mirror of
https://codeberg.org/hyperreal/containerfiles
synced 2024-11-01 08:33:08 +01:00
Add ansible, htop, httpie, nmap, wireshark
This commit is contained in:
Jeffrey Serio
parent
1e67f0970b
commit
7c1e4e8e88
@ -1,2 +1,5 @@
|
||||
# containerfiles
|
||||
Containerfiles for Podman images
|
||||
|
||||
These are Containerfiles I use with Podman on libostree-based Fedora distributions. Inspired by [jessfraz/dockerfiles](https://github.com/jessfraz/dockerfiles), but not nearly as bountiful, because these are intended to be used on an immutable ostree host where it is not feasible to run inside a toolbox container. I will eventually convert these to [podenv](https://github.com/podenv/podenv) configuration files, but, for want of more comprehensive documentation, it will take time to decode how Podenv configuration (and Podenv itself) works.
|
||||
|
||||
Feel free to clone this repo and adapt these to your needs!
|
||||
|
||||
27
ansible/Containerfile
Normal file
27
ansible/Containerfile
Normal file
@ -0,0 +1,27 @@
|
||||
# https://www.ansible.com/
|
||||
#
|
||||
# Note: SELinux requires the :Z attribute set on volumes in Podman/Docker.
|
||||
#
|
||||
# podman run --rm \
|
||||
# -it \
|
||||
# -v ${PWD}/hosts:/etc/ansible/hosts:Z \
|
||||
# -v ${PWD}/ansible.cfg:/etc/ansible/ansible.cfg:Z \
|
||||
# -v ${HOME}/.ssh:/root/.ssh:Z \
|
||||
# ansible all -m ping
|
||||
#
|
||||
FROM python:3-alpine
|
||||
LABEL maintainer "Jeffrey Serio <hyperreal@unixcat.coffee>"
|
||||
|
||||
RUN builddeps=' \
|
||||
musl-dev \
|
||||
openssl-dev \
|
||||
libffi-dev \
|
||||
gcc \
|
||||
' \
|
||||
&& apk --no-cache add \
|
||||
ca-certificates \
|
||||
$builddeps \
|
||||
&& pip install ansible \
|
||||
&& apk del --purge $builddeps
|
||||
|
||||
ENTRYPOINT [ "ansible" ]
|
||||
12
htop/Containerfile
Normal file
12
htop/Containerfile
Normal file
@ -0,0 +1,12 @@
|
||||
# htop in podman container
|
||||
#
|
||||
# podman run --rm -it \
|
||||
# --pid host
|
||||
# htop
|
||||
#
|
||||
FROM alpine:latest
|
||||
LABEL maintainer "Jeffrey Serio <hyperreal@unixcat.coffee>"
|
||||
|
||||
RUN apk --no-cache add htop
|
||||
|
||||
CMD [ "htop" ]
|
||||
33
httpie/Containerfile
Normal file
33
httpie/Containerfile
Normal file
@ -0,0 +1,33 @@
|
||||
# httpie podman container
|
||||
#
|
||||
# Note: SELinux requires the :Z attribute set on volumes in Podman/Docker
|
||||
#
|
||||
# To download a file to the PWD:
|
||||
# podman run \
|
||||
# --rm \
|
||||
# -it \
|
||||
# -v ${PWD}:/downloads:Z \
|
||||
# httpie -d <url>
|
||||
#
|
||||
# To see a webpage:
|
||||
# podman run \
|
||||
# --rm \
|
||||
# -it \
|
||||
# httpie <url>
|
||||
#
|
||||
FROM alpine:latest
|
||||
LABEL maintainer "Jeffrey Serio <hyperreal@unixcat.coffee>"
|
||||
|
||||
RUN apk --no-cache add \
|
||||
ca-certificates \
|
||||
gcc \
|
||||
musl-dev \
|
||||
python3 \
|
||||
python3-dev \
|
||||
py3-pip \
|
||||
&& pip install httpie httpie-unixsocket
|
||||
|
||||
RUN mkdir /downloads
|
||||
WORKDIR /downloads
|
||||
|
||||
ENTRYPOINT [ "http" ]
|
||||
26
nmap/Containerfile
Normal file
26
nmap/Containerfile
Normal file
@ -0,0 +1,26 @@
|
||||
# nmap podman container image
|
||||
#
|
||||
# Requires rootful podman to access net interfaces
|
||||
#
|
||||
# Note: SELinux requires the :Z attribute set when using volumes in Podman/Docker.
|
||||
#
|
||||
# sudo podman run -it --rm \
|
||||
# --cap-add=NET_RAW \
|
||||
# --cap-add=NET_ADMIN \
|
||||
# --network host \
|
||||
# -v $(pwd):/output:Z \
|
||||
# --name nmap \
|
||||
# nmap <nmap args>
|
||||
|
||||
FROM fedora:latest
|
||||
LABEL maintainer "Jeffrey Serio <hyperreal@unixcat.coffee>"
|
||||
|
||||
RUN printf "fastestmirror=True\ndeltarpm=True\n" | tee -a /etc/dnf/dnf.conf \
|
||||
&& dnf install -y nmap nmap-ncat \
|
||||
&& dnf clean all \
|
||||
&& mkdir /output
|
||||
|
||||
WORKDIR /output
|
||||
|
||||
|
||||
ENTRYPOINT [ "nmap" ]
|
||||
43
wireshark/Containerfile
Normal file
43
wireshark/Containerfile
Normal file
@ -0,0 +1,43 @@
|
||||
# Run Wireshark in podman container
|
||||
#
|
||||
# Requires rootful podman to access host network.
|
||||
#
|
||||
# podman run \
|
||||
# --secuirity-opt label=disable \
|
||||
# --net=host \
|
||||
# --cap-add=NET_RAW \
|
||||
# --cap-add=NET_ADMIN \
|
||||
# -e PUID=1000 \
|
||||
# -e PGID=1000 \
|
||||
# -e TZ=America/Chicago \
|
||||
# -e DISPLAY=:0 \
|
||||
# -e XDG_RUNTIME_DIR=/run/user \
|
||||
# -e XDG_SESSION_TYPE=wayland \
|
||||
# -e GDK_BACKEND=wayland \
|
||||
# -e QT_QPA_PLATFORM=wayland \
|
||||
# -e WAYLAND_DISPLAY=wayland-0 \
|
||||
# --mount type=tmpfs,destination=/run/user \
|
||||
# -v /run/user/1000/wayland-0:/run/user/wayland-0 \
|
||||
# -v /tmp/.X11-unix:/tmp/.X11-unix \
|
||||
# --name wireshark \
|
||||
# wireshark
|
||||
#
|
||||
FROM fedora:latest
|
||||
LABEL maintainer "Jeffrey Serio <hyperreal@unixcat.coffee>"
|
||||
|
||||
RUN printf "fastestmirror=True\ndeltarpm=True\n" | tee -a /etc/dnf/dnf.conf
|
||||
RUN dnf install -y wireshark qt5-qtwayland \
|
||||
&& dnf clean all
|
||||
|
||||
ENV HOME /home/wireshark
|
||||
RUN useradd --create-home -g wireshark --home-dir $HOME wireshark \
|
||||
&& chown -R wireshark:wireshark $HOME
|
||||
|
||||
RUN chown root:wireshark /usr/bin/dumpcap \
|
||||
&& setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/dumpcap
|
||||
|
||||
USER wireshark
|
||||
|
||||
WORKDIR /home/wireshark
|
||||
|
||||
ENTRYPOINT [ "wireshark" ]
|
||||
Loading…
Reference in New Issue
Block a user