Update LinuxKit pkgs

This commit is contained in:
nemunaire 2022-02-19 00:16:04 +01:00
parent d41785fd9a
commit dc84fd6fac
4 changed files with 42 additions and 42 deletions

View File

@ -1,6 +1,6 @@
init: init:
- busybox - busybox
- nemunaire/adlin-login-app:c71f57c845cd1e26df4a95143c86c98699bf7b6c - nemunaire/adlin-login-app:a6ceb3829e7c6e65187654eb212fbd0e888b9dd4
files: files:
- path: /etc/ssl/certs/DST_Root_CA_X3.pem - path: /etc/ssl/certs/DST_Root_CA_X3.pem

View File

@ -5,29 +5,29 @@ kernel:
cmdline: "console=tty0" cmdline: "console=tty0"
init: init:
- linuxkit/init:a68f9fa0c1d9dbfc9c23663749a0b7ac510cbe1c - linuxkit/init:7e3d51e6ab5896ecb36a4829450f7430f2878927
- linuxkit/runc:v0.8 - linuxkit/runc:9f7aad4eb5e4360cc9ed8778a5c501cce6e21601
- linuxkit/containerd:1ae8f054e9fe792d1dbdb9a65f1b5e14491cb106 - linuxkit/containerd:2f0907913dd54ab5186006034eb224a0da12443e
- linuxkit/ca-certificates:v0.8 - linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
# - linuxkit/firmware:v0.7 # - linuxkit/firmware:v0.7
- linuxkit/getty:v0.8 - linuxkit/getty:3c6e89681a988c3d4e2610fcd7aaaa0247ded3ec
- nemunaire/monit:efb921ff9d2e564dfa43880c608e87dce6ad22b1 - nemunaire/monit:90a16ed909ca82b5a2a277cb290301e97ee36063
# - nemunaire/iscsi-target:8872d1c5e0cefe3c36b60e873b8452aefb19d84d # - nemunaire/iscsi-target:8872d1c5e0cefe3c36b60e873b8452aefb19d84d
onboot: onboot:
- name: sysctl - name: sysctl
image: linuxkit/sysctl:v0.8 image: linuxkit/sysctl:bdc99eeedc224439ff237990ee06e5b992c8c1ae
binds: binds:
- /etc/sysctl.d/:/etc/sysctl.d/:ro - /etc/sysctl.d/:/etc/sysctl.d/:ro
# Mount first drive to enable some persistance # Mount first drive to enable some persistance
- name: mount - name: mount
image: linuxkit/mount:v0.8 image: linuxkit/mount:422b219bb1c7051096126ac83e6dcc8b2f3f1176
command: ["/usr/bin/mountie", "-device", "/dev/sda", "/var/lib/adlin" ] command: ["/usr/bin/mountie", "-device", "/dev/sda", "/var/lib/adlin" ]
# Network: interface for login-validator # Network: interface for login-validator
- name: login-iface-setup - name: login-iface-setup
image: linuxkit/ip:v0.8 image: linuxkit/ip:6cc44dd4e18ddb02de01bc4b34b5799971b6a7bf
command: ["/bin/sh", "-c", "ip a add 172.23.255.2/24 dev vethin-login; ip link set vethin-login up; ip route add default via 172.23.255.1;" ] command: ["/bin/sh", "-c", "ip a add 172.23.255.2/24 dev vethin-login; ip link set vethin-login up; ip route add default via 172.23.255.1;" ]
net: new net: new
runtime: runtime:
@ -42,7 +42,7 @@ onboot:
# wg-manager # wg-manager
- name: wg-iface-setup - name: wg-iface-setup
image: linuxkit/ip:v0.8 image: linuxkit/ip:6cc44dd4e18ddb02de01bc4b34b5799971b6a7bf
command: ["/bin/sh", "-c", "ip a add 172.17.0.15/16 dev vethin-wg; ip a add 10.224.33.251/24 dev vethin-wg; ip link set vethin-wg address 0e:f2:7e:10:58:69; ip link set vethin-wg up; ip route add default via 10.224.33.252; wg-quick up wg0; /sbin/iptables-restore < /etc/iptables/rules.v4;" ] command: ["/bin/sh", "-c", "ip a add 172.17.0.15/16 dev vethin-wg; ip a add 10.224.33.251/24 dev vethin-wg; ip link set vethin-wg address 0e:f2:7e:10:58:69; ip link set vethin-wg up; ip route add default via 10.224.33.252; wg-quick up wg0; /sbin/iptables-restore < /etc/iptables/rules.v4;" ]
