Tools collection
All Images are Multiarch (AMD64, ARM64 and ARM) builds and in the following Container Registries:
Tools/Tags:
adminerevo
autossh
azcopy
c-mqtt-forwarder
dnsmasq
easy-rsa
figlet
htpasswd
keepalived
kiwiirc
mqtt-board
mqtt-client
mqtt-forwarder
postgres-exporter
prometheus-mosquitto-exporter
prometheus-mqtt-transport
proxyscotch
squid
static-curl
- ToolBox:
- Deprecated:
adminer
- Use nowadminerevo
!pgadmin4
- Use now offical Docker build!irc-exporter
- Use now offical Docker build!vwmetrics
- Use now offical Docker build!
FIGlet is a computer program that generates text banners.
This Docker Image is based on latest AlpineLinux, see Dockerfile for more details.
docker run --rm --name figlet -it tobi312/tools:figlet 'Hello :D'
Output:
_ _ _ _ ____
| | | | ___| | | ___ _| _ \
| |_| |/ _ \ | |/ _ \ (_) | | |
| _ | __/ | | (_) | _| |_| |
|_| |_|\___|_|_|\___/ (_)____/
htpasswd create username password information of a web server.
This Docker Image is based on latest AlpineLinux, see Dockerfile for more details.
docker run --rm -it tobi312/tools:htpasswd -bn username passw0rd
Output:
username:$apr1$Sk1pFYwB$ivgO9asJe4WkalyC7L5TV0
Toolbox with git, wget, curl, nano, netcat and more.
This Docker Image is based on latest AlpineLinux, see Dockerfile and Dockerfile (extended) for more details.
# start
docker run --rm --name toolbox -d tobi312/tools:toolbox
# exec
docker exec -it toolbox sh
# use (example: check port is open)
nc -zv -w 3 <HOST> <PORT>
Create file `toolbox.yml` with this content: (click)
version: '2.4'
services:
toolbox:
image: tobi312/tools:toolbox
#image: tobi312/tools:toolbox-extended
container_name: toolbox
restart: unless-stopped
#user: "1000:1000" # format: "${UID}:${GID}"
#entrypoint: [ "/bin/sh", "-c", "--" ]
#command: [ "while true; do sleep 60; done;" ]
and then:
# start
docker-compose -f toolbox.yml up -d
# exec (you can use sh or bash)
docker-compose -f toolbox.yml exec toolbox sh
# or
docker exec -it toolbox sh
# use (example: check port is open)
nc -zv -w 3 <HOST> <PORT>
Create file `toolbox.yaml` with this content: (click)
apiVersion: v1
kind: Pod
metadata:
name: toolbox
namespace: default
spec:
containers:
- name: toolbox
image: tobi312/tools:toolbox
resources:
requests:
memory: "128Mi"
cpu: "0.1"
limits:
memory: "512Mi"
cpu: "0.5"
and then:
# start
kubectl apply -f toolbox.yaml
# exec
kubectl exec -it pod/toolbox -- sh
# use (example: check port is open)
nc -zv -w 3 <HOST> <PORT>
Or example for Deployment.
dnsmasq is a lightweight dns and dhcp server.
Create file `docker-compose.yml` with this content: (click)
version: "2.4"
services:
dnsmasq:
image: tobi312/tools:dnsmasq
container_name: dnsmasq
restart: unless-stopped
ports:
- 53:53/tcp # DNS
- 53:53/udp # DNS
- 67:67/udp # DHCP Server
#- 68:68/udp # DHCP Client
#- 69:69/udp # TFTP
volumes:
- ./dnsmasq/:/etc/dnsmasq.d/:rw # add your config files in this folder
#network_mode: host
cap_add:
- 'NET_ADMIN'
easy-rsa is a CLI utility to build and manage a PKI CA.
