  # https://www.nerdfonts.com/
+  if [[ "${KUBE_PS1_SYMBOL_OC_IMG}" == true ]]; then
+    KUBE_PS1_SYMBOL="${_KUBE_PS1_SYMBOL_OC}"
+  fi
+
+  if [[ "${KUBE_PS1_SYMBOL_PADDING}" == true ]]; then
+    echo "${KUBE_PS1_SYMBOL} "
+  else
+    echo "${KUBE_PS1_SYMBOL}"
+  fi
+
+}
+
+_kube_ps1_split_config() {
+  type setopt >/dev/null 2>&1 && setopt SH_WORD_SPLIT
+  local IFS=$1
+  echo $2
+}
+
+_kube_ps1_file_newer_than() {
+  local mtime
+  local file=$1
+  local check_time=$2
+
+  if [[ "$(_kube_ps1_shell_type)" == "zsh" ]]; then
+    # Use zstat '-F %s.%s' to make it compatible with low zsh version (eg: 5.0.2)
+    mtime=$(zstat +mtime -F %s.%s "${file}")
+  elif stat -c "%s" /dev/null &> /dev/null; then
+    # GNU stat
+    mtime=$(stat -L -c %Y "${file}")
+  else
+    # BSD stat
+    mtime=$(stat -L -f %m "$file")
+  fi
+
+  [[ "${mtime}" -gt "${check_time}" ]]
+}
+
+_kube_ps1_prompt_update() {
+  local return_code=$?
+
+  [[ "${KUBE_PS1_ENABLED}" == "off" ]] && return $return_code
+
+  if ! _kube_ps1_binary_check "${KUBE_PS1_BINARY}"; then
+    # No ability to fetch context/namespace; display N/A.
+    KUBE_PS1_CONTEXT="BINARY-N/A"
+    KUBE_PS1_NAMESPACE="N/A"
+    return $return_code
+  fi
+
+  if [[ "${KUBECONFIG}" != "${_KUBE_PS1_KUBECONFIG_CACHE}" ]]; then
+    # User changed KUBECONFIG; unconditionally refetch.
+    _KUBE_PS1_KUBECONFIG_CACHE=${KUBECONFIG}
+    _kube_ps1_get_context_ns
+    return $return_code
+  fi
+
+  # kubectl will read the environment variable $KUBECONFIG
+  # otherwise set it to ~/.kube/config
+  local conf
+  local config_file_cache
+
+  for conf in $(_kube_ps1_split_config : "${KUBECONFIG:-${HOME}/.kube/config}"); do
+    [[ -r "${conf}" ]] || continue
+    config_file_cache+=":${conf}"
+    if _kube_ps1_file_newer_than "${conf}" "${_KUBE_PS1_LAST_TIME}"; then
+      _kube_ps1_get_context_ns
+      return $return_code
+    fi
+  done
+
+  if [[ "${config_file_cache}" != "${_KUBE_PS1_CFGFILES_READ_CACHE}" ]]; then
+    _kube_ps1_get_context_ns
+    return $return_code
+  fi
+
+  return $return_code
+}
+
+_kube_ps1_get_context() {
+  if [[ "${KUBE_PS1_CONTEXT_ENABLE}" == true ]]; then
+    KUBE_PS1_CONTEXT="$(${KUBE_PS1_BINARY} config current-context 2>/dev/null)"
+    # Set namespace to 'N/A' if it is not defined
+    KUBE_PS1_CONTEXT="${KUBE_PS1_CONTEXT:-N/A}"
+
+    if [[ -n "${KUBE_PS1_CLUSTER_FUNCTION}" ]]; then
+      KUBE_PS1_CONTEXT=$($KUBE_PS1_CLUSTER_FUNCTION $KUBE_PS1_CONTEXT)
+    fi
+  fi
+}
+
+_kube_ps1_get_ns() {
+  if [[ "${KUBE_PS1_NS_ENABLE}" == true ]]; then
+    KUBE_PS1_NAMESPACE="$(${KUBE_PS1_BINARY} config view --minify --output 'jsonpath={..namespace}' 2>/dev/null)"
+    KUBE_PS1_NAMESPACE="${KUBE_PS1_NAMESPACE:-N/A}"
+
+    if [[ -n "${KUBE_PS1_NAMESPACE_FUNCTION}" ]]; then
+        KUBE_PS1_NAMESPACE=$($KUBE_PS1_NAMESPACE_FUNCTION $KUBE_PS1_NAMESPACE)
+    fi
+  fi
+}
+
+_kube_ps1_get_context_ns() {
+  # Set the command time
+  if [[ "$(_kube_ps1_shell_type)" == "bash" ]]; then
+    if ((BASH_VERSINFO[0] >= 4 && BASH_VERSINFO[1] >= 2)); then
+      _KUBE_PS1_LAST_TIME=$(printf '%(%s)T')
+    else
+      _KUBE_PS1_LAST_TIME=$(date +%s)
+    fi
+  elif [[ "$(_kube_ps1_shell_type)" == "zsh" ]]; then
+    _KUBE_PS1_LAST_TIME=$EPOCHREALTIME
+  fi
+
+  KUBE_PS1_CONTEXT="${KUBE_PS1_CONTEXT:-N/A}"
+  KUBE_PS1_NAMESPACE="${KUBE_PS1_NAMESPACE:-N/A}"
+
+  # Cache which cfgfiles we can read in case they change.
+  local conf
+  _KUBE_PS1_CFGFILES_READ_CACHE=
+  for conf in $(_kube_ps1_split_config : "${KUBECONFIG:-${HOME}/.kube/config}"); do