net: new net: new
binds: binds:
@ -60,7 +60,7 @@ onboot:
# token-validator # token-validator
- name: validator-iface-setup - name: validator-iface-setup
image: linuxkit/ip:v0.8 image: linuxkit/ip:6cc44dd4e18ddb02de01bc4b34b5799971b6a7bf
command: ["/bin/sh", "-c", "ip a add 172.23.200.1/24 dev vethin-vldtr; ip link set vethin-vldtr up; ip route add default via 172.23.200.254;" ] command: ["/bin/sh", "-c", "ip a add 172.23.200.1/24 dev vethin-vldtr; ip link set vethin-vldtr up; ip route add default via 172.23.200.254;" ]
net: new net: new
runtime: runtime:
@ -73,7 +73,7 @@ onboot:
# domain name # domain name
- name: ns-iface-setup - name: ns-iface-setup
image: linuxkit/ip:v0.8 image: linuxkit/ip:6cc44dd4e18ddb02de01bc4b34b5799971b6a7bf
command: ["/bin/sh", "-c", "ip a add 172.23.200.2/24 dev vethin-ns; ip link set vethin-ns up; ip route add default via 172.23.200.254;" ] command: ["/bin/sh", "-c", "ip a add 172.23.200.2/24 dev vethin-ns; ip link set vethin-ns up; ip route add default via 172.23.200.254;" ]
net: new net: new
runtime: runtime:
@ -86,7 +86,7 @@ onboot:
# time server # time server
- name: time-iface-setup - name: time-iface-setup
image: linuxkit/ip:v0.8 image: linuxkit/ip:6cc44dd4e18ddb02de01bc4b34b5799971b6a7bf
command: ["/bin/sh", "-c", "ip a add 172.23.200.3/24 dev vethin-time; ip link set vethin-time up; ip route add default via 172.23.200.254;" ] command: ["/bin/sh", "-c", "ip a add 172.23.200.3/24 dev vethin-time; ip link set vethin-time up; ip route add default via 172.23.200.254;" ]
net: new net: new
runtime: runtime:
@ -99,7 +99,7 @@ onboot:
# mail server # mail server
- name: mail-iface-setup - name: mail-iface-setup
image: linuxkit/ip:v0.8 image: linuxkit/ip:6cc44dd4e18ddb02de01bc4b34b5799971b6a7bf
command: ["/bin/sh", "-c", "ip a add 172.23.200.4/24 dev vethin-mail; ip link set vethin-mail up; ip route add default via 172.23.200.254;" ] command: ["/bin/sh", "-c", "ip a add 172.23.200.4/24 dev vethin-mail; ip link set vethin-mail up; ip route add default via 172.23.200.254;" ]
net: new net: new
runtime: runtime:
@ -116,9 +116,9 @@ onboot:
services: services:
- name: rngd - name: rngd
image: linuxkit/rngd:v0.8 image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
- name: sshd - name: sshd
image: linuxkit/sshd:v0.8 image: linuxkit/sshd:4696ba61c3ec091328e1c14857d77e675802342f
- name: dhcpd - name: dhcpd
image: joebiellik/dhcpd image: joebiellik/dhcpd
@ -136,7 +136,7 @@ services:
- /var/lib/adlin/dhcp - /var/lib/adlin/dhcp
- name: tftpd - name: tftpd
image: nemunaire/tftpd:b0d2e1de2660e81c329ecb49966c32aab8982f11 image: nemunaire/tftpd:de6fcc89d7cbaa46aa5e37821aeac24136f84761
capabilities: capabilities:
- all - all
