Skip to content

Latest commit

 

History

History
348 lines (281 loc) · 11.8 KB

README.md

File metadata and controls

348 lines (281 loc) · 11.8 KB

GITHUB

Tools

Tools collection

All Images are Multiarch (AMD64, ARM64 and ARM) builds and in the following Container Registries:

Tools/Tags:

figlet

FIGlet is a computer program that generates text banners.

This Docker Image is based on latest AlpineLinux, see Dockerfile for more details.

Example

docker run --rm --name figlet -it tobi312/tools:figlet 'Hello :D'

Output:

 _   _      _ _           ____
| | | | ___| | | ___    _|  _ \
| |_| |/ _ \ | |/ _ \  (_) | | |
|  _  |  __/ | | (_) |  _| |_| |
|_| |_|\___|_|_|\___/  (_)____/

htpasswd

htpasswd create username password information of a web server.

This Docker Image is based on latest AlpineLinux, see Dockerfile for more details.

Example

docker run --rm -it tobi312/tools:htpasswd -bn username passw0rd

Output:

username:$apr1$Sk1pFYwB$ivgO9asJe4WkalyC7L5TV0

ToolBox

Toolbox with git, wget, curl, nano, netcat and more.

This Docker Image is based on latest AlpineLinux, see Dockerfile and Dockerfile (extended) for more details.

Example for Docker

# start
docker run --rm --name toolbox -d tobi312/tools:toolbox
# exec
docker exec -it toolbox sh
# use (example: check port is open)
nc -zv -w 3 <HOST> <PORT>

Example for Docker-Compose

Create file `toolbox.yml` with this content: (click)

version: '2.4'
services:

  toolbox:
    image: tobi312/tools:toolbox
    #image: tobi312/tools:toolbox-extended
    container_name: toolbox
    restart: unless-stopped
    #user: "1000:1000"  # format: "${UID}:${GID}"
    #entrypoint: [ "/bin/sh", "-c", "--" ]
    #command: [ "while true; do sleep 60; done;" ] 

and then:

# start
docker-compose -f toolbox.yml up -d
# exec (you can use sh or bash)
docker-compose -f toolbox.yml exec toolbox sh
# or
docker exec -it toolbox sh
# use (example: check port is open)
nc -zv -w 3 <HOST> <PORT>

Example for Kubernetes

Create file `toolbox.yaml` with this content: (click)

apiVersion: v1
kind: Pod
metadata:
  name: toolbox
  namespace: default
spec:
  containers:
  - name: toolbox
    image: tobi312/tools:toolbox
    resources:
      requests:
        memory: "128Mi"
        cpu: "0.1"
      limits:
        memory: "512Mi"
        cpu: "0.5"

and then:

# start
kubectl apply -f toolbox.yaml
# exec
kubectl exec -it pod/toolbox -- sh
# use (example: check port is open)
nc -zv -w 3 <HOST> <PORT>

Or example for Deployment.

dnsmasq

dnsmasq is a lightweight dns and dhcp server.

Example for Docker-Compose

Create file `docker-compose.yml` with this content: (click)

version: "2.4"
services:

  dnsmasq:
    image: tobi312/tools:dnsmasq
    container_name: dnsmasq
    restart: unless-stopped
    ports:
      - 53:53/tcp # DNS
      - 53:53/udp # DNS
      - 67:67/udp # DHCP Server
      #- 68:68/udp # DHCP Client
      #- 69:69/udp # TFTP
    volumes:
      - ./dnsmasq/:/etc/dnsmasq.d/:rw  # add your config files in this folder
    #network_mode: host
    cap_add:
      - 'NET_ADMIN'

easy-rsa

easy-rsa is a CLI utility to build and manage a PKI CA.

Example(s)

# help
docker run --rm --name easy-rsa -it tobi312/tools:easy-rsa-3.1.7 help
Example (1) - root-ca & certs: (click)

# Preparation
mkdir ~/data_easyrsa
# IMPORANT: Execute all Command from this/next Folder !!
cd ~/data_easyrsa

# root-ca
# init pki
docker run --rm --name easy-rsa -v ${PWD}:/easyrsa:rw -it tobi312/tools:easy-rsa-3.1.7 init-pki
# download "vars"-File
curl -sL https://github.com/OpenVPN/easy-rsa/raw/master/easyrsa3/vars.example -o ./pki/vars
# now EDIT "vars"-File in ./pki
# and then build ca:
docker run --rm --name easy-rsa -v ${PWD}:/easyrsa:rw -it tobi312/tools:easy-rsa-3.1.7 build-ca

# Server Cert (repeat this steps for other domains)
# create server cert request
docker run --rm --name easy-rsa -v ${PWD}:/easyrsa:rw -it tobi312/tools:easy-rsa-3.1.7 --subject-alt-name="DNS:example.com,DNS:*.example.com,IP:192.168.1.100" gen-req example-com nopass
# sign server cert
docker run --rm --name easy-rsa -v ${PWD}:/easyrsa:rw -it tobi312/tools:easy-rsa-3.1.7 sign-req server example-com
# check cert
openssl verify -verbose -CAfile ${PWD}/pki/ca.crt ${PWD}/pki/issued/example-com.crt
openssl x509 -noout -text -in ${PWD}/pki/issued/example-com.crt

Example (2) - root-ca, intermediate-ca & certs: (click)

Preparation:

mkdir ~/data_easyrsa
# IMPORANT: Execute all Command from this/next Folder !!
cd ~/data_easyrsa

root-ca:

