immenser Pirat

zurück

1 docker

  • run basics
docker run -it fedora /bin/bash
docker run fedora /usr/bin/ls /var/www
docker cp fedora /etc/httpd/conf/httpd.conf .
docker run -d -p 80:80 -v /root/docker/fedora/html:/var/www/html fedora
docker exec -it <container_id> /bin/bash
docker build -t hello-world .

1.1 openvpn

  • Dockerfile
FROM fedora:29
RUN dnf -y update \
 && dnf -y install openvpn easy-rsa \
 && dnf clean all
COPY server.conf /etc/openvpn/server/server.conf
COPY init.bsh /root/init.bsh
COPY server.conf /root/server.conf
CMD ["openvpn", "/etc/openvpn/server/server.conf"]
  • init.bsh
#!/bin/bash -e                                                                                                                                                                                                     
set -e
cp -ai /usr/share/easy-rsa/3/* ~/easyrsa/
cd ~/easyrsa
./easyrsa init-pki
./easyrsa --batch build-ca nopass
./easyrsa --batch build-server-full server nopass
./easyrsa gen-dh
cp pki/ca.crt /etc/openvpn/server/ca.crt
cp pki/private/server.key /etc/openvpn/server/server.key
cp pki/issued/server.crt /etc/openvpn/server/server.crt
cp pki/dh.pem /etc/openvpn/server/dh.pem
  • docker exec -it $container bash
./easyrsa --batch build-client-full client1 nopass                                                                                                                                                                
./easyrsa --batch export-p12 client1
  • on docker-host in /tmp
docker cp $container:/root/easyrsa/pki/private/client1.p12 /tmp/client1.p12                                                                                                                                       
openssl pkcs12 -nocerts -in client1.p12 -out client1.key                                                                                                                                                          
openssl pkcs12 -nokeys -clcerts -in client1.p12 -out client1.crt                                                                                                                                                  
openssl pkcs12 -nokeys -cacerts -in client1.p12 -out ca.crt

1.2 privoxy

  • Dockerfile
FROM fedora:29
RUN dnf -y update \
 && dnf -y install privoxy \
 && sed -ie 's/listen-address  127.0.0.1:8118/listen-address  :8118/' /etc/privoxy/config \
 && sed -ie 's/keep-alive-timeout 5/keep-alive-timeout 300/' /etc/privoxy/config
CMD ["privoxy", "--no-daemon", "/etc/privoxy/config"]
  • docker-compose.yml
version: '2.0'
services:
  privoxy:
    build: .
    image: privoxy:latest
    restart: always
    ports:
     - "8118:8118"

1.3 inadyn-mt

  • Dockerfile
FROM fedora
RUN dnf -y install inadyn-mt
ADD inadyn-mt.conf /etc/inadyn-mt.conf
CMD /usr/sbin/inadyn

1.4 gitolite

  • Dockerfile
FROM fedora:27
RUN dnf -y install gitolite3 openssh-server hostname findutils glibc-locale-source
RUN localedef -v -c -i de_DE -f UTF-8 de_DE.UTF-8 || true
RUN ssh-keygen -A
RUN useradd git
ADD admin.pub /tmp/admin.pub
USER git
ENV USER=git
RUN gitolite setup -pk /tmp/admin.pub
USER root
EXPOSE 22/tcp
CMD ["/usr/sbin/sshd", "-D"]
  • docker-compose.yml
version: '2.0'
services:
  git:
    build: .
    image: gitolite:latest
    ports:
    - "7999:22"
    volumes:
      - ./gitolite:/home/git
  • list repositories
ssh git@ip -p 7999 info