binds: binds:
@ -145,11 +145,11 @@ services:
- /var/lib/adlin/pxelinux.cfg:/srv/tftp/pxelinux.cfg - /var/lib/adlin/pxelinux.cfg:/srv/tftp/pxelinux.cfg
- name: arp-spoofer - name: arp-spoofer
image: nemunaire/adlin-arp-spoofer:5c78e97a8c90b9faf8395f7084a05d0fb44c779a image: nemunaire/adlin-arp-spoofer:9cfd4b106e4a70281fad33fb36df1a189f846cb6
command: ["/bin/arp-spoofer", "-iface=br-ext", "-ip-spoof=172.17.0.15"] command: ["/bin/arp-spoofer", "-iface=br-ext", "-ip-spoof=172.17.0.15"]
- name: login-validator - name: login-validator
image: nemunaire/adlin-login-validator:5e8ae6a40d2764d66a0e65f7ebd68961729f3a90-dirty image: nemunaire/adlin-login-validator:29c8b8434f26e7f0e0b02e19992bf67c90da3675
# command: ["/bin/login-validator", "-bind=:8081", "-auth=ldap", "-ldaphost=auth.cri.epita.net", "-ldapport=636", "-ldaptls", "-ldapbase=dc=epita,dc=net"] # command: ["/bin/login-validator", "-bind=:8081", "-auth=ldap", "-ldaphost=auth.cri.epita.net", "-ldapport=636", "-ldaptls", "-ldapbase=dc=epita,dc=net"]
# command: ["/bin/login-validator", "-bind=:8081", "-auth=krb5", "-krb5realm=CRI.EPITA.FR"] # command: ["/bin/login-validator", "-bind=:8081", "-auth=krb5", "-krb5realm=CRI.EPITA.FR"]
command: ["/bin/login-validator", "-bind=:8081", "-auth=fwd", "-fwduri=https://adlin.nemunai.re/auth"] command: ["/bin/login-validator", "-bind=:8081", "-auth=fwd", "-fwduri=https://adlin.nemunai.re/auth"]
@ -207,7 +207,7 @@ services:
- /usr/share/ca-certificates:/usr/share/ca-certificates:ro - /usr/share/ca-certificates:/usr/share/ca-certificates:ro
- name: wg - name: wg
image: nemunaire/wg-manager:13a3c9000f68327b3051d089f86cd5a136ec48e4 image: nemunaire/wg-manager:5f60162cc1d934a209bbac8d963a2d9f6ba10c04
command: ["/bin/wg-manager", "-bind=:80" ] command: ["/bin/wg-manager", "-bind=:80" ]
capabilities: capabilities:
- all - all
@ -216,7 +216,7 @@ services:
- /etc/resolv.conf:/etc/resolv.conf:ro - /etc/resolv.conf:/etc/resolv.conf:ro
- name: ns - name: ns
image: nemunaire/unbound:57b1e5e6d435a27af880036aed2c320073f7dffb image: nemunaire/unbound:bd37359b69eb87eb5764fc18d9842cf78afc656c
net: /run/netns/dmz-ns net: /run/netns/dmz-ns
capabilities: capabilities:
- all - all
@ -224,7 +224,7 @@ services:
- /etc/unbound:/etc/unbound:ro - /etc/unbound:/etc/unbound:ro
- name: time - name: time
image: linuxkit/openntpd:v0.8 image: linuxkit/openntpd:d6c36ac367ed26a6eeffd8db78334d9f8041b038
command: ["/bin/sh", "-c", "sleep 10; /usr/sbin/ntpd -d -s" ] command: ["/bin/sh", "-c", "sleep 10; /usr/sbin/ntpd -d -s" ]
net: /run/netns/dmz-time net: /run/netns/dmz-time
capabilities: capabilities:
@ -239,7 +239,7 @@ services:
- /etc/ntpd.conf:/etc/ntpd.conf:ro - /etc/ntpd.conf:/etc/ntpd.conf:ro
- name: postfix - name: postfix
image: nemunaire/postfix:34430347e3a1221fd743774dc566420f748f3839 image: nemunaire/postfix:6c556b4517ddb596ae0d084ec9783de9eba6534d
net: /run/netns/dmz-mail net: /run/netns/dmz-mail
capabilities: capabilities:
- CAP_CHOWN - CAP_CHOWN

