Merge 52d7e4d7ab into 39f1db6f3d

the binaries are installed under the `usr/bin` path [[1]](https://github.com/vimagick/dockerfiles/blob/master/tor/Dockerfile#L22)

README.md

@@ -177,6 +177,7 @@ A collection of delicious docker recipes.
 - [x] obs-web-arm :joystick:
 - [x] openmeetings :camera:
 - [x] paddle-ocr
+- [x] piper
 - [x] plex :moneybag:
 - [x] red5 :+1: :camera:
 - [x] red5-arm :construction: :camera:
@@ -228,7 +229,6 @@ A collection of delicious docker recipes.
 
 - [x] aircrack-ng-arm
 - [x] amass
-- [x] bro
 - [x] clamav
 - [x] dirsearch
 - [x] dsniff
@@ -237,6 +237,7 @@ A collection of delicious docker recipes.
 - [x] hydra
 - [x] iptables
 - [x] kismet
+- [x] maltrail
 - [x] routersploit
 - [x] snort :beetle:
 - [x] snort3 :beetle:
@@ -455,6 +456,7 @@ A collection of delicious docker recipes.
 - [x] prosody/prosody
 - [x] redis/redis-stack
 - [x] registry
+- [x] danielgatis/rembg
 - [x] datarhei/restreamer
 - [x] restic/rest-server
 - [x] rocker/rstudio
@@ -487,6 +489,7 @@ A collection of delicious docker recipes.
 - [x] teamatldocker
     - [x] confluence
     - [x] jira
+- [x] openstitching/stitch
 - [x] strapi/strapi
 - [x] amancevice/superset
 - [x] matrixdotorg/synapse
@@ -498,6 +501,7 @@ A collection of delicious docker recipes.
 - [x] traccar/traccar
 - [x] traefik
 - [x] trinodb/trino
+- [x] ghcr.io/coqui-ai/tts-cpu
 - [x] louislam/uptime-kuma
 - [x] v2ray/official :cn:
 - [x] mpromonet/v4l2rtspserver :camera:
@@ -508,6 +512,7 @@ A collection of delicious docker recipes.
 - [x] wordpress
 - [x] yourls
 - [x] ghcr.io/linuxserver/wireguard
+- [x] zeek/zeek :skull:
 - [x] apache/zeppelin
 - [x] koenkk/zigbee2mqtt
 - [x] zookeeper

bro/README.md

@@ -1,49 +0,0 @@
-The Bro Network Security Monitor
-================================
-
-[![](https://badge.imagelayers.io/vimagick/bro:latest.svg)](https://imagelayers.io/?images=vimagick/bro:latest 'Get your own badge on imagelayers.io')
-
-`Bro` is a powerful network analysis framework that is much different from the
-typical IDS you may know.
-
-- Adaptable
-- Efficient
-- Flexible
-- Forensics
-- Commercially Supported
-- In-depth Analysis
-- Highly Stateful
-- Open Interfaces
-- Open Source
-
-## docker-compose.yml
-
-```
-bro:
-  image: vimagick/bro
-  command: bro -C -i eth0
-  volumes:
-    - ./logs:/opt/bro/logs
-  net: container:shadowsocks_shadowsocks_1
-```
-
-> We are going to monitor `shadowsocks` which is a socks5 server.
-
-## up and running
-
-```
-$ cd ~/fig/bro/
-
-$ docker-compose up -d
-
-$ docker exec -it bro_bro_1 bash
->>> cat dns.log | bro-cut query | sort | uniq -c | sort -nr | head -5
-    10 www.youtube.com
-    3 twitter.com
-    2 www.google.com
-    1 www.baidu.com
-    1 www.facebook.com
->>> exit
-```
-
-> Don't be evil!

bro/docker-compose.yml

@@ -1,6 +0,0 @@
-bro:
-  image: vimagick/bro
-  command: bro -i eth0
-  volumes:
-    - ./logs:/opt/bro/logs
-  net: container:shadowsocks_shadowsocks_1

dante/Dockerfile

@@ -12,6 +12,9 @@ ARG DANTE_FILE=dante.tar.gz
 ARG DANTE_TEMP=dante
 ARG DANTE_DEPS="build-essential curl"
 
