install.fairie/dotfiles/.local/dockerfunc.sh

1313 lines
30 KiB
Bash

#!/usr/bin/env bash
# Bash wrappers for docker run commands
# Source: https://github.com/jessfraz/dotfiles/blob/master/.dockerfunc
export DOCKER_REPO_PREFIX=jess
#
# Helper Functions
#
dcleanup(){
local containers
mapfile -t containers < <(docker ps -aq 2>/dev/null)
docker rm "${containers[@]}" 2>/dev/null
local volumes
mapfile -t volumes < <(docker ps --filter status=exited -q 2>/dev/null)
docker rm -v "${volumes[@]}" 2>/dev/null
local images
mapfile -t images < <(docker images --filter dangling=true -q 2>/dev/null)
docker rmi "${images[@]}" 2>/dev/null
}
del_stopped(){
local name=$1
local state
state=$(docker inspect --format "{{.State.Running}}" "$name" 2>/dev/null)
if [[ "$state" == "false" ]]; then
docker rm "$name"
fi
}
rmctr(){
# shellcheck disable=SC2068
docker rm -f $@ 2>/dev/null || true
}
relies_on(){
for container in "$@"; do
local state
state=$(docker inspect --format "{{.State.Running}}" "$container" 2>/dev/null)
if [[ "$state" == "false" ]] || [[ "$state" == "" ]]; then
echo "$container is not running, starting it for you."
$container
fi
done
}
# creates an nginx config for a local route
nginx_config(){
server=$1
route=$2
cat >"${HOME}/.nginx/conf.d/${server}.conf" <<-EOF
upstream ${server} { server ${route}; }
server {
server_name ${server};
location / {
proxy_pass http://${server};
proxy_http_version 1.1;
proxy_set_header Upgrade \$http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host \$http_host;
proxy_set_header X-Forwarded-Proto \$scheme;
proxy_set_header X-Forwarded-For \$remote_addr;
proxy_set_header X-Forwarded-Port \$server_port;
proxy_set_header X-Request-Start \$msec;
}
}
EOF
# restart nginx
docker restart nginx
# add host to /etc/hosts
hostess add "$server" 127.0.0.1
# open browser
browser-exec "http://${server}"
}
#
# Container Aliases
#
apt_file(){
docker run --rm -it \
--name apt-file \
${DOCKER_REPO_PREFIX}/apt-file
}
alias apt-file="apt_file"
audacity(){
del_stopped audacity
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
-e QT_DEVICE_PIXEL_RATIO \
--device /dev/snd \
--group-add audio \
--name audacity \
${DOCKER_REPO_PREFIX}/audacity
}
aws(){
docker run -it --rm \
-v "${HOME}/.aws:/root/.aws" \
--log-driver none \
--name aws \
${DOCKER_REPO_PREFIX}/awscli "$@"
}
az(){
docker run -it --rm \
-v "${HOME}/.azure:/root/.azure" \
--log-driver none \
${DOCKER_REPO_PREFIX}/azure-cli "$@"
}
bees(){
docker run -it --rm \
-e NOTARY_TOKEN \
-v "${HOME}/.bees:/root/.bees" \
-v "${HOME}/.boto:/root/.boto" \
-v "${HOME}/.dev:/root/.ssh:ro" \
--log-driver none \
--name bees \
${DOCKER_REPO_PREFIX}/beeswithmachineguns "$@"
}
cadvisor(){
docker run -d \
--restart always \
-v /:/rootfs:ro \
-v /var/run:/var/run:rw \
-v /sys:/sys:ro \
-v /var/lib/docker/:/var/lib/docker:ro \
-p 1234:8080 \
--name cadvisor \
google/cadvisor
hostess add cadvisor "$(docker inspect --format '{{.NetworkSettings.Networks.bridge.IPAddress}}' cadvisor)"
browser-exec "http://cadvisor:8080"
}
cheese(){
del_stopped cheese
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
-v "${HOME}/Pictures:/root/Pictures" \
--device /dev/video0 \
--device /dev/snd \
--device /dev/dri \
--name cheese \
${DOCKER_REPO_PREFIX}/cheese
}
chrome(){
# add flags for proxy if passed
local proxy=
local map
local args=$*
if [[ "$1" == "tor" ]]; then
relies_on torproxy
