From 88ac35c10b277c3ba885bfd6df82c8616e87b436 Mon Sep 17 00:00:00 2001 From: Roman Hoellen Date: Mon, 4 Dec 2017 14:54:24 +0100 Subject: [PATCH] UNMAINTENED --- unmaintained/cowrie/Dockerfile | 77 +++++++++++++++++ unmaintained/cowrie/README.md | 60 +++++++++++++ unmaintained/cowrie/run.sh | 12 +++ unmaintained/freshrss/Dockerfile | 30 +++++++ unmaintained/freshrss/README.md | 24 ++++++ .../freshrss/rootfs/etc/s6.d/cron/run | 6 ++ .../rootfs/nginx/sites-enabled/nginx.conf | 33 ++++++++ .../freshrss/rootfs/usr/local/bin/run.sh | 8 ++ unmaintained/ghost/Dockerfile | 43 ++++++++++ unmaintained/ghost/README.md | 44 ++++++++++ .../ghost/rootfs/etc/s6.d/.s6-svscan/finish | 2 + unmaintained/ghost/rootfs/etc/s6.d/ghost/run | 5 ++ .../ghost/rootfs/usr/local/bin/run.sh | 47 +++++++++++ .../ghost/rootfs/usr/local/etc/disqus.conf | 16 ++++ .../rootfs/usr/local/etc/ghost.example.conf | 21 +++++ .../ghost/rootfs/usr/local/etc/isso.conf | 7 ++ unmaintained/kippo-graph/Dockerfile | 47 +++++++++++ unmaintained/kippo-graph/README.md | 29 +++++++ unmaintained/kippo-graph/nginx.conf | 84 +++++++++++++++++++ unmaintained/kippo-graph/php-fpm.conf | 11 +++ unmaintained/kippo-graph/run.sh | 3 + .../kippo-graph/s6.d/.s6-svscan/finish | 3 + unmaintained/kippo-graph/s6.d/nginx/run | 2 + unmaintained/kippo-graph/s6.d/php/run | 2 + unmaintained/mediawiki/Dockerfile | 38 +++++++++ unmaintained/mediawiki/README.md | 69 +++++++++++++++ .../rootfs/nginx/sites-enabled/nginx.conf | 43 ++++++++++ .../mediawiki/rootfs/php/conf.d/apcu.ini | 4 + .../mediawiki/rootfs/usr/local/bin/run.sh | 15 ++++ unmaintained/parsoid/Dockerfile | 28 +++++++ unmaintained/parsoid/README.md | 28 +++++++ .../parsoid/rootfs/etc/s6.d/.s6-svscan/finish | 2 + .../parsoid/rootfs/etc/s6.d/parsoid/run | 3 + .../parsoid/rootfs/usr/local/bin/run.sh | 19 +++++ .../parsoid/rootfs/usr/local/etc/disqus.conf | 16 ++++ .../rootfs/usr/local/etc/ghost.example.conf | 21 +++++ .../parsoid/rootfs/usr/local/etc/isso.conf | 7 ++ unmaintained/pgbouncer/Dockerfile | 16 ++++ unmaintained/pgbouncer/README.md | 10 +++ unmaintained/pgbouncer/run.sh | 4 + 40 files changed, 939 insertions(+) create mode 100644 unmaintained/cowrie/Dockerfile create mode 100644 unmaintained/cowrie/README.md create mode 100644 unmaintained/cowrie/run.sh create mode 100644 unmaintained/freshrss/Dockerfile create mode 100644 unmaintained/freshrss/README.md create mode 100644 unmaintained/freshrss/rootfs/etc/s6.d/cron/run create mode 100644 unmaintained/freshrss/rootfs/nginx/sites-enabled/nginx.conf create mode 100644 unmaintained/freshrss/rootfs/usr/local/bin/run.sh create mode 100644 unmaintained/ghost/Dockerfile create mode 100644 unmaintained/ghost/README.md create mode 100644 unmaintained/ghost/rootfs/etc/s6.d/.s6-svscan/finish create mode 100644 unmaintained/ghost/rootfs/etc/s6.d/ghost/run create mode 100644 unmaintained/ghost/rootfs/usr/local/bin/run.sh create mode 100644 unmaintained/ghost/rootfs/usr/local/etc/disqus.conf create mode 100644 unmaintained/ghost/rootfs/usr/local/etc/ghost.example.conf create mode 100644 unmaintained/ghost/rootfs/usr/local/etc/isso.conf create mode 100644 unmaintained/kippo-graph/Dockerfile create mode 100644 unmaintained/kippo-graph/README.md create mode 100644 unmaintained/kippo-graph/nginx.conf create mode 100644 unmaintained/kippo-graph/php-fpm.conf create mode 100644 unmaintained/kippo-graph/run.sh create mode 100644 unmaintained/kippo-graph/s6.d/.s6-svscan/finish create mode 100644 unmaintained/kippo-graph/s6.d/nginx/run create mode 100644 unmaintained/kippo-graph/s6.d/php/run create mode 100644 unmaintained/mediawiki/Dockerfile create mode 100644 unmaintained/mediawiki/README.md create mode 100644 unmaintained/mediawiki/rootfs/nginx/sites-enabled/nginx.conf create mode 100644 unmaintained/mediawiki/rootfs/php/conf.d/apcu.ini create mode 100644 unmaintained/mediawiki/rootfs/usr/local/bin/run.sh create mode 100644 unmaintained/parsoid/Dockerfile create mode 100644 unmaintained/parsoid/README.md create mode 100644 unmaintained/parsoid/rootfs/etc/s6.d/.s6-svscan/finish create mode 100644 unmaintained/parsoid/rootfs/etc/s6.d/parsoid/run create mode 100644 unmaintained/parsoid/rootfs/usr/local/bin/run.sh create mode 100644 unmaintained/parsoid/rootfs/usr/local/etc/disqus.conf create mode 100644 unmaintained/parsoid/rootfs/usr/local/etc/ghost.example.conf create mode 100644 unmaintained/parsoid/rootfs/usr/local/etc/isso.conf create mode 100644 unmaintained/pgbouncer/Dockerfile create mode 100644 unmaintained/pgbouncer/README.md create mode 