├── game
    ├── minecraft
    │   ├── .dockerignore
    │   ├── README.md
    │   ├── scripts
    │   │   └── run-mc
    │   └── Dockerfile
    └── dst_server
    │   ├── bin
    │       └── run-dst
    │   ├── README.md
    │   └── Dockerfile
├── .gitignore
├── network
    ├── syncthing
    │   ├── Dockerfile
    │   └── cont-init.d
    │   │   └── configure
    ├── udp2raw
    │   ├── entrypoint.sh
    │   └── Dockerfile
    ├── tinc
    │   ├── entrypoint.sh
    │   └── Dockerfile
    ├── shadowvpn
    │   ├── entrypoint.sh
    │   ├── README.md
    │   └── Dockerfile
    ├── zerotier
    │   ├── entrypoint.sh
    │   └── Dockerfile
    ├── whois3
    │   ├── README.md
    │   └── Dockerfile
    ├── gost
    │   ├── README.md
    │   └── Dockerfile
    ├── shadowsocks
    │   ├── entrypoint.sh
    │   └── Dockerfile
    ├── kcptun
    │   ├── README.md
    │   └── Dockerfile
    ├── openvpn
    │   ├── README.md
    │   ├── entrypoint.sh
    │   └── Dockerfile
    ├── dnsforwarder
    │   ├── README.md
    │   └── Dockerfile
    ├── frp
    │   ├── entrypoint.sh
    │   └── Dockerfile
    ├── chinadns
    │   ├── run-dns.sh
    │   └── Dockerfile
    ├── ocserv
    │   ├── Dockerfile
    │   └── entrypoint.sh
    └── jobs.yml
├── .gitlab-ci.yml
├── devel
    ├── docker
    │   ├── README.md
    │   └── Dockerfile
    ├── jobs.yml
    └── s3fs
    │   ├── Dockerfile
    │   ├── README.md
    │   └── entrypoint.sh
├── misc
    ├── toolkit
    │   ├── README.md
    │   ├── Dockerfile.hashicorp
    │   └── Dockerfile
    └── jobs.yml
├── coinbox
    ├── bitcoin
    │   ├── README.md
    │   └── Dockerfile
    ├── filecoin
    │   ├── entrypoint.sh
    │   └── Dockerfile
    ├── monero
    │   └── Dockerfile
    ├── litecoin
    │   └── Dockerfile
    └── jobs.yml
├── LICENSE.txt
├── Makefile
└── README.md


/game/minecraft/.dockerignore:
--------------------------------------------------------------------------------
1 | LICENSE.txt
2 | 


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | /.vagrant/
2 | /.*
3 | !/.gitignore
4 | !/.gitlab-ci.yml
5 | 


--------------------------------------------------------------------------------
/network/syncthing/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM linuxserver/syncthing:1.18.4
2 | RUN apk add --no-cache curl
3 | ADD ./cont-init.d/* /etc/cont-init.d/
4 | 


--------------------------------------------------------------------------------
/network/udp2raw/entrypoint.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | if [ "$DEBUG" == "1" ]; then
3 |   set -x
4 | fi
5 | 
6 | set -e
7 | 
8 | exec /usr/local/bin/udp2raw $@
9 | 


--------------------------------------------------------------------------------
/.gitlab-ci.yml:
--------------------------------------------------------------------------------
1 | include:
2 |   - remote: https://arp.to/@ci/docker.yml
3 |   - local: coinbox/jobs.yml
4 |   - local: devel/jobs.yml
5 |   - local: network/jobs.yml
6 |   - local: misc/jobs.yml
7 | 


--------------------------------------------------------------------------------
/network/tinc/entrypoint.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | if [ "$DEBUG" == "1" ]; then
 3 |   set -x
 4 | fi
 5 | 
 6 | set -e
 7 | 
 8 | # Create device
 9 | if [ ! -d /dev/net ]; then
10 |   mkdir -p /dev/net
11 | fi
12 | if [ ! -c /dev/net/tun ]; then
13 |   mknod /dev/net/tun c 10 200
14 | fi
15 | 
16 | exec /usr/local/bin/tincd $@
17 | 


--------------------------------------------------------------------------------
/network/shadowvpn/entrypoint.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | if [ "$DEBUG" == "1" ]; then
 3 |   set -x
 4 | fi
 5 | 
 6 | set -e
 7 | 
 8 | # Create device
 9 | mkdir -p /dev/net
10 | if [ ! -c /dev/net/tun ]; then
11 |   mknod /dev/net/tun c 10 200
12 | fi
13 | 
14 | # Run ShadowVPN
15 | if [ "$#" -gt 0 ]; then
16 |   exec shadowvpn "$@"
17 | else
18 |   exec shadowvpn -c /etc/shadowvpn/server.conf
19 | fi
20 | 


--------------------------------------------------------------------------------
/network/zerotier/entrypoint.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | if [ ! -e /dev/net/tun ]; then
 3 |   if [ ! -d /dev/net ]; then
 4 |     mkdir -p /dev/net
 5 |   fi
 6 |   mknod /dev/net/tun c 10 200
 7 | fi
 8 | 
 9 | if [[ ! -z ZEROTIER_NETWORK ]]; then
10 |   mkdir -p /var/lib/zerotier-one/networks.d
11 |   touch /var/lib/zerotier-one/networks.d/$ZEROTIER_NETWORK.conf
12 | fi
13 | 
14 | exec /usr/local/bin/zerotier-one
15 | 


--------------------------------------------------------------------------------
/devel/docker/README.md:
--------------------------------------------------------------------------------
 1 | Docker Tool Image
 2 | ====================
 3 | 
 4 | This repository contains `Dockerfile` definitions for [Docker][docker] Docker images.
 5 | 
 6 | ## Supported tags
 7 | 
 8 | * [`latest` _(Dockerfile)_](Dockerfile)
 9 | 
10 | Getting started for this docker container at the [Docker Hub][registry].
11 | 
12 | [docker]: https://www.docker.com
13 | [registry]: https://hub.docker.com/r/zealic/docker
14 | 


--------------------------------------------------------------------------------
/misc/toolkit/README.md:
--------------------------------------------------------------------------------
 1 | Toolkit Image
 2 | ====================
 3 | 
 4 | This repository contains `Dockerfile` definitions for utils tools.
 5 | 
 6 | ## Supported tags
 7 | 
 8 | * [`latest` _(Dockerfile)_](Dockerfile)
 9 | * [`hashicorp` _(Dockerfile.hashicorp)_](Dockerfile.hashicorp)
10 | 
11 | 
12 | Getting started for this docker container at the [Docker Hub][registry].
13 | 
14 | [registry]: https://hub.docker.com/r/zealic/docker
15 | 


--------------------------------------------------------------------------------
/network/whois3/README.md:
--------------------------------------------------------------------------------
 1 | whois3 Docker Image
 2 | ====================
 3 | 
 4 | This repository contains `Dockerfile` definitions for [whois3][whois3] Docker images.
 5 | 
 6 | ## Supported tags
 7 | 
 8 | * [`latest` _(Dockerfile)_](Dockerfile)
 9 | 
10 | Getting started for this docker container at the [Docker Hub][registry].
11 | 
12 | [whois3]: http://ftp.apnic.net/apnic/dbase/tools
13 | [registry]: https://hub.docker.com/r/zealic/whois3
14 | 


--------------------------------------------------------------------------------
/network/gost/README.md:
--------------------------------------------------------------------------------
 1 | gost Docker Image
 2 | ====================
 3 | 
 4 | This repository contains `Dockerfile` definitions for [gost][gost] Docker images.
 5 | 
 6 | ## Supported tags
 7 | 
 8 | * [`latest` _(Dockerfile)_](Dockerfile)
 9 | 
10 | ## Links
11 | Getting started for this docker container at the [Docker Hub][registry].
12 | 
13 | [gost]: https://github.com/ginuerzh/gost
14 | [registry]: https://registry.hub.docker.com/u/zealic/gost
15 | 


--------------------------------------------------------------------------------
/coinbox/bitcoin/README.md:
--------------------------------------------------------------------------------
 1 | Bitcoin Daemon Docker Image
 2 | ====================
 3 | 
 4 | This repository contains `Dockerfile` definitions for [Bitcoin][bitcoin] Docker images.
 5 | 
 6 | ## Supported tags
 7 | 
 8 | * [`latest` _(Dockerfile)_](Dockerfile)
 9 | 
10 | Getting started for this docker container at the [Docker Hub][registry].
11 | 
12 | [bitcoin]: https://bitcoin.org
13 | [registry]: https://hub.docker.com/r/zealic/bitcoin
14 | 


--------------------------------------------------------------------------------
/network/shadowsocks/entrypoint.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | SS_PROGRAM=/usr/local/bin/ss-server
 3 | 
 4 | ARGS=(
 5 |   "-u"
 6 |   "-s" "${SERVER_ADDR:-0.0.0.0}"
 7 |   "-p" "${SERVER_PORT:-8388}"
 8 |   "-k" "${PASSWORD:-$(hostname)}"
 9 |   "-m" "${METHOD:-aes-256-cfb}"
10 |   "-t" "${TIMEOUT:-60}"
11 |   "-d" "${DNS_ADDR:-8.8.4.4}"
12 | )
13 | 
14 | if [[ "$#" -gt 0 ]]; then
15 |   exec $SS_PROGRAM "$@"
16 | else
17 |   exec $SS_PROGRAM ${ARGS[@]}
18 | fi
19 | 


--------------------------------------------------------------------------------
/network/kcptun/README.md:
--------------------------------------------------------------------------------
 1 | kcptun Docker Image
 2 | ====================
 3 | 
 4 | This repository contains `Dockerfile` definitions for [kcptun][kcptun] Docker images.
 5 | 
 6 | ## Supported tags
 7 | 
 8 | * [`latest` _(Dockerfile)_](Dockerfile)
 9 | 
10 | ## Links
11 | Getting started for this docker container at the [Docker Hub][registry].
12 | 
13 | [kcptun]: https://github.com/xtaci/kcptun
14 | [registry]: https://registry.hub.docker.com/u/zealic/kcptun
15 | 


--------------------------------------------------------------------------------
/network/openvpn/README.md:
--------------------------------------------------------------------------------
 1 | OpenVPN Daemon Docker Image
 2 | ====================
 3 | 
 4 | This repository contains `Dockerfile` definitions for [OpenVPN][openvpn] Docker images.
 5 | 
 6 | ## Supported tags
 7 | 
 8 | * [`latest` _(Dockerfile)_](Dockerfile)
 9 | 
10 | Getting started for this docker container at the [Docker Hub][registry].
11 | 
12 | [openvpn]: en.wikipedia.org/wiki/OpenVPN
13 | [registry]: https://registry.hub.docker.com/u/zealic/openvpn
14 | 


--------------------------------------------------------------------------------
/network/shadowvpn/README.md:
--------------------------------------------------------------------------------
 1 | ShadowVPN Docker Image
 2 | ====================
 3 | 
 4 | This repository contains `Dockerfile` definitions for [ShadowVPN][shadowvpn] Docker images.
 5 | 
 6 | ## Supported tags
 7 | 
 8 | * [`latest` _(Dockerfile)_](Dockerfile)
 9 | 
10 | Getting started for this docker container at the [Docker Hub][registry].
11 | 
12 | [shadowvpn]: https://github.com/clowwindy/ShadowVPN
13 | [registry]: https://hub.docker.com/r/zealic/shadowvpn
14 | 