- offical Docs
- Dockerfile
# help
docker run --rm --name easy-rsa -it tobi312/tools:easy-rsa-3.1.7 help
Example (1) - root-ca & certs: (click)
# Preparation
mkdir ~/data_easyrsa
# IMPORANT: Execute all Command from this/next Folder !!
cd ~/data_easyrsa
# root-ca
# init pki
docker run --rm --name easy-rsa -v ${PWD}:/easyrsa:rw -it tobi312/tools:easy-rsa-3.1.7 init-pki
# download "vars"-File
curl -sL https://github.com/OpenVPN/easy-rsa/raw/master/easyrsa3/vars.example -o ./pki/vars
# now EDIT "vars"-File in ./pki
# and then build ca:
docker run --rm --name easy-rsa -v ${PWD}:/easyrsa:rw -it tobi312/tools:easy-rsa-3.1.7 build-ca
# Server Cert (repeat this steps for other domains)
# create server cert request
docker run --rm --name easy-rsa -v ${PWD}:/easyrsa:rw -it tobi312/tools:easy-rsa-3.1.7 --subject-alt-name="DNS:example.com,DNS:*.example.com,IP:192.168.1.100" gen-req example-com nopass
# sign server cert
docker run --rm --name easy-rsa -v ${PWD}:/easyrsa:rw -it tobi312/tools:easy-rsa-3.1.7 sign-req server example-com
# check cert
openssl verify -verbose -CAfile ${PWD}/pki/ca.crt ${PWD}/pki/issued/example-com.crt
openssl x509 -noout -text -in ${PWD}/pki/issued/example-com.crt
Example (2) - root-ca, intermediate-ca & certs: (click)
Preparation:
mkdir ~/data_easyrsa
# IMPORANT: Execute all Command from this/next Folder !!
cd ~/data_easyrsa
root-ca:
# init pki (need "soft" to write in mounted volume subpath "/easyrsa/root-ca" instead "/easyrsa/pki")
docker run --rm --name easy-rsa -e EASYRSA_PKI="/easyrsa/root-ca" -v ${PWD}/root-ca/:/easyrsa/root-ca:rw -it tobi312/tools:easy-rsa-3.1.7 init-pki soft
# ASK: Confirm removal: yes
# download "vars"-File
curl -sL https://github.com/OpenVPN/easy-rsa/raw/master/easyrsa3/vars.example -o ${PWD}/root-ca/vars
# now EDIT "vars"-File in ./root-ca
# and then build ca:
docker run --rm --name easy-rsa -e EASYRSA_PKI="/easyrsa/root-ca" -v ${PWD}/root-ca/:/easyrsa/root-ca:rw -it tobi312/tools:easy-rsa-3.1.7 build-ca
# ASK: Enter New CA Key Passphrase:
# ASK: Common Name (eg: your user, host, or server name) [Easy-RSA CA]: My Organization CA
# check/show content of root-ca "ca.crt" file
openssl x509 -noout -text -in ${PWD}/root-ca/ca.crt
intermediate-ca = subca:
# init pki (need "soft" to write in mounted volume subpath "/easyrsa/intermediate-ca" instead "/easyrsa/pki")
docker run --rm --name easy-rsa -e EASYRSA_PKI="/easyrsa/intermediate-ca" -v ${PWD}/intermediate-ca/:/easyrsa/intermediate-ca:rw -it tobi312/tools:easy-rsa-3.1.7 init-pki soft
# ASK: Confirm removal: yes
# download "vars"-File
curl -sL https://github.com/OpenVPN/easy-rsa/raw/master/easyrsa3/vars.example -o ${PWD}/intermediate-ca/vars
# now EDIT "vars"-File in ./intermediate-ca
# and then build subca:
docker run --rm --name easy-rsa -e EASYRSA_PKI="/easyrsa/intermediate-ca" -v ${PWD}/intermediate-ca/:/easyrsa/intermediate-ca:rw -it tobi312/tools:easy-rsa-3.1.7 build-ca subca