100644 unmaintained/pgbouncer/run.sh diff --git a/unmaintained/cowrie/Dockerfile b/unmaintained/cowrie/Dockerfile new file mode 100644 index 0000000..16964ee --- /dev/null +++ b/unmaintained/cowrie/Dockerfile @@ -0,0 +1,77 @@ +FROM alpine:edge + +ARG MPFR_VERSION=3.1.5 +ARG MPC_VERSION=1.0.3 + +ARG GPG_MPFR="07F3 DBBE CC1A 3960 5078 094D 980C 1976 98C3 739D" +ARG GPG_MPC="AD17 A21E F8AE D8F1 CC02 DBD9 F7D5 C9BF 765C 61E3" +ARG SHA1_MPC="b8be66396c726fdc36ebb0f692ed8a8cca3bcc66" + +ENV UID=991 GID=991 + +RUN BUILD_DEPS=" \ + build-base \ + libtool \ + libffi-dev \ + libressl-dev \ + python-dev \ + gmp-dev \ + mariadb-dev \ + py2-pip \ + tar \ + gnupg" \ + && apk -U upgrade && apk add \ + ${BUILD_DEPS} \ + libffi \ + gmp \ + libressl \ + python \ + py-setuptools \ + openssh-client \ + mariadb-client-libs \ + tini \ + su-exec \ + && cd /tmp && wget -q http://www.mpfr.org/mpfr-current/mpfr-${MPFR_VERSION}.tar.gz \ + && echo "Verifying authenticity of mpfr-${MPFR_VERSION}.tar.gz..." \ + && wget -q http://www.mpfr.org/mpfr-current/mpfr-${MPFR_VERSION}.tar.gz.asc \ + && gpg --recv-keys 98C3739D \ + && FINGERPRINT="$(LANG=C gpg --verify mpfr-${MPFR_VERSION}.tar.gz.asc mpfr-${MPFR_VERSION}.tar.gz 2>&1 \ + | sed -n "s#Primary key fingerprint: \(.*\)#\1#p")" \ + && if [ -z "${FINGERPRINT}" ]; then echo "Warning! Invalid GPG signature!" && exit 1; fi \ + && if [ "${FINGERPRINT}" != "${GPG_MPFR}" ]; then echo "Warning! Wrong GPG fingerprint!" && exit 1; fi \ + && echo "All seems good, now unpacking mpfr-${MPFR_VERSION}.tar.gz..." \ + && tar xzf mpfr-${MPFR_VERSION}.tar.gz && cd mpfr-${MPFR_VERSION} \ + && ./configure && make && make install \ + && cd /tmp && wget -q ftp://ftp.gnu.org/gnu/mpc/mpc-${MPC_VERSION}.tar.gz \ + && echo "Verifying both integrity and authenticity of mpc-${MPC_VERSION}.tar.gz..." \ + && CHECKSUM=$(sha1sum mpc-${MPC_VERSION}.tar.gz | awk '{print $1}') \ + && if [ "${CHECKSUM}" != "${SHA1_MPC}" ]; then echo "Warning! Checksum does not match!" && exit 1; fi \ + && wget -q ftp://ftp.gnu.org/gnu/mpc/mpc-${MPC_VERSION}.tar.gz.sig \ + && gpg --recv-keys 0xF7D5C9BF765C61E3 \ + && FINGERPRINT="$(LANG=C gpg --verify mpc-${MPC_VERSION}.tar.gz.sig mpc-${MPC_VERSION}.tar.gz 2>&1 \ + | sed -n "s#Primary key fingerprint: \(.*\)#\1#p")" \ + && if [ -z "${FINGERPRINT}" ]; then echo "Warning! Invalid GPG signature!" && exit 1; fi \ + && if [ "${FINGERPRINT}" != "${GPG_MPC}" ]; then echo "Warning! Wrong GPG fingerprint!" && exit 1; fi \ + && echo "All seems good, now unpacking mpc-${MPC_VERSION}.tar.gz..." \ + && tar xzf mpc-${MPC_VERSION}.tar.gz && cd mpc-${MPC_VERSION} \ + && ./configure --with-mpfr-lib=/usr/local/lib --with-mpfr-include=/usr/local/include \ + && make && make install \ + && mkdir /cowrie && cd /cowrie \ + && wget -qO- https://github.com/micheloosterhof/cowrie/archive/master.tar.gz | tar xz --strip 1 \ + && pip install --no-cache -r requirements.txt \ + && pip install --no-cache mysql-python \ + && mv cowrie.cfg.dist cowrie.cfg \ + && apk del ${BUILD_DEPS} \ + && rm -rf /var/cache/apk/* /tmp/* /root/.gnupg + +COPY run.sh /usr/local/bin/run.sh + +RUN chmod +x /usr/local/bin/run.sh + +VOLUME /cowrie/log /cowrie/dl /custom + +EXPOSE 2222 + +LABEL maintainer="Wonderfall " + +CMD ["run.sh"] diff --git a/unmaintained/cowrie/README.md b/unmaintained/cowrie/README.md new file mode 100644 index 0000000..b625302 --- /dev/null +++ b/unmaintained/cowrie/README.md @@ -0,0 +1,60 @@ +### wonderfall/cowrie + +#### What is this? +Cowrie is a medium interaction SSH honeypot designed to log brute force attacks and the shell interaction performed by the attacker. Cowrie is based on Kippo. + +#### Build-time variables +- **MPFR_VERSION** : GNU MPFR version. +- **MPC_VERSION** : GNU MPC version. +- **GPG_** : fingerprints of signing keys. +- **SHA_** : fingerprints of tarballs + +#### Environment variables +- **UID** *(default : 991)* +- **GID** *(default : 991)* + +#### How to configure +You should provide your own configuration file from this base : https://raw.githubusercontent.com/micheloosterhof/cowrie/master/cowrie.cfg.dist +You can mount this single file to your Docker container. + +#### Volumes +- **/cowrie/dl** : where downloads are stored. +- **/cowrie/log** : cowrie and tty sessions logs. +- **/cowrie/cowrie.cfg** : cowrie configuration file. **Provide yours!