--------------------------------------------------------------------------------
/game/minecraft/README.md:
--------------------------------------------------------------------------------
 1 | Don't Starve Server Docker Image
 2 | ====================
 3 | 
 4 | This repository contains `Dockerfile` definitions for [Minecraft Cauldron][cauldron] Docker images.
 5 | 
 6 | ## Supported tags
 7 | 
 8 | * [`latest` _(Dockerfile)_](Dockerfile)
 9 | 
10 | Getting started for this docker container at the [Docker Hub][registry].
11 | 
12 | [cauldron]: http://minecraft.gamepedia.com/Cauldron
13 | [registry]: https://registry.hub.docker.com/u/zealic/minecraft
14 | 


--------------------------------------------------------------------------------
/network/dnsforwarder/README.md:
--------------------------------------------------------------------------------
 1 | dnsforwarder Docker Image
 2 | ====================
 3 | 
 4 | This repository contains `Dockerfile` definitions for [dnsforwarder][dnsforwarder] Docker images.
 5 | 
 6 | ## Supported tags
 7 | 
 8 | * [`latest` _(Dockerfile)_](Dockerfile)
 9 | 
10 | ## Links
11 | Getting started for this docker container at the [Docker Hub][registry].
12 | 
13 | [dnsforwarder]: https://github.com/holmium/dnsforwarder
14 | [registry]: https://registry.hub.docker.com/u/zealic/dnsforwarder
15 | 


--------------------------------------------------------------------------------
/network/frp/entrypoint.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | # Run as client
 3 | CONFIG=/etc/frpc.ini
 4 | if [ -f $CONFIG ]; then
 5 |     exec /usr/local/bin/frpc -c $CONFIG
 6 | fi
 7 | 
 8 | # Run as server
 9 | CONFIG=/etc/frps.ini
10 | if [ -f $CONFIG ]; then
11 |     exec /usr/local/bin/frps -c $CONFIG
12 | fi
13 | 
14 | # Run as server with SERVER_PORT
15 | SERVER_PORT=${SERVER_PORT:-7000}
16 | cat > $CONFIG <<EOF
17 | [common]
18 | bind_port = ${SERVER_PORT}
19 | EOF
20 | exec /usr/local/bin/frps -c $CONFIG
21 | 


--------------------------------------------------------------------------------
/network/openvpn/entrypoint.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | if [ "$DEBUG" == "1" ]; then
 3 |   set -x
 4 | fi
 5 | 
 6 | set -e
 7 | 
 8 | ARGS=("--config" "$OPENVPN/openvpn.conf")
 9 | if [ -e "$OPENVPN/env.sh" ]; then
10 |   source "$OPENVPN/env.sh"
11 | fi
12 | 
13 | # Create device
14 | mkdir -p /dev/net
15 | if [ ! -c /dev/net/tun ]; then
16 |   mknod /dev/net/tun c 10 200
17 | fi
18 | 
19 | # Run OpenVPN
20 | if [ "$#" -gt 0 ]; then
21 |   exec openvpn "$@"
22 | else
23 |   exec openvpn ${ARGS[@]}
24 | fi
25 | 


--------------------------------------------------------------------------------
/devel/jobs.yml:
--------------------------------------------------------------------------------
 1 | devel-docker:
 2 |   stage: build
 3 |   rules:
 4 |     - changes:
 5 |         - devel/docker/**/*
 6 |       when: always
 7 |     - if: '$CI_PIPELINE_SOURCE != "web"'
 8 |       when: never
 9 |     - when: manual
10 |   variables:
11 |     IMAGE_DIR: devel/docker
12 |   script:
13 |     - make
14 | 
15 | devel-s3fs:
16 |   stage: build
17 |   rules:
18 |     - changes:
19 |         - devel/s3fs/**/*
20 |       when: always
21 |     - if: '$CI_PIPELINE_SOURCE != "web"'
22 |       when: never
23 |     - when: manual
24 |   variables:
25 |     IMAGE_DIR: devel/s3fs
26 |   script:
27 |     - make
28 | 


--------------------------------------------------------------------------------
/game/dst_server/bin/run-dst:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | # Update game on startup
 3 | /home/steam/steamcmd/steamcmd.sh +login anonymous +force_install_dir /home/steam/steamapps/DST +app_update 343050 validate +quit
 4 | 
 5 | ln -sf /DST /home/steam/.klei/DoNotStarveTogether
 6 | if [[ ! -z "$SERVER_TOKEN" ]]; then
 7 | 	echo -ne "$SERVER_TOKEN" | grep -P -n '\0$' > /dev/null
 8 | 	if [ $? -ne 0 ]; then
 9 | 		echo "Appendix for token..."
10 | 		SERVER_TOKEN="$SERVER_TOKEN\0"
11 | 	fi
12 | 	echo -ne "$SERVER_TOKEN" > /DST/server_token.txt
13 | fi
14 | 
15 | cd ~/steamapps/DST/data
16 | ../bin/dontstarve_dedicated_server_nullrenderer $@
17 | 


--------------------------------------------------------------------------------
/game/minecraft/scripts/run-mc:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | if [ ! -f ~/world/eula.txt ]; then
 3 |   echo "eula=true" > ~/world/eula.txt
 4 | fi
 5 | 
 6 | if [ ! -f ~/world/server.properties ]; then
 7 |   echo "MANAGED=true" > ~/world/server.properties
 8 | fi
 9 | 
10 | if [ -z "$MC_LEVEL_NAME" ]; then
11 |   MC_LEVEL_NAME="iWorld"
12 | fi
13 | if [ -z "$MC_MOTD" ]; then
14 |   MC_MOTD="My world is running in my brain."
15 | fi
16 | if [ -z "$MC_ONLINE_MODE" ]; then
17 |   MC_ONLINE_MODE="false"
18 | fi
19 | cat >> ~/world/server.properties <<EOF
20 | level-name=$MC_LEVEL_NAME
21 | motd=$MC_MOTD
22 | online-mode=$MC_ONLINE_MODE
23 | EOF
24 | 
25 | java -jar ~/bin/server.jar $@
26 | exit $?
27 | 


--------------------------------------------------------------------------------
/misc/jobs.yml:
--------------------------------------------------------------------------------
 1 | toolkit:
 2 |   stage: build
 3 |   rules:
 4 |     - changes:
 5 |         - misc/toolkit/Dockerfile
 6 |       when: always
 7 |     - if: '$CI_PIPELINE_SOURCE != "web"'
 8 |       when: never
 9 |     - when: manual
10 |   variables:
11 |     IMAGE_DIR: misc/toolkit
12 |   script:
13 |     - make
14 | 
15 | toolkit-hashicorp:
16 |   stage: build
17 |   rules:
18 |     - changes:
19 |         - misc/toolkit/Dockerfile.hashicorp
20 |       when: always
21 |     - if: '$CI_PIPELINE_SOURCE != "web"'
22 |       when: never
23 |     - when: manual
24 |   variables:
25 |     IMAGE_DIR: misc/toolkit
26 |     IMAGE_TAG: hashicorp
27 |     IMAGE_FILE: Dockerfile.hashicorp
28 |   script:
29 |     - make
30 | 


--------------------------------------------------------------------------------
/devel/s3fs/Dockerfile:
--------------------------------------------------------------------------------
 1 | ARG ALPINE_VER=3.9
 2 | FROM alpine:${ALPINE_VER} as source
 3 | ENV S3FS_VERSION=1.84
 4 | RUN export BUILD_DEPS="build-base libtool automake \
 5 |        autoconf fuse-dev curl-dev libxml2-dev curl libressl-dev" \
 6 |     && apk add --update $BUILD_DEPS $RUNTIME_DEPS
 7 | RUN curl -L https://github.com/s3fs-fuse/s3fs-fuse/archive/v$S3FS_VERSION.tar.gz | tar zxv -C /tmp \
 8 |     && cd /tmp/s3fs-fuse-* \
 9 |       && ./autogen.sh && ./configure --prefix=/usr/local && make && make install
10 | 
11 | FROM alpine:${ALPINE_VER}
12 | RUN apk add fuse libstdc++ libxml2 libcurl libcap libressl
13 | COPY --from=source /usr/local/bin/s3fs /usr/local/bin/
14 | ADD ./entrypoint.sh /entrypoint.sh
15 | ENTRYPOINT ["/entrypoint.sh"]
16 | CMD ["/usr/local/bin/s3fs"]
17 | 


--------------------------------------------------------------------------------
/devel/s3fs/README.md:
--------------------------------------------------------------------------------
 1 | s3fs Docker Image
 2 | ====================
 3 | 
 4 | This repository contains `Dockerfile` definitions for [s3fs][s3fs] Docker images.
 5 | 
 6 | ## Supported tags
 7 | 
 8 | * [`latest` _(Dockerfile)_](Dockerfile)
 9 | 
10 | ## Usage
11 | * mount to /data
12 | ```shell
13 | docker run -e AWS_ACCESS_KEY_ID=<AWS_ACCESS_KEY> -e AWS_SECRET_ACCESS_KEY=<AWS_SECRET_KEY> \
14 | -e S3_BUCKET=<BUCKET_NAME> -e MOUNT_POINT=/data
15 |     --cap-add SYS_ADMIN \
16 |     zealic/s3fs
17 | ```
18 | 
19 | ## Tips
20 | s3fs mounted directory can not export as data volume.
21 | 
22 | ## Links
23 | Getting started for this docker container at the [Docker Hub][registry].
24 | 
25 | [s3fs]: https://github.com/s3fs-fuse/s3fs-fuse
26 | [registry]: https://registry.hub.docker.com/u/zealic/s3fs
27 | 


--------------------------------------------------------------------------------
/network/whois3/Dockerfile:
--------------------------------------------------------------------------------
 1 | ARG ALPINE_VER=3.9
 2 | ################################################################################
 3 | # Source
 4 | ################################################################################
 5 | FROM buildpack-deps:stretch AS source
 6 | RUN wget http://ftp.apnic.net/apnic/dbase/tools/ripe-dbase-client-v3.tar.gz
 7 | RUN mkdir /whois3-src
 8 | WORKDIR /whois3-src
 9 | RUN tar -xvzf /ripe-dbase-client-v3.tar.gz --strip-components=1
10 | RUN ./configure && make
11 | RUN cp whois3 /usr/local/bin
12 | 
13 | 
14 | ################################################################################
15 | # Source
16 | ################################################################################
17 | FROM frolvlad/alpine-glibc:alpine-${ALPINE_VER}
18 | COPY --from=source /usr/local/bin /usr/local/bin/
19 | ENTRYPOINT ["/usr/local/bin/whois3"]
20 | 


--------------------------------------------------------------------------------
/coinbox/filecoin/entrypoint.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | FILECOIN_DATA_DIR=${FILECOIN_DATA_DIR:-/var/lib/filecoin}
 3 | NICKNAME=
 4 | 
 5 | set -e
 6 | 
 7 | # Initialize
 8 | INIT_OPTS=
 9 | if [[ ! -z $TESTNET ]]; then
10 |   INIT_OPTS="$INIT_OPTS --genesisfile=http://user.kittyhawk.wtf:8020/genesis.car"
11 | fi
12 | ln -sf $FILECOIN_DATA_DIR/ ~/.filecoin
13 | if [[ ! -e $FILECOIN_DATA_DIR/config.json ]]; then
14 |   go-filecoin init $INIT_OPTS
15 | fi
16 | 
17 | 
18 | # Configure
19 | # Add to monitoring https://stats.kittyhawk.wtf
20 | if [[ ! -z $TESTNET ]]; then
21 |   : go-filecoin config heartbeat.beatTarget "/dns4/stats-infra.kittyhawk.wtf/tcp/8080/ipfs/QmUWmZnpZb6xFryNDeNU7KcJ1Af5oHy7fB9npU67sseEjR"
22 | fi
23 | if [[ ! -z $NICKNAME ]]; then
24 |   NICKNAME=$HOSTNAME
25 | fi
26 | : go-filecoin config heartbeat.nickname "$NICKNAME"
27 | 
28 | # Exec daemon
29 | exec /usr/local/bin/go-filecoin $@
30 | 