map="MAP * ~NOTFOUND , EXCLUDE torproxy"
proxy="socks5://torproxy:9050"
args="https://check.torproject.org/api/ip ${*:2}"
fi
del_stopped chrome
# one day remove /etc/hosts bind mount when effing
# overlay support inotify, such bullshit
docker run -d \
--memory 3gb \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
-v "${HOME}/Downloads:/root/Downloads" \
-v "${HOME}/Pictures:/root/Pictures" \
-v "${HOME}/Torrents:/root/Torrents" \
-v "${HOME}/.chrome:/data" \
-v /dev/shm:/dev/shm \
-v /etc/hosts:/etc/hosts \
--security-opt seccomp:/etc/docker/seccomp/chrome.json \
--device /dev/snd \
--device /dev/dri \
--device /dev/video0 \
--device /dev/usb \
--device /dev/bus/usb \
--group-add audio \
--group-add video \
--name chrome \
${DOCKER_REPO_PREFIX}/chrome --user-data-dir=/data \
--proxy-server="$proxy" \
--host-resolver-rules="$map" "$args"
}
consul(){
if [[ -n "$(which consul)" ]]; then
"$(which consul)" "$@"
else
del_stopped consul
# check if we passed args and if consul is running
local state
state=$(docker inspect --format "{{.State.Running}}" consul 2>/dev/null)
if [[ "$state" == "true" ]] && [[ "$*" != "" ]]; then
docker exec -it consul consul "$@"
return 0
fi
docker run -d \
--restart always \
-v "${HOME}/.consul:/etc/consul.d" \
-v /var/run/docker.sock:/var/run/docker.sock \
--net host \
-e GOMAXPROCS=2 \
--name consul \
${DOCKER_REPO_PREFIX}/consul agent \
-bootstrap-expect 1 \
-config-dir /etc/consul.d \
-data-dir /data \
-encrypt "$(docker run --rm ${DOCKER_REPO_PREFIX}/consul keygen)" \
-ui-dir /usr/src/consul \
-server \
-dc neverland \
-bind 0.0.0.0
hostess add consul "$(docker inspect --format '{{.NetworkSettings.Networks.bridge.IPAddress}}' consul)"
browser-exec "http://consul:8500"
fi
}
cura(){
del_stopped cura
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
-v "${HOME}/cura:/root/cura" \
-v "${HOME}/.cache/cura:/root/.cache/cura" \
-v "${HOME}/.config/cura:/root/.config/cura" \
-e QT_DEVICE_PIXEL_RATIO \
-e GDK_SCALE \
-e GDK_DPI_SCALE \
--device /dev/dri \
--name cura \
${DOCKER_REPO_PREFIX}/cura
}
dcos(){
docker run -it --rm \
-v "${HOME}/.dcos:/root/.dcos" \
-v "$(pwd):/root/apps" \
-w /root/apps \
${DOCKER_REPO_PREFIX}/dcos-cli "$@"
}
figma() {
del_stopped figma
docker run --rm -it \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
--name figma \
${DOCKER_REPO_PREFIX}/figma-wine bash
}
firefox(){
del_stopped firefox
docker run -d \
--memory 2gb \
--net host \
--cpuset-cpus 0 \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-v "${HOME}/.firefox/cache:/root/.cache/mozilla" \
-v "${HOME}/.firefox/mozilla:/root/.mozilla" \
-v "${HOME}/Downloads:/root/Downloads" \
-v "${HOME}/Pictures:/root/Pictures" \
-v "${HOME}/Torrents:/root/Torrents" \
-e "DISPLAY=unix${DISPLAY}" \
-e GDK_SCALE \
-e GDK_DPI_SCALE \
--device /dev/snd \
--device /dev/dri \
--name firefox \
${DOCKER_REPO_PREFIX}/firefox "$@"
# exit current shell
exit 0
}
fleetctl(){
docker run --rm -it \
--entrypoint fleetctl \
-v "${HOME}/.fleet://.fleet" \
r.j3ss.co/fleet "$@"
}
gcalcli(){
docker run --rm -it \
-v /etc/localtime:/etc/localtime:ro \
-v "${HOME}/.gcalcli/home:/home/gcalcli/home" \
-v "${HOME}/.gcalcli/work/oauth:/home/gcalcli/.gcalcli_oauth" \
-v "${HOME}/.gcalcli/work/gcalclirc:/home/gcalcli/.gcalclirc" \
--name gcalcli \
${DOCKER_REPO_PREFIX}/gcalcli "$@"
}
dgcloud(){
docker run --rm -it \
-v "${HOME}/.gcloud:/root/.config/gcloud" \