1.5 murmur

  • Dockerfile
FROM fedora:29
RUN dnf -y install murmur
RUN sed -ie 's/#autoban/autoban/' /etc/murmur/murmur.ini
RUN sed -ie 's/welcometext=.*/welcometext="You made it!"/' /etc/murmur/murmur.ini
RUN sed -ie 's/serverpassword=.*/serverpassword=complicated/' /etc/murmur/murmur.ini
RUN sed -ie 's/#registerName=.*/registerName=myOwnMurmur/' /etc/murmur/murmur.ini
ADD murmur.sqlite /var/lib/mumble-server/murmur.sqlite
RUN chown mumble-server:mumble-server /var/lib/mumble-server/murmur.sqlite
CMD murmurd -fg -ini /etc/murmur/murmur.ini
  • docker-compose
version: '2.0'
services:
  murmur:
      build: .
      image: murmur:latest
      restart: always
      ports:
        - "64738:64738"
      volumes:
        - ./murmur:/var/lib/mumble-server

1.6 nextcloud

  • Dockerfile
FROM fedora:29
RUN dnf -y update \
 && dnf -y install httpd mod_ssl \
 && dnf clean all
COPY server.crt /etc/pki/tls/certs/localhost.crt
COPY server.key /etc/pki/tls/private/localhost.key
COPY https.conf /etc/httpd/conf.d/https.conf
CMD ["httpd", "-DFOREGROUND"]
  • https.conf
ServerName nextcloud
<VirtualHost *:443>
  SSLEngine on
  SSLCertificateFile /etc/pki/tls/certs/localhost.crt
  SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
  ProxyPass        /  http://nextcloud:80/
  ProxyPassReverse /  http://nextcloud:80/
</VirtualHost>
  • docker-compose.yml
version: '3.3'
services:
  https:
    build: .
    image: httpsnextcloud:latest
    restart: always
    ports:
     - "443:443"
    networks:
     - net
  nextcloud:
    image: nextcloud:14
    restart: always
    volumes:
     - ./nextcloud:/var/www/html
     - ./extern:/opt/extern:ro
    networks:
     - net
  postgres:
    image: postgres:11.0
    restart: always
    environment:
     - POSTGRES_PASSWORD:complicated
    volumes:
     - ./nextcloud_pgdata:/var/lib/postgresql/data
    networks:
     - net
networks:
  net:

1.7 ttrss

  • Dockerfile
FROM fedora:29
RUN dnf -y update \
 && dnf -y install httpd mod_ssl \
 && dnf clean all
COPY server.crt /etc/pki/tls/certs/localhost.crt
COPY server.key /etc/pki/tls/private/localhost.key
COPY https.conf /etc/httpd/conf.d/https.conf
CMD ["httpd", "-DFOREGROUND"]
  • https.conf
ServerName ttrss
<VirtualHost *:443>
  SSLEngine on
  SSLCertificateFile /etc/pki/tls/certs/localhost.crt
  SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
  ProxyPass        /  http://ttrss:80/
  ProxyPassReverse /  http://ttrss:80/
</VirtualHost>
  • docker-compose.yml
version: '3.3'
services:
  https:
    build: .
    image: httpstinyrss:0.5
    restart: always
    ports:
     - "443:443"
    networks:
     - net
  ttrss:
    image: linuxserver/tt-rss
    restart: always
    volumes:
     - /etc/localtime:/etc/localtime:ro
     - ./ttrss:/config
    networks:
     - net
  postgres:
    image: postgres:11.0
    restart: always
    environment:
     - POSTGRES_PASSWORD:complicated
    volumes:
     - ./ttrss_pgdata:/var/lib/postgresql/data
    networks:
     - net
networks:
  net:

1.8 onedrive

  • Dockerfile
FROM fedora:29
RUN dnf -y update \
 && dnf -y install onedrive \
 && dnf clean all
RUN useradd onedrive
USER onedrive
CMD ["/usr/bin/onedrive", "--monitor", "--resync"]
  • once: token-building
docker run -it \
  -v ./onedrive:/home/onedrive/OneDrive \
  -v ./onedrive_cfg:/home/onedrive/.config/onedrive \
  onedrive:latest
  • docker-compose.yml
version: '3.3'
services:
  onedrive:
    build: .
    image: onedrive:latest
    restart: always
    volumes:
     - ./onedrive:/home/onedrive/OneDrive
     - ./onedrive_cfg:/home/onedrive/.config/onedrive