** +- **/custom** : customize cowrie structure with your own files + +#### Docker compose (example) +``` +cowrie: + image: wonderfall/cowrie + links: ### MySQL output + - cowrie-db:cowrie-db ### MySQL output + ports: + - "2222:2222" + volumes: + - /mnt/cowrie/dl:/cowrie/dl + - /mnt/cowrie/log:/cowrie/log + - /mnt/cowrie/custom:/custom + - /mnt/cowrie/cowrie.cfg:/cowrie/cowrie.cfg + environment: + - GID=1000 + - UID=1000 + +### MySQL output +# First, you'll have to initialise tables with a .sql file +# mkdir -p /mnt/cowrie/sql +# wget https://raw.githubusercontent.com/micheloosterhof/cowrie/master/doc/sql/mysql.sql -P /mnt/cowrie/sql/cowrie.sql +# It needs also to be configured in the cowrie.cfg file + +cowrie-db: + image: mariadb:10 + volumes: + - /mnt/cowrie/db:/var/lib/mysql + - /mnt/cowrie/sql:/docker-entrypoint-initdb.d + environment: + - MYSQL_ROOT_PASSWORD=supersecretpassword + - MYSQL_DATABASE=cowrie + - MYSQL_USER=cowrie + - MYSQL_PASSWORD=supersecretpassword +``` + diff --git a/unmaintained/cowrie/run.sh b/unmaintained/cowrie/run.sh new file mode 100644 index 0000000..e4321e0 --- /dev/null +++ b/unmaintained/cowrie/run.sh @@ -0,0 +1,12 @@ +#!/bin/sh +cd /cowrie + +rm twistd.pid &>/dev/null +mkdir -p /cowrie/log/tty &>/dev/null +cp -R /custom/* /cowrie &>/dev/null +chown -R $UID:$GID /cowrie + +COWRIEDIR=$(dirname $0) +export PYTHONPATH=${PYTHONPATH}:${COWRIEDIR} + +exec su-exec $UID:$GID /sbin/tini -- twistd -n -l /cowrie/log/cowrie.log cowrie diff --git a/unmaintained/freshrss/Dockerfile b/unmaintained/freshrss/Dockerfile new file mode 100644 index 0000000..75e2d5f --- /dev/null +++ b/unmaintained/freshrss/Dockerfile @@ -0,0 +1,30 @@ +FROM wonderfall/nginx-php:7.1 + +ARG FRESHRSS_VER=1.8.0 + +ENV UID=991 GID=991 \ + UPLOAD_MAX_SIZE=10M \ + MEMORY_LIMIT=128M \ + CRON_PERIOD=30m + +RUN apk -U add --no-cache \ + tar \ + libressl \ + ca-certificates \ + && mkdir freshrss && cd freshrss \ + && wget -qO- https://github.com/FreshRSS/FreshRSS/archive/${FRESHRSS_VER}.tar.gz | tar xz --strip 1 \ + && mv data data_tmp + +COPY rootfs / + +RUN chmod +x /usr/local/bin/run.sh /etc/s6.d/*/* /etc/s6.d/.s6-svscan/* + +VOLUME /freshrss/data /php/session + +EXPOSE 8888 + +LABEL maintainer="Wonderfall " \ + description="A free, self-hostable aggregator" \ + version="FreshRSS ${FRESHRSS_VER}" + +CMD ["run.sh"] diff --git a/unmaintained/freshrss/README.md b/unmaintained/freshrss/README.md new file mode 100644 index 0000000..82bdf7f --- /dev/null +++ b/unmaintained/freshrss/README.md @@ -0,0 +1,24 @@ +## wonderfall/freshrss + +A free, self-hostable aggregator : https://github.com/FreshRSS/FreshRSS + +#### Features +- Based on Alpine Linux (wonderfall/nginx-php image) +- Bundled with nginx and PHP7.1. +- Automatic feed update (frequency at 30 minutes by default) + +#### Build-time variables +- **FRESHRSS_VER** : version of FreshRSS + +#### Environment variables +- **UID** : user id +- **GID** : group id +- **MEMORY_LIMIT** : php memory limit *(default : 128M)* +- **UPLOAD_MAX_SIZE** : maximum upload size *(default : 10M)* +- **CRON_PERIOD** : feed update frequency *(default : 30m)* + +#### Volumes +- **/freshrss/data** + +#### Ports +- **8888** [(reverse proxy!)](https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration) diff --git a/unmaintained/freshrss/rootfs/etc/s6.d/cron/run b/unmaintained/freshrss/rootfs/etc/s6.d/cron/run new file mode 100644 index 0000000..584e453 --- /dev/null +++ b/unmaintained/freshrss/rootfs/etc/s6.d/cron/run @@ -0,0 +1,6 @@ +#!/bin/sh + +while true; do + php -f /freshrss/app/actualize_script.php + sleep +done diff --git a/unmaintained/freshrss/rootfs/nginx/sites-enabled/nginx.conf b/unmaintained/freshrss/rootfs/nginx/sites-enabled/nginx.conf new file mode 100644 index 0000000..69977bc --- /dev/null +++ b/unmaintained/freshrss/rootfs/nginx/sites-enabled/nginx.conf @@ -0,0 +1,33 @@ +server { + listen 8888; + root /freshrss; + index index.php index.html; + + location ~* \.(jpg|jpeg|gif|css|png|js|map|woff|woff2|ttf|svg|eot)$ { + expires 30d; + access_log off; + } + + location ~ ^/(data|cfg|tmp) { + deny all; + } + + location ~* /(.*)\.(?:markdown|md|twig|yaml|yml|ht|htaccess|ini)$ { + deny all; + } + + location ~ /\. { + deny all; + } + + location / { + try_files $uri $uri/ /index.php; + } + + location ~ \.php$ { + fastcgi_index index.php; + fastcgi_pass unix:/php/run/php-fpm.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /nginx/conf/fastcgi_params; + } +} diff --git a/unmaintained/freshrss/rootfs/usr/local/bin/run.sh b/unmaintained/freshrss/rootfs/usr/local/bin/run.sh new file mode 100644 index 0000000..e61bfaa --- /dev/null +++ b/unmaintained/freshrss/rootfs/usr/local/bin/run.sh @@ -0,0 +1,8 @@ +#!