View File

@ -1,5 +1,5 @@
kernel: kernel:
image: linuxkit/kernel:4.19.121 image: linuxkit/kernel:5.10.92
cmdline: "console=tty0 console=ttyS0 root=/dev/sda1 root=/dev/sr0 adlin.format=/dev/sda quiet" cmdline: "console=tty0 console=ttyS0 root=/dev/sda1 root=/dev/sr0 adlin.format=/dev/sda quiet"
init: init:

View File

@ -1,36 +1,36 @@
kernel: kernel:
image: linuxkit/kernel:4.19.121 image: linuxkit/kernel:5.10.92
# cmdline: "console=ttyS0 root=/dev/sda1 root=/dev/sr0 adlin.token=LqCdJDfniA" # cmdline: "console=ttyS0 root=/dev/sda1 root=/dev/sr0 adlin.token=LqCdJDfniA"
cmdline: "console=tty0" cmdline: "console=tty0"
init: init:
- linuxkit/init:a68f9fa0c1d9dbfc9c23663749a0b7ac510cbe1c - linuxkit/init:7e3d51e6ab5896ecb36a4829450f7430f2878927
- linuxkit/runc:v0.8 - linuxkit/runc:9f7aad4eb5e4360cc9ed8778a5c501cce6e21601
- linuxkit/containerd:1ae8f054e9fe792d1dbdb9a65f1b5e14491cb106 - linuxkit/containerd:2f0907913dd54ab5186006034eb224a0da12443e
- linuxkit/ca-certificates:v0.8 - linuxkit/ca-certificates:c1c73ef590dffb6a0138cf758fe4a4305c9864f4
- linuxkit/getty:v0.8 - linuxkit/getty:3c6e89681a988c3d4e2610fcd7aaaa0247ded3ec
onboot: onboot:
- name: format - name: format
image: linuxkit/format:v0.8 image: linuxkit/format:7efa07559dd23cb4dbebfd3ab48c50fd33625918
command: ["/usr/bin/format", "/dev/sda"] command: ["/usr/bin/format", "/dev/sda"]
- name: mount - name: mount
image: linuxkit/mount:v0.8 image: linuxkit/mount:422b219bb1c7051096126ac83e6dcc8b2f3f1176
command: ["/usr/bin/mountie", "/dev/sda1", "/var/lib/adlin"] command: ["/usr/bin/mountie", "/dev/sda1", "/var/lib/adlin"]
- name: sysctl - name: sysctl
image: linuxkit/sysctl:v0.8 image: linuxkit/sysctl:bdc99eeedc224439ff237990ee06e5b992c8c1ae
binds: binds:
- /etc/sysctl.d/:/etc/sysctl.d/:ro - /etc/sysctl.d/:/etc/sysctl.d/:ro
- name: rngd1 - name: rngd1
image: linuxkit/rngd:v0.8 image: linuxkit/rngd:4f85d8de3f6f45973a8c88dc8fba9ec596e5495a
command: ["/sbin/rngd", "-1"] command: ["/sbin/rngd", "-1"]
# Network: external # Network: external
- name: dhcpcd - name: dhcpcd
image: linuxkit/dhcpcd:v0.8 image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1", "eth0"] command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1", "eth0"]
net: new net: new
runtime: runtime:
@ -41,7 +41,7 @@ onboot:
services: services:
- name: dhcpcd-wks-dg1 - name: dhcpcd-wks-dg1
image: linuxkit/dhcpcd:v0.8 image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
hostname: wks-dg1 hostname: wks-dg1
net: new net: new
pid: new pid: new
@ -57,7 +57,7 @@ services:
- /var/lib/adlin/wks-dg1resolv.conf:/etc/resolv.conf - /var/lib/adlin/wks-dg1resolv.conf:/etc/resolv.conf
- name: dhcpcd-wks-rh1 - name: dhcpcd-wks-rh1
image: linuxkit/dhcpcd:v0.8 image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
hostname: wks-rh1 hostname: wks-rh1
net: new net: new
pid: new pid: new
@ -74,7 +74,7 @@ services:
- /var/lib/adlin/wks-rh1resolv.conf:/etc/resolv.conf - /var/lib/adlin/wks-rh1resolv.conf:/etc/resolv.conf
- name: dhcpcd-wks-rh2 - name: dhcpcd-wks-rh2
image: linuxkit/dhcpcd:v0.8 image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
hostname: wks-rh2 hostname: wks-rh2
net: new net: new
pid: new pid: new
@ -90,7 +90,7 @@ services:
- /var/lib/adlin/wks-rh2resolv.conf:/etc/resolv.conf - /var/lib/adlin/wks-rh2resolv.conf:/etc/resolv.conf
- name: dhcpcd-wks-cm1 - name: dhcpcd-wks-cm1
image: linuxkit/dhcpcd:v0.8 image: linuxkit/dhcpcd:52d2c4df0311b182e99241cdc382ff726755c450
hostname: wks-cm1 hostname: wks-cm1
net: new net: new
pid: new pid: new
@ -106,7 +106,7 @@ services:
- /var/lib/adlin/wks-cm1resolv.conf:/etc/resolv.conf - /var/lib/adlin/wks-cm1resolv.conf:/etc/resolv.conf
- name: sshd-wks-dg1 - name: sshd-wks-dg1
image: linuxkit/sshd:v0.8 image: linuxkit/sshd:4696ba61c3ec091328e1c14857d77e675802342f
net: /run/netns/wks-dg1 net: /run/netns/wks-dg1
uts: /run/utsns/wks-dg1 uts: /run/utsns/wks-dg1
pid: new pid: new
@ -118,7 +118,7 @@ services:
- /var/lib/adlin/wks-dg1resolv.conf:/etc/resolv.conf - /var/lib/adlin/wks-dg1resolv.conf:/etc/resolv.conf
- name: sshd-wks-rh1 - name: sshd-wks-rh1
image: linuxkit/sshd:v0.8 image: linuxkit/sshd:4696ba61c3ec091328e1c14857d77e675802342f
net: /run/netns/wks-rh1 net: /run/netns/wks-rh1
uts: /run/utsns/wks-rh1 uts: /run/utsns/wks-rh1
pid: new pid: new