# init pki (need "soft" to write in mounted volume subpath "/easyrsa/root-ca" instead "/easyrsa/pki")
docker run --rm --name easy-rsa -e EASYRSA_PKI="/easyrsa/root-ca" -v ${PWD}/root-ca/:/easyrsa/root-ca:rw -it tobi312/tools:easy-rsa-3.1.7 init-pki soft
# ASK: Confirm removal: yes

# download "vars"-File
curl -sL https://github.com/OpenVPN/easy-rsa/raw/master/easyrsa3/vars.example -o ${PWD}/root-ca/vars
# now EDIT "vars"-File in ./root-ca
# and then build ca:
docker run --rm --name easy-rsa -e EASYRSA_PKI="/easyrsa/root-ca" -v ${PWD}/root-ca/:/easyrsa/root-ca:rw -it tobi312/tools:easy-rsa-3.1.7 build-ca
# ASK: Enter New CA Key Passphrase:
# ASK: Common Name (eg: your user, host, or server name) [Easy-RSA CA]: My Organization CA

# check/show content of root-ca "ca.crt" file
openssl x509 -noout -text -in ${PWD}/root-ca/ca.crt

intermediate-ca = subca:

# init pki (need "soft" to write in mounted volume subpath "/easyrsa/intermediate-ca" instead "/easyrsa/pki")
docker run --rm --name easy-rsa -e EASYRSA_PKI="/easyrsa/intermediate-ca" -v ${PWD}/intermediate-ca/:/easyrsa/intermediate-ca:rw -it tobi312/tools:easy-rsa-3.1.7 init-pki soft
# ASK: Confirm removal: yes

# download "vars"-File
curl -sL https://github.com/OpenVPN/easy-rsa/raw/master/easyrsa3/vars.example -o ${PWD}/intermediate-ca/vars
# now EDIT "vars"-File in ./intermediate-ca
# and then build subca:
docker run --rm --name easy-rsa -e EASYRSA_PKI="/easyrsa/intermediate-ca" -v ${PWD}/intermediate-ca/:/easyrsa/intermediate-ca:rw -it tobi312/tools:easy-rsa-3.1.7 build-ca subca
# ASK: Enter New CA Key Passphrase:
# ASK: Common Name (eg: your user, host, or server name) [Easy-RSA CA]: My Organization Sub-CA

# import subca in ca (Note: switch to root-ca):
docker run --rm --name easy-rsa -e EASYRSA_PKI="/easyrsa/root-ca" -v ${PWD}/root-ca/:/easyrsa/root-ca:rw -v ${PWD}/intermediate-ca/:/easyrsa/intermediate-ca:rw -it tobi312/tools:easy-rsa-3.1.7 import-req /easyrsa/intermediate-ca/reqs/ca.req intermediate-ca

# sign subca with ca (Note: switch to root-ca)
docker run --rm --name easy-rsa -e EASYRSA_PKI="/easyrsa/root-ca" -v ${PWD}/root-ca/:/easyrsa/root-ca:rw -it tobi312/tools:easy-rsa-3.1.7 sign-req ca intermediate-ca
# ASK: Confirm request details: yes
# ASK: Enter pass phrase for /easyrsa/root-ca/private/ca.key:

# copy sign subca from root-ca to intermediate-ca folder
docker run --rm --name easy-rsa --entrypoint="" -v ${PWD}/root-ca/:/easyrsa/root-ca:rw -v ${PWD}/intermediate-ca/:/easyrsa/intermediate-ca:rw -it tobi312/tools:easy-rsa-3.1.7 cp /easyrsa/root-ca/issued/intermediate-ca.crt /easyrsa/intermediate-ca/ca.crt
# or
cp ${PWD}/root-ca/issued/intermediate-ca.crt ${PWD}/intermediate-ca/ca.crt

# verify subca from ca
openssl verify -verbose -CAfile ${PWD}/root-ca/ca.crt ${PWD}/intermediate-ca/ca.crt
# check/show content of intermediate-ca "ca.crt" file
openssl x509 -noout -text -in ${PWD}/intermediate-ca/ca.crt


# copy subca and ca in one file called fullca.crt
cat ${PWD}/intermediate-ca/ca.crt ${PWD}/root-ca/ca.crt > ${PWD}/fullca.crt

Server Cert ... for Domain example.com:

# create server cert request
docker run --rm --name easy-rsa -e EASYRSA_PKI="/easyrsa/intermediate-ca" -v ${PWD}/intermediate-ca/:/easyrsa/intermediate-ca:rw -it tobi312/tools:easy-rsa-3.1.7 --subject-alt-name="DNS:example.com,DNS:*.example.com,IP:192.168.1.100" gen-req example-com nopass
# ASK: Common Name (eg: your user, host, or server name) [example-com]:example.com

# sign server cert
docker run --rm --name easy-rsa -e EASYRSA_PKI="/easyrsa/intermediate-ca" -v ${PWD}/intermediate-ca/:/easyrsa/intermediate-ca:rw -it tobi312/tools:easy-rsa-3.1.7 sign-req server example-com
# ASK: Confirm request details: yes
# ASK: Enter pass phrase for /easyrsa/intermediate-ca/private/ca.key:

# verify cert from subca and ca
openssl verify -verbose -CAfile ${PWD}/fullca.crt ${PWD}/intermediate-ca/issued/example-com.crt
# check/show content of cert file
openssl x509 -noout -text -in ${PWD}/intermediate-ca/issued/example-com.crt

# repeat this steps for other domains

Notes

Notes ...: (click)