/bin/sh +sed -i -e "s//$UPLOAD_MAX_SIZE/g" /nginx/conf/nginx.conf /php/etc/php-fpm.conf \ + -e "s//$MEMORY_LIMIT/g" /php/etc/php-fpm.conf \ + -e "s//$CRON_PERIOD/g" /etc/s6.d/cron/run + +[ ! "$(ls -A /freshrss/data)" ] && cp -R /freshrss/data_tmp/* /freshrss/data/ +chown -R $UID:$GID /freshrss /nginx /php /tmp /etc/s6.d +exec su-exec $UID:$GID /bin/s6-svscan /etc/s6.d diff --git a/unmaintained/ghost/Dockerfile b/unmaintained/ghost/Dockerfile new file mode 100644 index 0000000..84bd2c7 --- /dev/null +++ b/unmaintained/ghost/Dockerfile @@ -0,0 +1,43 @@ +FROM alpine:3.6 + +ARG VERSION=1.14.0 + +ENV GHOST_NODE_VERSION_CHECK=false \ + NODE_ENV=production \ + GID=991 UID=991 \ + ADDRESS=https://my-ghost-blog.com \ + ENABLE_ISSO=False \ + ISSO_HOST=isso.domain.tld \ + ISSO_AVATAR=false \ + ISSO_VOTE=false + +WORKDIR /ghost + +RUN apk -U --no-cache add \ + bash \ + ca-certificates \ + grep \ + libressl \ + nodejs-current \ + nodejs-current-npm \ + s6 \ + su-exec \ + vim \ + && wget -q https://github.com/TryGhost/Ghost/releases/download/${VERSION}/Ghost-${VERSION}.zip -P /tmp \ + && unzip -q /tmp/Ghost-${VERSION}.zip -d /ghost \ + && npm install --production \ + && mv content/themes/casper casper + +COPY rootfs / + +RUN chmod +x /usr/local/bin/* /etc/s6.d/*/* /etc/s6.d/.s6-svscan/* + +EXPOSE 2368 + +VOLUME /ghost/content + +LABEL description="Ghost CMS ${VERSION}" \ + maintainer="Wonderfall " + +ENTRYPOINT ["run.sh"] +CMD ["/bin/s6-svscan", "/etc/s6.d"] diff --git a/unmaintained/ghost/README.md b/unmaintained/ghost/README.md new file mode 100644 index 0000000..1ed3d58 --- /dev/null +++ b/unmaintained/ghost/README.md @@ -0,0 +1,44 @@ +## wonderfall/ghost + +![](https://i.goopics.net/lt.png) + +**Breaking changes if you're upgrading from 0.x. Please export your current data, and import them again in a new 1.x blog. You also have to move your images to the new volume if you want to keep them. Disqus is also not supported, please move to Isso, a much better comments system. Sorry for the mess!** + +#### What is this? What features? +- A **simple** Ghost CMS build made for production. +- Based on Alpine Linux so it's lightweight! +- Bundled with latest node.js available (version check is disabled). +- Offers Isso integration. + +#### Build-time variables +- **VERSION** : version of Ghost. + +#### Environment variables +- **GID** : ghost user id *(default : 991)* +- **UID** : ghost group id *(default : 991)* +- **ADDRESS** : your domain (with *http(s)://*) *(default : https://my-ghost-blog.com)* +- **ENABLE_ISSO** : enables Isso support if set to *True* *(default : False)* +- **ISSO_HOST**, **ISSO_AVATAR**, **ISSO_VOTE** : Isso settings (*True* or *False*) + +#### Volumes +- **/ghost/content** : contents of your blog + +### Ports +- **2368** [(reverse proxy!)](https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration) + +### How to configure? +Everything you need is in `/ghost/content/ghost.conf` (also mounted on your host...). + +### docker-compose.yml sample + +``` +ghost-myblog: + image: wonderfall/ghost:1 + container_name: ghost-myblog + environment: + - UID=8100 + - GID=8100 + - ADDRESS=https://myblog.com + volumes: + - /mnt/docker/myblog:/ghost/content +``` diff --git a/unmaintained/ghost/rootfs/etc/s6.d/.s6-svscan/finish b/unmaintained/ghost/rootfs/etc/s6.d/.s6-svscan/finish new file mode 100644 index 0000000..039e4d0 --- /dev/null +++ b/unmaintained/ghost/rootfs/etc/s6.d/.s6-svscan/finish @@ -0,0 +1,2 @@ +#!/bin/sh +exit 0 diff --git a/unmaintained/ghost/rootfs/etc/s6.d/ghost/run b/unmaintained/ghost/rootfs/etc/s6.d/ghost/run new file mode 100644 index 0000000..d24cf26 --- /dev/null +++ b/unmaintained/ghost/rootfs/etc/s6.d/ghost/run @@ -0,0 +1,5 @@ +#!/bin/sh +cd /ghost +NODE_ENV=development node_modules/.bin/knex-migrator init +NODE_ENV=development node_modules/.bin/knex-migrator migrate +exec npm start diff --git a/unmaintained/ghost/rootfs/usr/local/bin/run.sh b/unmaintained/ghost/rootfs/usr/local/bin/run.sh new file mode 100644 index 0000000..a6d86ea --- /dev/null +++ b/unmaintained/ghost/rootfs/usr/local/bin/run.sh @@ -0,0 +1,47 @@ +#!