-v "${HOME}/.ssh:/root/.ssh:ro" \
-v "$(command -v docker):/usr/bin/docker" \
-v /var/run/docker.sock:/var/run/docker.sock \
--name gcloud \
${DOCKER_REPO_PREFIX}/gcloud "$@"
}
gimp(){
del_stopped gimp
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
-v "${HOME}/Pictures:/root/Pictures" \
-v "${HOME}/.gtkrc:/root/.gtkrc" \
-e GDK_SCALE \
-e GDK_DPI_SCALE \
--name gimp \
${DOCKER_REPO_PREFIX}/gimp
}
gitsome(){
docker run --rm -it \
-v /etc/localtime:/etc/localtime:ro \
--name gitsome \
--hostname gitsome \
-v "${HOME}/.gitsomeconfig:/home/anon/.gitsomeconfig" \
-v "${HOME}/.gitsomeconfigurl:/home/anon/.gitsomeconfigurl" \
${DOCKER_REPO_PREFIX}/gitsome
}
hollywood(){
docker run --rm -it \
--name hollywood \
${DOCKER_REPO_PREFIX}/hollywood
}
htop(){
if [[ -n "$(which htop)" ]]; then
"$(which htop)" "$@"
else
docker run --rm -it \
--pid host \
--net none \
--name htop \
${DOCKER_REPO_PREFIX}/htop
fi
}
htpasswd(){
docker run --rm -it \
--net none \
--name htpasswd \
--log-driver none \
${DOCKER_REPO_PREFIX}/htpasswd "$@"
}
http(){
docker run -t --rm \
-v /var/run/docker.sock:/var/run/docker.sock \
--log-driver none \
${DOCKER_REPO_PREFIX}/httpie "$@"
}
imagemin(){
local image=$1
local extension="${image##*.}"
local filename="${image%.*}"
docker run --rm -it \
-v /etc/localtime:/etc/localtime:ro \
-v "${HOME}/Pictures:/root/Pictures" \
${DOCKER_REPO_PREFIX}/imagemin sh -c "imagemin /root/Pictures/${image} > /root/Pictures/${filename}_min.${extension}"
}
irssi() {
del_stopped irssi
# relies_on notify_osd
docker run --rm -it \
--user root \
-v "${HOME}/.irssi:/home/user/.irssi" \
${DOCKER_REPO_PREFIX}/irssi \
chown -R user /home/user/.irssi
docker run --rm -it \
-v /etc/localtime:/etc/localtime:ro \
-v "${HOME}/.irssi:/home/user/.irssi" \
--read-only \
--name irssi \
${DOCKER_REPO_PREFIX}/irssi
}
john(){
local file
file=$(realpath "$1")
docker run --rm -it \
-v "${file}:/root/$(basename "${file}")" \
${DOCKER_REPO_PREFIX}/john "$@"
}
kernel_builder(){
docker run --rm -it \
-v /usr/src:/usr/src \
-v /lib/modules:/lib/modules \
-v /boot:/boot \
--name kernel-builder \
${DOCKER_REPO_PREFIX}/kernel-builder
}
keypassxc(){
del_stopped keypassxc
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-v /usr/share/X11/xkb:/usr/share/X11/xkb:ro \
-e "DISPLAY=unix${DISPLAY}" \
-v /etc/machine-id:/etc/machine-id:ro \
--name keypassxc \
${DOCKER_REPO_PREFIX}/keepassxc
}
kicad(){
del_stopped kicad
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
-v "${HOME}/kicad:/root/kicad" \
-v "${HOME}/.cache/kicad:/root/.cache/kicad" \
-v "${HOME}/.config/kicad:/root/.config/kicad" \
-e QT_DEVICE_PIXEL_RATIO \
-e GDK_SCALE \
-e GDK_DPI_SCALE \
--device /dev/dri \
--name kicad \
${DOCKER_REPO_PREFIX}/kicad
}
kvm(){
del_stopped kvm
relies_on pulseaudio
# modprobe the module
modprobe kvm
docker run -d \
--tmpfs /var/run \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-v "${HOME}/kvm:/root/kvm" \
-e "DISPLAY=unix${DISPLAY}" \
-e GDK_SCALE \
-e GDK_DPI_SCALE \
-e QT_DEVICE_PIXEL_RATIO \
--link pulseaudio:pulseaudio \
-e PULSE_SERVER=pulseaudio \
--group-add audio \
--name kvm \
--privileged \
${DOCKER_REPO_PREFIX}/kvm
}
libreoffice(){
del_stopped libreoffice
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
-v "${HOME}/slides:/root/slides" \
-e GDK_SCALE \
-e GDK_DPI_SCALE \
--name libreoffice \
${DOCKER_REPO_PREFIX}/libreoffice
}
lpass(){