--------------------------------------------------------------------------------
/network/chinadns/run-dns.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | DIRT_DNS_ADDR=${DIRT_DNS_ADDR:-223.5.5.5}
 3 | SAFE_DNS_ADDR=${SAFE_DNS_ADDR:-8.8.4.4}
 4 | 
 5 | mkdir /etc/supervisor.d 2>/dev/null
 6 | if [ ! -f /etc/supervisor.d/chinadns.ini ];
 7 | then
 8 |   cat > /etc/supervisor.d/chinadns.ini <<EOF
 9 | [program:chinadns]
10 | priority = 100
11 | command = chinadns -b 127.0.0.1
12 |                    -c /etc/chnroute.txt
13 |                    -m
14 |                    -p 2053
15 |                    -s $DIRT_DNS_ADDR,$SAFE_DNS_ADDR
16 |                    -y 0.3
17 | 
18 | [program:dnsmasq]
19 | priority = 200
20 | command = dnsmasq --cache-size=25000
21 |                   --conf-file=/dev/null
22 |                   --keep-in-foreground
23 |                   --log-facility=/dev/stdout
24 |                   --no-resolv
25 |                   --server=127.0.0.1#2053
26 |                   --user=root
27 | EOF
28 | fi
29 | 
30 | exec supervisord -n
31 | 


--------------------------------------------------------------------------------
/network/frp/Dockerfile:
--------------------------------------------------------------------------------
 1 | ARG ALPINE_VER=3.9
 2 | ################################################################################
 3 | # Source
 4 | ################################################################################
 5 | FROM alpine:${ALPINE_VER} AS source
 6 | 
 7 | ENV BASE_DIR /frp
 8 | 
 9 | RUN apk add --update curl
10 | 
11 | ENV FRP_VER=0.29.0
12 | ENV FRP_URL=https://github.com/fatedier/frp/releases/download/v${FRP_VER}/frp_${FRP_VER}_linux_amd64.tar.gz
13 | RUN mkdir ${BASE_DIR}
14 | RUN curl -sSL ${FRP_URL} \
15 |         | tar --strip-components=1 -xvzf - -C ${BASE_DIR}
16 | 
17 | 
18 | ################################################################################
19 | # Runtime
20 | ################################################################################
21 | FROM debian:stretch-slim
22 | 
23 | COPY --from=source /frp /usr/local/bin
24 | ADD ./entrypoint.sh /entrypoint.sh
25 | 
26 | ENTRYPOINT ["/entrypoint.sh"]
27 | 


--------------------------------------------------------------------------------
/coinbox/filecoin/Dockerfile:
--------------------------------------------------------------------------------
 1 | ARG ALPINE_VER=3.9
 2 | 
 3 | ################################################################################
 4 | # Source
 5 | ################################################################################
 6 | FROM alpine:${ALPINE_VER} AS source
 7 | ENV FILECOIN_VER=0.0.1
 8 | ENV FILECOIN_URL=https://github.com/filecoin-project/go-filecoin/releases/download/${FILECOIN_VER}/filecoin-Linux.tar.gz
 9 | RUN wget -qO- $FILECOIN_URL | tar -C /opt -xvzf -
10 | 
11 | 
12 | ################################################################################
13 | # Runtime
14 | ################################################################################
15 | FROM frolvlad/alpine-glibc:alpine-${ALPINE_VER}
16 | COPY --from=source /opt/filecoin /opt/filecoin/
17 | RUN ln -s /opt/filecoin/go-filecoin /usr/local/bin/go-filecoin
18 | ADD entrypoint.sh /
19 | 
20 | VOLUME ["/var/lib/filecoin"]
21 | EXPOSE 6000
22 | ENTRYPOINT ["/entrypoint.sh"]
23 | CMD ["daemon"]
24 | 


--------------------------------------------------------------------------------
/coinbox/monero/Dockerfile:
--------------------------------------------------------------------------------
 1 | ARG ALPINE_VER=3.12
 2 | ARG DEBIAN_VER=9-slim
 3 | ################################################################################
 4 | # Source
 5 | ################################################################################
 6 | FROM alpine:${ALPINE_VER} AS source
 7 | 
 8 | ENV BASE_DIR /monero
 9 | 
10 | RUN apk add --update curl
11 | 
12 | ENV MONERO_VER=0.16.0.3
13 | ENV MONERO_URL=https://github.com/monero-project/monero/releases/download/v${MONERO_VER}/monero-linux-x64-v${MONERO_VER}.tar.bz2
14 | RUN mkdir ${BASE_DIR}
15 | RUN curl -sSL ${MONERO_URL} \
16 |        | tar --strip-components=2 -xvjf - -C ${BASE_DIR}
17 | 
18 | ################################################################################
19 | # Runtime
20 | ################################################################################
21 | FROM debian:${DEBIAN_VER}
22 | 
23 | COPY --from=source /monero /usr/local/bin
24 | 
25 | VOLUME ["/var/lib/monero"]
26 | EXPOSE 18080 18081
27 | ENTRYPOINT ["/usr/local/bin/monerod", "--data-dir=/var/lib/monero"]
28 | 


--------------------------------------------------------------------------------
/game/dst_server/README.md:
--------------------------------------------------------------------------------
 1 | # Don't Starve Server Docker Image
 2 | 
 3 | This repository contains `Dockerfile` definitions for [Don't Starve Server][dst] Docker images.
 4 | 
 5 | ## Supported tags
 6 | 
 7 | * [`latest` _(Dockerfile)_](https://github.com/zealic/dockerfiles/blob/master/dst_server/Dockerfile)
 8 | 
 9 | Getting started for this docker container at the [Docker Hub][registry].
10 | 
11 | 
12 | 
13 | ## Server Token
14 | Use `SERVER_TOKEN` environment variable to authenticate server.
15 | 
16 | ```shell
17 | docker run -d -e SERVER_TOKEN=<YOUR_SERVER_TOKEN> zealic/dst_server
18 | ```
19 | 
20 | 
21 | ## Volume Directory
22 | Data volume directory is `/DST`
23 | 
24 | Host directory owners must be 10999:10999
25 | 
26 | ## Usage
27 | ```shell
28 | mkdir $HOME/dst_data
29 | chown 10999:10999 $HOME/dst_data
30 | docker run -d -e SERVER_TOKEN=... -v $HOME/dst_data:/DST zealic/dst_server
31 | ```
32 | 
33 | 
34 | 
35 | [dst]: http://dont-starve-game.wikia.com/wiki/Don%27t_Starve_Wiki
36 | [registry]: https://registry.hub.docker.com/u/zealic/dst_server
37 | 


--------------------------------------------------------------------------------
/network/gost/Dockerfile:
--------------------------------------------------------------------------------
 1 | ARG ALPINE_VER=3.9
 2 | ################################################################################
 3 | # Source
 4 | ################################################################################
 5 | FROM golang:1-alpine AS source
 6 | 
 7 | RUN export DEPS=" \
 8 |     curl tar musl-dev make libtool" \
 9 |     && apk add $DEPS
10 | ENV GOST_VER=2.8.1
11 | ENV GOST_URL=https://github.com/ginuerzh/gost/archive/v${GOST_VER}.tar.gz
12 | ENV GOST_DIR=/gost
13 | 
14 | RUN mkdir $GOST_DIR
15 | WORKDIR $GOST_DIR
16 | RUN curl -sSL $GOST_URL | tar --strip-components=1 -C $GOST_DIR -xvzf -
17 | RUN go build -mod=vendor -o gost cmd/gost/*.go
18 | RUN mv gost /usr/local/bin/
19 | 
20 | 
21 | ################################################################################
22 | # Runtime
23 | ################################################################################
24 | FROM alpine:$ALPINE_VER
25 | RUN export DEPS=" \
26 |     ca-certificates" \
27 |     && apk add $DEPS
28 | COPY --from=source /usr/local/bin/* /usr/local/bin/
29 | 
30 | ENTRYPOINT ["/usr/local/bin/gost"]
31 | 


--------------------------------------------------------------------------------
/coinbox/litecoin/Dockerfile:
--------------------------------------------------------------------------------
 1 | ARG ALPINE_VER=3.12
 2 | ARG DEBIAN_VER=9-slim
 3 | ################################################################################
 4 | # Source
 5 | ################################################################################
 6 | FROM alpine:${ALPINE_VER} AS source
 7 | 
 8 | ENV BASE_DIR /litecoin
 9 | 
10 | RUN apk add --update curl
11 | 
12 | ENV LITECOIN_VER=0.18.1
13 | ENV LITECOIN_URL=https://download.litecoin.org/litecoin-${LITECOIN_VER}/linux/litecoin-${LITECOIN_VER}-x86_64-linux-gnu.tar.gz
14 | RUN mkdir ${BASE_DIR}
15 | RUN curl -sSL ${LITECOIN_URL} \
16 |         | tar --strip-components=1 -xzf - -C ${BASE_DIR}
17 | 
18 | 
19 | ################################################################################
20 | # Runtime
21 | ################################################################################
22 | FROM debian:${DEBIAN_VER}
23 | 
24 | COPY --from=source /litecoin/bin /usr/local/bin
25 | 
26 | VOLUME ["/var/lib/litecoin"]
27 | EXPOSE 8332 8333 18332 18333
28 | ENTRYPOINT ["/usr/local/bin/litecoind", "-printtoconsole", "-datadir=/var/lib/litecoin"]
29 | 


--------------------------------------------------------------------------------
/network/udp2raw/Dockerfile:
--------------------------------------------------------------------------------
 1 | ARG ALPINE_VER=3.10
 2 | ################################################################################
 3 | # Source
 4 | ################################################################################
 5 | FROM alpine:$ALPINE_VER AS source
 6 | RUN export DEPS=" \
 7 |     curl \
 8 |     git build-base linux-headers" \
 9 |     && apk add $DEPS
10 | 
11 | ENV UDP2RAW_VER=master
12 | ENV UDP2RAW_REPO=https://github.com/wangyu-/udp2raw-tunnel.git
13 | ENV UDP2RAW_DIR=/udp2raw
14 | RUN mkdir $UDP2RAW_DIR
15 | WORKDIR $UDP2RAW_DIR
16 | RUN git init \
17 |   && git remote add origin $UDP2RAW_REPO \
18 |   && git fetch origin --depth 1 $UDP2RAW_VER \
19 |   && git reset --hard FETCH_HEAD
20 | RUN make dynamic
21 | 
22 | 
23 | ################################################################################
24 | # Runtime
25 | ################################################################################
26 | FROM alpine:$ALPINE_VER
27 | RUN export DEPS="libstdc++ iptables" \
28 |     && apk add $DEPS
29 | ADD ./entrypoint.sh /
30 | COPY --from=source /udp2raw/udp2raw_dynamic /usr/local/bin/udp2raw
31 | 
32 | ENTRYPOINT ["/entrypoint.sh"]
33 | 


