bastion - 🔒Secure Bastion implemented as Docker Container running Alpine Linux with Google Authenticator & DUO MFA support

  •        76

This is a secure/locked-down bastion implemented as a Docker Container. It uses Alpine Linux as the base image and ships with support for Google Authenticator & DUO MFA support. It was designed to be used on Kubernetes together with GitHub Authorized Keys to provide secure remote access to production clusters.

https://cloudposse.com/
https://github.com/cloudposse/bastion

Tags
Implementation
License
Platform

   




Related Projects

teleport - Privileged access management for elastic infrastructure.

  •    Go

Teleport is built on top of the high-quality Golang SSH implementation and it is fully compatible with OpenSSH and can be used with sshd servers and ssh clients. Download the latest binary release, unpack the .tar.gz and run sudo ./install. This will copy Teleport binaries into /usr/local/bin.

uwsgi-nginx-flask-docker - Docker image with uWSGI and Nginx for Flask applications in Python running in a single container

  •    Shell

Docker image with uWSGI and Nginx for Flask web applications in Python 3.6, Python 3.5 and Python 2.7 running in a single container. Optionally using Alpine Linux. This Docker image allows you to create Flask web applications in Python that run with uWSGI and Nginx in a single container.

bastion-firewall

  •    C

bastion-firewall is a Netfilter based firewall for Linux. It can generate graphical stats of all the rules traffic in the firewall with Rrdtool and it's integrated with the Snort Inline IPS. It's written in the bash and C programming languages.


Bastion - Cornville\'s troops

  •    

Bastion is going to be a real time strategy game with realistic simulation of information exchange. What player know is exactly what the chief knows. The goal: conquer the castle. Game will have been finished in June 2004.

reGeorg - The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ

  •    Python

The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.

startup-kit-templates - CloudFormation templates to accelerate getting started on AWS.

  •    Python

The VPC template is a requirement for the others. You can either run the templates/vpc.cfn.yml template by itself prior to using the others, or run any one of the vpc-*.cfn.yml wrapper templates at the top level of this repo to create sets of resources. For example, vpc-bastion-fargate-rds.cfn.yml will create a single stack containing a vpc, bastion host, fargate cluster, and database. StartupKit is designed to be modular. Some stacks depend on others, some can be deployed individually or in combination with others. You can use the stacks for each module individually and combine them on your own, or use wrapper stacks we have created from the tables below that provide one-click launch for common combinations. The wrapper stacks in the one-click launch table are broken down by regions in order to simplify deployments. See the Region Table for more information on availability of services by region.

securitybot - Distributed alerting for the masses!

  •    Python

Securitybot is an open-source implementation of a distributed alerting chat bot, as described in Ryan Huber's blog post. Distributed alerting improves the monitoring efficiency of your security team and can help you catch security incidents faster and more efficiently. We've tried to remove all Dropbox-isms from this code so that setting up your own instance should be fairly painless. It should be relatively easy to install the listed requirements in a virtualenv/Docker container and simply have the bot do its thing. We also provide a simple front end to dive through the database, receive API calls, and create custom alerts for the bot to reach out to people as desired.This guide runs through setting up a Securitybot instance as quickly as possible with no frills. We'll be connecting it to Slack, SQL, and Duo. Once we're done, we'll have a file that looks something like main.py.

jekyll-docker - :ship: Docker images and builders for Jekyll.

  •    Shell

The standard images (jekyll/jekyll) include a default set of "dev" packages, along with Node.js, and other stuff that makes Jekyll easy. It also includes a bunch of default gems that the community wishes us to maintain on the image. The builder image comes with extra stuff that is not included in the standard image, like lftp, openssh and other extra packages meant to be used by people who are deploying their Jekyll builds to another server with a CI.

docker-ansible - Docker images for Ansible software, installed in a selected Linux distributions (Debian/Ubuntu/CentOS/Alpine)

  •    Dockerfile

This repository contains Dockerized Ansible, published to the public Docker Hub via automated build mechanism. These are Docker images for Ansible software, installed in a selected Linux distributions.

docker-alpine-glibc - Carefully crafted Alpine Docker image with glibc (~12MB)

  •    

This image is based on Alpine Linux image, which is only a 5MB image, and contains glibc to enable proprietary projects compiled against glibc (e.g. OracleJDK, Anaconda) work on Alpine. This image includes some quirks to make glibc work side by side with musl libc (default in Alpine Linux). glibc packages for Alpine Linux are prepared by Sasha Gerrand and the releases are published in sgerrand/alpine-pkg-glibc github repo.

docker-alpine - Docker containers running Alpine Linux and s6 for process management

  •    Shell

Highly configurable Docker images running Alpine linux and s6 process management. Using Docker makes your infrastructure and environment consistent, testable, scalable and repeatable.

docker-alpine - Alpine Linux Docker image. Win at minimalism!

  •    Shell

A super small Docker image based on Alpine Linux. The image is only 5 MB and has access to a package repository that is much more complete than other BusyBox based images.This makes Alpine Linux a great image base for utilities and even production applications. Read more about Alpine Linux here and you can see how their mantra fits in right at home with Docker images.

docker-alpine-java - Oracle Java8 over AlpineLinux with glibc 2.27

  •    Smarty

Basic Docker image to run Java applications. This image is based on AlpineLinux to keep the size down, yet smaller images do exist. Includes BASH, since many Java applications like to have convoluted BASH start-up scripts. All tags upgraded to alpine:3.4 Latest tags are based on alpine:3.7.

aws-iam-authenticator - A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster

  •    Go

A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster. The initial work on this tool was driven by Heptio. The project recieves contributions from multiple community engineers and is currently maintained by Heptio and Amazon EKS OSS Engineers. If you are an administrator running a Kubernetes cluster on AWS, you already need to manage AWS IAM credentials to provision and update the cluster. By using AWS IAM Authenticator for Kubernetes, you avoid having to manage a separate credential for Kubernetes access. AWS IAM also provides a number of nice properties such as an out of band audit trail (via CloudTrail) and 2FA/MFA enforcement.

docker-homebridge - Homebridge Docker

  •    Shell

This Alpine/Debian Linux based Docker image allows you to run Nfarina's Homebridge on your home network which emulates the iOS HomeKit API. Homebridge requires full access to your local network to function correctly which can be achieved using the --net=host flag. Currently this image will not work when using Docker for Mac or Docker for Windows due to this and this.

alpine-node - Minimal Node.js Docker Images built on Alpine Linux

  •    

Versions v9.4.0, v8.9.4, v6.12.3, v4.8.7, v0.12.18 and v0.10.48 – built on Alpine Linux.Major io.js versions are tagged too.

ffmpeg - Docker build for FFmpeg on Ubuntu / Alpine / Centos 7 / Scratch

  •    Python

This project prepares a minimalist Docker image with FFmpeg. It compiles FFmpeg from sources following instructions from the Compilation Guide. You can install the latest build of this image by running docker pull jrottenberg/ffmpeg.