Initial commit

This commit is contained in:
IamTheFij 2019-06-24 12:46:33 -07:00
commit df0362c124
7 changed files with 92 additions and 0 deletions

2
.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
id_rsa_proxy
id_rsa_proxy.pub

15
Makefile Normal file
View File

@ -0,0 +1,15 @@
.PHONY: default
default: remote client
.PHONY: remote
remote:
docker-compose -f ./docker-compose-remote.yml up -d
.PHONY: client
client:
docker-compose -f ./docker-compose-client.yml build
docker-compose -f ./docker-compose-client.yml up -d
.PHONY: logs
logs:
docker-compose -f ./docker-compose-client.yml logs -f

11
Readme.md Normal file
View File

@ -0,0 +1,11 @@
# Dockamole
Example bridging connections across two distinct Docker networks using `mole`.
My real use case is something like a remote LDAP server that I don't want to expose to the public internet and some metrics servers only available behind a VPN. This setup will allow me to create a proxy container on a host that will act as a local LDAP or HTTP server.
If I get time, I'll draw a diagram as well.
## Running
Requires you to provide your own ssh keys as well as provide the local machine IP address

16
docker-compose-client.yml Normal file
View File

@ -0,0 +1,16 @@
version: '2.2'
services:
mole:
build: mole
ports:
# This is the port you will use to view the service: http://localhost:8880
- 8880:8080
volumes:
# This key must be provided
- ./id_rsa_proxy:/mole/.ssh/id_rsa
environment:
- MOLE_LOCAL=0.0.0.0:8080
- MOLE_REMOTE=web:8080
# IP address is the local address of the server. This is to show that it's connecting outside the bridge network
- MOLE_SERVER=mole@10.255.52.39:2222

20
docker-compose-remote.yml Normal file
View File

@ -0,0 +1,20 @@
version: '2.2'
services:
proxy:
image: panubo/sshd
ports:
- "2222:22"
volumes:
# This key must be provided
- ./id_rsa_proxy.pub:/etc/authorized_keys/mole
environment:
- SSH_USERS=mole:101:101
web:
image: stefanscherer/whoami
expose:
- 8080
ports:
# This port is published to debug that the web server is actually running
- "8080:8080"

20
mole/Dockerfile Normal file
View File

@ -0,0 +1,20 @@
# FROM golang
# RUN go get -u github.com/davrodpin/mole/cmd/mole
FROM alpine
RUN apk add bash curl tar
RUN bash -c "bash <(curl -fsSL https://raw.githubusercontent.com/davrodpin/mole/master/tools/install.sh | sed 's/\bsudo\b//g')"
RUN mkdir /mole
RUN adduser -S -h /mole mole
USER mole
RUN mkdir -p /mole/.ssh
RUN touch /mole/.ssh/config
# Should not be running as root
COPY ./start.sh ./
CMD ./start.sh

8
mole/start.sh Executable file
View File

@ -0,0 +1,8 @@
#! bin/bash
mole -v \
-local ${MOLE_LOCAL} \
-remote ${MOLE_REMOTE} \
-server ${MOLE_SERVER} \
-key ~/.ssh/id_rsa \
-insecure