--------------------------------------------------------------------------------
/LICENSE.txt:
--------------------------------------------------------------------------------
 1 | The MIT License (MIT)
 2 | 
 3 | Copyright (c) 2014-2019 Zealic
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in
13 | all copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21 | THE SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/game/minecraft/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM java:7
 2 | 
 3 | ENV SERVER_TYPE cauldron
 4 | ENV SERVER_MAJOR 1.7.10
 5 | ENV SERVER_MINOR 1.1388.1.0
 6 | 
 7 | RUN groupadd -g 25565 minecraft \
 8 | 	&& useradd -m -s /bin/bash -u 25565 -g 25565 minecraft \
 9 | 	&& mkdir -p mkdir -p /home/minecraft/bin \
10 | 	&& curl -o /home/minecraft/bin/server.jar -SLO "http://downloads.sourceforge.net/project/cauldron-unofficial/$SERVER_MAJOR/cauldron-$SERVER_MAJOR-$SERVER_MINOR-server.jar" \
11 | 	&& curl -o /tmp/libraries.zip -SLO "http://downloads.sourceforge.net/project/cauldron-unofficial/$SERVER_MAJOR/libraries-$SERVER_MINOR.zip" \
12 | 	&& unzip -d /home/minecraft/bin /tmp/libraries.zip \
13 | 	&& rm "/tmp/libraries.zip"
14 | 
15 | ADD scripts/* /home/minecraft/scripts/
16 | RUN mkdir -p /home/minecraft/scripts \
17 | 	&& chmod +x /home/minecraft/scripts/* \
18 | 	&& mkdir -p /home/minecraft/world \
19 | 	&& touch /home/minecraft/world/README.md \
20 | 	&& chown -R minecraft:minecraft /home/minecraft/world
21 | 
22 | # For minecraft user
23 | USER minecraft
24 | 
25 | EXPOSE 25565
26 | WORKDIR /home/minecraft/world
27 | ENTRYPOINT ["/home/minecraft/scripts/run-mc"]
28 | 


--------------------------------------------------------------------------------
/devel/s3fs/entrypoint.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | if [[ ! -e /dev/fuse ]]; then
 3 |   mknod /dev/fuse c 0 0
 4 | fi
 5 | 
 6 | CAPS=`getpcaps 0 2>&1`
 7 | if [[ `echo $CAPS | grep -c "cap_sys_admin" ` -eq 0 ]]; then
 8 |   echo "Capability 'sys_admin' is required."
 9 |   exit 1
10 | fi
11 | if [[ `echo $CAPS | grep -c "mknod" ` -eq 0 ]]; then
12 |   echo "Capability 'sys_admin' is required."
13 |   exit 1
14 | fi
15 | 
16 | if [[ -z "$@" ]]; then
17 |   if [[ -z $S3_BUCKET ]]; then
18 |     echo "Environment variable 'S3_BUCKET' is required."
19 |     exit 1
20 |   fi
21 |   if [[ -z $MOUNT_POINT ]]; then
22 |     echo "Environment variable 'MOUNT_POINT' is required."
23 |     exit 1
24 |   fi
25 |   if [[ -z $AWS_ACCESS_KEY_ID ]]; then
26 |     echo "Environment variable 'AWS_ACCESS_KEY_ID' is required."
27 |     exit 1
28 |   fi
29 |   if [[ -z $AWS_SECRET_ACCESS_KEY ]]; then
30 |     echo "Environment variable 'AWS_SECRET_ACCESS_KEY' is required."
31 |     exit 1
32 |   fi
33 |   export AWSACCESSKEYID=$AWS_ACCESS_KEY_ID
34 |   export AWSSECRETACCESSKEY=$AWS_SECRET_ACCESS_KEY
35 |   exec /usr/local/bin/s3fs -f -d $S3_BUCKET $MOUNT_POINT
36 | fi
37 | 
38 | exec /usr/local/bin/s3fs "$@"
39 | 


--------------------------------------------------------------------------------
/devel/docker/Dockerfile:
--------------------------------------------------------------------------------
 1 | ARG DOCKER_VER=19.03
 2 | ARG COMPOSE_VER=1.25.4
 3 | ARG ALPINE_VER=3.11
 4 | 
 5 | ################################################################################
 6 | # Source - Docker
 7 | ################################################################################
 8 | FROM docker:${DOCKER_VER} AS source-docker
 9 | 
10 | 
11 | ################################################################################
12 | # Source
13 | ################################################################################
14 | FROM docker/compose:${COMPOSE_VER} AS source
15 | # Docker
16 | COPY --from=source-docker /usr/local/bin/docker /usr/local/bin/
17 | COPY --from=source-docker /usr/local/bin/docker-entrypoint.sh /usr/local/bin/
18 | 
19 | 
20 | ################################################################################
21 | # Runtime
22 | ################################################################################
23 | FROM alpine:${ALPINE_VER}
24 | COPY --from=source /usr/local/bin/* /usr/local/bin/
25 | 
26 | RUN export DEPS="ca-certificates bash make curl" \
27 |     && apk add $DEPS
28 | 
29 | ENTRYPOINT ["docker-entrypoint.sh"]
30 | CMD ["sh"]
31 | 
32 | 


--------------------------------------------------------------------------------
/game/dst_server/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM debian:jessie
 2 | MAINTAINER zealic <zealic@gmail.com>
 3 | 
 4 | RUN dpkg --add-architecture i386 && apt-get update \
 5 |   && apt-get install -y curl lib32gcc1 lib32stdc++6 libgcc1 libcurl4-gnutls-dev:i386 \
 6 |   && apt-get clean && rm -rf /var/lib/apt/lists/*
 7 | 
 8 | RUN useradd -u 10999 -m steam
 9 | RUN mkdir /DST \
10 |   && chown steam:steam /DST \
11 |   && mkdir -p /home/steam/.klei \
12 |   && chown -R steam:steam /home/steam/.klei
13 | 
14 | USER steam
15 | RUN mkdir ~/steamcmd
16 | # Visit: http://steamcommunity.com/games/322330/announcements/
17 | # Update DST_SERVER_VERSION to force build new docker image
18 | ENV DST_SERVER_VERSION 188845
19 | RUN cd  ~/steamcmd && curl -SLO "http://media.steampowered.com/installer/steamcmd_linux.tar.gz" \
20 |   && tar -xvf steamcmd_linux.tar.gz -C ~/steamcmd && rm steamcmd_linux.tar.gz
21 | RUN ~/steamcmd/steamcmd.sh +login anonymous +force_install_dir /home/steam/steamapps/DST +app_update 343050 validate +quit
22 | 
23 | USER root
24 | ADD ./bin/* /usr/local/bin/
25 | RUN chmod +x /usr/local/bin/run-dst
26 | 
27 | USER steam
28 | EXPOSE 10999/udp
29 | VOLUME ["/DST"]
30 | ENTRYPOINT ["/usr/local/bin/run-dst"]
31 | 


--------------------------------------------------------------------------------
/network/dnsforwarder/Dockerfile:
--------------------------------------------------------------------------------
 1 | ARG ALPINE_VER=3.9
 2 | ################################################################################
 3 | # Source
 4 | ################################################################################
 5 | FROM alpine:$ALPINE_VER AS source
 6 | ENV DNSFORWARDER_VER=6.1.15
 7 | ENV DNSFORWARDER_REPO=https://github.com/holmium/dnsforwarder.git
 8 | RUN export DEPS=" \
 9 |     gcc git make automake autoconf libc-dev curl-dev" \
10 |     && apk add $DEPS
11 | ENV DNSFORWARDER_DIR=/dnsforwarder
12 | RUN mkdir $DNSFORWARDER_DIR
13 | WORKDIR $DNSFORWARDER_DIR
14 | RUN git init \
15 |   && git remote add origin $DNSFORWARDER_REPO \
16 |   && git fetch origin --depth 1 $DNSFORWARDER_VER \
17 |   && git reset --hard FETCH_HEAD
18 | RUN ./configure
19 | RUN make
20 | RUN mv ./dnsforwarder /usr/local/bin/
21 | 
22 | 
23 | ################################################################################
24 | # Runtime
25 | ################################################################################
26 | FROM alpine:$ALPINE_VER
27 | RUN export DEPS=" \
28 |     libcurl ca-certificates" \
29 |     && apk add $DEPS
30 | COPY --from=source /usr/local/bin/* /usr/local/bin/
31 | 
32 | ENTRYPOINT ["/usr/local/bin/dnsforwarder"]
33 | 


--------------------------------------------------------------------------------
/network/openvpn/Dockerfile:
--------------------------------------------------------------------------------
 1 | ARG ALPINE_VER=3.9
 2 | ################################################################################
 3 | # Source
 4 | ################################################################################
 5 | FROM alpine:$ALPINE_VER AS source
 6 | RUN export DEPS=" \
 7 |     gcc autoconf make linux-headers \
 8 |     musl-dev openssl-dev lz4-dev lzo-dev linux-pam-dev" \
 9 |     && apk add $DEPS
10 | 
11 | ENV OPENVPN_VER=2.4.7
12 | ENV OPENVPN_URL=https://swupdate.openvpn.org/community/releases/openvpn-${OPENVPN_VER}.tar.gz
13 | ENV OPENVPN_DIR=/openvpn
14 | RUN mkdir $OPENVPN_DIR
15 | WORKDIR $OPENVPN_DIR
16 | RUN wget -qO- ${OPENVPN_URL} | tar --strip-components=1 -C $OPENVPN_DIR -xvzf -
17 | RUN ./configure && make && make install
18 | 
19 | 
20 | ################################################################################
21 | # Runtime
22 | ################################################################################
23 | FROM alpine:$ALPINE_VER
24 | RUN export DEPS="iptables bash easy-rsa openssl lz4-libs lzo linux-pam" \
25 |     && apk add $DEPS
26 | COPY --from=source /usr/local/ /usr/local/
27 | COPY entrypoint.sh /entrypoint.sh
28 | 
29 | ENTRYPOINT ["/entrypoint.sh"]
30 | ENV OPENVPN /etc/openvpn
31 | EXPOSE 1194/udp
32 | 


--------------------------------------------------------------------------------
/coinbox/jobs.yml:
--------------------------------------------------------------------------------
 1 | coinbox-bitcoin:
 2 |   stage: build
 3 |   rules:
 4 |     - changes:
 5 |         - coinbox/bitcoin/**/*
 6 |       when: always
 7 |     - if: '$CI_PIPELINE_SOURCE != "web"'
 8 |       when: never
 9 |     - when: manual
10 |   variables:
11 |     IMAGE_DIR: coinbox/bitcoin
12 |   script:
13 |     - make
14 | 
15 | coinbox-filecoin:
16 |   stage: build
17 |   rules:
18 |     - changes:
19 |         - coinbox/filecoin/**/*
20 |       when: always
21 |     - if: '$CI_PIPELINE_SOURCE != "web"'
22 |       when: never
23 |     - when: manual
24 |   variables:
25 |     IMAGE_DIR: coinbox/filecoin
26 |   script:
27 |     - make
28 | 
29 | coinbox-litecoin:
30 |   stage: build
31 |   rules:
32 |     - changes:
33 |         - coinbox/litecoin/**/*
34 |       when: always
35 |     - if: '$CI_PIPELINE_SOURCE != "web"'
36 |       when: never
37 |     - when: manual
38 |   variables:
39 |     IMAGE_DIR: coinbox/litecoin
40 |   script:
41 |     - make
42 | 
43 | coinbox-monero:
44 |   stage: build
45 |   rules:
46 |     - changes:
47 |         - coinbox/monero/**/*
48 |       when: always
49 |     - if: '$CI_PIPELINE_SOURCE != "web"'
50 |       when: never
51 |     - when: manual
52 |   variables:
53 |     IMAGE_DIR: coinbox/monero
54 |   script:
55 |     - make
56 | 


