Tools collection
All Images are Multiarch (AMD64, ARM64 and ARM) builds and in the following Container Registries:
Tools/Tags:
adminerautosshazcopyc-mqtt-forwarderdnsmasqeasy-rsafiglethtpasswdirc-exporterkeepalivedkiwiircmqtt-boardmqtt-clientmqtt-forwarderpostgres-exporterprometheus-mosquitto-exporterprometheus-mqtt-transportsquid- ToolBox:
- Deprecated:
FIGlet is a computer program that generates text banners.
This Docker Image is based on latest AlpineLinux, see Dockerfile for more details.
docker run --rm --name figlet -it tobi312/tools:figlet 'Hello :D'Output:
_ _ _ _ ____
| | | | ___| | | ___ _| _ \
| |_| |/ _ \ | |/ _ \ (_) | | |
| _ | __/ | | (_) | _| |_| |
|_| |_|\___|_|_|\___/ (_)____/
htpasswd create username password information of a web server.
This Docker Image is based on latest AlpineLinux, see Dockerfile for more details.
docker run --rm -it tobi312/tools:htpasswd -bn username passw0rdOutput:
username:$apr1$Sk1pFYwB$ivgO9asJe4WkalyC7L5TV0
Toolbox with git, wget, curl, nano, netcat and more.
This Docker Image is based on latest AlpineLinux, see Dockerfile and Dockerfile (extended) for more details.
# start
docker run --rm --name toolbox -d tobi312/tools:toolbox
# exec
docker exec -it toolbox sh
# use (example: check port is open)
nc -zv -w 3 <HOST> <PORT>Create file `toolbox.yml` with this content: (click)
version: '2.4'
services:
toolbox:
image: tobi312/tools:toolbox
#image: tobi312/tools:toolbox-extended
container_name: toolbox
restart: unless-stopped
#user: "1000:1000" # format: "${UID}:${GID}"
#entrypoint: [ "/bin/sh", "-c", "--" ]
#command: [ "while true; do sleep 60; done;" ] and then:
# start
docker-compose -f toolbox.yml up -d
# exec (you can use sh or bash)
docker-compose -f toolbox.yml exec toolbox sh
# or
docker exec -it toolbox sh
# use (example: check port is open)
nc -zv -w 3 <HOST> <PORT>Create file `toolbox.yaml` with this content: (click)
apiVersion: v1
kind: Pod
metadata:
name: toolbox
namespace: default
spec:
containers:
- name: toolbox
image: tobi312/tools:toolbox
resources:
requests:
memory: "128Mi"
cpu: "0.1"
limits:
memory: "512Mi"
cpu: "0.5"and then:
# start
kubectl apply -f toolbox.yaml
# exec
kubectl exec -it pod/toolbox -- sh
# use (example: check port is open)
nc -zv -w 3 <HOST> <PORT>Or example for Deployment.
pgAdmin4 is a Open Source graphical management tool for PostgreSQL.
This Docker Image is build from offical GitHub Repo.
For configuration see https://www.pgadmin.org/docs/pgadmin4/latest/container_deployment.html!