+    [[ -r $conf ]] && _KUBE_PS1_CFGFILES_READ_CACHE+=":$conf"
+  done
+
+  _kube_ps1_get_context
+  _kube_ps1_get_ns
+}
+
+# Set kube-ps1 shell defaults
+_kube_ps1_init
+
+_kubeon_usage() {
+  cat <<"EOF"
+Toggle kube-ps1 prompt on
+
+Usage: kubeon [-g | --global] [-h | --help]
+
+With no arguments, turn oon kube-ps1 status for this shell instance (default).
+
+  -g --global  turn on kube-ps1 status globally
+  -h --help    print this message
+EOF
+}
+
+_kubeoff_usage() {
+  cat <<"EOF"
+Toggle kube-ps1 prompt off
+
+Usage: kubeoff [-g | --global] [-h | --help]
+
+With no arguments, turn off kube-ps1 status for this shell instance (default).
+
+  -g --global turn off kube-ps1 status globally
+  -h --help   print this message
+EOF
+}
+
+kubeon() {
+  if [[ "${1}" == '-h' || "${1}" == '--help' ]]; then
+    _kubeon_usage
+  elif [[ "${1}" == '-g' || "${1}" == '--global' ]]; then
+    rm -f -- "${_KUBE_PS1_DISABLE_PATH}"
+  elif [[ "$#" -ne 0 ]]; then
+    echo -e "error: unrecognized flag ${1}\\n"
+    _kubeon_usage
+    return
+  fi
+
+  KUBE_PS1_ENABLED=on
+}
+
+kubeoff() {
+  if [[ "${1}" == '-h' || "${1}" == '--help' ]]; then
+    _kubeoff_usage
+  elif [[ "${1}" == '-g' || "${1}" == '--global' ]]; then
+    mkdir -p -- "$(dirname "${_KUBE_PS1_DISABLE_PATH}")"
+    touch -- "${_KUBE_PS1_DISABLE_PATH}"
+  elif [[ $# -ne 0 ]]; then
+    echo "error: unrecognized flag ${1}" >&2
+    _kubeoff_usage
+    return
+  fi
+
+  KUBE_PS1_ENABLED=off
+}
+
+# Build our prompt
+kube_ps1() {
+  [[ "${KUBE_PS1_ENABLED}" == "off" ]] && return
+  [[ -z "${KUBE_PS1_CONTEXT}" ]] && [[ "${KUBE_PS1_CONTEXT_ENABLE}" == true ]] && return
+
+  local KUBE_PS1
+  local KUBE_PS1_RESET_COLOR="${_KUBE_PS1_OPEN_ESC}${_KUBE_PS1_DEFAULT_FG}${_KUBE_PS1_CLOSE_ESC}"
+
+  # Background Color
+  [[ -n "${KUBE_PS1_BG_COLOR}" ]] && KUBE_PS1+="$(_kube_ps1_color_bg ${KUBE_PS1_BG_COLOR})"
+
+  # Prefix
+  if [[ -z "${KUBE_PS1_PREFIX_COLOR:-}" ]] && [[ -n "${KUBE_PS1_PREFIX}" ]]; then
+      KUBE_PS1+="${KUBE_PS1_PREFIX}"
+  else
+      KUBE_PS1+="$(_kube_ps1_color_fg $KUBE_PS1_PREFIX_COLOR)${KUBE_PS1_PREFIX}${KUBE_PS1_RESET_COLOR}"
+  fi
+
+  # Symbol
+  if [[ "${KUBE_PS1_SYMBOL_OC_IMG}" == true ]]; then
+    local _KUBE_PS1_OC_SYMBOL_COLOR=red
+    KUBE_PS1+="$(_kube_ps1_color_fg $_KUBE_PS1_OC_SYMBOL_COLOR)$(_kube_ps1_symbol)${KUBE_PS1_RESET_COLOR}"
+  else
+    KUBE_PS1+="$(_kube_ps1_color_fg $KUBE_PS1_SYMBOL_COLOR)$(_kube_ps1_symbol)${KUBE_PS1_RESET_COLOR}"
+  fi
+
+  if [[ -n "${KUBE_PS1_SEPARATOR}" ]] && [[ "${KUBE_PS1_SYMBOL_ENABLE}" == true ]]; then
+    KUBE_PS1+="${KUBE_PS1_SEPARATOR}"
+  fi
+
+  # Context
+  if [[ "${KUBE_PS1_CONTEXT_ENABLE}" == true ]]; then
+    KUBE_PS1+="$(_kube_ps1_color_fg $KUBE_PS1_CTX_COLOR)${KUBE_PS1_CONTEXT}${KUBE_PS1_RESET_COLOR}"
+  fi
+
+  # Namespace
+  if [[ "${KUBE_PS1_NS_ENABLE}" == true ]]; then
+    if [[ -n "${KUBE_PS1_DIVIDER}" ]] && [[ "${KUBE_PS1_CONTEXT_ENABLE}" == true ]]; then
+      KUBE_PS1+="${KUBE_PS1_DIVIDER}"
+    fi
+    KUBE_PS1+="$(_kube_ps1_color_fg ${KUBE_PS1_NS_COLOR})${KUBE_PS1_NAMESPACE}${KUBE_PS1_RESET_COLOR}"
+  fi
+
+  # Suffix
+  if [[ -z "${KUBE_PS1_SUFFIX_COLOR:-}" ]] && [[ -n "${KUBE_PS1_SUFFIX}" ]]; then
+      KUBE_PS1+="${KUBE_PS1_SUFFIX}"
+  else
+      KUBE_PS1+="$(_kube_ps1_color_fg $KUBE_PS1_SUFFIX_COLOR)${KUBE_PS1_SUFFIX}${KUBE_PS1_RESET_COLOR}"
+  fi
+
+  # Close Background color if defined
+  [[ -n "${KUBE_PS1_BG_COLOR}" ]] && KUBE_PS1+="${_KUBE_PS1_OPEN_ESC}${_KUBE_PS1_DEFAULT_BG}${_KUBE_PS1_CLOSE_ESC}"
+
+  echo "${KUBE_PS1}"
+}

