tfnz - launch a container on


tfnz -h | --help

tfnz [option]... source

tfnz --systemd [option]... source


tfnz launches containers or scripts on, passes environment variables, selects a starting command, connects stdio, copies pre-boot files, mounts persistent volumes, port maps onto the container, and publishes to the web. For developers it can create an ssh/sftp server, and write a systemd unit file to a server.

The source is assumed to be a docker id in either the 'hex' or 'name' form; or '.' implies the most recently added image in the local docker daemon.


-h, --helpPresent cli help.

--location\ \fRx\.20ft\.nzUse an (optional) non-default location (fqdn).

--local\fR\ y.localAn optional (local) ip for the broker.

-v, \ --verboseVerbose logging (level DEBUG).

-q, \ --quietLogging is not configured.

-i, \ --interactiveRun interactively. This connects stdin and stdout to the terminal and provides an escape sequence (triple ^]).

-e, \ --environment\fR\ ENV=valueAdd an environment variable to the launch context.

-f, \ --file\fR\ src:destBefore boot copy the source file into the destination directory.

-m, \ --mount\fR\ tag:/mount/pointMount, at /mount/point, the volume given by either a uuid, tag, or uuid:tag pair.

-p, \ --publish\fR\ localport:remoteportCreate a TCP tunnel between localhost and the container on the given local and destination ports. Note that local ports < 1024 will need superuser privileges.

-c, \ --command, \ --entrypoint\fR\ /some/pathChoose an alternate command/entrypoint into the container.

-w, \ --web\fR\ [subdomain.][[:certname]]Publish port 80 of the container to a web endpoint. Publishing to a subdomain is enabled by creating a wildcard DNS entry (i.e. *.wip). Applications which expect a given 'Host' header can have this set with the rewrite (second) option. To host behind ssl pass a certificate name where tfnz will look for certname.crt and certname.key. Intermediate certs will need to be cat'ed onto the end of the main certificate.

-s, \ --ssh\fR\ portLaunch the container, then start a shell and wrap it with an ssh session on the specified port (pass:root, blank password).

-z, \ --sleepLaunch the container but don't run the entrypoint or command.

--systemd\fR\ a systemd unit on a server instead of running tfnz locally. For an image tagged myco/image it will create a subdirectory of the user's home directory called myco-image and place any necessary resources in there; then create and start a systemd service called myco-image with sensible defaults.

--identity\fR\ ~/.ssh/some_id.pemUse the given identity file to connect via ssh.


Launch the most recently built Docker image and map local port 8080 to remote port 80.

tfnz -p 8080:80 .

Launch the stock nginx image mapping port 8080 to 80, with a pre-existing volume for the http content and the ability to ssh/sftp into the container.

tfnz -p 8080:80 -m persistent_web:/usr/share/nginx/html --ssh 2222 nginx

Launch a docker image (possibly only held locally), map to web endpoint, rewrite the http-request header to, and use an ssl certificate given by the combination of wip.crt and wip.key.

tfnz -w my/image

Create a systemd unit to run the above operation as a service on a server (noting that the web traffic will still be served directly from the 20ft cluster).

tfnz --systemd -w my/image

This HTML page was made with roffit.