Create a file `docker-compose.yml` with this content: (click)
version: "2.4"
services:
pgadmin4:
image: tobi312/pgadmin4:latest
container_name: pgadmin4
volumes:
- ./pgadmin:/var/lib/pgadmin
environment:
- PGADMIN_DEFAULT_EMAIL=admin@email.local
- PGADMIN_DEFAULT_PASSWORD=passw0rd
- PGADMIN_LISTEN_PORT=5050
- SCRIPT_NAME=/pgadmin
# INFO: use PGADMIN_CONFIG_ prefix for any variable name from config.py
- PGADMIN_CONFIG_LOGIN_BANNER='Multiarch pgAdmin4 :-)'
- PGADMIN_CONFIG_CONSOLE_LOG_LEVEL=10
restart: unless-stopped
ports:
- 5050:5050
healthcheck:
test: wget --quiet --tries=1 --spider --no-check-certificate http://localhost:5050/pgadmin/misc/ping || exit 1
start_period: 30s
interval: 60s
timeout: 5s
retries: 5URL: http://HOSTNAME:5050/pgadmin
other Example
Create a file `pgadmin4.yaml` with this content: (click)
apiVersion: v1
kind: ConfigMap
metadata:
name: pgadmin4-env-config
namespace: default
labels:
app: pgadmin4
data:
PGADMIN_LISTEN_PORT: "5050"
SCRIPT_NAME: "/pgadmin"
# INFO: use PGADMIN_CONFIG_ prefix for any variable name from config.py
PGADMIN_CONFIG_LOGIN_BANNER: "\"Multiarch pgAdmin4 :-)\""
PGADMIN_CONFIG_CONSOLE_LOG_LEVEL: "10"
---
# secret - variable in base64: "echo -n 'value' | base64"
apiVersion: v1
kind: Secret
metadata:
name: pgadmin4-env-secret
namespace: default
labels:
app: pgadmin4
data:
PGADMIN_DEFAULT_EMAIL: YWRtaW5AZW1haWwubG9jYWw= # admin@email.local
PGADMIN_DEFAULT_PASSWORD: cGFzc3cwcmQ= # passw0rd
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: pgadmin4
namespace: default
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: pgadmin4
template:
metadata:
labels:
app: pgadmin4
spec:
containers:
- name: pgadmin4
image: tobi312/pgadmin4:latest # dpage/pgadmin4:latest
imagePullPolicy: Always
envFrom:
- configMapRef:
name: pgadmin4-env-config
- secretRef:
name: pgadmin4-env-secret
ports:
- containerPort: 5050
resources:
requests:
memory: "128Mi"
cpu: "0.1"
limits:
memory: "512Mi"
cpu: "0.5"
volumeMounts:
- mountPath: /var/lib/pgadmin
name: pgadmin-data
initContainers:
- name: volume-mount-chmod
image: busybox
command: ["sh", "-c", "mkdir -p /var/lib/pgadmin; chmod 777 /var/lib/pgadmin; exit"]
volumeMounts:
- mountPath: /var/lib/pgadmin
name: pgadmin-data
resources:
requests:
memory: "64Mi"
cpu: "0.1"
limits:
memory: "256Mi"
cpu: "0.5"
restartPolicy: Always
volumes:
- name: pgadmin-data
emptyDir: {}
---
apiVersion: v1
kind: Service
metadata:
name: pgadmin4
namespace: default
spec:
ports:
- name: pgadmin4
protocol: TCP
port: 5050
targetPort: 5050
selector:
app: pgadmin4
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: pgadmin4
namespace: default
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/ssl-redirect: "false"
#cert-manager.io/cluster-issuer: ingress-tls-secret
#cert-manager.io/acme-challenge-type: http01
spec:
#tls:
#- hosts:
# - tools.example.com
# secretName: ingress-tls-secret
rules:
- host: tools.example.com
http:
paths:
- path: /pgadmin
pathType: ImplementationSpecific
backend:
service:
name: pgadmin4
port:
#name: pgadmin4
number: 5050
URL: http://HOSTNAME:5050/pgadmin
dnsmasq is a lightweight dns and dhcp server.
Create file `docker-compose.yml` with this content: (click)
version: "2.4"
services:
dnsmasq:
image: tobi312/tools:dnsmasq
container_name: dnsmasq
restart: unless-stopped
ports:
- 53:53/tcp # DNS
- 53:53/udp # DNS
- 67:67/udp # DHCP Server
#- 68:68/udp # DHCP Client
#- 69:69/udp # TFTP
volumes:
- ./dnsmasq/:/etc/dnsmasq.d/:rw # add your config files in this folder
#network_mode: host
cap_add:
- 'NET_ADMIN'easy-rsa is a CLI utility to build and manage a PKI CA.