docker run --rm -it \
-v "${HOME}/.lpass:/root/.lpass" \
--name lpass \
${DOCKER_REPO_PREFIX}/lpass "$@"
}
lynx(){
if [[ -n "$(which lynx)" ]]; then
"$(which lynx)" "$@"
else
docker run --rm -it \
--name lynx \
${DOCKER_REPO_PREFIX}/lynx "$@"
fi
}
masscan(){
docker run -it --rm \
--log-driver none \
--net host \
--cap-add NET_ADMIN \
--name masscan \
${DOCKER_REPO_PREFIX}/masscan "$@"
}
mc(){
cwd="$(pwd)"
name="$(basename "$cwd")"
docker run --rm -it \
--log-driver none \
-v "${cwd}:/home/mc/${name}" \
--workdir "/home/mc/${name}" \
${DOCKER_REPO_PREFIX}/mc "$@"
}
mpd(){
del_stopped mpd
# adding cap sys_admin so I can use nfs mount
# the container runs as a unpriviledged user mpd
docker run -d \
--device /dev/snd \
--cap-add SYS_ADMIN \
-e MPD_HOST=/var/lib/mpd/socket \
-v /etc/localtime:/etc/localtime:ro \
-v /etc/exports:/etc/exports:ro \
-v "${HOME}/.mpd:/var/lib/mpd" \
-v "${HOME}/.mpd.conf:/etc/mpd.conf" \
--name mpd \
${DOCKER_REPO_PREFIX}/mpd
}
mutt(){
# subshell so we dont overwrite variables
(
local account=$1
export IMAP_SERVER
export SMTP_SERVER
if [[ "$account" == "riseup" ]]; then
export GMAIL=$MAIL_RISEUP
export GMAIL_NAME=$MAIL_RISEUP_NAME
export GMAIL_PASS=$MAIL_RISEUP_PASS
export GMAIL_FROM=$MAIL_RISEUP_FROM
IMAP_SERVER=mail.riseup.net
SMTP_SERVER=$IMAP_SERVER
fi
docker run -it --rm \
-e GMAIL \
-e GMAIL_NAME \
-e GMAIL_PASS \
-e GMAIL_FROM \
-e GPG_ID \
-e IMAP_SERVER \
-e SMTP_SERVER \
-v "${HOME}/.gnupg:/home/user/.gnupg:ro" \
-v /etc/localtime:/etc/localtime:ro \
--name "mutt-${account}" \
${DOCKER_REPO_PREFIX}/mutt
)
}
ncmpc(){
del_stopped ncmpc
docker run --rm -it \
-v "${HOME}/.mpd/socket:/var/run/mpd/socket" \
-e MPD_HOST=/var/run/mpd/socket \
--name ncmpc \
${DOCKER_REPO_PREFIX}/ncmpc "$@"
}
neoman(){
del_stopped neoman
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
--device /dev/bus/usb \
--device /dev/usb \
--name neoman \
${DOCKER_REPO_PREFIX}/neoman
}
nes(){
del_stopped nes
local game=$1
docker run -d \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
--device /dev/dri \
--device /dev/snd \
--name nes \
${DOCKER_REPO_PREFIX}/nes "/games/${game}.rom"
}
netcat(){
docker run --rm -it \
--net host \
${DOCKER_REPO_PREFIX}/netcat "$@"
}
nginx(){
del_stopped nginx
docker run -d \
--restart always \
-v "${HOME}/.nginx:/etc/nginx" \
--net host \
--name nginx \
nginx
# add domain to hosts & open nginx
sudo hostess add jess 127.0.0.1
}
nmap(){
if [[ -n "$(which nmap)" ]]; then
"$(which nmap)" "$@"
else
docker run --rm -it \
--net host \
${DOCKER_REPO_PREFIX}/nmap "$@"
fi
}
notify_osd(){
del_stopped notify_osd
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
--net none \
-v /etc \
-v /home/user/.dbus \
-v /home/user/.cache/dconf \
-e "DISPLAY=unix${DISPLAY}" \
--name notify_osd \
${DOCKER_REPO_PREFIX}/notify-osd
}
alias notify-send=notify_send
notify_send(){
relies_on notify_osd
local args=${*:2}
docker exec -i notify_osd notify-send "$1" "${args}"
}
now(){
docker run -it --rm \
-v "${HOME}/.now:/root/.now" \
-v "$(pwd):/usr/src/repo:ro" \
--workdir /usr/src/repo \
--log-driver none \
${DOCKER_REPO_PREFIX}/now "$@"
}
openscad(){
del_stopped openscad
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
-v "${HOME}/openscad:/root/openscad" \
-v "${HOME}/.config/OpenSCAD:/root/.config/OpenSCAD" \
-e QT_DEVICE_PIXEL_RATIO \
-e GDK_SCALE \
-e GDK_DPI_SCALE \
--device /dev/dri \
--name openscad \