+ARG GUESS_URL="http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD"
+ARG GUESS_FILE=config.guess
+
 RUN set -xe \
     && apt-get update \
     && apt-get install -y $DANTE_DEPS \
@@ -20,6 +23,7 @@ RUN set -xe \
         && curl -sSL $DANTE_URL -o $DANTE_FILE \
         && echo "$DANTE_SHA1 *$DANTE_FILE" | sha1sum -c \
         && tar xzf $DANTE_FILE --strip 1 \
+        && curl -sSL "$GUESS_URL" -o $GUESS_FILE \
         && ./configure \
         && make install \
         && cd .. \

editly/Dockerfile

@@ -2,11 +2,11 @@
 # Dockerfile for editly
 #
 
-FROM node:lts-bullseye
+FROM node:lts-bookworm
 MAINTAINER EasyPi Software Foundation
 
 ARG EDITLY_VERSION=0.14.2
-ARG FFMPEG_VERSION=6.0
+ARG FFMPEG_VERSION=6.1
 
 RUN set -xe \
  && apt update \

maltrail/Dockerfile

@@ -0,0 +1,41 @@
+#
+# Dockerfile for maltrail
+#
+
+FROM debian:12
+MAINTAINER EasyPi Software Foundation
+
+ARG MALTRAIL_VERSION=0.67
+ARG MALTRAIL_URL=https://github.com/stamparm/maltrail/archive/refs/tags/${MALTRAIL_VERSION}.tar.gz
+
+WORKDIR /opt/maltrail
+
+RUN set -xe \
+ && apt update -y \
+ && apt install -y curl \
+                   build-essential \
+                   libpcap0.8 \
+                   libpcap-dev \
+                   procps \
+                   python3 \
+                   python3-dev \
+                   python3-pip \
+                   python-is-python3 \
+                   schedtool \
+ && pip install --break-system-packages pcapy-ng \
+ && curl -sSL ${MALTRAIL_URL} | tar xz --strip 1 \
+ && mkdir -p etc log var misc/custom \
+ && mv maltrail.conf etc \
+ && mv trails/custom/dprk.txt misc/custom \
+ && chmod +x server.py sensor.py \
+ && ./server.py --version \
+ && ./sensor.py --version \
+ && apt remove -y curl \
+                  build-essential \
+                  libpcap-dev \
+                  python3-dev \
+ && rm -rf /var/lib/apt/lists/*
+
+EXPOSE 8337/udp 8338/tcp
+
+CMD ["./server.py", "-c", "etc/maltrail.conf"]

maltrail/README.md

@@ -0,0 +1,18 @@
+maltrail
+========
+
+[Maltrail][1] is a malicious traffic detection system.
+
+
+```bash
+$ docker compose up -d
+$ curl http://127.0.0.1:8338 # admin:changeme!
+
+$ less data/etc/maltrail.csv
+$ ping -c 1 136.161.101.53
+$ nslookup morphed.ru
+
+$ tail -f ./data/server/log/$(date +"%Y-%m-%d").log
+```
+
+[1]: https://github.com/stamparm/maltrail