# ASK: Enter New CA Key Passphrase:
# ASK: Common Name (eg: your user, host, or server name) [Easy-RSA CA]: My Organization Sub-CA
# import subca in ca (Note: switch to root-ca):
docker run --rm --name easy-rsa -e EASYRSA_PKI="/easyrsa/root-ca" -v ${PWD}/root-ca/:/easyrsa/root-ca:rw -v ${PWD}/intermediate-ca/:/easyrsa/intermediate-ca:rw -it tobi312/tools:easy-rsa-3.1.7 import-req /easyrsa/intermediate-ca/reqs/ca.req intermediate-ca
# sign subca with ca (Note: switch to root-ca)
docker run --rm --name easy-rsa -e EASYRSA_PKI="/easyrsa/root-ca" -v ${PWD}/root-ca/:/easyrsa/root-ca:rw -it tobi312/tools:easy-rsa-3.1.7 sign-req ca intermediate-ca
# ASK: Confirm request details: yes
# ASK: Enter pass phrase for /easyrsa/root-ca/private/ca.key:
# copy sign subca from root-ca to intermediate-ca folder
docker run --rm --name easy-rsa --entrypoint="" -v ${PWD}/root-ca/:/easyrsa/root-ca:rw -v ${PWD}/intermediate-ca/:/easyrsa/intermediate-ca:rw -it tobi312/tools:easy-rsa-3.1.7 cp /easyrsa/root-ca/issued/intermediate-ca.crt /easyrsa/intermediate-ca/ca.crt
# or
cp ${PWD}/root-ca/issued/intermediate-ca.crt ${PWD}/intermediate-ca/ca.crt
# verify subca from ca
openssl verify -verbose -CAfile ${PWD}/root-ca/ca.crt ${PWD}/intermediate-ca/ca.crt
# check/show content of intermediate-ca "ca.crt" file
openssl x509 -noout -text -in ${PWD}/intermediate-ca/ca.crt
# copy subca and ca in one file called fullca.crt
cat ${PWD}/intermediate-ca/ca.crt ${PWD}/root-ca/ca.crt > ${PWD}/fullca.crt
Server Cert ... for Domain example.com:
# create server cert request
docker run --rm --name easy-rsa -e EASYRSA_PKI="/easyrsa/intermediate-ca" -v ${PWD}/intermediate-ca/:/easyrsa/intermediate-ca:rw -it tobi312/tools:easy-rsa-3.1.7 --subject-alt-name="DNS:example.com,DNS:*.example.com,IP:192.168.1.100" gen-req example-com nopass
# ASK: Common Name (eg: your user, host, or server name) [example-com]:example.com
# sign server cert
docker run --rm --name easy-rsa -e EASYRSA_PKI="/easyrsa/intermediate-ca" -v ${PWD}/intermediate-ca/:/easyrsa/intermediate-ca:rw -it tobi312/tools:easy-rsa-3.1.7 sign-req server example-com
# ASK: Confirm request details: yes
# ASK: Enter pass phrase for /easyrsa/intermediate-ca/private/ca.key:
# verify cert from subca and ca
openssl verify -verbose -CAfile ${PWD}/fullca.crt ${PWD}/intermediate-ca/issued/example-com.crt
# check/show content of cert file
openssl x509 -noout -text -in ${PWD}/intermediate-ca/issued/example-com.crt
# repeat this steps for other domains
Notes ...: (click)
- instead
-e EASYRSA_PKI="/easyrsa/root-ca"
you can use in command--pki-dir=/easyrsa/root-ca
- Backup: execute
tar cvpzf backup_easyrsa_$(date '+%Y%m%d-%H%M').tar.gz .
indata_easyrsa
-Folder! docker run --rm --name easy-rsa --entrypoint="" -it tobi312/tools:easy-rsa-3.1.7 bash
- linux: copy ca-certs into
/usr/local/share/ca-certificates/
and executedpkg-reconfigure -f noninteractive ca-certificates
- crlDistributionPoints: OpenVPN/easy-rsa#71 & OpenVPN/easy-rsa#472 & OpenVPN/easy-rsa#15 & "/usr/share/easy-rsa/x509-types/COMMON
- more help: OpenVPN/easy-rsa#190 (comment) & https://documentation.abas.cloud/en/abas-installer/Zertifikate_en/index.html