Onix Docker

Onix Docker container builder with Nix flake.

Usage

Requirements:

• Docker (or any other container runtime)
• 21 GB of disk space

docker pull ghcr.io/onix-sec/onix:latest
docker run -it --rm ghcr.io/onix-sec/onix:latest bash

Build

Build the Docker image from source.

Requirements

• Nix

• Configure Nix to allow nix-command and flakes:

  mkdir ~/.config/nix
  cat > ~/.config/nix/nix.config << EOF
  experimental-features = nix-command flakes
  EOF

Build Image

Edit flake.nix to choose the tools you need.

nix build .
docker load < ./result

Note

To create an image with every tool, you'll need to download 4.1 GiB and have 24 GiB on disk. The compressed Docker image will weight 7.8Gb and once loaded it's 20Gb.

Then run bash in it:

docker run -it --rm onix bash

Or execute a single tool inside the container:

docker run --rm onix nmap --help

For interactive tools use -it flag:

docker run --rm -it onix keyt -o

Develop

Update flakes:

nix flake update

TODO

• Automatically build the image and push it to a registry with a CI
• Create a user inside the container
• Script to add org.opencontainers.image.base.digest label with the digest after the build

License

Onix Docker is licensed under MIT.