gui-container/Dockerfile

@@ -1,4 +1,4 @@
-FROM registry.fedoraproject.org/fedora:38
+FROM registry.fedoraproject.org/fedora:39
 
 ENV HISTSIZE=10000
 ENV HISTTIMEFORMAT="%d/%m/%y %T "

snowflake/Dockerfile

@@ -1,4 +1,4 @@
-FROM registry.fedoraproject.org/fedora:38
+FROM registry.fedoraproject.org/fedora:39
 
 RUN useradd -u 1423 -m -s '/bin/bash' -U snowflake
 ENV TZ=Europe/Warsaw

system-toolbox/Dockerfile

@@ -1,4 +1,12 @@
-FROM registry.fedoraproject.org/fedora:38
+FROM registry.fedoraproject.org/fedora:39
+
+USER root
+
+ENV HISTSIZE=10000
+ENV HISTTIMEFORMAT="%d/%m/%y %T "
+ENV HISTFILESIZE=20000
+
+ENV PKGS_BASE="fzf bash-completion"
 
 ENV PKGS_GENERAL="htop \
     btop \
@@ -10,8 +18,7 @@ ENV PKGS_GENERAL="htop \
     yt-dlp \
     openfortivpn \
     conntrack-tools \
-    wireguard-tools \
+    wireguard-tools"
-    qrencode"
 
 ENV PKGS_PROCESSES="procps-ng \
     strace"
@@ -25,15 +32,19 @@ ENV PKGS_NETWORK="bind-utils \
     iproute \
     iputils \
     whois \
-    iptraf-ng"
+    iptraf-ng \
+    mtr"
 
 RUN dnf clean all && \
-    dnf install -y ${PKGS_GENERAL} ${PKGS_PROCESSES} ${PKGS_NETWORK} && \
+    dnf install -y ${PKGS_BASE} ${PKGS_GENERAL} ${PKGS_PROCESSES} ${PKGS_NETWORK} && \
     dnf -y autoremove && \
     dnf -y clean all
 
 COPY help-toolbox.sh /usr/bin/help-toolbox
 
-RUN chmod 555 /usr/bin/help-toolbox
+RUN chmod 555 /usr/bin/help-toolbox && \
+    echo $'[ -f /usr/share/fzf/shell/key-bindings.bash ] && source /usr/share/fzf/shell/key-bindings.bash;\
+PS1=\'[system-toolbox \W/]\$ \'\
+' >> /root/.bashrc
 
 USER root

system-toolbox/help-toolbox.sh

@@ -54,7 +54,7 @@ echo "nmap - advanced network scanning"
 echo "telnet - open interactive tcp connection"
 echo "tcpdump - monitor network packets"
 echo "iftop - monitor network traffic per hosts"
-echo 
+echo "mtr - advanced network path tracking"
 printTitle "Memory"
 printTitle "Storage"
 echo "smartctl - check smart disks interfaces"

tor/Dockerfile

@@ -1,4 +1,4 @@
-FROM registry.fedoraproject.org/fedora:38
+FROM registry.fedoraproject.org/fedora:rawhide
 
 RUN dnf clean all && \
     dnf install -y tor nyx util-linux && \

wireguard/Dockerfile

@@ -1,4 +1,4 @@
-FROM registry.fedoraproject.org/fedora:38
+FROM registry.fedoraproject.org/fedora:39
 
 
 ENV PKGS="\