maltrail/data/etc/maltrail.conf

@@ -0,0 +1,150 @@
+# [Server]
+
+# Listen address of (reporting) HTTP server
+HTTP_ADDRESS 0.0.0.0
+#HTTP_ADDRESS ::
+#HTTP_ADDRESS fe80::12c3:7bff:fe6d:cf9b%eno1
+
+# Listen port of (reporting) HTTP server
+HTTP_PORT 8338
+
+# Use SSL/TLS
+USE_SSL false
+
+# SSL/TLS (private/cert) PEM file (e.g. openssl req -new -x509 -keyout server.pem -out server.pem -days 1023 -nodes)
+#SSL_PEM misc/server.pem
+
+# User entries (username:sha256(password):UID:filter_netmask(s))
+# Note(s): sha256(password) can be generated on Linux with: echo -n 'password' | sha256sum | cut -d " " -f 1
+#          UID >= 1000 have only rights to display results (Note: this moment only functionality implemented at the client side)
+#          filter_netmask(s) is/are used to filter results
+USERS
+    admin:9ab3cd9d67bf49d01f6a2e33d0bd9bc804ddbe6ce1ff5d219c42624851db5dbc:0:                        # changeme!
+#    local:9ab3cd9d67bf49d01f6a2e33d0bd9bc804ddbe6ce1ff5d219c42624851db5dbc:1000:192.168.0.0/16       # changeme!
+
+# Mask custom trail names for non-admin users (UID >= 1000)
+ENABLE_MASK_CUSTOM true
+
+# Listen address of (log collecting) UDP server
+UDP_ADDRESS 0.0.0.0
+#UDP_ADDRESS ::
+#UDP_ADDRESS fe80::12c3:7bff:fe6d:cf9b%eno1
+
+# Listen port of (log collecting) UDP server
+UDP_PORT 8337
+
+# Should server do the trail updates too (to support UPDATE_SERVER directive in [Sensor] parameters)
+USE_SERVER_UPDATE_TRAILS false
+
+# Aliases used in client's web browser interface to describe the src_ip and/or dst_ip column entries
+#IP_ALIASES
+#    8.8.8.8:google
+#    8.8.4.4:google
+
+# Option to change the top-left logo with a custom image/text
+#HEADER_LOGO <img src="https://i.imgur.com/JxYJ5yX.png" style="width: 26px"> XYZ
+
+# Regular expression to be used in external /fail2ban calls for extraction of attacker source IPs
+FAIL2BAN_REGEX attacker|reputation|potential[^"]*(web scan|directory traversal|injection|remote code|iot-malware download)|spammer|mass scanner
+
+# Blacklist generation rules 
+# BLACKLIST
+#     src_ip !~ ^192.168. and dst_port ~ ^22$
+#     src_ip ~ ^192.168. and filter ~ malware
+
+# [Sensor]
+
+# Number of processes
+PROCESS_COUNT 1
+
+# Disable setting of CPU affinity (with schedtool) on Linux machines (e.g. because of load issues with other processes)
+DISABLE_CPU_AFFINITY false
+
+# Use feeds (too) in trail updates
+USE_FEED_UPDATES true
+
+# Disable (retrieval from) specified feeds (Note: respective .py files inside /trails/feeds; turris and ciarmy/cinsscore seem to be too "noisy" lately; policeman is old and produces lots of false positives)
+DISABLED_FEEDS turris, ciarmy, policeman, myip, alienvault
+
+# Ignore IPs that appear on lower than IP_MINIMUM_FEEDS number of feeds (Note: static IP trails are always included)
+IP_MINIMUM_FEEDS 3
+
+# Disable trails based on the following regular expression run against the corresponding info
+#DISABLED_TRAILS_INFO_REGEX known attacker|tor exit node
+
+# Update trails after every given period (seconds)
+UPDATE_PERIOD 86400
+
+# Use remote custom feed (too) in trail updates
+#CUSTOM_TRAILS_URL http://www.test.com/custom.txt
+
+# Location of directory with custom trails (*.txt) files
+CUSTOM_TRAILS_DIR ./misc/custom
+
+# (Max.) size of multiprocessing network capture ring buffer (in bytes or percentage of total physical memory) used by sensor (e.g. 512MB)
+CAPTURE_BUFFER 10%
+
+# Interface used for monitoring (e.g. eth0, eth1)
+MONITOR_INTERFACE any
+
+# Network capture filter (e.g. ip)
+# Note(s): more info about filters can be found at: https://danielmiessler.com/study/tcpdump/
+#CAPTURE_FILTER ip or ip6
+CAPTURE_FILTER udp or icmp or (tcp and (tcp[tcpflags] == tcp-syn or port 80 or port 1080 or port 3128 or port 8000 or port 8080 or port 8118))
+
+# Sensor name to appear in produced logs
+SENSOR_NAME $HOSTNAME
+
+# Remote Maltrail server instance to send log entries (Note: listening at <UDP_ADDRESS>:<UDP_PORT>)
+LOG_SERVER 127.0.0.1:8337
+#LOG_SERVER [fe80::12c3:7bff:fe6d:cf9b%eno1]:8337
+
+# Remote address to send Syslog events
+#SYSLOG_SERVER 192.168.2.107:514
+
+# Remote address to send JSON events (e.g. Logstash)
+#LOGSTASH_SERVER 192.168.2.107:5000
+
+# Regular expression used for calculating severity attribute when sending events to SYSLOG_SERVER or LOGSTASH_SERVER
+REMOTE_SEVERITY_REGEX (?P<high>(remote )?custom\)|malwaredomainlist|iot-malware|malware(?! (distribution|site))|adversary|ransomware)|(?P<medium>potential malware site|malware distribution)|(?P<low>mass scanner|reputation|attacker|spammer|compromised|crawler|scanning)
+
+# Set only (!) in cases when LOG_SERVER should be exclusively used for log storage
+DISABLE_LOCAL_LOG_STORAGE false
+
+# Remote address for pulling (latest) trail definitions (e.g. http://192.168.2.107:8338/trails). USE_SERVER_UPDATE_TRAILS directive should be active in [Server] parameters.
+#UPDATE_SERVER http://192.168.2.107:8338/trails
+
+# Use heuristic methods
+USE_HEURISTICS true
+
+# Capture HTTP requests with missing Host header (introducing potential false positives)
+CHECK_MISSING_HOST false
+
+# Check values in Host header (along with standard non-HTTP checks) for malicious DNS trails (introducing greater number of events)
+CHECK_HOST_DOMAINS false
+
+# Location of file with whitelisted entries (i.e. IP addresses, domain names, etc.) (note: take a look into 'misc/whitelist.txt')
+#USER_WHITELIST misc/whitelist.txt
+
+# Location of file with ignore event rules. Example under misc/ignore_events.txt
+#USER_IGNORELIST misc/ignore_events.txt
+
+# Regular expression to be used against the whole event entry to be ignored
+#IGNORE_EVENTS_REGEX sql injection|long domain|117.21.225.3|sinkhole
+
+# [All]
+
+# Show debug messages (in console output)
+SHOW_DEBUG false
+
+# Directory used for log storage
+LOG_DIR ./log
+
+# HTTP(s) proxy address
+#PROXY_ADDRESS http://192.168.5.101:8118
+
+# Disable checking of sudo/Administrator privileges (e.g. if using: setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /bin/python)
+DISABLE_CHECK_SUDO true
+
+# Override default location for trail storage (~/.maltrail/trails.csv)
+TRAILS_FILE ./etc/maltrail.csv