/bin/bash +echo +echo ">>> wonderfall/ghost container <<<" +echo + +echo "> Initializing content folder..." +cd content +mkdir apps data images themes logs adapters &>/dev/null +rm -rf /ghost/content/themes/casper &>/dev/null +cp -r /ghost/casper themes/casper &>/dev/null +cd /ghost + +if [ ! -f /ghost/content/ghost.conf ]; then + echo + echo "INFO : No configuration file was provided, an example will be used" + echo " You can access and modify it in the volume you mounted" + echo " Restart in order to apply your changes!" + echo + mv /usr/local/etc/ghost.example.conf /ghost/content/ghost.conf +fi + +if [ ! -f /ghost/config.production.json ]; then + ln -s content/ghost.conf config.production.json +fi + +echo "> Applying preferences..." + +sed -i -e "s|https://my-ghost-blog.com|${ADDRESS}|g" /ghost/content/ghost.conf + +if [ "$ENABLE_ISSO" == "True" ] && ! grep -q 'isso' /ghost/content/themes/casper/post.hbs; then + cd /usr/local/etc + sed -i -e "/\/author/r isso.conf" /ghost/content/themes/casper/post.hbs + sed -i -e '/isso-thread/{n;d}' /ghost/content/themes/casper/post.hbs + sed -i -e "s//$ISSO_HOST/g" \ + -e "s//$ISSO_AVATAR/g" \ + -e "s//$ISSO_VOTE/g" /ghost/content/themes/casper/post.hbs +fi + +echo "> Updating permissions..." +chown -R ${UID}:${GID} /ghost /etc/s6.d + +echo "> Executing process..." +if [ '$@' == '' ]; then + exec su-exec ${UID}:${GID} /bin/s6-svscan /etc/s6.d +else + exec su-exec ${UID}:${GID} "$@" +fi diff --git a/unmaintained/ghost/rootfs/usr/local/etc/disqus.conf b/unmaintained/ghost/rootfs/usr/local/etc/disqus.conf new file mode 100644 index 0000000..9b20532 --- /dev/null +++ b/unmaintained/ghost/rootfs/usr/local/etc/disqus.conf @@ -0,0 +1,16 @@ + +
+ + +comments powered by Disqus + diff --git a/unmaintained/ghost/rootfs/usr/local/etc/ghost.example.conf b/unmaintained/ghost/rootfs/usr/local/etc/ghost.example.conf new file mode 100644 index 0000000..2b01024 --- /dev/null +++ b/unmaintained/ghost/rootfs/usr/local/etc/ghost.example.conf @@ -0,0 +1,21 @@ +{ + "url": "https://my-ghost-blog.com", + + "server": { + "host": "0.0.0.0", + "port": "2368" + }, + + "database": { + "client": "sqlite3", + "connection": { + "filename": "content/data/ghost-dev.db" + }, + "useNullAsDefault": true, + "debug": false + }, + + "mail": { + "transport": "Direct" + } +} diff --git a/unmaintained/ghost/rootfs/usr/local/etc/isso.conf b/unmaintained/ghost/rootfs/usr/local/etc/isso.conf new file mode 100644 index 0000000..4287ebc --- /dev/null +++ b/unmaintained/ghost/rootfs/usr/local/etc/isso.conf @@ -0,0 +1,7 @@ + + + +
diff --git a/unmaintained/kippo-graph/Dockerfile b/unmaintained/kippo-graph/Dockerfile new file mode 100644 index 0000000..70443d0 --- /dev/null +++ b/unmaintained/kippo-graph/Dockerfile @@ -0,0 +1,47 @@ +FROM alpine:edge + +ENV GID=991 UID=991 + +RUN echo "@testing https://nl.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories \ + && BUILD_DEPS="tar libressl ca-certificates" \ + && apk -U upgrade && apk add \ + $BUILD_DEPS \ + nginx \ + s6 \ + su-exec \ + coreutils \ + bind-tools \ + php7-fpm@testing \ + php7-mysqlnd@testing \ + php7-pdo@testing \ + php7-pdo_mysql@testing \ + php7-openssl@testing \ + php7-gd@testing \ + php7-curl@testing \ + php7-phar@testing \ + php7-dom@testing \ + && mkdir kippo-graph && cd kippo-graph \ + && wget -qO- https://github.com/ikoniaris/kippo-graph/archive/master.tar.gz | tar xz --strip 1 \ + && chmod 777 generated-graphs \ + && mv config.php.dist config.php \ + && rm /kippo-graph/include/maxmind/GeoLite2-City.mmdb /kippo-graph/include/maxmind/geoip2.phar \ + && wget -q https://geolite.maxmind.com/download/geoip/database/GeoLite2-City.mmdb.gz -P /kippo-graph/include/maxmind \ + && gzip -d /kippo-graph/include/maxmind/GeoLite2-City.mmdb.gz \ + && wget -q https://github.com/maxmind/GeoIP2-php/releases/download/v2.4.5/geoip2.phar -P /kippo-graph/include/maxmind \ + && apk del $BUILD_DEPS \ + && rm -f /var/cache/apk/* + +COPY nginx.conf /etc/nginx/nginx.conf +COPY php-fpm.conf /etc/php7/php-fpm.conf +COPY run.sh /usr/local/bin/run.sh +COPY s6.d /etc/s6.d + +RUN chmod +x /usr/local/bin/run.sh /etc/s6.d/*/* /etc/s6.d/.s6-svscan/* + +VOLUME /kippo-graph/generated-graphs + +EXPOSE 8888 + +LABEL maintainer="Wonderfall " + +CMD ["run.sh"] diff --git a/unmaintained/kippo-graph/README.md b/unmaintained/kippo-graph/README.md new file mode 100644 index 0000000..2689b46 --- /dev/null +++ b/unmaintained/kippo-graph/README.md @@ -0,0 +1,29 @@ +### wonderfall/kippo-graph + +![kippo-graph](https://github.com/ikoniaris/kippo-graph/blob/master/images/kippo-graph-img.png) + +#### What is this? +Kippo-Graph is a full featured script to visualize statistics for a Kippo based SSH honeypot. + +#### Environment variables +- **UID** *(default : 991)* +- **GID** *(default : 991)* + +#### How to configure +You should provide your own configuration file from this base : https://github.com/ikoniaris/kippo-graph/blob/master/config.php.dist +You can mount this single file to your Docker container. + +#### Docker compose (example) +``` +kippo-graph: + image: wonderfall/kippo-graph + links: + - cowrie-db:cowrie-db + volumes: + - /mnt/kippo-graph/config.php:/kippo-graph/config.php + - /mnt/cowrie/log:/opt/cowrie/log + environment: + - GID=991 + - UID=991 +``` + diff --git a/unmaintained/kippo-graph/nginx.conf b/unmaintained/kippo-graph/nginx.conf new file mode 100644 index 0000000..100f66a --- /dev/null +++ b/unmaintained/kippo-graph/nginx.conf @@ -0,0 +1,84 @@ +worker_processes auto; +pid /tmp/nginx.pid; +daemon off; + +events { + worker_connections 1024; + use epoll; +} + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + + access_log off; + error_log /tmp/ngx_error.log error; + + sendfile on; + keepalive_timeout 15; + keepalive_disable msie6; + keepalive_requests 100; + tcp_nopush on; + tcp_nodelay on; + server_tokens off; + + fastcgi_temp_path /tmp/fastcgi 1 2; + client_body_temp_path /tmp/client_body 1 2; + proxy_temp_path /tmp/proxy 1 2; + uwsgi_temp_path /tmp/uwsgi 1 2; + scgi_temp_path /tmp/scgi 1 2; + + gzip on; + gzip_comp_level 5; + gzip_min_length 512; + gzip_buffers 4 8k; + gzip_proxied any; + gzip_vary on; + gzip_disable "msie6"; + gzip_types + text/css + text/javascript + text/xml + text/plain + text/x-component + application/javascript + application/x-javascript + application/json + application/xml + application/rss+xml + application/vnd.ms-fontobject + font/truetype + font/opentype + image/svg+xml; + + server { + listen 8888; + root /kippo-graph; + index index.php index.html; + + location ~ ^/(data|cfg|tmp) { + deny all; + } + + location ~* /(.*)\.(?:markdown|md|twig|yaml|yml|ht|htaccess|ini)$ { + deny all; + } + + location ~ /\. { + deny all; + } + + location / { + try_files $uri $uri/ /index.php; + } + + location ~ \.php$ { + fastcgi_index index.php; + fastcgi_pass unix:/tmp/php-fpm.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + } + +} diff --git a/unmaintained/kippo-graph/php-fpm.conf b/unmaintained/kippo-graph/php-fpm.conf new file mode 100644 index 0000000..f636044 --- /dev/null +++ b/unmaintained/kippo-graph/php-fpm.conf @@ -0,0 +1,11 @@ +[global] +daemonize = no + +[www] +listen = /tmp/php-fpm.sock +pm = dynamic +pm.max_children = 5 +pm.start_servers = 2 +pm.min_spare_servers = 1 +pm.max_spare_servers = 3 +chdir = / diff --git a/unmaintained/kippo-graph/run.sh b/unmaintained/kippo-graph/run.sh new file mode 100644 index 0000000..97e5f9a --- /dev/null +++ b/unmaintained/kippo-graph/run.sh @@ -0,0 +1,3 @@ +#!/bin/sh +chown -R $UID:$GID /kippo-graph /etc/nginx /etc/php7 /var/log /var/lib/nginx /tmp /etc/s6.d +exec su-exec $UID:$GID /bin/s6-svscan /etc/s6.d diff --git a/unmaintained/kippo-graph/s6.d/.s6-svscan/finish b/unmaintained/kippo-graph/s6.d/.s6-svscan/finish new file mode 100644 index 0000000..c52d3c2 --- /dev/null +++ b/unmaintained/kippo-graph/s6.d/.s6-svscan/finish @@ -0,0 +1,3 @@ +#!/bin/sh + +exit 0 diff --git a/unmaintained/kippo-graph/s6.d/nginx/run b/unmaintained/kippo-graph/s6.d/nginx/run new file mode 100644 index 0000000..eaf8049 --- /dev/null +++ b/unmaintained/kippo-graph/s6.d/nginx/run @@ -0,0 +1,2 @@ +#!/bin/sh +exec nginx diff --git a/unmaintained/kippo-graph/s6.d/php/run b/unmaintained/kippo-graph/s6.d/php/run new file mode 100644 index 0000000..e238021 --- /dev/null +++ b/unmaintained/kippo-graph/s6.d/php/run @@ -0,0 +1,2 @@ +#!/bin/sh +exec php-fpm7 diff --git a/unmaintained/mediawiki/Dockerfile b/unmaintained/mediawiki/Dockerfile new file mode 100644 index 0000000..b563e16 --- /dev/null +++ b/unmaintained/mediawiki/Dockerfile @@ -0,0 +1,38 @@ +FROM wonderfall/nginx-php:7.1 + +ARG MEDIAWIKI_VER=1.29 +ARG SUB_VERSION=1 + +ENV UID=991 GID=991 \ + UPLOAD_MAX_SIZE=10M \ + MEMORY_LIMIT=128M + +RUN apk -U add \ + tar \ + libressl \ + ca-certificates \ + git \ + lua \ + coreutils \ + diffutils \ + build-base \ + autoconf \ + && pecl install apcu \ + && mkdir mediawiki && cd mediawiki \ + && wget -qO- https://releases.wikimedia.org/mediawiki/${MEDIAWIKI_VER}/mediawiki-${MEDIAWIKI_VER}.${SUB_VERSION}.tar.gz | tar xz --strip 1 \ + && apk del build-base autoconf \ + && rm -rf /var/cache/apk/* + +COPY rootfs / + +RUN chmod +x /usr/local/bin/run.sh /etc/s6.d/*/* /etc/s6.d/.s6-svscan/* + +VOLUME /config /skins /extensions /mediawiki/images /php/session + +EXPOSE 8888 + +LABEL maintainer="Wonderfall " \ + description="MediaWiki is a free software open source wiki package written in PHP" \ + version="MediaWiki ${MEDIAWIKI_VER}.