--------------------------------------------------------------------------------
/network/chinadns/Dockerfile:
--------------------------------------------------------------------------------
 1 | ARG ALPINE_VER=3.9
 2 | ################################################################################
 3 | # Source
 4 | ################################################################################
 5 | FROM alpine:$ALPINE_VER AS source
 6 | RUN export DEPS=" \
 7 |     curl tar musl-dev gcc make libtool" \
 8 |     && apk add $DEPS
 9 | ENV CHINADNS_VER=1.3.2
10 | ENV CHINADNS_URL=https://github.com/shadowsocks/ChinaDNS/releases/download/${CHINADNS_VER}/chinadns-${CHINADNS_VER}.tar.gz
11 | ENV CHINADNS_DIR=/chinadns
12 | RUN mkdir $CHINADNS_DIR
13 | WORKDIR $CHINADNS_DIR
14 | RUN curl -sSL $CHINADNS_URL | tar --strip-components=1 -C $CHINADNS_DIR -xvzf -
15 | RUN ./configure && make install
16 | RUN mv /usr/local/bin/chinadns /usr/local/bin/
17 | 
18 | 
19 | ################################################################################
20 | # Runtime
21 | ################################################################################
22 | FROM alpine:$ALPINE_VER
23 | RUN export DEPS=" \
24 |     curl dnsmasq supervisor" \
25 |     && apk add $DEPS
26 | ADD https://github.com/zealic/autorosvpn/raw/master/chnroutes.txt /etc/chnroute.txt
27 | ADD ./run-dns.sh /
28 | COPY --from=source /usr/local/bin/* /usr/local/bin/
29 | 
30 | EXPOSE 53/tcp 53/udp
31 | ENTRYPOINT ["/run.sh"]
32 | 


--------------------------------------------------------------------------------
/network/kcptun/Dockerfile:
--------------------------------------------------------------------------------
 1 | ARG ALPINE_VER=3.9
 2 | ################################################################################
 3 | # Source
 4 | ################################################################################
 5 | FROM alpine:$ALPINE_VER AS source
 6 | 
 7 | RUN export BUILD_DEPS="go gcc git libc-dev" \
 8 |     && export RUNTIME_DEPS="ca-certificates" \
 9 |     && apk add --update $BUILD_DEPS $RUNTIME_DEPS
10 | 
11 | RUN export GOPATH=/tmp/go \
12 |     && export SOURCE_PATH="github.com/xtaci/kcptun" \
13 |     && git clone --depth 1 https://$SOURCE_PATH $GOPATH/src/$SOURCE_PATH \
14 |     && cd $GOPATH/src/$SOURCE_PATH/server \
15 |         && go get -d && go build \
16 |         && mv ./server /usr/local/bin/kcptun-server \
17 |     && cd $GOPATH/src/$SOURCE_PATH/client \
18 |     && go get -d && go build \
19 |     && mv ./client /usr/local/bin/kcptun-client
20 | 
21 | 
22 | ################################################################################
23 | # Runtime
24 | ################################################################################
25 | FROM alpine:$ALPINE_VER
26 | 
27 | COPY --from=source /usr/local/bin/kcptun-server /usr/local/bin
28 | COPY --from=source /usr/local/bin/kcptun-client /usr/local/bin
29 | 
30 | ENTRYPOINT ["/usr/local/bin/kcptun-server"]
31 | CMD ["/usr/local/bin/kcptun-server"]
32 | 


--------------------------------------------------------------------------------
/network/shadowvpn/Dockerfile:
--------------------------------------------------------------------------------
 1 | ARG ALPINE_VER=3.9
 2 | ################################################################################
 3 | # Source
 4 | ################################################################################
 5 | FROM alpine:$ALPINE_VER AS source
 6 | ENV SHADOWVPN_VER=master
 7 | ENV SHADOWVPN_REPO=https://github.com/WeShadowsocks/ShadowVPN.git
 8 | RUN export DEPS=" \
 9 |     autoconf automake build-base gawk git libtool linux-headers" \
10 |     && apk add $DEPS
11 | ENV SHADOWVPN_DIR=/shadowvpn
12 | RUN mkdir $SHADOWVPN_DIR
13 | WORKDIR $SHADOWVPN_DIR
14 | RUN git init \
15 |   && git remote add origin $SHADOWVPN_REPO \
16 |   && git fetch origin --depth 1 $SHADOWVPN_VER \
17 |   && git reset --hard FETCH_HEAD
18 | RUN git submodule update --init --recursive
19 | RUN ./autogen.sh
20 | RUN ./configure --enable-static --sysconfdir=/etc
21 | RUN make install
22 | 
23 | 
24 | ################################################################################
25 | # Runtime
26 | ################################################################################
27 | FROM alpine:$ALPINE_VER
28 | RUN export DEPS="iptables" \
29 |     && apk add $DEPS
30 | ADD ./entrypoint.sh /
31 | COPY --from=source /usr/local/bin/* /usr/local/bin/
32 | COPY --from=source /etc/shadowvpn/* /etc/shadowvpn/
33 | 
34 | EXPOSE 1123/udp
35 | ENTRYPOINT ["/entrypoint.sh"]
36 | 


--------------------------------------------------------------------------------
/network/zerotier/Dockerfile:
--------------------------------------------------------------------------------
 1 | ARG ALPINE_VER=3.13
 2 | ################################################################################
 3 | # Source
 4 | ################################################################################
 5 | FROM alpine:$ALPINE_VER AS source
 6 | RUN export DEPS=" \
 7 |     gcc g++ git make libc-dev linux-headers nodejs-npm" \
 8 |     && apk add $DEPS
 9 | ENV ZEROTIER_VER=1.6.4
10 | ENV ZEROTIER_REPO=https://github.com/zerotier/ZeroTierOne.git
11 | ENV ZEROTIER_DIR=/zerotier
12 | RUN mkdir $ZEROTIER_DIR
13 | WORKDIR $ZEROTIER_DIR
14 | RUN git init \
15 |   && git remote add origin $ZEROTIER_REPO \
16 |   && git fetch origin --depth 1 $ZEROTIER_VER \
17 |   && git reset --hard FETCH_HEAD
18 | RUN make
19 | RUN mv ./zerotier-one /usr/local/bin/
20 | 
21 | 
22 | ################################################################################
23 | # Runtime
24 | ################################################################################
25 | FROM alpine:$ALPINE_VER
26 | RUN export DEPS=" \
27 |     libstdc++ ca-certificates" \
28 |     && apk add $DEPS
29 | ADD ./entrypoint.sh /
30 | COPY --from=source /usr/local/bin/* /usr/local/bin/
31 | RUN ln -sf /usr/local/bin/zerotier-one /usr/local/bin/zerotier-cli \
32 |   && ln -sf /usr/local/bin/zerotier-one /usr/local/bin/zerotier-idtool
33 | 
34 | EXPOSE 9993/udp
35 | ENTRYPOINT ["/entrypoint.sh"]
36 | 


--------------------------------------------------------------------------------
/network/shadowsocks/Dockerfile:
--------------------------------------------------------------------------------
 1 | ARG ALPINE_VER=3.9
 2 | ################################################################################
 3 | # Source
 4 | ################################################################################
 5 | FROM alpine:$ALPINE_VER AS source
 6 | ENV SHADOWSOCKS_VER=3.3.1
 7 | ENV SHADOWSOCKS_REPO=https://github.com/shadowsocks/shadowsocks-libev.git
 8 | RUN export DEPS=" \
 9 |     autoconf automake pcre-dev asciidoc xmlto mbedtls-dev libsodium-dev c-ares-dev libev-dev \
10 |     git build-base curl libtool linux-headers openssl-dev" \
11 |     && apk add $DEPS
12 | ENV SHADOWSOCKS_DIR=/shadowsocks
13 | RUN mkdir $SHADOWSOCKS_DIR
14 | WORKDIR $SHADOWSOCKS_DIR
15 | RUN git init \
16 |   && git remote add origin $SHADOWSOCKS_REPO \
17 |   && git fetch origin --depth 1 v$SHADOWSOCKS_VER \
18 |   && git reset --hard FETCH_HEAD
19 | RUN git submodule update --init --recursive
20 | RUN ./autogen.sh && ./configure
21 | RUN make && make install
22 | 
23 | 
24 | ################################################################################
25 | # Runtime
26 | ################################################################################
27 | FROM alpine:$ALPINE_VER
28 | RUN export DEPS="bash libev libsodium mbedtls pcre c-ares" \
29 |     && apk add $DEPS
30 | COPY --from=source /usr/local/bin/* /usr/local/bin/
31 | ADD ./entrypoint.sh /
32 | 
33 | ENTRYPOINT ["/entrypoint.sh"]
34 | 


--------------------------------------------------------------------------------
/Makefile:
--------------------------------------------------------------------------------
 1 | ROOTMAKE=$(MAKE) -f $(abspath $(lastword $(MAKEFILE_LIST)))
 2 | IMAGE_NAME?=$(shell basename $(IMAGE_DIR))
 3 | IMAGE_TAG?=latest
 4 | IMAGE_FILE?=Dockerfile
 5 | # Namespace from Gitlab or Github
 6 | IMAGE_NAMESPACE?=$(or $(or $(CI_PROJECT_NAMESPACE),$(GITHUB_ACTOR)),zealic)
 7 | REGISTRY_NAME?=$(IMAGE_NAMESPACE)/$(IMAGE_NAME):$(IMAGE_TAG)
 8 | 
 9 | ifeq ($(IMAGE_DIR),)
10 | $(error "IMAGE_DIR is required.")
11 | endif
12 | 
13 | # Gitlab develop
14 | ifeq ($(CI_COMMIT_REF_NAME),develop)
15 | REGISTRY_NAME=${CI_REGISTRY_IMAGE}/$(IMAGE_DIR):latest
16 | endif
17 | 
18 | 
19 | build:
20 | 	@$(ROOTMAKE) -C $(IMAGE_DIR) build-image
21 | 
22 | build-image:
23 | 	@docker build -t $(REGISTRY_NAME) -f $(IMAGE_FILE) $(BUILD_OPTS) .
24 | 	@# Push image in CI environment
25 | 	@if [[ ! -z "$(CI)" ]]; then \
26 | 		$(ROOTMAKE) push; \
27 | 	fi
28 | 
29 | push:
30 | 	@if [[ "$(CI_COMMIT_REF_NAME)" = "master" ]]; then \
31 | 		$(ROOTMAKE) push-dockerhub; \
32 | 	elif [[ "$(CI_COMMIT_REF_NAME)" = "develop" ]]; then \
33 | 		$(ROOTMAKE) push-gitlab; \
34 | 	else \
35 | 		echo "Current branch is $(CI_COMMIT_REF_NAME), push ignored."; \
36 | 		exit 0; \
37 | 	fi
38 | 
39 | push-dockerhub:
40 | 	@echo Push to Docker Hub...
41 | 	env
42 | 	@if [[ ! -z "$(DOCKER_HUB_USER)" ]]; then \
43 | 		echo "Loginning docker hub..."; \
44 | 		docker login -u $(DOCKER_HUB_USER) -p $(DOCKER_HUB_PASS); \
45 | 	fi
46 | 	docker push $(REGISTRY_NAME)
47 | 
48 | push-gitlab:
49 | 	@echo Push to gitlab...
50 | 	docker push $(REGISTRY_NAME)
51 | 