${DOCKER_REPO_PREFIX}/openscad
}
opensnitch(){
del_stopped opensnitchd
del_stopped opensnitch
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
--net host \
--cap-add NET_ADMIN \
-v /etc/machine-id:/etc/machine-id:ro \
-v /var/run/dbus:/var/run/dbus \
-v /usr/share/dbus-1:/usr/share/dbus-1 \
-v "/var/run/user/$(id -u):/var/run/user/$(id -u)" \
-e DBUS_SESSION_BUS_ADDRESS \
-e XAUTHORITY \
-v "${HOME}/.Xauthority:$HOME/.Xauthority" \
-v /tmp:/tmp \
--name opensnitchd \
${DOCKER_REPO_PREFIX}/opensnitchd
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
-v /usr/share/X11:/usr/share/X11:ro \
-v /usr/share/dbus-1:/usr/share/dbus-1 \
-v /etc/machine-id:/etc/machine-id:ro \
-v /var/run/dbus:/var/run/dbus \
-v "/var/run/user/$(id -u):/var/run/user/$(id -u)" \
-e DBUS_SESSION_BUS_ADDRESS \
-e XAUTHORITY \
-v "${HOME}/.Xauthority:$HOME/.Xauthority" \
-e HOME \
-e QT_DEVICE_PIXEL_RATIO \
-e XDG_RUNTIME_DIR \
-v /etc/passwd:/etc/passwd:ro \
-v /etc/group:/etc/group:ro \
-v /tmp:/tmp \
-u "$(id -u)" -w "$HOME" \
--net host \
--name opensnitch \
${DOCKER_REPO_PREFIX}/opensnitch
}
osquery(){
rmctr osquery
docker run -d --restart always \
-v /etc/localtime:/etc/localtime:ro \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /etc/os-release:/etc/os-release:ro \
--net host \
--ipc host \
--pid host \
-e OSQUERY_ENROLL_SECRET \
--name osquery \
--privileged \
${DOCKER_REPO_PREFIX}/osquery \
--verbose \
--enroll_secret_env=OSQUERY_ENROLL_SECRET \
--docker_socket=/var/run/docker.sock \
--host_identifier=hostname \
--tls_hostname="${OSQUERY_DOMAIN}" \
--enroll_tls_endpoint=/api/v1/osquery/enroll \
--config_plugin=tls \
--config_tls_endpoint=/api/v1/osquery/config \
--config_tls_refresh=10 \
--disable_distributed=false \
--distributed_plugin=tls \
--distributed_interval=10 \
--distributed_tls_max_attempts=3 \
--distributed_tls_read_endpoint=/api/v1/osquery/distributed/read \
--distributed_tls_write_endpoint=/api/v1/osquery/distributed/write \
--logger_plugin=tls \
--logger_tls_endpoint=/api/v1/osquery/log \
--logger_tls_period=10
}
pandoc(){
if [[ -n "$(which pandoc)" ]]; then
"$(which pandoc)" "$@"
else
local file=${*: -1}
local lfile
lfile=$(readlink -m "$(pwd)/${file}")
local rfile
rfile=$(readlink -m "/$(basename "$file")")
local args=${*:1:${#@}-1}
docker run --rm \
-v "${lfile}:${rfile}" \
-v /tmp:/tmp \
--name pandoc \
${DOCKER_REPO_PREFIX}/pandoc "${args}" "${rfile}"
fi
}
pivman(){
del_stopped pivman
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
--device /dev/bus/usb \
--device /dev/usb \
--name pivman \
${DOCKER_REPO_PREFIX}/pivman
}
pms(){
del_stopped pms
docker run --rm -it \
-v "${HOME}/.mpd/socket:/var/run/mpd/socket" \
-e MPD_HOST=/var/run/mpd/socket \
--name pms \
${DOCKER_REPO_PREFIX}/pms "$@"
}
pond(){
del_stopped pond
relies_on torproxy
docker run --rm -it \
--net container:torproxy \
--name pond \
${DOCKER_REPO_PREFIX}/pond
}
privoxy(){
del_stopped privoxy
relies_on torproxy
docker run -d \
--restart always \
--link torproxy:torproxy \
-v /etc/localtime:/etc/localtime:ro \
-p 8118:8118 \
--name privoxy \
${DOCKER_REPO_PREFIX}/privoxy
hostess add privoxy "$(docker inspect --format '{{.NetworkSettings.Networks.bridge.IPAddress}}' privoxy)"
}
pulseaudio(){
del_stopped pulseaudio
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
--device /dev/snd \
-p 4713:4713 \
--restart always \
--group-add audio \
