◜PFC◞Pain Free Containers

An agnostic container engine toolset — successor to DOCK
runs on:
works with:

Docker, Podman, FreeBSD jails, hypervisors & cloud APIs.

Primary contact information

Email us at tооls@pfсpfс. This is a ProtonMail address, so you if have an account there, you'll be sending encrypted emails through without a hassle of setting up your PGP-key and manually encrypting your messages. Shall you need the public PGP-key for our email, please use our official PGP-key for emails

NOTE:

This key can can be used for sending encrypted messages to the email address specified above. BUT another key, published below, will be used to sign all releases.

Our team: their expertise, background & contact info
NOTE:

All emails, regardless, of the domain name used, are hosted on ProtonMail so you can send them encrypted emails via ProtonMail without an additional hassle of setting up your own PGP-keys (if you don't have an account on ProtonMail & sign up, basic accounts are free).

  • соmess@prоtоnmаilmаdwеbn

    FreeBSD user and sysadmin, as well as systems developer with excellent knowledge of networking, zfs filesystem, bhyve, jails and all the other FreeBSD tools that PFC plans on making use of.

  • tооls@pfсjuliа

    Our product designer & Q/A expert with years or experience with web-frontend, designing and building light-weight webpages.

  • соmder@prоtоnmаilsiegebuild

    Our MacOSX expert, entrusted with gluing things together as well accommodating or porting them to both MacOSX and Windows, ensuring PFC works flawlessly on every major platform. Siegebuilder has more than 10 years of experience in programming MacOSX apps with both Objective C and, later — Swift. Regardless of his primary interests, he is no stranger to either Bash or Perl programming and working with other systems, including Linux and, to a more limited degree — Windows.

  • orion3

    The original author of DOCK with extensive knowledge of Linux, KVM & QEMU, Docker, Bash and more than 20 years of experience of building web applications of various levels of complexity, with various stacks, languages and various security requirements (Perl, PHP, Javascript, Ruby, Dart and even C itself, when it came to some lower level stuff).

Our public PGP-key for signatures

Don't be confusing it with the one used for sending encrypted emails posted in the relevant section above. Each maintainer has their own key derived from this one, also posted below, their git-commits are to be signed with their own keys. You'll only have to fetch and import the primary key.

Follow the instructions on how to fetch this key from multiple sources and compare the key you fetched is the same. Only after making sure each key fetched from an alternative source is identical to each other, you can safely import it, knowing it was not compromised.

The instructions on how to verify various releases, files and pages of this website, even, are posted below.

Key fingerprint: 79A0BC4C74F1B4735DE1FFD6BBE27E7A48235ED1
Details: rsa4096, expires on: 2027-08-12

STEP 0: install GnuPG (if it's not installed already)
On most Linux systems it is installed by default. If not, or if you're using a system where it isn't installed, refer to the GnuPG official website's download page
STEP 1: How fetch the key from multiple sources
  1. Fetch the same key from multiple sources:
    gpg --keyserver hkp://keyserver.ubuntu.com --receive-keys '0B2A280B11A14B1F244797892644A91766CFCF9F'
    gpg --keyserver hkp://keyserver.ubuntu.com --receive-keys '0B2A280B11A14B1F244797892644A91766CFCF9F'
    curl "https://pfc.tools/pgp-keys/PFC-tools_signature-1_0B2A280B.pub.asc" \ -o PFC_tools_main_key_0B2A280B.ascgpg --import PFC_tools_main_key_0B2A280B.asc

Each time (except for the first one) the output should say "unchanged: 1" which would mean the key is the exact same you've already imported before.

NOTE:

The key above will be used to sign official releases, official PFC-compatible images (both for containers and VMs) and other files such as recipes that may be released by the PFC-team itself.

STEP 2: import our PGP key

Assuming the downloaded file and signature are in the same directory, cd into it and type the following command: pgp --import PFC_tools_main_key_0B2A280B.asc

STEP: verify PGP-signatures of the downloaded files

Every file released by the PFC toolset team, be it an archive, an ISO image or a recipe script shall be accompanied by .asc signature file of the identical name. Once we complete Set 1 of our features, verification will become extremely easy. For now, however, we'll have to provide these instructions for you. They shall work the same on all open platforms, provided you have GnuPG installed and a gpg command is available in your terminal.

To verify a downloaded file was signed by the "PFC tools" PGP public key, type the following command in your terminal (assuming you downloaded both files into the same directory):

gpg --verify pfc_tools_v0.0.0.tar.gz.asc
NOTE:

The filename used above is an example, it may differ, of course.

After completing Set 1 of PFC features, the public key, signature fetching and verification processes will be automated. Until then, please follow these instructions, so you wouldn't have to do it manually.