- offical Docs
- Dockerfile
# help
docker run --rm --name easy-rsa -it tobi312/tools:easy-rsa-3.1.7 helpExample (1) - root-ca & certs: (click)
# Preparation
mkdir ~/data_easyrsa
# IMPORANT: Execute all Command from this/next Folder !!
cd ~/data_easyrsa
# root-ca
# init pki
docker run --rm --name easy-rsa -v ${PWD}:/easyrsa:rw -it tobi312/tools:easy-rsa-3.1.7 init-pki
# download "vars"-File
curl -sL https://github.com/OpenVPN/easy-rsa/raw/master/easyrsa3/vars.example -o ./pki/vars
# now EDIT "vars"-File in ./pki
# and then build ca:
docker run --rm --name easy-rsa -v ${PWD}:/easyrsa:rw -it tobi312/tools:easy-rsa-3.1.7 build-ca
# Server Cert (repeat this steps for other domains)
# create server cert request
docker run --rm --name easy-rsa -v ${PWD}:/easyrsa:rw -it tobi312/tools:easy-rsa-3.1.7 --subject-alt-name="DNS:example.com,DNS:*.example.com,IP:192.168.1.100" gen-req example-com nopass
# sign server cert
docker run --rm --name easy-rsa -v ${PWD}:/easyrsa:rw -it tobi312/tools:easy-rsa-3.1.7 sign-req server example-com
# check cert
openssl verify -verbose -CAfile ${PWD}/pki/ca.crt ${PWD}/pki/issued/example-com.crt
openssl x509 -noout -text -in ${PWD}/pki/issued/example-com.crtExample (2) - root-ca, intermediate-ca & certs: (click)
Preparation:
mkdir ~/data_easyrsa
# IMPORANT: Execute all Command from this/next Folder !!
cd ~/data_easyrsaroot-ca:
# init pki (need "soft" to write in mounted volume subpath "/easyrsa/root-ca" instead "/easyrsa/pki")
docker run --rm --name easy-rsa -e EASYRSA_PKI="/easyrsa/root-ca" -v ${PWD}/root-ca/:/easyrsa/root-ca:rw -it tobi312/tools:easy-rsa-3.1.7 init-pki soft
# ASK: Confirm removal: yes
# download "vars"-File
curl -sL https://github.com/OpenVPN/easy-rsa/raw/master/easyrsa3/vars.example -o ${PWD}/root-ca/vars
# now EDIT "vars"-File in ./root-ca
# and then build ca:
docker run --rm --name easy-rsa -e EASYRSA_PKI="/easyrsa/root-ca" -v ${PWD}/root-ca/:/easyrsa/root-ca:rw -it tobi312/tools:easy-rsa-3.1.7 build-ca
# ASK: Enter New CA Key Passphrase:
# ASK: Common Name (eg: your user, host, or server name) [Easy-RSA CA]: My Organization CA
# check/show content of root-ca "ca.crt" file
openssl x509 -noout -text -in ${PWD}/root-ca/ca.crtintermediate-ca = subca:
# init pki (need "soft" to write in mounted volume subpath "/easyrsa/intermediate-ca" instead "/easyrsa/pki")
docker run --rm --name easy-rsa -e EASYRSA_PKI="/easyrsa/intermediate-ca" -v ${PWD}/intermediate-ca/:/easyrsa/intermediate-ca:rw -it tobi312/tools:easy-rsa-3.1.7 init-pki soft
# ASK: Confirm removal: yes
# download "vars"-File
curl -sL https://github.com/OpenVPN/easy-rsa/raw/master/easyrsa3/vars.example -o ${PWD}/intermediate-ca/vars
# now EDIT "vars"-File in ./intermediate-ca
# and then build subca:
docker run --rm --name easy-rsa -e EASYRSA_PKI="/easyrsa/intermediate-ca" -v ${PWD}/intermediate-ca/:/easyrsa/intermediate-ca:rw -it tobi312/tools:easy-rsa-3.1.7 build-ca subca