maltrail/docker-compose.yml

@@ -0,0 +1,23 @@
+version: "3.8"
+
+services:
+
+  maltrail-server:
+    image: vimagick/maltrail
+    command: ./server.py -c etc/maltrail.conf
+    volumes:
+      - ./data/etc:/opt/maltrail/etc
+      - ./data/server/log:/opt/maltrail/log
+    network_mode: host
+    restart: unless-stopped
+
+  maltrail-sensor:
+    image: vimagick/maltrail
+    command: ./sensor.py -c etc/maltrail.conf
+    volumes:
+      - ./data/etc:/opt/maltrail/etc
+      - ./data/sensor/log:/opt/maltrail/log
+    network_mode: host
+    depends_on:
+      - maltrail-server
+    restart: unless-stopped

piper/Dockerfile

@@ -0,0 +1,29 @@
+#
+# Dockerfile for piper
+#
+
+FROM debian:12
+MAINTAINER EasyPi Software Foundation
+
+ARG PIPER_VERSION=2023.11.14-2
+ARG PIPER_OS=linux
+ARG PIPER_ARCH=x86_64
+ARG PIPER_FILE=piper_${PIPER_OS}_${PIPER_ARCH}.tar.gz
+ARG PIPER_URL=https://github.com/rhasspy/piper/releases/download/${PIPER_VERSION}/${PIPER_FILE}
+
+ARG MODEL_BASE_URL=https://huggingface.co/rhasspy/piper-voices/resolve/v1.0.0/en/en_US/lessac/medium
+ARG MODEL_FILE=en_US-lessac-medium.onnx
+
+WORKDIR /opt/piper
+
+RUN set -xe \
+ && apt update -y \
+ && apt install -y curl \
+ && curl -sSL ${PIPER_URL} | tar xz --strip 1 \
+ && curl -sSL -O ${MODEL_BASE_URL}/${MODEL_FILE} \
+              -O ${MODEL_BASE_URL}/${MODEL_FILE}.json \
+ && ./piper --version \
+ && apt remove -y curl \
+ && rm -rf /var/lib/apt/lists/*
+
+ENTRYPOINT ["./piper", "-m", "en_US-lessac-medium.onnx", "-d", "/tmp"]

piper/README.md

@@ -0,0 +1,17 @@
+piper
+=====
+
+[piper][1] is a fast, local neural text to speech system that sounds great and is optimized for the Raspberry Pi 4.
+
+```bash
+# Create an alias
+$ alias piper='docker run -i --rm -u $(id -u):$(id -g) -v $PWD:/tmp vimagick/piper'
+
+# Do text-to-speech
+$ echo 'Welcome to the world of speech synthesis!' | piper -f /tmp/welcome.wav
+
+# Play audio
+$ play welcome.wav
+```
+
+[1]: https://github.com/rhasspy/piper