--name pulseaudio \
${DOCKER_REPO_PREFIX}/pulseaudio
}
rainbowstream(){
docker run -it --rm \
-v /etc/localtime:/etc/localtime:ro \
-v "${HOME}/.rainbow_oauth:/root/.rainbow_oauth" \
-v "${HOME}/.rainbow_config.json:/root/.rainbow_config.json" \
--name rainbowstream \
${DOCKER_REPO_PREFIX}/rainbowstream
}
registrator(){
del_stopped registrator
docker run -d --restart always \
-v /var/run/docker.sock:/tmp/docker.sock \
--net host \
--name registrator \
gliderlabs/registrator consul:
}
remmina(){
del_stopped remmina
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
-e GDK_SCALE \
-e GDK_DPI_SCALE \
-v "${HOME}/.remmina:/root/.remmina" \
--name remmina \
--net host \
${DOCKER_REPO_PREFIX}/remmina
}
ricochet(){
del_stopped ricochet
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
-e GDK_SCALE \
-e GDK_DPI_SCALE \
-e QT_DEVICE_PIXEL_RATIO \
--device /dev/dri \
--name ricochet \
${DOCKER_REPO_PREFIX}/ricochet
}
rstudio(){
del_stopped rstudio
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-v "${HOME}/fastly-logs:/root/fastly-logs" \
-v /dev/shm:/dev/shm \
-e "DISPLAY=unix${DISPLAY}" \
-e QT_DEVICE_PIXEL_RATIO \
--device /dev/dri \
--name rstudio \
${DOCKER_REPO_PREFIX}/rstudio
}
s3cmdocker(){
del_stopped s3cmd
docker run --rm -it \
-e AWS_ACCESS_KEY="${DOCKER_AWS_ACCESS_KEY}" \
-e AWS_SECRET_KEY="${DOCKER_AWS_ACCESS_SECRET}" \
-v "$(pwd):/root/s3cmd-workspace" \
--name s3cmd \
${DOCKER_REPO_PREFIX}/s3cmd "$@"
}
scudcloud(){
del_stopped scudcloud
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
-v /etc/machine-id:/etc/machine-id:ro \
-v /var/run/dbus:/var/run/dbus \
-v "/var/run/user/$(id -u):/var/run/user/$(id -u)" \
-e TERM \
-e XAUTHORITY \
-e DBUS_SESSION_BUS_ADDRESS \
-e HOME \
-e QT_DEVICE_PIXEL_RATIO \
-v /etc/passwd:/etc/passwd:ro \
-v /etc/group:/etc/group:ro \
-u "$(whoami)" -w "$HOME" \
-v "${HOME}/.Xauthority:$HOME/.Xauthority" \
-v "${HOME}/.scudcloud:/home/jessie/.config/scudcloud" \
--device /dev/snd \
--name scudcloud \
${DOCKER_REPO_PREFIX}/scudcloud
# exit current shell
exit 0
}
shorewall(){
del_stopped shorewall
docker run --rm -it \
--net host \
--cap-add NET_ADMIN \
--privileged \
--name shorewall \
${DOCKER_REPO_PREFIX}/shorewall "$@"
}
skype(){
del_stopped skype
relies_on pulseaudio
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
--link pulseaudio:pulseaudio \
-e PULSE_SERVER=pulseaudio \
--security-opt seccomp:unconfined \
--device /dev/video0 \
--group-add video \
--group-add audio \
--name skype \
${DOCKER_REPO_PREFIX}/skype
}
slack(){
del_stopped slack
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
--device /dev/snd \
--device /dev/dri \
--device /dev/video0 \
--group-add audio \
--group-add video \
-v "${HOME}/.slack:/root/.config/Slack" \
--ipc="host" \
--name slack \
${DOCKER_REPO_PREFIX}/slack "$@"
}
spotify(){
del_stopped spotify
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
-e QT_DEVICE_PIXEL_RATIO \
--security-opt seccomp:unconfined \
--device /dev/snd \
--device /dev/dri \
--group-add audio \
--group-add video \
--name spotify \
${DOCKER_REPO_PREFIX}/spotify
}
ssh2john(){
local file
file=$(realpath "$1")
docker run --rm -it \
-v "${file}:/root/$(basename "${file}")" \
--entrypoint ssh2john \
${DOCKER_REPO_PREFIX}/john "$@"
}
sshb0t(){
del_stopped sshb0t
if [[ ! -d "${HOME}/.ssh" ]]; then
mkdir -p "${HOME}/.ssh"
fi
if [[ ! -f "${HOME}/.ssh/authorized_keys" ]]; then