${SUB_VERSION}" + +CMD ["run.sh"] diff --git a/unmaintained/mediawiki/README.md b/unmaintained/mediawiki/README.md new file mode 100644 index 0000000..c6b64cd --- /dev/null +++ b/unmaintained/mediawiki/README.md @@ -0,0 +1,69 @@ +## wonderfall/mediawiki + +Host your own Wiki! + +#### Features +- Based on Alpine Linux (wonderfall/nginx-php image) +- Bundled with nginx and PHP7.1. + +#### Build-time variables +- **MEDIAWIKI_VER** : Mediawiki version +- **SUB_VERSION** : Mediawiki subversion + +#### Environment variables +- **UID** : privatebin user id +- **GID** : privatebin group id +- **MEMORY_LIMIT** : php memorny limit *(default : 128M)* +- **UPLOAD_MAX_SIZE** : maximum upload size *(default : 10M)* + +#### Volumes +- /mediawiki/images +- /extensions +- /skins +- /config +- /mediawiki/custom + +#### Ports +- **8888** [(reverse proxy!)](https://github.com/hardware/mailserver/wiki/Reverse-proxy-configuration) + +#### docker-compose.yml sample + +``` +mywiki: + image: wonderfall/mediawiki + container_name: mywiki + links: + - mywiki-db:mywiki-db + - mywiki-parsoid:mywiki-parsoid + environment: + - UPLOAD_MAX_SIZE=20M + - MEMORY_LIMIT=512M + - UID=1668 + - GID=1668 + volumes: + - /mnt/mywiki/images:/mediawiki/images + - /mnt/mywiki/extensions:/extensions + - /mnt/mywiki/skins:/skins + - /mnt/mywiki/config:/config + - /mnt/mywiki/custom:/mediawiki/custom + +mywiki-db: + image: mariadb:10.1 + container_name: mywiki-db + volumes: + - /mnt/mywiki/db:/var/lib/mysql + environment: + - MYSQL_ROOT_PASSWORD=supersecret + - MYSQL_DATABASE=mywiki + - MYSQL_USER=mywiki + - MYSQL_PASSWORD=supersecret + +mywiki-parsoid: + image: wonderfall/parsoid + container_name: mywiki-parsoid + environment: + - UID=1669 + - GID=1669 + - ADDRESS=https://wiki.domain.com/ + - DOMAIN=mywiki-parsoid +``` diff --git a/unmaintained/mediawiki/rootfs/nginx/sites-enabled/nginx.conf b/unmaintained/mediawiki/rootfs/nginx/sites-enabled/nginx.conf new file mode 100644 index 0000000..7db4b77 --- /dev/null +++ b/unmaintained/mediawiki/rootfs/nginx/sites-enabled/nginx.conf @@ -0,0 +1,43 @@ +server { + listen 8888; + root /mediawiki; + index index.php index.html; + + client_body_timeout 60; + + location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ { + try_files $uri /index.php; + expires max; + log_not_found off; + } + + location ^~ /cache/ { + deny all; + } + + location /dumps { + root /mediawiki/local; + } + + location / { + try_files $uri $uri/ @rewrite; + } + + location @rewrite { + rewrite ^/(.*)$ /index.php; + } + + location ^~ /maintenance/ { + return 403; + } + + location ^~ /images/ {} + + location ~ \.php$ { + fastcgi_index index.php; + fastcgi_pass unix:/php/run/php-fpm.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /nginx/conf/fastcgi_params; + try_files $uri @rewrite; + } +} diff --git a/unmaintained/mediawiki/rootfs/php/conf.d/apcu.ini b/unmaintained/mediawiki/rootfs/php/conf.d/apcu.ini new file mode 100644 index 0000000..1bf9b49 --- /dev/null +++ b/unmaintained/mediawiki/rootfs/php/conf.d/apcu.ini @@ -0,0 +1,4 @@ +extension=apcu.so +apc.enabled=1 +apc.shm_size= +apc.ttl=7200 diff --git a/unmaintained/mediawiki/rootfs/usr/local/bin/run.sh b/unmaintained/mediawiki/rootfs/usr/local/bin/run.sh new file mode 100644 index 0000000..4755696 --- /dev/null +++ b/unmaintained/mediawiki/rootfs/usr/local/bin/run.sh @@ -0,0 +1,15 @@ +#!/bin/sh +sed -i -e "s//$UPLOAD_MAX_SIZE/g" /nginx/conf/nginx.conf /php/etc/php-fpm.conf \ + -e "s//$MEMORY_LIMIT/g" /php/etc/php-fpm.conf \ + -e "s//$APC_SHM_SIZE/g" /php/conf.d/apcu.ini + +chown -R $UID:$GID /mediawiki /nginx /php /tmp /etc/s6.d + +if [ -f /config/LocalSettings.php ] && [ ! -f /mediawiki/LocalSettings.php ]; then + ln -s /config/LocalSettings.php /mediawiki/LocalSettings.php +fi + +cp -r /skins/* /mediawiki/skins/ +cp -r /extensions/* /mediawiki/extensions/ + +exec su-exec $UID:$GID /bin/s6-svscan /etc/s6.d diff --git a/unmaintained/parsoid/Dockerfile b/unmaintained/parsoid/Dockerfile new file mode 100644 index 0000000..4efa7b4 --- /dev/null +++ b/unmaintained/parsoid/Dockerfile @@ -0,0 +1,28 @@ +FROM alpine:3.6 + +ENV NODE_ENV=production \ + GID=991 UID=991 \ + INTERFACE=0.0.0.0 \ + PORT=8000 \ + ADDRESS=http://localhost/w/ \ + DOMAIN=localhost + +RUN apk -U --no-cache add \ + ca-certificates \ + libressl \ + nodejs-current \ + nodejs-current-npm \ + s6 \ + git \ + su-exec \ + && git clone https://gerrit.wikimedia.org/r/p/mediawiki/services/parsoid --depth=1 \ + && cd parsoid && npm install + +COPY rootfs / + +RUN chmod +x /usr/local/bin/* /etc/s6.d/*/* /etc/s6.d/.s6-svscan/* + +EXPOSE 8000 + +ENTRYPOINT ["run.sh"] +CMD ["/bin/s6-svscan", "/etc/s6.d"] diff --git