mirror of
https://codeberg.org/hyperreal/containerfiles
synced 2024-11-01 16:43:10 +01:00
Add ansible, htop, httpie, nmap, wireshark
This commit is contained in:
parent
1e67f0970b
commit
7c1e4e8e88
@ -1,2 +1,5 @@
|
|||||||
# containerfiles
|
# containerfiles
|
||||||
Containerfiles for Podman images
|
|
||||||
|
These are Containerfiles I use with Podman on libostree-based Fedora distributions. Inspired by [jessfraz/dockerfiles](https://github.com/jessfraz/dockerfiles), but not nearly as bountiful, because these are intended to be used on an immutable ostree host where it is not feasible to run inside a toolbox container. I will eventually convert these to [podenv](https://github.com/podenv/podenv) configuration files, but, for want of more comprehensive documentation, it will take time to decode how Podenv configuration (and Podenv itself) works.
|
||||||
|
|
||||||
|
Feel free to clone this repo and adapt these to your needs!
|
||||||
|
27
ansible/Containerfile
Normal file
27
ansible/Containerfile
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
# https://www.ansible.com/
|
||||||
|
#
|
||||||
|
# Note: SELinux requires the :Z attribute set on volumes in Podman/Docker.
|
||||||
|
#
|
||||||
|
# podman run --rm \
|
||||||
|
# -it \
|
||||||
|
# -v ${PWD}/hosts:/etc/ansible/hosts:Z \
|
||||||
|
# -v ${PWD}/ansible.cfg:/etc/ansible/ansible.cfg:Z \
|
||||||
|
# -v ${HOME}/.ssh:/root/.ssh:Z \
|
||||||
|
# ansible all -m ping
|
||||||
|
#
|
||||||
|
FROM python:3-alpine
|
||||||
|
LABEL maintainer "Jeffrey Serio <hyperreal@unixcat.coffee>"
|
||||||
|
|
||||||
|
RUN builddeps=' \
|
||||||
|
musl-dev \
|
||||||
|
openssl-dev \
|
||||||
|
libffi-dev \
|
||||||
|
gcc \
|
||||||
|
' \
|
||||||
|
&& apk --no-cache add \
|
||||||
|
ca-certificates \
|
||||||
|
$builddeps \
|
||||||
|
&& pip install ansible \
|
||||||
|
&& apk del --purge $builddeps
|
||||||
|
|
||||||
|
ENTRYPOINT [ "ansible" ]
|
12
htop/Containerfile
Normal file
12
htop/Containerfile
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
# htop in podman container
|
||||||
|
#
|
||||||
|
# podman run --rm -it \
|
||||||
|
# --pid host
|
||||||
|
# htop
|
||||||
|
#
|
||||||
|
FROM alpine:latest
|
||||||
|
LABEL maintainer "Jeffrey Serio <hyperreal@unixcat.coffee>"
|
||||||
|
|
||||||
|
RUN apk --no-cache add htop
|
||||||
|
|
||||||
|
CMD [ "htop" ]
|
33
httpie/Containerfile
Normal file
33
httpie/Containerfile
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
# httpie podman container
|
||||||
|
#
|
||||||
|
# Note: SELinux requires the :Z attribute set on volumes in Podman/Docker
|
||||||
|
#
|
||||||
|
# To download a file to the PWD:
|
||||||
|
# podman run \
|
||||||
|
# --rm \
|
||||||
|
# -it \
|
||||||
|
# -v ${PWD}:/downloads:Z \
|
||||||
|
# httpie -d <url>
|
||||||
|
#
|
||||||
|
# To see a webpage:
|
||||||
|
# podman run \
|
||||||
|
# --rm \
|
||||||
|
# -it \
|
||||||
|
# httpie <url>
|
||||||
|
#
|
||||||
|
FROM alpine:latest
|
||||||
|
LABEL maintainer "Jeffrey Serio <hyperreal@unixcat.coffee>"
|
||||||
|
|
||||||
|
RUN apk --no-cache add \
|
||||||
|
ca-certificates \
|
||||||
|
gcc \
|
||||||
|
musl-dev \
|
||||||
|
python3 \
|
||||||
|
python3-dev \
|
||||||
|
py3-pip \
|
||||||
|
&& pip install httpie httpie-unixsocket
|
||||||
|
|
||||||
|
RUN mkdir /downloads
|
||||||
|
WORKDIR /downloads
|
||||||
|
|
||||||
|
ENTRYPOINT [ "http" ]