--------------------------------------------------------------------------------
/network/syncthing/cont-init.d/configure:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/with-contenv bash
 2 | CLI="syncthing cli --home /config"
 3 | 
 4 | wait_server(){
 5 |   while ! curl -k https://127.0.0.1:8384 > /dev/null 2>&1; do
 6 |    sleep 1
 7 |   done
 8 | }
 9 | 
10 | configure_ldap(){
11 |   wait_server
12 |   $CLI config ldap address set "${LDAP_ADDRESS}"
13 |   $CLI config ldap bind-dn set "${LDAP_BINDDN}"
14 |   $CLI config ldap search-base-dn set "${LDAP_BASEDN}"
15 |   $CLI config ldap search-filter set "${LDAP_FILTER}"
16 | }
17 | 
18 | configure_server(){
19 |   configure_ldap
20 |   if [[ -f /config/.firstrun ]]; then
21 |     return
22 |   fi
23 |   wait_server
24 |   APIKEY=`$CLI config gui apikey get`
25 |   curl -k -XPATCH -H "X-API-KEY: $APIKEY" https://127.0.0.1:8384/rest/config/options -d '{"unackedNotificationIDs": []}'
26 |   curl -k -XPATCH -H "X-API-KEY: $APIKEY" https://127.0.0.1:8384/rest/config/options -d '{"urAccepted": -1}'
27 |   $CLI config folders default delete
28 |   $CLI config options natenabled set false
29 |   $CLI config options relays-enabled set false
30 |   $CLI config options global-ann-enabled set false
31 |   $CLI config options crenabled set false
32 |   $CLI config options urseen set 3
33 |   $CLI config ldap transport set tls
34 |   $CLI config ldap insecure-skip-verify set true
35 | 
36 |   $CLI config gui auth-mode set ldap
37 |   wait_server
38 |   $CLI config gui raw-use-tls set true
39 |   wait_server
40 |   $CLI errors clear
41 |   touch /config/.firstrun
42 | }
43 | 
44 | configure_server &
45 | 


--------------------------------------------------------------------------------
/network/tinc/Dockerfile:
--------------------------------------------------------------------------------
 1 | ARG ALPINE_VER=3.10
 2 | ################################################################################
 3 | # Source
 4 | ################################################################################
 5 | FROM alpine:$ALPINE_VER AS source
 6 | RUN export DEPS=" \
 7 |     curl \
 8 |     gcc autoconf make linux-headers \
 9 |     musl-dev openssl-dev linux-pam-dev \
10 |     ncurses-dev readline-dev lz4-dev lzo-dev zlib-dev" \
11 |     && apk add $DEPS
12 | 
13 | ENV TINC_VER=1.1pre17
14 | ENV TINC_URL=https://www.tinc-vpn.org/packages/tinc-${TINC_VER}.tar.gz
15 | ENV TINC_DIR=/tinc
16 | RUN mkdir $TINC_DIR
17 | WORKDIR $TINC_DIR
18 | RUN curl -sSL ${TINC_URL} | tar --strip-components=1 -C $TINC_DIR -xvzf -
19 | RUN ./configure --prefix=/usr/local \
20 |             --sysconfdir=/etc \
21 |             --mandir=/usr/share/man \
22 |             --infodir=/usr/share/info \
23 |             --localstatedir=/var \
24 |             --enable-jumbograms \
25 |             --enable-lzo \
26 |             --enable-zlib
27 | RUN make && make install
28 | 
29 | 
30 | ################################################################################
31 | # Runtime
32 | ################################################################################
33 | FROM alpine:$ALPINE_VER
34 | RUN export DEPS="iptables ncurses readline lzo zlib" \
35 |     && apk add $DEPS
36 | ADD ./entrypoint.sh /
37 | COPY --from=source /usr/local/sbin/* /usr/local/bin/
38 | 
39 | EXPOSE 655/tcp 655/udp
40 | VOLUME /etc/tinc
41 | ENTRYPOINT ["/entrypoint.sh"]
42 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # dockerfiles
 2 | ===========
 3 | 
 4 | Dockerfiles for images I've pushed to https://hub.docker.com/u/zealic
 5 | 
 6 | 
 7 | ## Coinbox
 8 | 
 9 | * [Bitcoin](https://hub.docker.com/r/zealic/bitcoin)
10 | * [Litecoin](https://hub.docker.com/r/zealic/litecoin)
11 | * [Monero](https://hub.docker.com/r/zealic/monero)
12 | 
13 | 
14 | ## Devel
15 | 
16 | * [Docker](https://hub.docker.com/r/zealic/docker)
17 | * [s3fs](https://hub.docker.com/r/zealic/s3fs)
18 | 
19 | 
20 | ## Network
21 | 
22 | * [chinadns](https://hub.docker.com/r/zealic/chinadns)
23 | * [dnsforwarder](https://hub.docker.com/r/zealic/dnsforwarder)
24 | * [frp](https://hub.docker.com/r/zealic/frp)
25 | * [gost](https://hub.docker.com/r/zealic/gost)
26 | * [ocserv](https://hub.docker.com/r/zealic/ocserv)
27 | * [openvpn](https://hub.docker.com/r/zealic/openvpn)
28 | * [shadowsocks](https://hub.docker.com/r/zealic/shadowsocks)
29 | * [shadowvpn](https://hub.docker.com/r/zealic/shadowvpn)
30 | * [udp2raw](https://hub.docker.com/r/zealic/udp2raw)
31 | * [whois3](https://hub.docker.com/r/zealic/whois3)
32 | * [zerotier](https://hub.docker.com/r/zealic/zerotier)
33 | 
34 | 
35 | ## Toolkit
36 | 
37 | Toolkit include utility tools for your docker.
38 | 
39 | * [toolkit:latest](https://hub.docker.com/r/zealic/toolkit)
40 |   * busybox
41 |   * confd
42 |   * gomplate
43 |   * jq
44 |   * lego
45 |   * migrate
46 |   * yq
47 |   * gosu
48 |   * tini
49 |   * dumb-init
50 |   * envoy
51 |   * awless
52 | 
53 | * [toolkit:hashicorp](https://hub.docker.com/r/zealic/toolkit)
54 |   * consul
55 |   * packer
56 |   * terraform
57 |   * vault
58 | 
59 | 
60 | Toolkit example:
61 | 
62 |   ```dockerfile
63 |   FROM alpine
64 |   COPY --from=zealic/toolkit /usr/local/bin/busybox /usr/local/bin/busybox
65 |   COPY myapp /
66 |   ENTRYPOINT /usr/local/bin/busybox
67 |   ...
68 |   ```
69 | 


--------------------------------------------------------------------------------
/network/ocserv/Dockerfile:
--------------------------------------------------------------------------------
 1 | ARG DEBIAN_VER=10
 2 | ################################################################################
 3 | # Source
 4 | ################################################################################
 5 | FROM debian:$DEBIAN_VER AS source
 6 | RUN export BUILD_DEPS=" \
 7 |     make gcc pkg-config \
 8 |     ca-certificates curl xz-utils \
 9 |     libreadline-dev libev-dev libprotobuf-c-dev libseccomp-dev libgnutls28-dev \
10 |     libpam-dev libnl-route-3-dev libwrap0-dev libkrb5-dev libradcli-dev libhttp-parser-dev liblz4-dev" \
11 |   && apt-get update && apt-get install -y $BUILD_DEPS --no-install-recommends && rm -rf /var/lib/apt/lists/*
12 | 
13 | ENV OCSERV_VER=1.1.5
14 | ENV OCSERV_URL=ftp://ftp.infradead.org/pub/ocserv/ocserv-${OCSERV_VER}.tar.xz
15 | ENV OCSERV_DIR=/ocserv
16 | RUN mkdir $OCSERV_DIR
17 | WORKDIR $OCSERV_DIR
18 | RUN curl -sSL ${OCSERV_URL} | tar --strip-components=1 -C $OCSERV_DIR -xvJf -
19 | RUN ./configure && make && make install
20 | RUN mv /usr/local/sbin/* /usr/local/bin
21 | RUN mkdir -p /etc/ocserv && cp ./doc/sample.config /etc/ocserv/sample.config
22 | 
23 | 
24 | ################################################################################
25 | # Runtime
26 | ################################################################################
27 | FROM debian:$DEBIAN_VER
28 | RUN export DEPS=" \
29 |     bash procps curl gnutls-bin iptables libpam-ldap libradcli4 \
30 |     libev4 libprotobuf-c1 libwrap0 libgssapi-krb5-2 libhttp-parser2.8" \
31 |   && apt-get update && apt-get install -y $DEPS --no-install-recommends && rm -rf /var/lib/apt/lists/*
32 | COPY --from=source /usr/local/bin/* /usr/local/bin/
33 | COPY --from=source /etc/ocserv/sample.config /etc/ocserv/
34 | COPY entrypoint.sh /entrypoint.sh
35 | 
36 | ENTRYPOINT ["/entrypoint.sh"]
37 | 
38 | EXPOSE 443
39 | CMD ["ocserv", "-c", "/etc/ocserv/ocserv.conf", "-f"]
40 | 


--------------------------------------------------------------------------------
/coinbox/bitcoin/Dockerfile:
--------------------------------------------------------------------------------
 1 | ARG ALPINE_VER=3.15
 2 | ARG DEBIAN_VER=11-slim
 3 | ################################################################################
 4 | # Source
 5 | ################################################################################
 6 | FROM alpine:${ALPINE_VER} AS source-bx
 7 | 
 8 | ENV BASE_DIR /bitcoin
 9 | 
10 | RUN apk add --no-cache curl
11 | 
12 | ENV BITCOIN_VER=22.0
13 | ENV BITCOIN_URL=https://bitcoincore.org/bin/bitcoin-core-${BITCOIN_VER}/bitcoin-${BITCOIN_VER}-x86_64-linux-gnu.tar.gz
14 | RUN mkdir ${BASE_DIR}
15 | RUN curl -sSL ${BITCOIN_URL} \
16 |         | tar --strip-components=1 -xzf - -C ${BASE_DIR}
17 | 
18 | ENV BX_VER 3.2.0
19 | ENV BX_URL https://github.com/libbitcoin/libbitcoin-explorer/releases/download/v${BX_VER}/bx-linux-x64-qrcode
20 | RUN curl -sSL -o ${BASE_DIR}/bin/bx ${BX_URL} \
21 |     && chmod +x ${BASE_DIR}/bin/bx
22 | 
23 | 
24 | ################################################################################
25 | # Source
26 | ################################################################################
27 | FROM buildpack-deps:bullseye AS source-vanitygen
28 | RUN apt-get update && apt-get install -y libssl-dev
29 | ENV VANITYGEN_VER=0.1.0
30 | ENV VANITYGEN_REPO=https://github.com/10gic/vanitygen-plusplus.git
31 | ENV VANITYGEN_DIR=/vanitygen-plusplus
32 | RUN mkdir $VANITYGEN_DIR
33 | WORKDIR $VANITYGEN_DIR
34 | RUN git init \
35 |   && git remote add origin $VANITYGEN_REPO \
36 |   && git fetch --depth 1 origin v$VANITYGEN_VER \
37 |   && git reset --hard FETCH_HEAD
38 | 
39 | RUN make
40 | RUN mv $VANITYGEN_DIR/vanitygen++ /usr/local/bin/vanitygen
41 | 
42 | 
43 | ################################################################################
44 | # Runtime
45 | ################################################################################
46 | FROM debian:${DEBIAN_VER}
47 | 
48 | COPY --from=source-bx        /bitcoin/bin    /usr/local/bin
49 | COPY --from=source-vanitygen /usr/local/bin/vanitygen /usr/local/bin
50 | 
51 | RUN apt-get update && apt-get install -y libssl1.1 \
52 |   && apt-get clean && rm -rf /var/lib/apt/lists/*
53 | 
54 | VOLUME ["/var/lib/bitcoin"]
55 | EXPOSE 8332 8333 18332 18333
56 | ENTRYPOINT ["/usr/local/bin/bitcoind", "-printtoconsole", "-datadir=/var/lib/bitcoin"]
57 | 