a/unmaintained/parsoid/README.md b/unmaintained/parsoid/README.md new file mode 100644 index 0000000..930b942 --- /dev/null +++ b/unmaintained/parsoid/README.md @@ -0,0 +1,28 @@ +## wonderfall/parsoid + +#### What is this? What features? +- A **simple** Parsoid image. +- Based on Alpine Linux so it's lightweight! +- Bundled with latest node.js available (version check is disabled). + +#### Build-time variables +- **VERSION** : version of Ghost. + +#### Environment variables +- **GID** : ghost user id *(default : 991)* +- **UID** : ghost group id *(default : 991)* +- **ADDRESS** : your address *(default : http://localhost/w/)* +- **DOMAIN** : name of the container *(default : localhost)* + +### docker-compose.yml sample + +``` +mywiki-parsoid: + image: wonderfall/parsoid + container_name: mywiki-parsoid + environment: + - UID=1669 + - GID=1669 + - ADDRESS=https://wiki.domain.com/ + - DOMAIN=mywiki-parsoid +``` diff --git a/unmaintained/parsoid/rootfs/etc/s6.d/.s6-svscan/finish b/unmaintained/parsoid/rootfs/etc/s6.d/.s6-svscan/finish new file mode 100644 index 0000000..039e4d0 --- /dev/null +++ b/unmaintained/parsoid/rootfs/etc/s6.d/.s6-svscan/finish @@ -0,0 +1,2 @@ +#!/bin/sh +exit 0 diff --git a/unmaintained/parsoid/rootfs/etc/s6.d/parsoid/run b/unmaintained/parsoid/rootfs/etc/s6.d/parsoid/run new file mode 100644 index 0000000..edf729d --- /dev/null +++ b/unmaintained/parsoid/rootfs/etc/s6.d/parsoid/run @@ -0,0 +1,3 @@ +#!/bin/sh +cd /parsoid +exec node bin/server.js diff --git a/unmaintained/parsoid/rootfs/usr/local/bin/run.sh b/unmaintained/parsoid/rootfs/usr/local/bin/run.sh new file mode 100644 index 0000000..8806971 --- /dev/null +++ b/unmaintained/parsoid/rootfs/usr/local/bin/run.sh @@ -0,0 +1,19 @@ +#!/bin/sh +echo +echo ">>> wonderfall/parsoid container <<<" +echo + +cd /parsoid +cp config.example.yaml config.yaml +sed -i "s|http://localhost/w/|$ADDRESS|g" config.yaml +sed -i "s|domain: 'localhost'|domain: '$DOMAIN'|g" config.yaml + +echo "> Updating permissions..." +chown -R ${UID}:${GID} /parsoid /etc/s6.d + +echo "> Executing process..." +if [ '$@' == '' ]; then + exec su-exec ${UID}:${GID} /bin/s6-svscan /etc/s6.d +else + exec su-exec ${UID}:${GID} "$@" +fi diff --git a/unmaintained/parsoid/rootfs/usr/local/etc/disqus.conf b/unmaintained/parsoid/rootfs/usr/local/etc/disqus.conf new file mode 100644 index 0000000..9b20532 --- /dev/null +++ b/unmaintained/parsoid/rootfs/usr/local/etc/disqus.conf @@ -0,0 +1,16 @@ + +
+ + +comments powered by Disqus + diff --git a/unmaintained/parsoid/rootfs/usr/local/etc/ghost.example.conf b/unmaintained/parsoid/rootfs/usr/local/etc/ghost.example.conf new file mode 100644 index 0000000..2b01024 --- /dev/null +++ b/unmaintained/parsoid/rootfs/usr/local/etc/ghost.example.conf @@ -0,0 +1,21 @@ +{ + "url": "https://my-ghost-blog.com", + + "server": { + "host": "0.0.0.0", + "port": "2368" + }, + + "database": { + "client": "sqlite3", + "connection": { + "filename": "content/data/ghost-dev.db" + }, + "useNullAsDefault": true, + "debug": false + }, + + "mail": { + "transport": "Direct" + } +} diff --git a/unmaintained/parsoid/rootfs/usr/local/etc/isso.conf b/unmaintained/parsoid/rootfs/usr/local/etc/isso.conf new file mode 100644 index 0000000..4287ebc --- /dev/null +++ b/unmaintained/parsoid/rootfs/usr/local/etc/isso.conf @@ -0,0 +1,7 @@ + + + +
diff --git a/unmaintained/pgbouncer/Dockerfile b/unmaintained/pgbouncer/Dockerfile new file mode 100644 index 0000000..ee04597 --- /dev/null +++ b/unmaintained/pgbouncer/Dockerfile @@ -0,0 +1,16 @@ +FROM alpine:3.6 + +ENV UID=991 GID=991 + +RUN apk -U --no-cache add \ + pgbouncer \ + tini \ + su-exec + +COPY run.sh /usr/local/bin/run.sh + +RUN chmod +x /usr/local/bin/run.sh + +VOLUME /etc/pgbouncer + +CMD ["run.sh"] diff --git a/unmaintained/pgbouncer/README.md b/unmaintained/pgbouncer/README.md new file mode 100644 index 0000000..76e3be0 --- /dev/null +++ b/unmaintained/pgbouncer/README.md @@ -0,0 +1,10 @@ +## wonderfall/pgbouncer + +Minimal image for [PgBouncer](https://pgbouncer.github.io/). + +### Volumes +- /etc/pgbouncer + +### Environment variables +- **GID** : user id *(default : 991)* +- **UID** : group id *(default : 991)* diff --git a/unmaintained/pgbouncer/run.sh b/unmaintained/pgbouncer/run.sh new file mode 100644 index 0000000..86eaa2d --- /dev/null +++ b/unmaintained/pgbouncer/run.sh @@ -0,0 +1,4 @@ +#!/bin/sh +mkdir /run/pgbouncer +chown -R $UID:$GID /etc/pgbouncer /var/log/pgbouncer /run/pgbouncer +exec su-exec $UID:$GID /sbin/tini -- pgbouncer /etc/pgbouncer/pgbouncer.ini