rembg/README.md

@@ -0,0 +1,32 @@
+rembg
+=====
+
+[Rembg][1] is a tool to remove images background.
+
+## Web Service
+
+```bash
+$ docker compose up -d
+$ url=https://raw.githubusercontent.com/danielgatis/rembg/master/examples/girl-3.jpg
+$ curl -sSL $url -o input.jpg
+$ curl -s -G http://localhost:7000/api/remove -d url=$url -o output.png
+$ curl -s http://localhost:7000/api/remove -F file=@input.jpg -o output.png
+```
+
+## Ad Hoc Commands
+
+```bash
+# Create an alias
+$ alias rembg='docker run --rm -u $(id -u):$(id -g) -v $PWD:/rembg danielgatis/rembg:2'
+
+# Remove the background from a local file
+$ rembg i input.png output.png
+
+# Remove the background returning only the mask
+$ rembg i -om input.png output.png
+
+# Remove the background applying an alpha matting
+$ rembg i -a input.png output.png
+```
+
+[1]: https://github.com/danielgatis/rembg

rembg/docker-compose.yml

@@ -0,0 +1,8 @@
+version: "3.8"
+services:
+  rembg:
+    image: danielgatis/rembg:2
+    command: s --host 0.0.0.0 --port 7000 --log_level info
+    ports:
+      - "7000:7000"
+    restart: unless-stopped

stitching/README.md

@@ -0,0 +1,12 @@
+stitching
+=========
+
+[stitching][1] is a Python package for fast and robust Image Stitching.
+
+```bash
+$ alias stitch='docker run --rm -v $PWD:/data openstitching/stitch'
+
+$ stitch *.jpg
+```
+
+[1]: https://github.com/OpenStitching/stitching

tor/README.md

@@ -63,10 +63,10 @@ UseBridges 1
 #Bridge meek 1.2.3.4:9001 url=https://meek.easypi.info:7002/
 #Bridge obfs3 1.2.3.4:9001 F24BF4DE74649E205A8A3621C84F97FF623B2083
 Bridge obfs4 1.2.3.4:9001 F24BF4DE74649E205A8A3621C84F97FF623B2083
-#ClientTransportPlugin fte exec /usr/local/bin/fteproxy
-#ClientTransportPlugin meek exec /usr/local/bin/meek-client
-#ClientTransportPlugin obfs3 exec /usr/local/bin/obfsproxy
-ClientTransportPlugin obfs4 exec /usr/local/bin/obfs4proxy
+#ClientTransportPlugin fte exec /usr/bin/fteproxy
+#ClientTransportPlugin meek exec /usr/bin/meek-client
+#ClientTransportPlugin obfs3 exec /usr/bin/obfsproxy
+ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy
 ```
 
 > Please connect via `HTTPProxy`/`HTTPSProxy`/`Socks5Proxy` if you're blocked!

tts/README.md

@@ -0,0 +1,13 @@
+TTS
+===
+
+[TTS][1] - a deep learning toolkit for Text-to-Speech, battle-tested in research and production
+
+```bash
+$ docker compose up -d
+$ docker compose exec tts bash
+>>> python3 TTS/server/server.py --list_models
+>>> exit
+```
+
+[1]: https://github.com/coqui-ai/TTS

tts/docker-compose.yml

@@ -0,0 +1,12 @@
+version: "3.8"
+services:
+  tts:
+    image: ghcr.io/coqui-ai/tts-cpu:v0.22.0
+    entrypoint: ["python3"]
+    command: |
+      TTS/server/server.py
+      --model_name tts_models/en/vctk/vits
+      --extra_model_name tts_models/en/ljspeech/tacotron2-DDC_ph
+    ports:
+      - "5002:5002"
+    restart: unless-stopped

zeek/README.md

@@ -0,0 +1,36 @@
+zeek
+====
+
+[Zeek][1] is a passive, open-source network traffic analyzer. Many operators use
+Zeek as a network security monitor (NSM) to support investigations of
+suspicious or malicious activity.
+
+- Adaptable
+- Efficient
+- Flexible
+- Forensics
+- Commercially Supported
+- In-depth Analysis
+- Highly Stateful
+- Open Interfaces
+- Open Source
+
+## up and running
+
+```bash
+$ docker compose up -d
+
+$ docker compose exec zeek bash
+>>> cd /usr/local/zeek/logs
+>>> cat dns.log | zeek-cut query | sort | uniq -c | sort -nr | head -5
+    10 www.youtube.com
+    3 twitter.com
+    2 www.google.com
+    1 www.baidu.com
+    1 www.facebook.com
+>>> exit
+```
+
+> Don't be evil!
+
+[1]: https://github.com/zeek/zeek

zeek/docker-compose.yml

@@ -0,0 +1,9 @@
+version: "3.8"
+services:
+  zeek:
+    image: zeek/zeek:tls
+    command: zeek -C -i eth0
+    volumes:
+      - ./logs:/usr/local/zeek/logs
+    network_mode: host
+    restart: unless-stopped