--------------------------------------------------------------------------------
/misc/toolkit/Dockerfile.hashicorp:
--------------------------------------------------------------------------------
 1 | ARG ALPINE_VER=3.9
 2 | ARG SOURCE_IMAGE=alpine:${ALPINE_VER}
 3 | 
 4 | ################################################################################
 5 | # Source - consul
 6 | ################################################################################
 7 | FROM $SOURCE_IMAGE AS source-consul
 8 | # consul
 9 | ENV CONSUL_VER=1.7.1
10 | ENV CONSUL_URL=https://releases.hashicorp.com/consul/${CONSUL_VER}/consul_${CONSUL_VER}_linux_amd64.zip
11 | RUN wget -qO consul.zip $CONSUL_URL && unzip -d /usr/local/bin consul.zip
12 | # consul-template
13 | ENV CONSULT_VER=0.24.1
14 | ENV CONSULT_URL=https://releases.hashicorp.com/consul-template/$CONSULT_VER/consul-template_${CONSULT_VER}_linux_amd64.zip
15 | RUN wget -qO consult.zip $CONSULT_URL && unzip -d /usr/local/bin consult.zip
16 | 
17 | 
18 | ################################################################################
19 | # Source - packer
20 | ################################################################################
21 | FROM $SOURCE_IMAGE AS source-packer
22 | ENV PACKER_VER=1.5.4
23 | ENV PACKER_URL=https://releases.hashicorp.com/packer/$PACKER_VER/packer_${PACKER_VER}_linux_amd64.zip
24 | RUN wget -qO packer.zip $PACKER_URL && unzip -d /usr/local/bin packer.zip
25 | 
26 | 
27 | ################################################################################
28 | # Source - terraform
29 | ################################################################################
30 | FROM $SOURCE_IMAGE AS source-terraform
31 | ENV TERRAFORM_VER=0.12.23
32 | ENV TERRAFORM_URL=https://releases.hashicorp.com/terraform/$TERRAFORM_VER/terraform_${TERRAFORM_VER}_linux_amd64.zip
33 | RUN wget -qO terraform.zip $TERRAFORM_URL && unzip -d /usr/local/bin terraform.zip
34 | 
35 | 
36 | ################################################################################
37 | # Source - vault
38 | ################################################################################
39 | FROM $SOURCE_IMAGE AS source-vault
40 | ENV VAULT_VER=1.3.2
41 | ENV VAULT_URL=https://releases.hashicorp.com/vault/$VAULT_VER/vault_${VAULT_VER}_linux_amd64.zip
42 | RUN wget -qO vault.zip $VAULT_URL && unzip -d /usr/local/bin vault.zip
43 | 
44 | 
45 | ################################################################################
46 | # Sources
47 | ################################################################################
48 | FROM $SOURCE_IMAGE AS sources
49 | COPY --from=source-consul         /usr/local/bin/*  /usr/local/bin/
50 | COPY --from=source-packer         /usr/local/bin/*  /usr/local/bin/
51 | COPY --from=source-terraform      /usr/local/bin/*  /usr/local/bin/
52 | COPY --from=source-vault          /usr/local/bin/*  /usr/local/bin/
53 | 
54 | 
55 | ################################################################################
56 | # Runtime
57 | ################################################################################
58 | FROM $SOURCE_IMAGE
59 | 
60 | RUN apk add --no-cache bash make curl git
61 | 
62 | # Sources
63 | COPY --from=sources /usr/local/bin/* /usr/local/bin/
64 | 


--------------------------------------------------------------------------------
/network/ocserv/entrypoint.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | if [ ! -f /etc/ocserv/server-key.pem ] || [ ! -f /etc/ocserv/server-cert.pem ]; then
  3 | 	# Check environment variables
  4 | 	if [ -z "$CA_CN" ]; then
  5 | 		CA_CN="Great Water Mall CA"
  6 | 	fi
  7 | 
  8 | 	if [ -z "$CA_ORG" ]; then
  9 | 		CA_ORG="Big Brother"
 10 | 	fi
 11 | 
 12 | 	if [ -z "$CA_DAYS" ]; then
 13 | 		CA_DAYS=9999
 14 | 	fi
 15 | 
 16 | 	if [ -z "$SRV_CN" ]; then
 17 | 		SRV_CN="www.example.com"
 18 | 	fi
 19 | 
 20 | 	if [ -z "$SRV_ORG" ]; then
 21 | 		SRV_ORG="Big Brother"
 22 | 	fi
 23 | 
 24 | 	if [ -z "$SRV_DAYS" ]; then
 25 | 		SRV_DAYS=9999
 26 | 	fi
 27 | 
 28 | 	# No certification found, generate one
 29 | 	cd /etc/ocserv
 30 | 	certtool --generate-privkey --outfile ca-key.pem
 31 | 	cat > ca.tmpl <<-EOCA
 32 | 	cn = "$CA_CN"
 33 | 	organization = "$CA_ORG"
 34 | 	serial = 1
 35 | 	expiration_days = $CA_DAYS
 36 | 	ca
 37 | 	signing_key
 38 | 	cert_signing_key
 39 | 	crl_signing_key
 40 | 	EOCA
 41 | 	certtool --generate-self-signed --load-privkey ca-key.pem --template ca.tmpl --outfile ca.pem
 42 | 	certtool --generate-privkey --outfile server-key.pem 
 43 | 	cat > server.tmpl <<-EOSRV
 44 | 	cn = "$SRV_CN"
 45 | 	organization = "$SRV_ORG"
 46 | 	expiration_days = $SRV_DAYS
 47 | 	signing_key
 48 | 	encryption_key
 49 | 	tls_www_server
 50 | 	EOSRV
 51 | 	certtool --generate-certificate --load-privkey server-key.pem --load-ca-certificate ca.pem --load-ca-privkey ca-key.pem --template server.tmpl --outfile server-cert.pem
 52 | 
 53 | 	# Create a test user
 54 | 	if [ -z "$NO_TEST_USER" ] && [ ! -f /etc/ocserv/ocpasswd ]; then
 55 | 		echo "Create test user 'test' with password 'test'"
 56 | 		echo 'test:*:$5$DktJBFKobxCFd7wN$sn.bVw8ytyAaNamO.CvgBvkzDiFR6DaHdUzcif52KK7' > /etc/ocserv/ocpasswd
 57 | 	fi
 58 | fi
 59 | 
 60 | # Enable TUN device
 61 | if [[ ! -e /dev/net/tun ]]; then
 62 |   mkdir -p /dev/net
 63 |   mknod /dev/net/tun c 10 200
 64 |   chmod 600 /dev/net/tun
 65 | fi
 66 | 
 67 | # Setup config
 68 | if [[ ! -f /etc/ocserv/ocserv.conf ]]; then
 69 |   cp /etc/ocserv/simple.config /etc/ocserv/ocserv.conf
 70 |   sed -i 's/\.\/sample\.passwd/\/etc\/ocserv\/ocpasswd/' /etc/ocserv/ocserv.conf
 71 |   sed -i 's/\(max-same-clients = \)2/\110/' /etc/ocserv/ocserv.conf
 72 |   sed -i 's/\.\.\/tests/\/etc\/ocserv/' /etc/ocserv/ocserv.conf
 73 |   sed -i 's/#\(compression.*\)/\1/' /etc/ocserv/ocserv.conf
 74 |   sed -i '/^ipv4-network = /{s/192.168.1.0/192.168.99.0/}' /etc/ocserv/ocserv.conf
 75 |   sed -i 's/192.168.1.2/8.8.8.8/' /etc/ocserv/ocserv.conf
 76 |   sed -i 's/^route/#route/' /etc/ocserv/ocserv.conf
 77 |   sed -i 's/^no-route/#no-route/' /etc/ocserv/ocserv.conf
 78 | fi
 79 | 
 80 | # LDAP config
 81 | if [[ ! -z "${LDAP_SERVER}" ]]; then
 82 |   cat > /etc/pam_ldap.conf <<EOF
 83 | ldap_version 3
 84 | uri ${LDAP_SERVER}
 85 | base ${LDAP_BASEDN}
 86 | binddn ${LDAP_BINDDN}
 87 | bindpw ${LDAP_BINDPW}
 88 | EOF
 89 |   if [[ ! -z "${LDAP_GROUPDN}" ]]; then
 90 |     echo "pam_groupdn ${LDAP_GROUPDN}" >> /etc/pam_ldap.conf
 91 |     echo "pam_member_attribute ${LDAP_MEMBER_ATTRIBUTE:-member}" >> /etc/pam_ldap.conf
 92 |   fi
 93 |   if [[ ! -z "${LDAPTLS_CACERTDIR}" ]]; then
 94 |     echo "tls_cacertdir ${LDAPTLS_CACERTDIR}" >> /etc/pam_ldap.conf
 95 |   elif [[ ! -z "${LDAPTLS_CACERT}" ]]; then
 96 |     echo "tls_cacertfile ${LDAPTLS_CACERT}" >> /etc/pam_ldap.conf
 97 |   elif [[ ! -z "LDAPTLS_CHECKPEER" ]]; then
 98 |     echo "tls_checkpeer ${LDAPTLS_CHECKPEER}" >> /etc/pam_ldap.conf
 99 |   fi
100 | 
101 |   if [[ ! -z "RFC2307" ]]; then
102 |     cat >> /etc/pam_ldap.conf <<EOF
103 | pam_login_attribute ${LDAP_LOGIN_ATTRIBUTE:-sAMAccountName}
104 | pam_filter objectclass=User
105 | pam_password ad
106 | EOF
107 |   fi
108 | 
109 |   if [[ ! -d /etc/pam_ldap.d ]]; then
110 |     for conf in /etc/pam_ldap.d/*.conf; do
111 |       cat $conf >> /etc/pam_ldap.conf
112 |     done
113 |   fi
114 | fi
115 | 
116 | # Open ipv4 ip forward
117 | sysctl -w net.ipv4.ip_forward=1
118 | 
119 | # Enable NAT forwarding
120 | echo "1" | update-alternatives --config iptables
121 | iptables -t nat -A POSTROUTING -j MASQUERADE
122 | iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
123 | 
124 | # Run OpennConnect Server
125 | exec "$@"
126 | 