touch "${HOME}/.ssh/authorized_keys"
fi
GITHUB_USER=${GITHUB_USER:=jessfraz}
docker run --rm -it \
--name sshb0t \
-v "${HOME}/.ssh/authorized_keys:/root/.ssh/authorized_keys" \
r.j3ss.co/sshb0t \
--user "${GITHUB_USER}" --keyfile /root/.ssh/authorized_keys --once
}
steam(){
del_stopped steam
relies_on pulseaudio
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /etc/machine-id:/etc/machine-id:ro \
-v /var/run/dbus:/var/run/dbus \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-v "${HOME}/.steam:/home/steam" \
-e "DISPLAY=unix${DISPLAY}" \
--link pulseaudio:pulseaudio \
-e PULSE_SERVER=pulseaudio \
--device /dev/dri \
--name steam \
${DOCKER_REPO_PREFIX}/steam
}
t(){
docker run -t --rm \
-v "${HOME}/.trc:/root/.trc" \
--log-driver none \
${DOCKER_REPO_PREFIX}/t "$@"
}
tarsnap(){
docker run --rm -it \
-v "${HOME}/.tarsnaprc:/root/.tarsnaprc" \
-v "${HOME}/.tarsnap:/root/.tarsnap" \
-v "$HOME:/root/workdir" \
${DOCKER_REPO_PREFIX}/tarsnap "$@"
}
telnet(){
docker run -it --rm \
--log-driver none \
${DOCKER_REPO_PREFIX}/telnet "$@"
}
termboy(){
del_stopped termboy
local game=$1
docker run --rm -it \
--device /dev/snd \
--name termboy \
${DOCKER_REPO_PREFIX}/nes "/games/${game}.rom"
}
terraform(){
if [[ -n "$(which terraform)" ]]; then
"$(which terraform)" "$@"
else
docker run -it --rm \
-v "${HOME}:${HOME}:ro" \
-v "$(pwd):/usr/src/repo" \
-v /tmp:/tmp \
--workdir /usr/src/repo \
--log-driver none \
-e GOOGLE_APPLICATION_CREDENTIALS \
-e SSH_AUTH_SOCK \
${DOCKER_REPO_PREFIX}/terraform "$@"
fi
}
tor(){
del_stopped tor
docker run -d \
--net host \
--name tor \
${DOCKER_REPO_PREFIX}/tor
# set up the redirect iptables rules
sudo setup-tor-iptables
# validate we are running through tor
browser-exec "https://check.torproject.org/"
}
torbrowser(){
del_stopped torbrowser
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
-e GDK_SCALE \
-e GDK_DPI_SCALE \
--device /dev/snd \
--name torbrowser \
${DOCKER_REPO_PREFIX}/tor-browser
# exit current shell
exit 0
}
tormessenger(){
del_stopped tormessenger
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
-e GDK_SCALE \
-e GDK_DPI_SCALE \
--device /dev/snd \
--name tormessenger \
${DOCKER_REPO_PREFIX}/tor-messenger
# exit current shell
exit 0
}
torproxy(){
del_stopped torproxy
docker run -d \
--restart always \
-v /etc/localtime:/etc/localtime:ro \
-p 9050:9050 \
--name torproxy \
${DOCKER_REPO_PREFIX}/tor-proxy
hostess add torproxy "$(docker inspect --format '{{.NetworkSettings.Networks.bridge.IPAddress}}' torproxy)"
}
traceroute(){
docker run --rm -it \
--net host \
${DOCKER_REPO_PREFIX}/traceroute "$@"
}
transmission(){
del_stopped transmission
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v "${HOME}/Torrents:/transmission/download" \
-v "${HOME}/.transmission:/transmission/config" \
-p 9091:9091 \
-p 51413:51413 \
-p 51413:51413/udp \
--name transmission \
${DOCKER_REPO_PREFIX}/transmission
hostess add transmission "$(docker inspect --format '{{.NetworkSettings.Networks.bridge.IPAddress}}' transmission)"
browser-exec "http://transmission:9091"
}
travis(){
docker run -it --rm \
-v "${HOME}/.travis:/root/.travis" \
-v "$(pwd):/usr/src/repo:ro" \
--workdir /usr/src/repo \
--log-driver none \
${DOCKER_REPO_PREFIX}/travis "$@"
}
virsh(){
relies_on kvm
docker run -it --rm \
-v /etc/localtime:/etc/localtime:ro \
-v /run/libvirt:/var/run/libvirt \
--log-driver none \