# ASK: Enter New CA Key Passphrase:
# ASK: Common Name (eg: your user, host, or server name) [Easy-RSA CA]: My Organization Sub-CA
# import subca in ca (Note: switch to root-ca):
docker run --rm --name easy-rsa -e EASYRSA_PKI="/easyrsa/root-ca" -v ${PWD}/root-ca/:/easyrsa/root-ca:rw -v ${PWD}/intermediate-ca/:/easyrsa/intermediate-ca:rw -it tobi312/tools:easy-rsa-3.1.7 import-req /easyrsa/intermediate-ca/reqs/ca.req intermediate-ca
# sign subca with ca (Note: switch to root-ca)
docker run --rm --name easy-rsa -e EASYRSA_PKI="/easyrsa/root-ca" -v ${PWD}/root-ca/:/easyrsa/root-ca:rw -it tobi312/tools:easy-rsa-3.1.7 sign-req ca intermediate-ca
# ASK: Confirm request details: yes
# ASK: Enter pass phrase for /easyrsa/root-ca/private/ca.key:
# copy sign subca from root-ca to intermediate-ca folder
docker run --rm --name easy-rsa --entrypoint="" -v ${PWD}/root-ca/:/easyrsa/root-ca:rw -v ${PWD}/intermediate-ca/:/easyrsa/intermediate-ca:rw -it tobi312/tools:easy-rsa-3.1.7 cp /easyrsa/root-ca/issued/intermediate-ca.crt /easyrsa/intermediate-ca/ca.crt
# or
cp ${PWD}/root-ca/issued/intermediate-ca.crt ${PWD}/intermediate-ca/ca.crt
# verify subca from ca
openssl verify -verbose -CAfile ${PWD}/root-ca/ca.crt ${PWD}/intermediate-ca/ca.crt
# check/show content of intermediate-ca "ca.crt" file
openssl x509 -noout -text -in ${PWD}/intermediate-ca/ca.crt
# copy subca and ca in one file called fullca.crt
cat ${PWD}/intermediate-ca/ca.crt ${PWD}/root-ca/ca.crt > ${PWD}/fullca.crtServer Cert ... for Domain example.com:
# create server cert request
docker run --rm --name easy-rsa -e EASYRSA_PKI="/easyrsa/intermediate-ca" -v ${PWD}/intermediate-ca/:/easyrsa/intermediate-ca:rw -it tobi312/tools:easy-rsa-3.1.7 --subject-alt-name="DNS:example.com,DNS:*.example.com,IP:192.168.1.100" gen-req example-com nopass
# ASK: Common Name (eg: your user, host, or server name) [example-com]:example.com
# sign server cert
docker run --rm --name easy-rsa -e EASYRSA_PKI="/easyrsa/intermediate-ca" -v ${PWD}/intermediate-ca/:/easyrsa/intermediate-ca:rw -it tobi312/tools:easy-rsa-3.1.7 sign-req server example-com
# ASK: Confirm request details: yes
# ASK: Enter pass phrase for /easyrsa/intermediate-ca/private/ca.key:
# verify cert from subca and ca
openssl verify -verbose -CAfile ${PWD}/fullca.crt ${PWD}/intermediate-ca/issued/example-com.crt
# check/show content of cert file
openssl x509 -noout -text -in ${PWD}/intermediate-ca/issued/example-com.crt
# repeat this steps for other domainsNotes ...: (click)
- instead
-e EASYRSA_PKI="/easyrsa/root-ca"you can use in command--pki-dir=/easyrsa/root-ca - Backup: execute
tar cvpzf backup_easyrsa_$(date '+%Y%m%d-%H%M').tar.gz .indata_easyrsa-Folder! docker run --rm --name easy-rsa --entrypoint="" -it tobi312/tools:easy-rsa-3.1.7 bash- linux: copy ca-certs into
/usr/local/share/ca-certificates/and executedpkg-reconfigure -f noninteractive ca-certificates - crlDistributionPoints: OpenVPN/easy-rsa#71 & OpenVPN/easy-rsa#472 & OpenVPN/easy-rsa#15 & "/usr/share/easy-rsa/x509-types/COMMON
- more help: OpenVPN/easy-rsa#190 (comment) & https://documentation.abas.cloud/en/abas-installer/Zertifikate_en/index.html