--------------------------------------------------------------------------------
/network/jobs.yml:
--------------------------------------------------------------------------------
  1 | network-chinadns:
  2 |   stage: build
  3 |   rules:
  4 |     - changes:
  5 |         - network/chinadns/**/*
  6 |       when: always
  7 |     - if: '$CI_PIPELINE_SOURCE != "web"'
  8 |       when: never
  9 |     - when: manual
 10 |   variables:
 11 |     IMAGE_DIR: network/chinadns
 12 |   script:
 13 |     - make
 14 | 
 15 | network-dnsforwarder:
 16 |   stage: build
 17 |   rules:
 18 |     - changes:
 19 |         - network/dnsforwarder/**/*
 20 |       when: always
 21 |     - if: '$CI_PIPELINE_SOURCE != "web"'
 22 |       when: never
 23 |     - when: manual
 24 |   variables:
 25 |     IMAGE_DIR: network/dnsforwarder
 26 |   script:
 27 |     - make
 28 | 
 29 | network-frp:
 30 |   stage: build
 31 |   rules:
 32 |     - changes:
 33 |         - network/frp/**/*
 34 |       when: always
 35 |     - if: '$CI_PIPELINE_SOURCE != "web"'
 36 |       when: never
 37 |     - when: manual
 38 |   variables:
 39 |     IMAGE_DIR: network/frp
 40 |   script:
 41 |     - make
 42 | 
 43 | network-gost:
 44 |   stage: build
 45 |   rules:
 46 |     - changes:
 47 |         - network/gost/**/*
 48 |       when: always
 49 |     - if: '$CI_PIPELINE_SOURCE != "web"'
 50 |       when: never
 51 |     - when: manual
 52 |   variables:
 53 |     IMAGE_DIR: network/gost
 54 |   script:
 55 |     - make
 56 | 
 57 | network-ocserv:
 58 |   stage: build
 59 |   rules:
 60 |     - changes:
 61 |         - network/ocserv/**/*
 62 |       when: always
 63 |     - if: '$CI_PIPELINE_SOURCE != "web"'
 64 |       when: never
 65 |     - when: manual
 66 |   variables:
 67 |     IMAGE_DIR: network/ocserv
 68 |   script:
 69 |     - make
 70 | 
 71 | network-openvpn:
 72 |   stage: build
 73 |   rules:
 74 |     - changes:
 75 |         - network/openvpn/**/*
 76 |       when: always
 77 |     - if: '$CI_PIPELINE_SOURCE != "web"'
 78 |       when: never
 79 |     - when: manual
 80 |   variables:
 81 |     IMAGE_DIR: network/openvpn
 82 |   script:
 83 |     - make
 84 | 
 85 | network-shadowsocks:
 86 |   stage: build
 87 |   rules:
 88 |     - changes:
 89 |         - network/shadowsocks/**/*
 90 |       when: always
 91 |     - if: '$CI_PIPELINE_SOURCE != "web"'
 92 |       when: never
 93 |     - when: manual
 94 |   variables:
 95 |     IMAGE_DIR: network/shadowsocks
 96 |   script:
 97 |     - make
 98 | 
 99 | network-shadowvpn:
100 |   stage: build
101 |   rules:
102 |     - changes:
103 |         - network/shadowvpn/**/*
104 |       when: always
105 |     - if: '$CI_PIPELINE_SOURCE != "web"'
106 |       when: never
107 |     - when: manual
108 |   variables:
109 |     IMAGE_DIR: network/shadowvpn
110 |   script:
111 |     - make
112 | 
113 | network-syncthing:
114 |   stage: build
115 |   rules:
116 |     - changes:
117 |         - network/syncthing/**/*
118 |       when: always
119 |     - if: '$CI_PIPELINE_SOURCE != "web"'
120 |       when: never
121 |     - when: manual
122 |   variables:
123 |     IMAGE_DIR: network/syncthing
124 |   script:
125 |     - make
126 | 
127 | network-tinc:
128 |   stage: build
129 |   rules:
130 |     - changes:
131 |         - network/tinc/**/*
132 |       when: always
133 |     - if: '$CI_PIPELINE_SOURCE != "web"'
134 |       when: never
135 |     - when: manual
136 |   variables:
137 |     IMAGE_DIR: network/tinc
138 |   script:
139 |     - make
140 | 
141 | network-udp2raw:
142 |   stage: build
143 |   rules:
144 |     - changes:
145 |         - network/udp2raw/**/*
146 |       when: always
147 |     - if: '$CI_PIPELINE_SOURCE != "web"'
148 |       when: never
149 |     - when: manual
150 |   variables:
151 |     IMAGE_DIR: network/udp2raw
152 |   script:
153 |     - make
154 | 
155 | network-whois3:
156 |   stage: build
157 |   rules:
158 |     - changes:
159 |         - network/whois3/**/*
160 |       when: always
161 |     - if: '$CI_PIPELINE_SOURCE != "web"'
162 |       when: never
163 |     - when: manual
164 |   variables:
165 |     IMAGE_DIR: network/whois3
166 |   script:
167 |     - make
168 | 
169 | network-zerotier:
170 |   stage: build
171 |   rules:
172 |     - changes:
173 |         - network/zerotier/**/*
174 |       when: always
175 |     - if: '$CI_PIPELINE_SOURCE != "web"'
176 |       when: never
177 |     - when: manual
178 |   variables:
179 |     IMAGE_DIR: network/zerotier
180 |   script:
181 |     - make
182 | 


--------------------------------------------------------------------------------
/misc/toolkit/Dockerfile:
--------------------------------------------------------------------------------
  1 | ARG ALPINE_VER=3.11
  2 | ARG SOURCE_IMAGE=alpine:${ALPINE_VER}
  3 | 
  4 | ################################################################################
  5 | # Source - busybox
  6 | ################################################################################
  7 | FROM $SOURCE_IMAGE AS source-busybox
  8 | ENV BUSYBOX_VER=1.30.0
  9 | ENV BUSYBOX_URL=https://busybox.net/downloads/binaries/${BUSYBOX_VER}-i686/busybox
 10 | RUN wget -qO /usr/local/bin/busybox $BUSYBOX_URL
 11 | RUN chmod +x /usr/local/bin/busybox
 12 | 
 13 | 
 14 | ################################################################################
 15 | # Source - confd
 16 | ################################################################################
 17 | FROM $SOURCE_IMAGE AS source-confd
 18 | ENV CONFD_VER=0.16.0
 19 | ENV CONFD_URL=https://github.com/kelseyhightower/confd/releases/download/v$CONFD_VER/confd-$CONFD_VER-linux-amd64
 20 | RUN wget -qO /usr/local/bin/confd $CONFD_URL
 21 | RUN chmod +x /usr/local/bin/confd
 22 | 
 23 | 
 24 | ################################################################################
 25 | # Source - gomplate
 26 | ################################################################################
 27 | FROM $SOURCE_IMAGE AS source-gomplate
 28 | ENV GOMPLATE_VER=3.6.0
 29 | ENV GOMPLATE_URL=https://github.com/hairyhenderson/gomplate/releases/download/v$GOMPLATE_VER/gomplate_linux-amd64
 30 | RUN wget -qO /usr/local/bin/gomplate $GOMPLATE_URL
 31 | RUN chmod +x /usr/local/bin/gomplate
 32 | 
 33 | 
 34 | ################################################################################
 35 | # Source - jq
 36 | ################################################################################
 37 | FROM $SOURCE_IMAGE AS source-jq
 38 | ENV JQ_VER=1.6
 39 | ENV JQ_URL=https://github.com/stedolan/jq/releases/download/jq-$JQ_VER/jq-linux64
 40 | RUN wget -qO /usr/local/bin/jq $JQ_URL
 41 | RUN chmod +x /usr/local/bin/jq
 42 | 
 43 | 
 44 | ################################################################################
 45 | # Source - lego
 46 | ################################################################################
 47 | FROM $SOURCE_IMAGE AS source-lego
 48 | ENV LEGO_VER=3.4.0
 49 | ENV LEGO_URL=https://github.com/xenolf/lego/releases/download/v$LEGO_VER/lego_v${LEGO_VER}_linux_amd64.tar.gz
 50 | RUN wget -qO- $LEGO_URL | tar -C /tmp -xvzf -
 51 | RUN mv /tmp/lego /usr/local/bin/lego
 52 | 
 53 | 
 54 | ################################################################################
 55 | # Source - migrate
 56 | ################################################################################
 57 | FROM $SOURCE_IMAGE AS source-migrate
 58 | ENV MIGRATE_VER=4.9.1
 59 | ENV MIGRATE_URL=https://github.com/golang-migrate/migrate/releases/download/v$MIGRATE_VER/migrate.linux-amd64.tar.gz
 60 | RUN wget -qO- $MIGRATE_URL | tar -C /tmp -xvzf -
 61 | RUN mv /tmp/migrate.linux-amd64 /usr/local/bin/migrate
 62 | 
 63 | 
 64 | ################################################################################
 65 | # Source - yq
 66 | ################################################################################
 67 | FROM $SOURCE_IMAGE AS source-yq
 68 | ENV YQ_VER=3.2.1
 69 | ENV YQ_URL=https://github.com/mikefarah/yq/releases/download/$YQ_VER/yq_linux_amd64
 70 | RUN wget -qO /usr/local/bin/yq $YQ_URL
 71 | RUN chmod +x /usr/local/bin/yq
 72 | 
 73 | 
 74 | ################################################################################
 75 | # Source - gosu
 76 | ################################################################################
 77 | FROM $SOURCE_IMAGE AS source-gosu
 78 | ENV GOSU_VER 1.11
 79 | ENV GOSU_URL=https://github.com/tianon/gosu/releases/download/${GOSU_VER}/gosu-amd64
 80 | RUN wget -qO /usr/local/bin/gosu $GOSU_URL
 81 | RUN chmod +x /usr/local/bin/gosu
 82 | 
 83 | 
 84 | ################################################################################
 85 | # Source - tini
 86 | ################################################################################
 87 | FROM $SOURCE_IMAGE AS source-tini
 88 | ENV TINI_VER v0.18.0
 89 | ENV TINI_URL=https://github.com/krallin/tini/releases/download/${TINI_VER}/tini
 90 | RUN wget -qO /usr/local/bin/tini $TINI_URL
 91 | RUN chmod +x /usr/local/bin/tini
 92 | 
 93 | 
 94 | ################################################################################
 95 | # Source - dumb-init
 96 | ################################################################################
 97 | FROM $SOURCE_IMAGE AS source-dumb-init
 98 | ENV DUMB_INIT_VER 1.2.2
 99 | ENV DUMB_INIT_URL=https://github.com/Yelp/dumb-init/releases/download/v${DUMB_INIT_VER}/dumb-init_${DUMB_INIT_VER}_amd64
100 | RUN wget -qO /usr/local/bin/dumb-init $DUMB_INIT_URL
101 | RUN chmod +x /usr/local/bin/dumb-init
102 | 
103 | 
104 | ################################################################################
105 | # Source - envoy
106 | ################################################################################
107 | FROM envoyproxy/envoy-alpine:v1.13.1 AS source-envoy
108 | # Envoy already in /usr/local/bin
109 | 
110 | 
111 | ################################################################################
112 | # Source - awless
113 | ################################################################################
114 | FROM $SOURCE_IMAGE AS source-awless
115 | ENV AWLESS_VER=0.1.11
116 | ENV AWLESS_URL=https://github.com/wallix/awless/releases/download/v${AWLESS_VER}/awless-linux-amd64.tar.gz
117 | RUN wget -qO- $AWLESS_URL | tar -C /tmp -xvzf -
118 | RUN mv /tmp/awless /usr/local/bin/awless
119 | 
120 | 
121 | ################################################################################
122 | # Sources
123 | ################################################################################
124 | FROM $SOURCE_IMAGE AS sources
125 | COPY --from=source-busybox        /usr/local/bin/*  /usr/local/bin/
126 | COPY --from=source-confd          /usr/local/bin/*  /usr/local/bin/
127 | COPY --from=source-gomplate       /usr/local/bin/*  /usr/local/bin/
128 | COPY --from=source-jq             /usr/local/bin/*  /usr/local/bin/
129 | COPY --from=source-lego           /usr/local/bin/*  /usr/local/bin/
130 | COPY --from=source-migrate        /usr/local/bin/*  /usr/local/bin/
131 | COPY --from=source-yq             /usr/local/bin/*  /usr/local/bin/
132 | COPY --from=source-gosu           /usr/local/bin/*  /usr/local/bin/
133 | COPY --from=source-tini           /usr/local/bin/*  /usr/local/bin/
134 | COPY --from=source-dumb-init      /usr/local/bin/*  /usr/local/bin/
135 | COPY --from=source-envoy          /usr/local/bin/*  /usr/local/bin/
136 | COPY --from=source-awless         /usr/local/bin/*  /usr/local/bin/
137 | 
138 | 
139 | ################################################################################
140 | # Runtime
141 | ################################################################################
142 | FROM $SOURCE_IMAGE
143 | 
144 | RUN apk add --no-cache bash make curl git
145 | 
146 | # Sources
147 | COPY --from=sources /usr/local/bin/* /usr/local/bin/
148 | 


--------------------------------------------------------------------------------