--net container:kvm \
${DOCKER_REPO_PREFIX}/libvirt-client "$@"
}
virtualbox(){
del_stopped virtualbox
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
--privileged \
--name virtualbox \
${DOCKER_REPO_PREFIX}/virtualbox
}
virt_viewer(){
relies_on kvm
docker run -it --rm \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
-v /run/libvirt:/var/run/libvirt \
-e PULSE_SERVER=pulseaudio \
--group-add audio \
--log-driver none \
--net container:kvm \
${DOCKER_REPO_PREFIX}/virt-viewer "$@"
}
alias virt-viewer="virt_viewer"
visualstudio(){
del_stopped visualstudio
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
--device /dev/dri \
--name visualstudio \
${DOCKER_REPO_PREFIX}/vscode
}
alias vscode="visualstudio"
vlc(){
del_stopped vlc
relies_on pulseaudio
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
-e GDK_SCALE \
-e GDK_DPI_SCALE \
-e QT_DEVICE_PIXEL_RATIO \
--link pulseaudio:pulseaudio \
-e PULSE_SERVER=pulseaudio \
--group-add audio \
--group-add video \
-v "${HOME}/Torrents:/home/vlc/Torrents" \
--device /dev/dri \
--name vlc \
${DOCKER_REPO_PREFIX}/vlc
}
watchman(){
del_stopped watchman
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v "${HOME}/Downloads:/root/Downloads" \
--name watchman \
${DOCKER_REPO_PREFIX}/watchman --foreground
}
weematrix(){
del_stopped weematrix
docker run --rm -it \
--user root \
-v "${HOME}/.weechat:/home/user/.weechat" \
${DOCKER_REPO_PREFIX}/weechat-matrix \
chown -R user /home/user/.weechat
docker run --rm -it \
-v /etc/localtime:/etc/localtime:ro \
-v "${HOME}/.weechat:/home/user/.weechat" \
-e "TERM=screen" \
--name weematrix \
${DOCKER_REPO_PREFIX}/weechat-matrix
}
weeslack(){
del_stopped weeslack
docker run --rm -it \
--user root \
-v "${HOME}/.weechat:/home/user/.weechat" \
${DOCKER_REPO_PREFIX}/wee-slack \
chown -R user /home/user/.weechat
docker run --rm -it \
-v /etc/localtime:/etc/localtime:ro \
-v "${HOME}/.weechat:/home/user/.weechat" \
--name weeslack \
${DOCKER_REPO_PREFIX}/wee-slack
}
wg(){
docker run -i --rm \
--log-driver none \
-v /tmp:/tmp \
--cap-add NET_ADMIN \
--net host \
--name wg \
${DOCKER_REPO_PREFIX}/wg "$@"
}
wireshark(){
del_stopped wireshark
docker run -d \
-v /etc/localtime:/etc/localtime:ro \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e "DISPLAY=unix${DISPLAY}" \
--cap-add NET_RAW \
--cap-add NET_ADMIN \
--net host \
--name wireshark \
${DOCKER_REPO_PREFIX}/wireshark
}
wrk(){
docker run -it --rm \
--log-driver none \
--name wrk \
${DOCKER_REPO_PREFIX}/wrk "$@"
}
ykman(){
del_stopped ykman
if [[ -n "$(which ykman)" ]]; then
"$(which ykman)" "$@"
else
docker run --rm -it \
-v /etc/localtime:/etc/localtime:ro \
--device /dev/usb \
--device /dev/bus/usb \
--name ykman \
${DOCKER_REPO_PREFIX}/ykman bash
fi
}
ykpersonalize(){
del_stopped ykpersonalize
if [[ -n "$(which ykpersonalize)" ]]; then
"$(which ykpersonalize)" "$@"
else
docker run --rm -it \
-v /etc/localtime:/etc/localtime:ro \
--device /dev/usb \
--device /dev/bus/usb \
--name ykpersonalize \
${DOCKER_REPO_PREFIX}/ykpersonalize bash
fi
}
yubico_piv_tool(){
del_stopped yubico-piv-tool
if [[ -n "$(which yubico-piv-tool)" ]]; then
"$(which yubico-piv-tool)" "$@"
else
docker run --rm -it \
-v /etc/localtime:/etc/localtime:ro \
--device /dev/usb \
--device /dev/bus/usb \
--name yubico-piv-tool \
${DOCKER_REPO_PREFIX}/yubico-piv-tool bash
fi
}
alias yubico-piv-tool="yubico_piv_tool"