|
26
nmap/Containerfile
Normal file
26
nmap/Containerfile
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
# nmap podman container image
|
||||||
|
#
|
||||||
|
# Requires rootful podman to access net interfaces
|
||||||
|
#
|
||||||
|
# Note: SELinux requires the :Z attribute set when using volumes in Podman/Docker.
|
||||||
|
#
|
||||||
|
# sudo podman run -it --rm \
|
||||||
|
# --cap-add=NET_RAW \
|
||||||
|
# --cap-add=NET_ADMIN \
|
||||||
|
# --network host \
|
||||||
|
# -v $(pwd):/output:Z \
|
||||||
|
# --name nmap \
|
||||||
|
# nmap <nmap args>
|
||||||
|
|
||||||
|
FROM fedora:latest
|
||||||
|
LABEL maintainer "Jeffrey Serio <hyperreal@unixcat.coffee>"
|
||||||
|
|
||||||
|
RUN printf "fastestmirror=True\ndeltarpm=True\n" | tee -a /etc/dnf/dnf.conf \
|
||||||
|
&& dnf install -y nmap nmap-ncat \
|
||||||
|
&& dnf clean all \
|
||||||
|
&& mkdir /output
|
||||||
|
|
||||||
|
WORKDIR /output
|
||||||
|
|
||||||
|
|
||||||
|
ENTRYPOINT [ "nmap" ]
|
43
wireshark/Containerfile
Normal file
43
wireshark/Containerfile
Normal file
@ -0,0 +1,43 @@
|
|||||||
|
# Run Wireshark in podman container
|
||||||
|
#
|
||||||
|
# Requires rootful podman to access host network.
|
||||||
|
#
|
||||||
|
# podman run \
|
||||||
|
# --secuirity-opt label=disable \
|
||||||
|
# --net=host \
|
||||||
|
# --cap-add=NET_RAW \
|
||||||
|
# --cap-add=NET_ADMIN \
|
||||||
|
# -e PUID=1000 \
|
||||||
|
# -e PGID=1000 \
|
||||||
|
# -e TZ=America/Chicago \
|
||||||
|
# -e DISPLAY=:0 \
|
||||||
|
# -e XDG_RUNTIME_DIR=/run/user \
|
||||||
|
# -e XDG_SESSION_TYPE=wayland \
|
||||||
|
# -e GDK_BACKEND=wayland \
|
||||||
|
# -e QT_QPA_PLATFORM=wayland \
|
||||||
|
# -e WAYLAND_DISPLAY=wayland-0 \
|
||||||
|
# --mount type=tmpfs,destination=/run/user \
|
||||||
|
# -v /run/user/1000/wayland-0:/run/user/wayland-0 \
|
||||||
|
# -v /tmp/.X11-unix:/tmp/.X11-unix \
|
||||||
|
# --name wireshark \
|
||||||
|
# wireshark
|
||||||
|
#
|
||||||
|
FROM fedora:latest
|
||||||
|
LABEL maintainer "Jeffrey Serio <hyperreal@unixcat.coffee>"
|
||||||
|
|
||||||
|
RUN printf "fastestmirror=True\ndeltarpm=True\n" | tee -a /etc/dnf/dnf.conf
|
||||||
|
RUN dnf install -y wireshark qt5-qtwayland \
|
||||||
|
&& dnf clean all
|
||||||
|
|
||||||
|
ENV HOME /home/wireshark
|
||||||
|
RUN useradd --create-home -g wireshark --home-dir $HOME wireshark \
|
||||||
|
&& chown -R wireshark:wireshark $HOME
|
||||||
|
|
||||||
|
RUN chown root:wireshark /usr/bin/dumpcap \
|
||||||
|
&& setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/dumpcap
|
||||||
|
|
||||||
|
USER wireshark
|
||||||
|
|
||||||
|
WORKDIR /home/wireshark
|
||||||
|
|
||||||
|
ENTRYPOINT [ "wireshark" ]
|
Loading…
Reference in New Issue
Block a user